From e3bcfcd4beebef4caaa2a582782693eb0fc519d0 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Fri, 12 Jun 2015 14:40:23 -0700 Subject: [PATCH 0001/1000] Loosen the apt dependency Once puppetlabs-apt 2.1.0 is released (2015-06-16) the postgresql module will be compatible with apt 1.x (>= 1.8.0) and 2.x (>= 2.1.0). This will *not* work with puppetlabs-apt 2.0.x. --- README.md | 4 ++++ metadata.json | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 73624d1f90..9243a22006 100644 --- a/README.md +++ b/README.md @@ -1043,6 +1043,10 @@ Current it is only actively tested with the following operating systems: Although patches are welcome for making it work with other OS distros, it is considered best effort. +### Apt module support + +While this module supports both 1.x and 2.x versions of the puppetlabs-apt module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. + ### Postgis support Postgis is currently considered an unsupported feature as it doesn't work on diff --git a/metadata.json b/metadata.json index 400c45d795..bbd3a3843c 100644 --- a/metadata.json +++ b/metadata.json @@ -68,7 +68,7 @@ ], "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, - {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <2.0.0"}, + {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} ] } From f9e5d3632a788ce715ef90bc56e91b32070a6b86 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Fri, 12 Jun 2015 14:59:49 -0700 Subject: [PATCH 0002/1000] Tighten the concat dependency Since concat 2.0.x releases have been removed --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index bbd3a3843c..2572ebd343 100644 --- a/metadata.json +++ b/metadata.json @@ -69,6 +69,6 @@ "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <2.0.0"} ] } From f09ebab7145bf5035fefa24dece070ff2ed0b87f Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 22 Jun 2015 09:10:09 -0700 Subject: [PATCH 0003/1000] Release 4.4.0 prep --- CHANGELOG.md | 23 +++++++++++++++++++++++ metadata.json | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index efc81972bf..51e20c5759 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,26 @@ +## 2015-06-23 - Supported Release 4.4.0 +### Summary +This release has several new features, bugfixes, and test improvements. + +#### Features +- Adds a resource to manage recovery.conf. +- Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. +- Adds support for plpython package management. +- Adds support for postgresql-docs management. +- Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) +- Updates puppetlabs-apt module dependency to support version 2.1.0. + +#### Bugfixes +- Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser +- Fix setting postgres role password (MODULES-1869) +- Fix execution command with puppet <3.4 (MODULES-1923) +- Fix Puppet.newtype deprecation warning (MODULES-2007) +- Fix systemd override for manage_repo package versions + +#### Test Improvements +- Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. +- Enables Unit testing on Travis CI with Puppet 4. + ## 2015-03-24 - Supported Release 4.3.0 ### Summary This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. diff --git a/metadata.json b/metadata.json index 2572ebd343..e29842a80c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.3.0", + "version": "4.4.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From db9c778147d35fd1d4595275641addbcd1593f52 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 22 Jun 2015 09:36:06 -0700 Subject: [PATCH 0004/1000] Unpins apt 1.8 dependency in fixtures.yml and spec_helper_acceptance. --- .fixtures.yml | 4 +--- spec/spec_helper_acceptance.rb | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 44121bb74e..5dbd5d048d 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,8 +1,6 @@ fixtures: repositories: - apt: - repo: "https://github.com/puppetlabs/puppetlabs-apt.git" - branch: "1.8.x" + apt: "https://github.com/puppetlabs/puppetlabs-apt.git" stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 882e21bba1..14d0f844ba 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -99,7 +99,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) end on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-apt', '--version', '1.8.0', '--force'), { :acceptable_exit_codes => [0,1] } + on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } on host, puppet('module','install','--force','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } end From 1315a33e285a07b6a10ae54c51d8320963a085f9 Mon Sep 17 00:00:00 2001 From: Travis Fields Date: Thu, 18 Jun 2015 15:15:30 -0700 Subject: [PATCH 0005/1000] (maint) Add beaker-puppet_install_helper and fix fact bug - Issue with fact() was being called against default instead of using fact_on when iterating against each host, also was installing 3.8.1 despite specifying PUPPET_VERSION=1.1.1 so updated to use beaker-puppet_install_helper --- Gemfile | 1 + spec/spec_helper_acceptance.rb | 28 ++++++---------------------- 2 files changed, 7 insertions(+), 22 deletions(-) diff --git a/Gemfile b/Gemfile index 2b1b7cd8d9..bfe64b186a 100644 --- a/Gemfile +++ b/Gemfile @@ -28,6 +28,7 @@ group :system_tests do gem 'beaker-rspec', :require => false end gem 'serverspec', :require => false + gem 'beaker-puppet_install_helper', :require => false end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 14d0f844ba..fc367a803d 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,5 +1,10 @@ require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' +require 'beaker/puppet_install_helper' + +run_puppet_install_helper + +UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] class String # Provide ability to remove indentation from strings, for the purpose of @@ -34,27 +39,6 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) shell("su #{shellescape(user)} -c #{shellescape(psql)}", :acceptable_exit_codes => exit_codes, &block) end -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - # This will install the latest available package on el and deb based - # systems fail on windows and osx, and install via gem on other *nixes - foss_opts = { :default_action => 'gem_install' } - - if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end - - hosts.each do |host| - shell("mkdir -p #{host['distmoduledir']}") - if ! host.is_pe? - # Augeas is only used in one place, for Redhat. - if fact('osfamily') == 'RedHat' - install_package host, 'ruby-devel' - #install_package host, 'augeas-devel' - #install_package host, 'ruby-augeas' - end - end - end -end - -UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] RSpec.configure do |c| # Project root @@ -92,7 +76,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) hosts.each do |host| on host, "/bin/touch #{default['puppetpath']}/hiera.yaml" on host, 'chmod 755 /root' - if fact('osfamily') == 'Debian' + if fact_on(host, 'osfamily') == 'Debian' on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" on host, '/usr/sbin/locale-gen' on host, '/usr/sbin/update-locale' From 69c80b429010bdb3ce98dcb4914bb92f907bae2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Can=C3=A9vet?= Date: Tue, 26 May 2015 14:57:34 +0200 Subject: [PATCH 0006/1000] Copy snakeoil certificate and key instead of symlinking Since postgresql-9.1_9.1.16-0+deb7u1 on wheezy, postgresql can't read snakeoil certificate as symlink anymore, so server does not restart. This patch copies cert and key instead of symlinking so that it works again. --- manifests/server/initdb.pp | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 9dd28badfe..b0df326319 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -83,19 +83,25 @@ require => File[$require_before_initdb], } # The package will take care of this for us the first time, but if we - # ever need to init a new db we need to make these links explicitly + # ever need to init a new db we need to copy these files explicitly if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { if $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^7/ or $::operatingsystemrelease =~ /^10\.04/ or $::operatingsystemrelease =~ /^12\.04/ { file { 'server.crt': - ensure => link, + ensure => file, path => "${datadir}/server.crt", - target => '/etc/ssl/certs/ssl-cert-snakeoil.pem', + source => 'file:///etc/ssl/certs/ssl-cert-snakeoil.pem', + owner => $::postgresql::server::user, + group => $::postgresql::server::group, + mode => '0644', require => Exec['postgresql_initdb'], } file { 'server.key': - ensure => link, + ensure => file, path => "${datadir}/server.key", - target => '/etc/ssl/private/ssl-cert-snakeoil.key', + source => 'file:///etc/ssl/private/ssl-cert-snakeoil.key', + owner => $::postgresql::server::user, + group => $::postgresql::server::group, + mode => '0600', require => Exec['postgresql_initdb'], } } From 2ba897fc6f72b37a30140d11edcbddb9a3131913 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 22 Jun 2015 15:45:15 -0700 Subject: [PATCH 0007/1000] updates CHANGELOG with merged in commits --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 51e20c5759..d2f1d00ae8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,10 +16,12 @@ This release has several new features, bugfixes, and test improvements. - Fix execution command with puppet <3.4 (MODULES-1923) - Fix Puppet.newtype deprecation warning (MODULES-2007) - Fix systemd override for manage_repo package versions +- Fix Copy snakeoil certificate and key instead of symlinking #### Test Improvements - Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. - Enables Unit testing on Travis CI with Puppet 4. +- Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. ## 2015-03-24 - Supported Release 4.3.0 ### Summary From 04d59ee8ffc278dc883980f34722285a1d61f450 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 22 Jun 2015 16:18:17 -0700 Subject: [PATCH 0008/1000] re-add apt pinning to unit test on puppet 2.7 --- .fixtures.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.fixtures.yml b/.fixtures.yml index 5dbd5d048d..44121bb74e 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,6 +1,8 @@ fixtures: repositories: - apt: "https://github.com/puppetlabs/puppetlabs-apt.git" + apt: + repo: "https://github.com/puppetlabs/puppetlabs-apt.git" + branch: "1.8.x" stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" From c7b4ebbf3e00a20b3b51b4f1e9b4d9c539f78c61 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 26 Jun 2015 14:13:48 +0100 Subject: [PATCH 0009/1000] (FM-2923) install net-tools for tests serverspec's be_listening uses net-tools' netstat utility to check for open ports. This was puleld in until recently by puppet-agent packages. Now this has changed and we need to install this manually. --- spec/spec_helper_acceptance.rb | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index fc367a803d..2525ec3fcc 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -73,6 +73,15 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) apply_manifest_on(agents, pp, :catch_failures => false) end + # net-tools required for netstat utility being used by be_listening + if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' + pp = <<-EOS + package { 'net-tools': ensure => installed } + EOS + + apply_manifest_on(agents, pp, :catch_failures => false) + end + hosts.each do |host| on host, "/bin/touch #{default['puppetpath']}/hiera.yaml" on host, 'chmod 755 /root' From ea1c9c74f82f9c05bcb09fba93bf46cc172e01c4 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 29 Jun 2015 10:22:30 -0700 Subject: [PATCH 0010/1000] updates release date on CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d2f1d00ae8..6c9102948f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## 2015-06-23 - Supported Release 4.4.0 +## 2015-06-30 - Supported Release 4.4.0 ### Summary This release has several new features, bugfixes, and test improvements. From ec60db4cc01518dc0155dd2256b1c3913c395a2e Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Tue, 30 Jun 2015 12:09:01 -0700 Subject: [PATCH 0011/1000] adds acceptance tests for postgresql::server::recovery resource --- spec/acceptance/server/recovery_spec.rb | 61 +++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 spec/acceptance/server/recovery_spec.rb diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb new file mode 100644 index 0000000000..e08f40c133 --- /dev/null +++ b/spec/acceptance/server/recovery_spec.rb @@ -0,0 +1,61 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server::recovery', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + after(:all) do + pp = <<-EOS.unindent + file { '/tmp/recovery.conf': + ensure => absent, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe 'should manage recovery' do + it 'adds conf file' do + pp = <<-EOS.unindent + class { 'postgresql::globals': + recovery_conf_path => '/tmp/recovery.conf', + manage_recovery_conf => true, + } + + class { 'postgresql::server': } + + # Create a recovery.conf file + postgresql::server::recovery { "recovery.conf": + restore_command => 'restore_command', + recovery_target_timeline => 'recovery_target_timeline', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file('/tmp/recovery.conf') do + it { is_expected.to be_file } + it { is_expected.to contain /restore_command = 'restore_command'/ } + it { is_expected.to contain /recovery_target_timeline = 'recovery_target_timeline'/ } + end + end + + describe 'should not manage recovery' do + it 'does not add conf file' do + pp = <<-EOS.unindent + class { 'postgresql::globals': + manage_recovery_conf => false, + } + + class { 'postgresql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file('/tmp/recovery.conf') do + it { is_expected.not_to be_file } + end + end +end + From a861997f5b58524585e8b010a7b33bc828c8984b Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Tue, 30 Jun 2015 13:18:36 -0700 Subject: [PATCH 0012/1000] fixes postgresql::server:recovery acceptance tests --- spec/acceptance/server/recovery_spec.rb | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index e08f40c133..b27a5c5afb 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,17 +1,17 @@ require 'spec_helper_acceptance' describe 'postgresql::server::recovery', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after(:all) do - pp = <<-EOS.unindent - file { '/tmp/recovery.conf': - ensure => absent, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - describe 'should manage recovery' do + after(:all) do + pp = <<-EOS.unindent + file { '/tmp/recovery.conf': + ensure => absent, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'adds conf file' do pp = <<-EOS.unindent class { 'postgresql::globals': From c21e2e5b27d0411c6bf262d8d90148f195f33df3 Mon Sep 17 00:00:00 2001 From: Ken Barber Date: Wed, 1 Jul 2015 14:14:59 +0100 Subject: [PATCH 0013/1000] (MODULES-2181) Fix variable scope for systemd-override $manage_package_repo wasn't in scope for the template systemd-override.erb This was causing all RHEL7 systems with manage_package_repo on to fail on startup using systemctl, as the proper path to the original service file is set incorrectly. This patch adds the manage_package_repo to the top of the ::config class, and adds some basic tests in config_spec.rb to ensure we don't regress on this. Signed-off-by: Ken Barber --- CHANGELOG.md | 7 ++++ manifests/server/config.pp | 1 + spec/unit/classes/server/config_spec.rb | 55 +++++++++++++++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 spec/unit/classes/server/config_spec.rb diff --git a/CHANGELOG.md b/CHANGELOG.md index 6c9102948f..6e1766471c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2015-07-01 - Supported Release 4.4.1 +### Summary +This release fixes RHEL 7 & Fedora with manage_package_repo switched on. + +#### Bugfixes +- Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 + ## 2015-06-30 - Supported Release 4.4.0 ### Summary This release has several new features, bugfixes, and test improvements. diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 1c36e73c45..b8d1ef1bce 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -14,6 +14,7 @@ $user = $postgresql::server::user $group = $postgresql::server::group $version = $postgresql::server::_version + $manage_package_repo = $postgresql::server::manage_package_repo $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf $manage_recovery_conf = $postgresql::server::manage_recovery_conf diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb new file mode 100644 index 0000000000..4e77c7e4fe --- /dev/null +++ b/spec/unit/classes/server/config_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' + +describe 'postgresql::server::config', :type => :class do + let (:pre_condition) do + "include postgresql::server" + end + + describe 'on RedHat 7' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7.0', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + it 'should have the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with ({ + :ensure => 'present', + :path => '/etc/systemd/system/postgresql.service', + :owner => 'root', + :group => 'root', + }) + is_expected.to contain_file('systemd-override') \ + .with_content(/postgresql.service/) + end + + describe 'with manage_package_repo => true and a version' do + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + manage_package_repo => true, + version => '9.4', + }-> + class { 'postgresql::server': } + EOS + end + + it 'should have the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with ({ + :ensure => 'present', + :path => '/etc/systemd/system/postgresql-9.4.service', + :owner => 'root', + :group => 'root', + }) + is_expected.to contain_file('systemd-override') \ + .with_content(/postgresql-9.4.service/) + end + end + end +end + From e0ded2e3a4aed7bb0b16b78b82c83fec18b72783 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 1 Jul 2015 18:34:35 +0100 Subject: [PATCH 0014/1000] Increment version number for 4.4.1 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e29842a80c..9e15d043d4 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.4.0", + "version": "4.4.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 6c0a2e4cea639705ec9612506fd91d9a66ffb462 Mon Sep 17 00:00:00 2001 From: Dominic Cleal Date: Thu, 2 Jul 2015 09:25:48 +0100 Subject: [PATCH 0015/1000] (MODULES-2185) Fix `withenv` execution under Puppet 2.7 When executing a command with environment variables, the withenv helper under Puppet 2.7 is on Puppet::Util::Execution and on 3.0 to 3.3, it's on Puppet::Util. --- lib/puppet/provider/postgresql_psql/ruby.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 524d73cdd1..60b4a0c701 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -50,7 +50,12 @@ def get_environment def run_command(command, user, group) command = command.join ' ' environment = get_environment - if Puppet::PUPPETVERSION.to_f < 3.4 + if Puppet::PUPPETVERSION.to_f < 3.0 + require 'puppet/util/execution' + Puppet::Util::Execution.withenv environment do + Puppet::Util::SUIDManager.run_and_capture(command, user, group) + end + elsif Puppet::PUPPETVERSION.to_f < 3.4 Puppet::Util.withenv environment do Puppet::Util::SUIDManager.run_and_capture(command, user, group) end From e3c707c7097b98a635a5383728a2bd5bcf21bc4a Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 6 Jul 2015 14:03:52 -0700 Subject: [PATCH 0016/1000] Release 4.4.2 prep --- CHANGELOG.md | 7 +++++++ metadata.json | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e1766471c..8c2346a3b2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2015-07-07 - Supported Release 4.4.2 +### Summary +This release fixes a bug introduced in 4.4.0. + +#### Bugfixes +- Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) + ## 2015-07-01 - Supported Release 4.4.1 ### Summary This release fixes RHEL 7 & Fedora with manage_package_repo switched on. diff --git a/metadata.json b/metadata.json index 9e15d043d4..3c972a23c2 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.4.1", + "version": "4.4.2", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 3589021bea3d79ab3c806ee34ceceab3c52fdb36 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Mon, 6 Jul 2015 16:26:48 -0700 Subject: [PATCH 0017/1000] updates metadata.json to include support for pe up to 2015.2.x --- metadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 3c972a23c2..70388dc066 100644 --- a/metadata.json +++ b/metadata.json @@ -59,11 +59,11 @@ "requirements": [ { "name": "pe", - "version_requirement": "3.x" + "version_requirement": ">= 3.0.0 < 2015.3.0" }, { "name": "puppet", - "version_requirement": "3.x" + "version_requirement": ">= 3.0.0 < 5.0.0" } ], "dependencies": [ From 54c4ec94560cdbeb12dbcecdadf06bd4bf28faeb Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Tue, 7 Jul 2015 10:12:51 -0700 Subject: [PATCH 0018/1000] Fix incorrect metadata --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 70388dc066..29151cce07 100644 --- a/metadata.json +++ b/metadata.json @@ -59,7 +59,7 @@ "requirements": [ { "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.3.0" + "version_requirement": ">= 3.0.0 < 5.0.0" }, { "name": "puppet", From cda13dfd666460dd0973fc51048caf739e3951d5 Mon Sep 17 00:00:00 2001 From: Steve Maddison Date: Fri, 10 Jul 2015 13:19:19 +0200 Subject: [PATCH 0019/1000] Allow for undefined PostGIS version. --- manifests/globals.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 4f56ce5dda..b82b11a5c2 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -123,7 +123,10 @@ '93' => '2.1', default => undef, } - $globals_postgis_version = pick($postgis_version, $default_postgis_version) + $globals_postgis_version = $postgis_version ? { + undef => $default_postgis_version, + default => $postgis_version, + } # Setup of the repo only makes sense globally, so we are doing this here. if($manage_package_repo) { From 1956881b2b6dac1e18296a22a7ba146c34ba981a Mon Sep 17 00:00:00 2001 From: Christian Kaenzig Date: Thu, 23 Jul 2015 09:45:52 +0200 Subject: [PATCH 0020/1000] Fix postgis default package name on RedHat The /5/ regex on $::operatingsystemrelease would match any distro release with a 5 in it, including for example Centos "7.1.1503". Given the commit message for this regex, it was meant to match RedHat / Centos 5.x. --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 8180b3482a..4b1dfc9835 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -72,7 +72,7 @@ $postgis_package_name = pick( $postgis_package_name, $::operatingsystemrelease ? { - /5/ => 'postgis', + /^5\./ => 'postgis', default => versioncmp($postgis_version, '2') ? { '-1' => "postgis${package_version}", default => "postgis2_${package_version}",} From 584e3c926adb36add28acd864ffe4718ac95f1bd Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 24 Jul 2015 15:34:54 -0700 Subject: [PATCH 0021/1000] Prep 4.5.0 --- CHANGELOG.md | 18 ++++++++++++++++++ metadata.json | 4 ++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8c2346a3b2..cc3282a72a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,21 @@ +## 2015-07-27 - Supported Release 4.5.0 +### Summary +This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to +the psql resource. + +### Features +- Add `onlyif` parameter to `postgresql_psql` +- Add unsupported compatibility with Ubuntu 15.04 +- Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 +- Add `postgresql::server::grant::onlyif_exists` attribute +- Add `postgresql::server::table_grant::onlyif_exists` attribute +- Add granting permissions on sequences + +### Bugfixes +- Added docs for `postgresql::server::grant` +- Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls +- Fix 9.4 for `postgresql::server::pg_hba_rule` + ## 2015-07-07 - Supported Release 4.4.2 ### Summary This release fixes a bug introduced in 4.4.0. diff --git a/metadata.json b/metadata.json index 29151cce07..7076488cb1 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.4.2", + "version": "4.5.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -59,7 +59,7 @@ "requirements": [ { "name": "pe", - "version_requirement": ">= 3.0.0 < 5.0.0" + "version_requirement": ">= 3.0.0 < 2015.3.0" }, { "name": "puppet", From f929cadd9cd83718894eaa7f9817c807f6f83848 Mon Sep 17 00:00:00 2001 From: Ryan Armstrong Date: Wed, 29 Jul 2015 16:53:00 +0800 Subject: [PATCH 0022/1000] (MODULES-2211) Fixed systemd-override for RedHat systems with unmanaged Yum repos This change lets the params class compute the name of the correct systemd unit file via $service_name. --- manifests/server/config.pp | 3 ++- templates/systemd-override.erb | 6 +----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index d12c500dfc..592cd6a171 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -20,6 +20,7 @@ $manage_recovery_conf = $postgresql::server::manage_recovery_conf $datadir = $postgresql::server::datadir $logdir = $postgresql::server::logdir + $service_name = $postgresql::server::service_name if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file @@ -163,7 +164,7 @@ if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' { file { 'systemd-override': ensure => present, - path => "/etc/systemd/system/${postgresql::params::service_name}.service", + path => "/etc/systemd/system/${service_name}.service", owner => root, group => root, content => template('postgresql/systemd-override.erb'), diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index 39100585f4..6e4973672d 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -1,8 +1,4 @@ -<% if @manage_package_repo and (scope.function_versioncmp([@version.to_s, '9.1']) >= 0) -%> -.include /lib/systemd/system/postgresql-<%= @version %>.service -<% else -%> -.include /lib/systemd/system/postgresql.service -<% end -%> +.include /lib/systemd/system/<%= @service_name %>.service [Service] Environment=PGPORT=<%= @port %> Environment=PGDATA=<%= @datadir %> From 25c1bae73aa10783eb7f650a4ae1612683a4e985 Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Tue, 4 Aug 2015 08:57:26 -0700 Subject: [PATCH 0023/1000] Decouple pg_hba_rule from postgresql::server This change allows the pg_hba_rule defined type to be used even if you have not included postgresql::server. By default it will continue with the same behavior as before, however, you can now specify some extra parameters that were previously coming directly from postgresql::server --- README.md | 15 +++++++++++++++ manifests/server/pg_hba_rule.pp | 15 ++++++++++++--- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5a70300576..cd14a6040f 100644 --- a/README.md +++ b/README.md @@ -700,6 +700,19 @@ This would create a ruleset in `pg_hba.conf` similar to: # Order: 150 host app app 200.1.2.0/24 md5 +By default, `pg_hba_rule` requires that you include `postgresql::server`, however, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following. + + postgresql::server::pg_hba_rule { 'allow application network to access app database': + description => "Open up postgresql for access from 200.1.2.0/24", + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', + target => '/path/to/pg_hba.conf', + postgresql_version => '9.4', + } + ####`namevar` A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf` so the originating resource can be identified. @@ -730,6 +743,8 @@ An order for placing the rule in `pg_hba.conf`. Defaults to `150`. ####`target` This provides the target for the rule, and is generally an internal only property. Use with caution. +####`postgresql_version` +Defaults to the version set in `postgresql::server`. Use this if you want to manage `pg_hba.conf` without managing the entire PostgreSQL instance. ###Resource: postgresql::server::pg\_ident\_rule This defined type allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 92f2e23cc6..406568fbca 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -12,10 +12,19 @@ # Needed for testing primarily, support for multiple files is not really # working. - $target = $postgresql::server::pg_hba_conf_path + $target = $postgresql::server::pg_hba_conf_path, + $postgresql_version = $postgresql::server::_version ) { - if $postgresql::server::manage_pg_hba_conf == false { + #Allow users to manage pg_hba.conf even if they are not managing the whole PostgreSQL instance + if !defined( 'postgresql::server' ) { + $manage_pg_hba_conf = true + } + else { + $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf + } + + if $manage_pg_hba_conf == false { fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { validate_re($type, '^(local|host|hostssl|hostnossl)$', @@ -25,7 +34,7 @@ fail('You must specify an address property when type is host based') } - $allowed_auth_methods = $postgresql::server::_version ? { + $allowed_auth_methods = $postgresql_version ? { '9.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.3' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.2' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], From 1eb45d07f163ab3e3fd117d9de4bc4351b228853 Mon Sep 17 00:00:00 2001 From: Alexander Brovman Date: Wed, 15 Jul 2015 13:20:19 +0200 Subject: [PATCH 0024/1000] adding proxy option for yum repositories --- CHANGELOG.md | 4 ++ README.md | 4 ++ manifests/globals.pp | 10 +++- manifests/repo.pp | 3 +- manifests/repo/yum_postgresql_org.pp | 1 + spec/unit/classes/globals_spec.rb | 71 +++++++++++++++++++++------- 6 files changed, 74 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8c2346a3b2..2e27defa31 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## Unreleased +### Summary +- support setting a proxy for yum operations + ## 2015-07-07 - Supported Release 4.4.2 ### Summary This release fixes a bug introduced in 4.4.0. diff --git a/README.md b/README.md index 5a70300576..20b0a7c52e 100644 --- a/README.md +++ b/README.md @@ -301,6 +301,10 @@ This will set the default encoding encoding for all databases created with this ####`locale` This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. +####`repo_proxy` +This will set the proxy option for the official PostgreSQL yum-repositories only, Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. + + #####Debian On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. diff --git a/manifests/globals.pp b/manifests/globals.pp index b82b11a5c2..98ca68beac 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -41,6 +41,7 @@ $version = undef, $postgis_version = undef, + $repo_proxy = undef, $needs_initdb = undef, @@ -70,6 +71,12 @@ /^5\./ => '8.1', default => undef, }, + default => $::operatingsystemrelease ? { + /^7\./ => '9.2', + /^6\./ => '8.4', + /^5\./ => '8.1', + default => undef, + }, }, 'Debian' => $::operatingsystem ? { 'Debian' => $::operatingsystemrelease ? { @@ -131,7 +138,8 @@ # Setup of the repo only makes sense globally, so we are doing this here. if($manage_package_repo) { class { 'postgresql::repo': - version => $globals_version + version => $globals_version, + proxy => $repo_proxy, } } } diff --git a/manifests/repo.pp b/manifests/repo.pp index 28fe5864e7..48e4fd03d6 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -1,6 +1,7 @@ # PRIVATE CLASS: do not use directly class postgresql::repo ( - $version = undef + $version = undef, + $proxy = undef, ) inherits postgresql::params { case $::osfamily { 'RedHat', 'Linux': { diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index afa71b5ee4..5cfaf4b159 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -23,6 +23,7 @@ enabled => 1, gpgcheck => 1, gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", + proxy => $postgresql::repo::proxy, } Yumrepo['yum.postgresql.org'] -> Package<|tag == 'postgresql'|> diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index dd2cfb8bf5..ce79336233 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -1,30 +1,67 @@ require 'spec_helper' describe 'postgresql::globals', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze', - } - end + context "on a debian 6" do + let (:facts) do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6.0', + :lsbdistid => 'Debian', + :lsbdistcodename => 'squeeze', + } + end - describe 'with no parameters' do - it 'should work' do - is_expected.to contain_class("postgresql::globals") + describe 'with no parameters' do + it 'should work' do + is_expected.to contain_class("postgresql::globals") + end + end + + describe 'manage_package_repo => true' do + let(:params) do + { + :manage_package_repo => true, + } + end + it 'should pull in class postgresql::repo' do + is_expected.to contain_class("postgresql::repo") + end end end - describe 'manage_package_repo => true' do - let(:params) do + context 'on redhat family systems' do + let (:facts) do { - :manage_package_repo => true, + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7.1', } end - it 'should pull in class postgresql::repo' do - is_expected.to contain_class("postgresql::repo") + describe 'with no parameters' do + it 'should work' do + is_expected.to contain_class("postgresql::globals") + end + end + + describe 'manage_package_repo on RHEL => true' do + let(:params) do + { + :manage_package_repo => true, + :repo_proxy => 'http://proxy-server:8080', + } + end + + it 'should pull in class postgresql::repo' do + is_expected.to contain_class("postgresql::repo") + end + + it do + should contain_yumrepo('yum.postgresql.org').with( + 'enabled' => '1', + 'proxy' => 'http://proxy-server:8080' + ) + end end end end From 15071237e1ef838787c525f482f8db6a2599678d Mon Sep 17 00:00:00 2001 From: vicinus Date: Wed, 19 Aug 2015 18:23:50 +0200 Subject: [PATCH 0025/1000] removed inherits postgresql::params inheriting postgresql::params creates a cycle, because postgresql::repo gets instantiated in postgresql::globals which is inherited by postgresql::params. Also postgresql::params are not needed, because only version is used by postgresql::repo, postgresql::repo::yum_postgresql_org and postgresql::repo::apt_postgresql_org and it get set in postgresql::globals by a resource like class instantiation. --- manifests/repo.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repo.pp b/manifests/repo.pp index 48e4fd03d6..58d859fc93 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -2,7 +2,7 @@ class postgresql::repo ( $version = undef, $proxy = undef, -) inherits postgresql::params { +) { case $::osfamily { 'RedHat', 'Linux': { if $version == undef { From 622b6909a70166645c92e6e8c28757692d9b7162 Mon Sep 17 00:00:00 2001 From: tphoney Date: Thu, 20 Aug 2015 16:44:43 +0100 Subject: [PATCH 0026/1000] 4_6_0 release prep --- CHANGELOG.md | 13 +++++++++++-- metadata.json | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e4acdc7c4c..49ad2cc6b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,15 @@ -## Unreleased +## 2015-09-01 - Supported Release 4.6.0 ### Summary -- support setting a proxy for yum operations +This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. + +#### Features +- Support setting a proxy for yum operations +- Allow for undefined PostGIS version +- Decouple pg_hba_rule from postgresql::server + +#### Bugfixes +- Fix postgis default package name on RedHat + ## 2015-07-27 - Supported Release 4.5.0 ### Summary This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to diff --git a/metadata.json b/metadata.json index 7076488cb1..927204937e 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.5.0", + "version": "4.6.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 6a2963615539b99b1964b294637d85f1e3682259 Mon Sep 17 00:00:00 2001 From: Tom Hey Date: Thu, 5 Mar 2015 00:34:52 +0000 Subject: [PATCH 0027/1000] (MODULES-661) Remote DB support Adds connection-settings (for remote DB support) when creating DB resources. Connection-settings allows a hash of options that can be used when connecting the a remote DB (such as PGHOST, PGPORT, PGPASSWORD PGSSLKEY) and a special option DBVERSION indicating the version of the remote database. Including - Puppet updates - Documentation updates - RSpec unit test updates - RSpec acceptance test updates - Some test coverage for connection-settings - Working acceptance test... Basic vagrant setup: * Two boxes, server and client * Runs puppet code to on server to setup a postgres server that allows all connections and md5 connections, creates db puppet to look at * Runs puppet code on client to make a server that a psql command can be run against puppet db on other server * Does some fancy stuff to get the fact of the IP from the first server to connect to - Backwards compatible, with deprecation warnings around old parameters --- README.md | 62 ++++++++++++- lib/puppet/provider/postgresql_psql/ruby.rb | 12 ++- lib/puppet/type/postgresql_psql.rb | 8 +- manifests/globals.pp | 83 +++++++++-------- manifests/params.pp | 1 - manifests/server.pp | 4 + manifests/server/database.pp | 75 +++++++++------ manifests/server/database_grant.pp | 20 ++-- manifests/server/extension.pp | 24 +++-- manifests/server/grant.pp | 46 +++++---- manifests/server/role.pp | 28 +++++- manifests/server/schema.pp | 12 ++- manifests/server/table_grant.pp | 30 +++--- manifests/server/tablespace.pp | 20 ++-- manifests/validate_db_connection.pp | 17 +++- .../nodesets/centos-64-x64-2-hosts.yml | 18 ++++ spec/acceptance/remote_access_spec.rb | 72 ++++++++++++++ spec/unit/defines/server/database_spec.rb | 48 +++++++++- spec/unit/defines/server/grant_spec.rb | 59 +++++++++++- spec/unit/defines/server/role_spec.rb | 93 +++++++++++++++++++ .../provider/postgresql_psql/ruby_spec.rb | 23 ++++- spec/unit/puppet/type/postgresql_psql_spec.rb | 24 ++--- 22 files changed, 613 insertions(+), 166 deletions(-) create mode 100644 spec/acceptance/nodesets/centos-64-x64-2-hosts.yml create mode 100644 spec/acceptance/remote_access_spec.rb diff --git a/README.md b/README.md index 737a25aeee..f6ee241406 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,43 @@ In this example, you would grant ALL privileges on the test1 database and on the At this point, you would just need to plunk these database name/username/password values into your PuppetDB config files, and you are good to go. +###Managing remote users, roles and permissions + +Remote SQL objects are managed using the same Puppet resources as local SQL objects with the additional of a connect_settings hash. This provides control over how Puppet should connect to the remote Postgres instances and the version that should be used when generating SQL commands. + +When provided the connect_settings hash can contain environment variables to control Postgres client connections, such as: PGHOST, PGPORT, PGPASSWORD PGSSLKEY (see http://www.postgresql.org/docs/9.4/static/libpq-envars.html) Additionally the special value of DBVERSION can be provided to specify the target database's version. If the connect_settings hash is omitted or empty then Puppet will connect to the local Postgres instance. + +A connect_settings hash can be provided with each of the Puppet resources or a default connect_settings hash can be set in postgresql::globals. Per resource configuration of connect_settings allows for SQL object to be creating on multiple database by multiple users. + + $connection_settings_super2 = { + 'PGUSER' => "super2", + 'PGPASSWORD' => "foobar2", + 'PGHOST' => "127.0.0.1", + 'PGPORT' => "5432", + 'PGDATABASE' => "postgres", + } + + include postgresql::server + + # Connect with no special settings, i.e domain sockets, user postges + postgresql::server::role{'super2': + password_hash => "foobar2", + superuser => true, + + connect_settings => {}, + require => [ + Class['postgresql::globals'], + Class['postgresql::server::service'], + ], + } + + # Now using this new user connect via TCP + postgresql::server::database { 'db1': + connect_settings => $connection_settings_super2, + + require => Postgresql::Server::Role['super2'], + } + Reference --------- @@ -241,6 +278,7 @@ This setting is used to specify the name of the default database to connect with Path to the `initdb` command. ####`createdb_path` +**Deprecated** Path to the `createdb` command. ####`psql_path` @@ -370,6 +408,7 @@ List of strings for access control for connection method, users, databases, IPv6 Path to the `initdb` command. ####`createdb_path` +**Deprecated** Path to the `createdb` command. ####`psql_path` @@ -539,7 +578,7 @@ Value for the setting. ###Resource: postgresql::server::db -This is a convenience resource that creates a database, user and assigns necessary permissions in one go. +This is a convenience resource that creates a local database, user and assigns necessary permissions in one go. For example, to create a database called `test1` with a corresponding user of the same name, you can use: @@ -612,6 +651,8 @@ Override the locale during creation of the database. Defaults to the default def ####`istemplate` Define database as a template. Defaults to `false`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. ###Resource: postgresql::server::database\_grant This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. @@ -634,6 +675,8 @@ Database to execute the grant against. This should not ordinarily be changed fro ####`psql_user` OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. ###Resource: postgresql::server::extension Manages a postgresql extension. @@ -683,6 +726,9 @@ OS user for running `psql`. Defaults to the default user for the module, usually ####`port` Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. + ###Resource: postgresql::server::pg\_hba\_rule This defined type allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/8.2/static/auth-pg-hba-conf.html). @@ -886,6 +932,9 @@ Specifies how many concurrent connections the role can make. Defaults to `-1` me ####`username` The username of the role to create, defaults to `namevar`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. + ###Resource: postgresql::server::schema This defined type can be used to create a schema. For example: @@ -909,6 +958,9 @@ The default owner of the schema. ####`schema` Name of the schma. Defaults to `namevar`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. + ###Resource: postgresql::server::table\_grant This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. @@ -934,6 +986,8 @@ Database to execute the grant against. This should not ordinarily be changed fro ####`psql_user` OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. ###Resource: postgresql::server::tablespace This defined type can be used to create a tablespace. For example: @@ -957,8 +1011,11 @@ The default owner of the tablespace. ####`spcname` Name of the tablespace. Defaults to `namevar`. +####`connect_settings` +Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. ###Resource: postgresql::validate\_db\_connection + This resource can be utilised inside composite manifests to validate that a client has a valid connection with a remote PostgreSQL database. It can be ran from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests, so it is often used when chained to other tasks such as: starting an application server, performing a database migration. Example usage: @@ -991,6 +1048,9 @@ Username to connect with. Defaults to 'undef', which when using a unix socket an ####`database_password` Password to connect with. Can be left blank, but that is not recommended. +####`connect_settings` +Hash of environment variable used when connecting to a remote server, this is an alternative to providing individual parameters (database_host, etc.). If provided the individual parameters take precedence. + ####`run_as` The user to run the `psql` command with for authenticiation. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. It is not needed for remote testing. diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 60b4a0c701..690e437be3 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -16,19 +16,21 @@ def run_sql_command(sql) command.push("-p", resource[:port]) if resource[:port] command.push("-t", "-c", '"' + sql.gsub('"', '\"') + '"') + environment = get_environment + if resource[:cwd] Dir.chdir resource[:cwd] do - run_command(command, resource[:psql_user], resource[:psql_group]) + run_command(command, resource[:psql_user], resource[:psql_group], environment) end else - run_command(command, resource[:psql_user], resource[:psql_group]) + run_command(command, resource[:psql_user], resource[:psql_group], environment) end end private def get_environment - environment = {} + environment = resource[:connect_settings] || {} if envlist = resource[:environment] envlist = [envlist] unless envlist.is_a? Array envlist.each do |setting| @@ -47,7 +49,7 @@ def get_environment return environment end - def run_command(command, user, group) + def run_command(command, user, group, environment) command = command.join ' ' environment = get_environment if Puppet::PUPPETVERSION.to_f < 3.0 @@ -66,7 +68,7 @@ def run_command(command, user, group) :failonfail => false, :combine => true, :override_locale => true, - :custom_environment => environment + :custom_environment => environment, }) [output, $CHILD_STATUS.dup] end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 4cf817efda..5b2702c2e8 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -62,12 +62,16 @@ def matches(value) end end + newparam(:connect_settings) do + desc "Connection settings that will be used when connecting to postgres" + end + newparam(:db) do - desc "The name of the database to execute the SQL command against." + desc "The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings" end newparam(:port) do - desc "The port of the database server to execute the SQL command against." + desc "The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings." end newparam(:search_path) do diff --git a/manifests/globals.pp b/manifests/globals.pp index 98ca68beac..6809af7118 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,58 +1,59 @@ # Class for setting cross-class global overrides. See README.md for more # details. class postgresql::globals ( - $client_package_name = undef, - $server_package_name = undef, - $contrib_package_name = undef, - $devel_package_name = undef, - $java_package_name = undef, - $docs_package_name = undef, - $perl_package_name = undef, - $plperl_package_name = undef, - $plpython_package_name = undef, - $python_package_name = undef, - $postgis_package_name = undef, + $client_package_name = undef, + $server_package_name = undef, + $contrib_package_name = undef, + $devel_package_name = undef, + $java_package_name = undef, + $docs_package_name = undef, + $perl_package_name = undef, + $plperl_package_name = undef, + $plpython_package_name = undef, + $python_package_name = undef, + $postgis_package_name = undef, - $service_name = undef, - $service_provider = undef, - $service_status = undef, - $default_database = undef, + $service_name = undef, + $service_provider = undef, + $service_status = undef, + $default_database = undef, - $validcon_script_path = undef, + $validcon_script_path = undef, - $initdb_path = undef, - $createdb_path = undef, - $psql_path = undef, - $pg_hba_conf_path = undef, - $pg_ident_conf_path = undef, - $postgresql_conf_path = undef, - $recovery_conf_path = undef, + $initdb_path = undef, + $createdb_path = undef, + $psql_path = undef, + $pg_hba_conf_path = undef, + $pg_ident_conf_path = undef, + $postgresql_conf_path = undef, + $recovery_conf_path = undef, + $default_connect_settings = undef, - $pg_hba_conf_defaults = undef, + $pg_hba_conf_defaults = undef, - $datadir = undef, - $confdir = undef, - $bindir = undef, - $xlogdir = undef, - $logdir = undef, + $datadir = undef, + $confdir = undef, + $bindir = undef, + $xlogdir = undef, + $logdir = undef, - $user = undef, - $group = undef, + $user = undef, + $group = undef, - $version = undef, - $postgis_version = undef, - $repo_proxy = undef, + $version = undef, + $postgis_version = undef, + $repo_proxy = undef, - $needs_initdb = undef, + $needs_initdb = undef, - $encoding = undef, - $locale = undef, + $encoding = undef, + $locale = undef, - $manage_pg_hba_conf = undef, - $manage_pg_ident_conf = undef, - $manage_recovery_conf = undef, + $manage_pg_hba_conf = undef, + $manage_pg_ident_conf = undef, + $manage_recovery_conf = undef, - $manage_package_repo = undef, + $manage_package_repo = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/params.pp b/manifests/params.pp index 4b1dfc9835..df91f0c5ef 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -253,7 +253,6 @@ $validcon_script_path = pick($validcon_script_path, '/usr/local/bin/validate_postgresql_connection.sh') $initdb_path = pick($initdb_path, "${bindir}/initdb") - $createdb_path = pick($createdb_path, "${bindir}/createdb") $pg_hba_conf_path = pick($pg_hba_conf_path, "${confdir}/pg_hba.conf") $pg_hba_conf_defaults = pick($pg_hba_conf_defaults, true) $pg_ident_conf_path = pick($pg_ident_conf_path, "${confdir}/pg_ident.conf") diff --git a/manifests/server.pp b/manifests/server.pp index d4b2f302cc..db1914be57 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -63,6 +63,10 @@ $_version = $postgresql::params::version } + if $createdb_path != undef{ + warning('Passing "createdb_path" to postgresql::server is deprecated, it can be removed safely for the same behaviour') + } + # Reload has its own ordering, specified by other defines class { "${pg}::reload": require => Class["${pg}::install"] } diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 8e6f5e5f6e..9dc1d7656d 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -1,28 +1,43 @@ # Define for creating a database. See README.md for more details. define postgresql::server::database( - $comment = undef, - $dbname = $title, - $owner = $postgresql::server::user, - $tablespace = undef, - $template = 'template0', - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $istemplate = false + $comment = undef, + $dbname = $title, + $owner = $postgresql::server::user, + $tablespace = undef, + $template = 'template0', + $encoding = $postgresql::server::encoding, + $locale = $postgresql::server::locale, + $istemplate = false, + $connect_settings = $postgresql::server::default_connect_settings, ) { $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port - $version = $postgresql::server::_version $default_db = $postgresql::server::default_database + # If possible use the version of the remote database, otherwise + # fallback to our local DB version + if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + $version = $connect_settings['DBVERSION'] + } else { + $version = $postgresql::server::_version + } + + # If the connection settings do not contain a port, then use the local server port + if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port = undef + } else { + $port = $postgresql::server::port + } + # Set the defaults for the postgresql_psql resource Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + port => $port, + connect_settings => $connect_settings, } # Optionally set the locale switch. Older versions of createdb may not accept @@ -30,7 +45,7 @@ if ($version != '8.1') { $locale_option = $locale ? { undef => '', - default => "--locale=${locale} ", + default => "LC_COLLATE=${locale} LC_CTYPE=${locale}", } $public_revoke_privilege = 'CONNECT' } else { @@ -38,40 +53,40 @@ $public_revoke_privilege = 'ALL' } + $template_option = $template ? { + undef => '', + default => "TEMPLATE=${template}", + } + $encoding_option = $encoding ? { undef => '', - default => "--encoding '${encoding}' ", + default => "ENCODING=${encoding}", } $tablespace_option = $tablespace ? { undef => '', - default => "--tablespace='${tablespace}' ", + default => "TABLESPACE=${tablespace}", } - $createdb_command = "${createdb_path} --port='${port}' --owner='${owner}' --template=${template} ${encoding_option}${locale_option}${tablespace_option} '${dbname}'" + if $createdb_path != undef{ + warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') + } - postgresql_psql { "Check for existence of db '${dbname}'": - command => 'SELECT 1', + postgresql_psql { "Create db '${dbname}'": + command => "CREATE DATABASE ${dbname} WITH OWNER=${owner} ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", db => $default_db, - port => $port, require => Class['postgresql::server::service'] }~> - exec { $createdb_command : - refreshonly => true, - user => $user, - logoutput => on_failure, - }~> # This will prevent users from connecting to the database unless they've been # granted privileges. postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": db => $default_db, - port => $port, refreshonly => true, } - Exec[ $createdb_command ]-> + Postgresql_psql[ "Create db '${dbname}'" ]-> postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", db => $default_db, @@ -83,7 +98,7 @@ '8.1' => 'obj_description', default => 'shobj_description', } - Exec[ $createdb_command ]-> + Postgresql_psql[ "Create db '${dbname}'" ]-> postgresql_psql {"COMMENT ON DATABASE ${dbname} IS '${comment}'": unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, @@ -92,6 +107,6 @@ # Build up dependencies on tablespace if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Exec[$createdb_command] + Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] } } diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 5973144127..6c29b57176 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -3,16 +3,18 @@ $privilege, $db, $role, - $psql_db = undef, - $psql_user = undef + $psql_db = undef, + $psql_user = undef, + $connect_settings = undef, ) { postgresql::server::grant { "database:${name}": - role => $role, - db => $db, - privilege => $privilege, - object_type => 'DATABASE', - object_name => $db, - psql_db => $psql_db, - psql_user => $psql_user, + role => $role, + db => $db, + privilege => $privilege, + object_type => 'DATABASE', + object_name => $db, + psql_db => $psql_db, + psql_user => $psql_user, + connect_settings => $connect_settings, } } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 726d9f671d..fda2b395b0 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -4,19 +4,11 @@ $ensure = 'present', $package_name = undef, $package_ensure = undef, + $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port - - # Set the defaults for the postgresql_psql resource - Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, - } case $ensure { 'present': { @@ -39,10 +31,16 @@ } postgresql_psql {"Add ${title} extension to ${database}": - db => $database, - command => $command, - unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${name}') as t WHERE t.count ${unless_comp} 1", - require => Postgresql::Server::Database[$database], + + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + connect_settings => $connect_settings, + + db => $database, + command => $command, + unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${name}') as t WHERE t.count ${unless_comp} 1", + require => Postgresql::Server::Database[$database], } if $package_name { diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index a24e34378f..447ba186df 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -2,13 +2,14 @@ define postgresql::server::grant ( $role, $db, - $privilege = undef, - $object_type = 'database', - $object_name = undef, - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port, - $onlyif_exists = false, + $privilege = undef, + $object_type = 'database', + $object_name = undef, + $psql_db = $postgresql::server::default_database, + $psql_user = $postgresql::server::user, + $port = $postgresql::server::port, + $onlyif_exists = false, + $connect_settings = $postgresql::server::default_connect_settings, ) { $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path @@ -20,6 +21,16 @@ } validate_bool($onlyif_exists) + # + # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port + # + if $port != undef { + $port_override = $port + } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port_override = undef + } else { + $port_override = $postgresql::server::port + } ## Munge the input values $_object_type = upcase($object_type) @@ -217,15 +228,16 @@ $grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${_togrant_object}\" TO \"${role}\"" postgresql_psql { "grant:${name}": - command => $grant_cmd, - db => $on_db, - port => $port, - psql_user => $psql_user, - psql_group => $group, - psql_path => $psql_path, - unless => $_unless, - onlyif => $_onlyif, - require => Class['postgresql::server'] + command => $grant_cmd, + db => $on_db, + port => $port_override, + connect_settings => $connect_settings, + psql_user => $psql_user, + psql_group => $group, + psql_path => $psql_path, + unless => $_unless, + onlyif => $_onlyif, + require => Class['postgresql::server'] } if($role != undef and defined(Postgresql::Server::Role[$role])) { @@ -235,4 +247,4 @@ if($db != undef and defined(Postgresql::Server::Database[$db])) { Postgresql::Server::Database[$db]->Postgresql_psql["grant:${name}"] } -} +} \ No newline at end of file diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 6b23aba536..3637b6908a 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -4,18 +4,37 @@ $createdb = false, $createrole = false, $db = $postgresql::server::default_database, - $port = $postgresql::server::port, + $port = undef, $login = true, $inherit = true, $superuser = false, $replication = false, $connection_limit = '-1', - $username = $title + $username = $title, + $connect_settings = $postgresql::server::default_connect_settings, ) { $psql_user = $postgresql::server::user $psql_group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - $version = $postgresql::server::_version + + # + # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port + # + if $port != undef { + $port_override = $port + } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port_override = undef + } else { + $port_override = $postgresql::server::port + } + + # If possible use the version of the remote database, otherwise + # fallback to our local DB version + if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + $version = $connect_settings['DBVERSION'] + } else { + $version = $postgresql::server::_version + } $login_sql = $login ? { true => 'LOGIN', default => 'NOLOGIN' } $inherit_sql = $inherit ? { true => 'INHERIT', default => 'NOINHERIT' } @@ -33,10 +52,11 @@ Postgresql_psql { db => $db, - port => $port, + port => $port_override, psql_user => $psql_user, psql_group => $psql_group, psql_path => $psql_path, + connect_settings => $connect_settings, require => [ Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], Class['postgresql::server'], diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index c4f84ebf66..74a00dedb7 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -13,22 +13,30 @@ # } # define postgresql::server::schema( - $db, + $db = $postgresql::server::default_database, $owner = undef, $schema = $title, + $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group - $port = $postgresql::server::port $psql_path = $postgresql::server::psql_path $version = $postgresql::server::_version + # If the connection settings do not contain a port, then use the local server port + if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port = undef + } else { + $port = $postgresql::server::port + } + Postgresql_psql { db => $db, psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, + connect_settings => $connect_settings, } $schema_title = "Create Schema '${title}'" diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 20114b3ea0..452f13d9de 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -5,20 +5,22 @@ $table, $db, $role, - $port = $postgresql::server::port, - $psql_db = undef, - $psql_user = undef, - $onlyif_exists = false, + $port = undef, + $psql_db = undef, + $psql_user = undef, + $connect_settings = undef, + $onlyif_exists = false, ) { postgresql::server::grant { "table:${name}": - role => $role, - db => $db, - port => $port, - privilege => $privilege, - object_type => 'TABLE', - object_name => $table, - psql_db => $psql_db, - psql_user => $psql_user, - onlyif_exists => $onlyif_exists, + role => $role, + db => $db, + port => $port, + privilege => $privilege, + object_type => 'TABLE', + object_name => $table, + psql_db => $psql_db, + psql_user => $psql_user, + onlyif_exists => $onlyif_exists, + connect_settings => $connect_settings, } -} +} \ No newline at end of file diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 842ce72b9c..8fb22b571f 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -2,18 +2,26 @@ define postgresql::server::tablespace( $location, $owner = undef, - $spcname = $title + $spcname = $title, + $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group - $port = $postgresql::server::port $psql_path = $postgresql::server::psql_path + # If the connection settings do not contain a port, then use the local server port + if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port = undef + } else { + $port = $postgresql::server::port + } + Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + port => $port, + connect_settings => $connect_settings, } if ($owner == undef) { diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index e1c08e6059..bbdc94424d 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -9,6 +9,7 @@ $database_password = undef, $database_username = undef, $database_port = undef, + $connect_settings = undef, $run_as = undef, $sleep = 2, $tries = 10, @@ -37,7 +38,7 @@ undef => "--dbname ${postgresql::params::default_database} ", default => "--dbname ${database_name} ", } - $env = $database_password ? { + $pass_env = $database_password ? { undef => undef, default => "PGPASSWORD=${database_password}", } @@ -48,7 +49,21 @@ # time it takes to run each psql command. $timeout = (($sleep + 2) * $tries) + # Combine $database_password and $connect_settings into an array of environment + # variables, ensure $database_password is last, allowing it to override a password + # from the $connect_settings hash + if $connect_settings != undef { + if $pass_env != undef { + $env = concat(join_keys_to_values( $connect_settings, '='), $pass_env) + } else { + $env = join_keys_to_values( $connect_settings, '=') + } + } else { + $env = $pass_env + } + $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" + exec { $exec_name: command => "echo 'Unable to connect to defined database using: ${cmd}' && false", unless => $validate_cmd, diff --git a/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml b/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml new file mode 100644 index 0000000000..574b238208 --- /dev/null +++ b/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml @@ -0,0 +1,18 @@ +HOSTS: + database: + roles: + - default + - database + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant + client: + roles: + - client + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss \ No newline at end of file diff --git a/spec/acceptance/remote_access_spec.rb b/spec/acceptance/remote_access_spec.rb new file mode 100644 index 0000000000..c69d26672d --- /dev/null +++ b/spec/acceptance/remote_access_spec.rb @@ -0,0 +1,72 @@ +require 'spec_helper_acceptance' + +describe 'remote-access', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + if hosts.length > 1 + describe "configuring multi-node postgresql" do + + # Get the database's IP to connect to from the client + let(:database_ip_address) do + hosts_as('database').inject({}) do |memo,host| + fact_on host, "ipaddress_eth1" + end + end + + hosts_as('database').each do |host| + it "should be able to configure a host as database on #{host}" do + pp = <<-EOS + # Stop firewall so we can easily connect + service {'iptables': + ensure => 'stopped', + } + + class { 'postgresql::server': + ip_mask_allow_all_users => '0.0.0.0/0', + listen_addresses => '*', + } + + postgresql::server::db { 'puppet': + user => 'puppet', + password => postgresql_password('puppet', 'puppet'), + } + + postgresql::server::pg_hba_rule { 'allow full yolo access password': + type => 'host', + database => 'all', + user => 'all', + address => '0.0.0.0/0', + auth_method => 'password', + order => '002', + } + EOS + apply_manifest_on(host, pp, :catch_failures => true) + end + end + + hosts_as('client').each do |host| + it "should be able to configure a host as client on #{host} and then access database" do + pp = <<-EOS + class { 'postgresql::client':} + + $connection_settings = { + 'PGUSER' => "puppet", + 'PGPASSWORD' => "puppet", + 'PGHOST' => "#{database_ip_address}", + 'PGPORT' => "5432", + 'PGDATABASE' => "puppet", + } + + postgresql_psql { 'run using connection_settings': + command => 'select 1', + psql_user => 'root', + psql_group => 'root', + connect_settings => $connection_settings, + } + EOS + apply_manifest_on(host, pp, :catch_failures => true) + end + end + + end + end +end \ No newline at end of file diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index edb9cb68ec..16564d76bd 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -21,11 +21,53 @@ end it { is_expected.to contain_postgresql__server__database('test') } - it { is_expected.to contain_postgresql_psql("Check for existence of db 'test'") } + it { is_expected.to contain_postgresql_psql("Create db 'test'") } context "with comment set to 'test comment'" do - let (:params) {{ :comment => 'test comment' }} + let (:params) {{ :comment => 'test comment', + :connect_settings => {} }} + + it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE test IS 'test comment'").with_connect_settings( {} ) } + end + + context "with specific db connection settings - default port" do + let :pre_condition do + "class {'postgresql::server':}" + end + + let (:params) {{ :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', }}} + + it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } + end + + context "with specific db connection settings - including port" do + let :pre_condition do + "class {'postgresql::globals':} + + class {'postgresql::server':}" + end + + let (:params) {{ :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' }}} + + it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( nil ) } + + end + + context "with global db connection settings - including port" do + let :pre_condition do + "class {'postgresql::globals': + default_connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.2', + 'PGPORT' => '1234' } + } + + class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } - it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE test IS 'test comment'") } end end diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 13588d41f1..45d9cce5f1 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -76,4 +76,61 @@ 'unless' => "SELECT 1 FROM (\n SELECT sequence_name\n FROM information_schema.sequences\n WHERE sequence_schema='public'\n EXCEPT DISTINCT\n SELECT object_name as sequence_name\n FROM information_schema.role_usage_grants\n WHERE object_type='SEQUENCE'\n AND grantee='test'\n AND object_schema='public'\n AND privilege_type='USAGE'\n ) P\n HAVING count(P.sequence_name) = 0", }) } end -end + + context "with specific db connection settings - default port" do + let :params do + { + :db => 'test', + :role => 'test', + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } + end + + context "with specific db connection settings - including port" do + let :params do + { + :db => 'test', + :role => 'test', + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ) } + end + + context "with specific db connection settings - port overriden by explicit parameter" do + let :params do + { + :db => 'test', + :role => 'test', + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', }, + :port => '5678', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( '5678' ) } + end +end \ No newline at end of file diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 8f9085575a..3540d49e09 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -20,6 +20,7 @@ let :params do { :password_hash => 'new-pa$s', + :connect_settings => {}, } end @@ -33,6 +34,8 @@ 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'port' => "5432", + 'connect_settings' => {}, }) end it 'should have alter role for "test" user with password as ****' do @@ -40,6 +43,96 @@ 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'port' => "5432", + 'connect_settings' => {}, }) end + + context "with specific db connection settings - default port" do + let :params do + { + :password_hash => 'new-pa$s', + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__role('test') } + it 'should have create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ + 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", + 'environment' => "NEWPGPASSWD=new-pa$s", + 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'port' => "5432", + + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + }) + end + it 'should have alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ + 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", + 'environment' => "NEWPGPASSWD=new-pa$s", + 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'port' => "5432", + + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + }) + end + end + + context "with specific db connection settings - including port" do + let :params do + { + :password_hash => 'new-pa$s', + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__role('test') } + it 'should have create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ + 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", + 'environment' => "NEWPGPASSWD=new-pa$s", + 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + }) + end + it 'should have alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ + 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", + 'environment' => "NEWPGPASSWD=new-pa$s", + 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + }) + end + end + end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index b21a326a1f..b75bd987aa 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -15,7 +15,7 @@ it "executes with the given psql_path on the given DB" do expect(provider).to receive(:run_command).with(['psql', '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', - 'postgres') + 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end @@ -33,7 +33,7 @@ expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], - attributes[:psql_user], attributes[:psql_group]) + attributes[:psql_user], attributes[:psql_group], {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end @@ -46,7 +46,7 @@ it "executes with the given search_path" do expect(provider).to receive(:run_command).with(['psql', '-t', '-c', '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], - 'postgres', 'postgres') + 'postgres', 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end @@ -60,7 +60,8 @@ expect(provider).to receive(:run_command).with(['psql', '-t', '-c', '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], 'postgres', - 'postgres' + 'postgres', + {} ) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -74,7 +75,19 @@ expect(provider).to receive(:run_command).with(["psql", "-p", "5555", "-t", "-c", "\"SELECT something\""], - "postgres", "postgres") + "postgres", "postgres", {} ) + + provider.run_sql_command("SELECT something") + end + end + describe "with connect_settings" do + let(:attributes) do { :connect_settings => { 'PGHOST' => '127.0.0.1' } } end + + it "executes with the given host" do + expect(provider).to receive(:run_command).with(["psql", + "-t", "-c", + "\"SELECT something\""], + "postgres", "postgres", { 'PGHOST' => '127.0.0.1' } ) provider.run_sql_command("SELECT something") end diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 5b73a0f03c..38833271af 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper' describe Puppet::Type.type(:postgresql_psql), "when validating attributes" do - [:name, :unless, :db, :psql_path, :psql_user, :psql_group].each do |attr| + [:name, :unless, :db, :psql_path, :psql_user, :psql_group, :connect_settings].each do |attr| it "should have a #{attr} parameter" do expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) end @@ -21,16 +21,18 @@ describe "available attributes" do { - :name => "rspec", - :command => "SELECT stuff", - :unless => "SELECT other,stuff", - :db => "postgres", - :psql_path => "/bin/false", - :psql_user => "postgres", - :psql_group => "postgres", - :cwd => "/var/lib", - :refreshonly => :true, - :search_path => [ "schema1", "schema2"] + :name => "rspec", + :command => "SELECT stuff", + :unless => "SELECT other,stuff", + :db => "postgres", + :psql_path => "/bin/false", + :psql_user => "postgres", + :psql_group => "postgres", + :cwd => "/var/lib", + :refreshonly => :true, + :search_path => [ "schema1", "schema2"], + :connect_settings => { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', }, }.each do |attr, value| context attr do let(:attributes) do { attr => value } end From 8ce98ad9a1793545733d01b95cac57b21b3bddcb Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 27 Aug 2015 16:02:36 +0100 Subject: [PATCH 0028/1000] (MAINT) do not run the multi-node tests by default --- spec/acceptance/remote_access_spec.rb | 110 +++++++++++++------------- 1 file changed, 55 insertions(+), 55 deletions(-) diff --git a/spec/acceptance/remote_access_spec.rb b/spec/acceptance/remote_access_spec.rb index c69d26672d..9dd31de1b6 100644 --- a/spec/acceptance/remote_access_spec.rb +++ b/spec/acceptance/remote_access_spec.rb @@ -1,72 +1,72 @@ require 'spec_helper_acceptance' describe 'remote-access', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + before do + skip "These tests require the spec/acceptance/nodesets/centos-64-x64-2-hosts nodeset" + end - if hosts.length > 1 - describe "configuring multi-node postgresql" do + describe "configuring multi-node postgresql" do - # Get the database's IP to connect to from the client - let(:database_ip_address) do - hosts_as('database').inject({}) do |memo,host| - fact_on host, "ipaddress_eth1" - end + # Get the database's IP to connect to from the database + let(:database_ip_address) do + hosts_as('database').inject({}) do |memo,host| + fact_on host, "ipaddress_eth1" end + end - hosts_as('database').each do |host| - it "should be able to configure a host as database on #{host}" do - pp = <<-EOS - # Stop firewall so we can easily connect - service {'iptables': - ensure => 'stopped', - } + hosts_as('database').each do |host| + it "should be able to configure a host as database on #{host}" do + pp = <<-EOS + # Stop firewall so we can easily connect + service {'iptables': + ensure => 'stopped', + } - class { 'postgresql::server': - ip_mask_allow_all_users => '0.0.0.0/0', - listen_addresses => '*', - } + class { 'postgresql::server': + ip_mask_allow_all_users => '0.0.0.0/0', + listen_addresses => '*', + } - postgresql::server::db { 'puppet': - user => 'puppet', - password => postgresql_password('puppet', 'puppet'), - } + postgresql::server::db { 'puppet': + user => 'puppet', + password => postgresql_password('puppet', 'puppet'), + } - postgresql::server::pg_hba_rule { 'allow full yolo access password': - type => 'host', - database => 'all', - user => 'all', - address => '0.0.0.0/0', - auth_method => 'password', - order => '002', - } - EOS - apply_manifest_on(host, pp, :catch_failures => true) - end + postgresql::server::pg_hba_rule { 'allow full yolo access password': + type => 'host', + database => 'all', + user => 'all', + address => '0.0.0.0/0', + auth_method => 'password', + order => '002', + } + EOS + apply_manifest_on(host, pp, :catch_failures => true) end + end - hosts_as('client').each do |host| - it "should be able to configure a host as client on #{host} and then access database" do - pp = <<-EOS - class { 'postgresql::client':} + hosts_as('client').each do |host| + it "should be able to configure a host as client on #{host} and then access database" do + pp = <<-EOS + class { 'postgresql::client':} - $connection_settings = { - 'PGUSER' => "puppet", - 'PGPASSWORD' => "puppet", - 'PGHOST' => "#{database_ip_address}", - 'PGPORT' => "5432", - 'PGDATABASE' => "puppet", - } + $connection_settings = { + 'PGUSER' => "puppet", + 'PGPASSWORD' => "puppet", + 'PGHOST' => "#{database_ip_address}", + 'PGPORT' => "5432", + 'PGDATABASE' => "puppet", + } - postgresql_psql { 'run using connection_settings': - command => 'select 1', - psql_user => 'root', - psql_group => 'root', - connect_settings => $connection_settings, - } - EOS - apply_manifest_on(host, pp, :catch_failures => true) - end + postgresql_psql { 'run using connection_settings': + command => 'select 1', + psql_user => 'root', + psql_group => 'root', + connect_settings => $connection_settings, + } + EOS + apply_manifest_on(host, pp, :catch_failures => true) end - end end -end \ No newline at end of file +end From 03da5f19b422821a00d1a601d5f0d482ba799818 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Tue, 1 Sep 2015 16:49:52 -0700 Subject: [PATCH 0029/1000] updates metadata.json to match Puppet 4.x PMT output --- metadata.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/metadata.json b/metadata.json index 927204937e..f822f06664 100644 --- a/metadata.json +++ b/metadata.json @@ -7,6 +7,11 @@ "source": "git://github.com/puppetlabs/puppetlabs-postgresql.git", "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, + {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <2.0.0"} + ], "operatingsystem_support": [ { "operatingsystem": "RedHat", @@ -65,10 +70,5 @@ "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, - {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <2.0.0"} ] } From dbcb359d33578b2cd2c119a82eda9991d49324a3 Mon Sep 17 00:00:00 2001 From: Josh Behrends Date: Fri, 4 Sep 2015 10:58:53 -0700 Subject: [PATCH 0030/1000] updated systemd-override to support fedora and CentOS paths for systemd --- spec/unit/classes/server/config_spec.rb | 52 +++++++++++++++++++++++-- templates/systemd-override.erb | 4 ++ 2 files changed, 53 insertions(+), 3 deletions(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 4e77c7e4fe..c03032d9b3 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -25,7 +25,7 @@ :group => 'root', }) is_expected.to contain_file('systemd-override') \ - .with_content(/postgresql.service/) + .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql.service/) end describe 'with manage_package_repo => true and a version' do @@ -47,9 +47,55 @@ class { 'postgresql::server': } :group => 'root', }) is_expected.to contain_file('systemd-override') \ - .with_content(/postgresql-9.4.service/) + .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql-9.4.service/) end end end -end + describe 'on Fedora 21' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'Fedora', + :operatingsystemrelease => '21', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + it 'should have the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with ({ + :ensure => 'present', + :path => '/etc/systemd/system/postgresql.service', + :owner => 'root', + :group => 'root', + }) + is_expected.to contain_file('systemd-override') \ + .with_content(/.include \/lib\/systemd\/system\/postgresql.service/) + end + + describe 'with manage_package_repo => true and a version' do + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + manage_package_repo => true, + version => '9.4', + }-> + class { 'postgresql::server': } + EOS + end + + it 'should have the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with ({ + :ensure => 'present', + :path => '/etc/systemd/system/postgresql-9.4.service', + :owner => 'root', + :group => 'root', + }) + is_expected.to contain_file('systemd-override') \ + .with_content(/.include \/lib\/systemd\/system\/postgresql-9.4.service/) + end + end + end +end diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index 6e4973672d..eb4f787f77 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -1,4 +1,8 @@ +<%- if scope.lookupvar('::operatingsystem') == 'Fedora' -%> .include /lib/systemd/system/<%= @service_name %>.service +<% else -%> +.include /usr/lib/systemd/system/<%= @service_name %>.service +<% end -%> [Service] Environment=PGPORT=<%= @port %> Environment=PGDATA=<%= @datadir %> From b9b67951e110570bb827392fc7590321ba055f20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20B=C3=A4urer?= Date: Fri, 4 Sep 2015 23:35:59 +0200 Subject: [PATCH 0031/1000] Change apt::pin to apt_postgresql_org to prevent error message "wrong file extension". --- manifests/repo/apt_postgresql_org.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 82accff2ca..1487e2cf85 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -5,7 +5,7 @@ # # http://www.postgresql.org/download/linux/debian/ # - apt::pin { 'apt.postgresql.org': + apt::pin { 'apt_postgresql_org': originator => 'apt.postgresql.org', priority => 500, }-> From c1f45306343cdd28385df3578520e83fb7a4e0ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Conil?= Date: Wed, 2 Sep 2015 10:33:46 +1000 Subject: [PATCH 0032/1000] Fixes MODULES_2059 - adds extension argument This adds the ability to define the extension name separately from the "title" of the resource, which allows you to add the extension to more than one database. As per the original ticket, extensions in postgresql can be defined on a per database basis. By using the same name for both the extension and the instance of postgresql::server::extension, you're getting duplicates errors if you try to assign an extension to more than one database --- README.md | 5 ++- manifests/server/extension.pp | 19 +++++----- spec/unit/defines/server/extension_spec.rb | 43 ++++++++++++++++++++-- 3 files changed, 54 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index f6ee241406..584970ebde 100644 --- a/README.md +++ b/README.md @@ -679,7 +679,10 @@ OS user for running `psql`. Defaults to the default user for the module, usually Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. ###Resource: postgresql::server::extension -Manages a postgresql extension. +This defined type manages a postgresql extension for a given database. + +####`extension` +The extension to activate. If left blank, will use the name of the resource. ####`database` The database on which to activate the extension. diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index fda2b395b0..14b51f2c78 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -1,6 +1,7 @@ # Activate an extension on a postgresql database define postgresql::server::extension ( $database, + $extension = $name, $ensure = 'present', $package_name = undef, $package_ensure = undef, @@ -12,16 +13,16 @@ case $ensure { 'present': { - $command = "CREATE EXTENSION \"${name}\"" + $command = "CREATE EXTENSION \"${extension}\"" $unless_comp = '=' $package_require = undef - $package_before = Postgresql_psql["Add ${title} extension to ${database}"] + $package_before = Postgresql_psql["Add ${extension} extension to ${database}"] } 'absent': { - $command = "DROP EXTENSION \"${name}\"" + $command = "DROP EXTENSION \"${extension}\"" $unless_comp = '!=' - $package_require = Postgresql_psql["Add ${title} extension to ${database}"] + $package_require = Postgresql_psql["Add ${extension} extension to ${database}"] $package_before = undef } @@ -30,7 +31,8 @@ } } - postgresql_psql {"Add ${title} extension to ${database}": + + postgresql_psql {"Add ${extension} extension to ${database}": psql_user => $user, psql_group => $group, @@ -39,7 +41,7 @@ db => $database, command => $command, - unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${name}') as t WHERE t.count ${unless_comp} 1", + unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${extension}') as t WHERE t.count ${unless_comp} 1", require => Postgresql::Server::Database[$database], } @@ -49,12 +51,11 @@ default => $package_ensure, } - package { "Postgresql extension ${title}": + ensure_packages($package_name, { ensure => $_package_ensure, - name => $package_name, tag => 'postgresql', require => $package_require, before => $package_before, - } + }) } } diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 306326da7f..54386a165f 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -41,7 +41,7 @@ }) } it { - is_expected.to contain_package('Postgresql extension postgis').with({ + is_expected.to contain_package('postgis').with({ :ensure => 'present', :name => 'postgis', }).that_comes_before('Postgresql_psql[Add postgis extension to template_postgis]') @@ -63,7 +63,7 @@ } it { - is_expected.to contain_package('Postgresql extension postgis').with({ + is_expected.to contain_package('postgis').with({ :ensure => 'absent', :name => 'postgis', }) @@ -83,7 +83,7 @@ } it { - is_expected.to contain_package('Postgresql extension postgis').with({ + is_expected.to contain_package('postgis').with({ :ensure => 'present', :name => 'postgis', }).that_requires('Postgresql_psql[Add postgis extension to template_postgis]') @@ -91,3 +91,40 @@ end end end + +describe 'postgresql::server::extension', :type => :define do + let :pre_condition do + "class { 'postgresql::server': } + postgresql::server::database { 'template_postgis2': + template => 'template1', + }" + end + + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6.0', + :kernel => 'Linux', + :concat_basedir => tmpfilename('postgis'), + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let (:title) { 'postgis_db2' } + let (:params) { { + :database => 'template_postgis2', + :extension => 'postgis', + } } + + context "with mandatory arguments only" do + it { + is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis2').with({ + :db => 'template_postgis2', + :command => 'CREATE EXTENSION "postgis"', + :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count = 1", + }).that_requires('Postgresql::Server::Database[template_postgis2]') + } + end +end From 56b119fc627a63fb7dd05448966de99653940657 Mon Sep 17 00:00:00 2001 From: Javier Wilson Date: Tue, 25 Aug 2015 02:09:42 -0600 Subject: [PATCH 0033/1000] fedora 22 postgresql version 9.4 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 6809af7118..9ca3be141a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -60,6 +60,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(22)$/ => '9.4', /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', /^(17)$/ => '9.1', From ea9203dd1acf4bcb55b5ef215dd3a8d18606471a Mon Sep 17 00:00:00 2001 From: Stefan Warten Date: Tue, 29 Sep 2015 10:11:28 +0200 Subject: [PATCH 0034/1000] Added parameter to disable automatic service restarts on config changes --- manifests/params.pp | 1 + manifests/server.pp | 1 + manifests/server/config_entry.pp | 8 +++++--- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index df91f0c5ef..d874f2c4c6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -13,6 +13,7 @@ $service_ensure = 'running' $service_enable = true $service_manage = true + $service_restart_on_change = true $service_provider = $service_provider $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) diff --git a/manifests/server.pp b/manifests/server.pp index db1914be57..5469f26797 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -13,6 +13,7 @@ $service_enable = $postgresql::params::service_enable, $service_manage = $postgresql::params::service_manage, $service_name = $postgresql::params::service_name, + $service_restart_on_change = $postgresql::params::service_restart_on_change, $service_provider = $postgresql::params::service_provider, $service_reload = $postgresql::params::service_reload, $service_status = $postgresql::params::service_status, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 9ba46bf99e..72daea332e 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -17,9 +17,11 @@ case $name { /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { - Postgresql_conf { - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], + if $postgresql::server::service_restart_on_change { + Postgresql_conf { + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], + } } } From 626433a12524d8b96844e6f533e42a2cf85042d3 Mon Sep 17 00:00:00 2001 From: Stefan Warten Date: Tue, 29 Sep 2015 10:41:16 +0200 Subject: [PATCH 0035/1000] Added parameter to disable automatic service restarts on config changes --- manifests/server/config_entry.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 72daea332e..6c91908b25 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -22,6 +22,8 @@ notify => Class['postgresql::server::service'], before => Class['postgresql::server::reload'], } + } else { + Postgresql_conf {} } } From fad4c164abb2af902dc8262242a11effa6c78303 Mon Sep 17 00:00:00 2001 From: Bob van Bokkem Date: Wed, 30 Sep 2015 14:25:45 +0200 Subject: [PATCH 0036/1000] syntax error near UTF8 --- manifests/server/database.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 9dc1d7656d..bf279ae74e 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -60,7 +60,7 @@ $encoding_option = $encoding ? { undef => '', - default => "ENCODING=${encoding}", + default => "ENCODING='${encoding}'", } $tablespace_option = $tablespace ? { From 186cd2d1d7cab0303756c1cb856b98e5f1907e95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 7 Oct 2015 10:36:32 +0200 Subject: [PATCH 0037/1000] Remove extra blanks and backslashes. --- README.md | 57 ++++++++++++++++++++++++++----------------------------- 1 file changed, 27 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 584970ebde..1bc9d38efc 100644 --- a/README.md +++ b/README.md @@ -195,14 +195,14 @@ Resources: Custom Resources: -* [postgresql\_psql](#custom-resource-postgresql_psql) -* [postgresql\_replication\_slot](#custom-resource-postgresql_replication_slot) -* [postgresql\_conf](#custom-resource-postgresql_conf) +* [postgresql_psql](#custom-resource-postgresql_psql) +* [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) +* [postgresql_conf](#custom-resource-postgresql_conf) Functions: -* [postgresql\_password](#function-postgresql_password) -* [postgresql\_acls\_to\_resources\_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) +* [postgresql_password](#function-postgresql_password) +* [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) ###Class: postgresql::globals @@ -285,10 +285,10 @@ Path to the `createdb` command. Path to the `psql` command. ####`pg_hba_conf_path` -Path to your `pg\_hba.conf` file. +Path to your `pg_hba.conf` file. ####`pg_ident_conf_path` -Path to your `pg\_ident.conf` file. +Path to your `pg_ident.conf` file. ####`postgresql_conf_path` Path to your `postgresql.conf` file. @@ -297,10 +297,10 @@ Path to your `postgresql.conf` file. Path to your `recovery.conf` file. ####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. +If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ####`datadir` -This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. Please note that changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set needs\_initdb to true in order to allow Puppet to initialize the database in the new datadir (needs\_initdb defaults to true on other systems). +This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. Please note that changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set needs_initdb to true in order to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). Warning: If datadir is changed from the default, puppet will not manage purging of the original data directory, which will cause it to fail if the data directory is changed back to the original. @@ -415,10 +415,10 @@ Path to the `createdb` command. Path to the `psql` command. ####`pg_hba_conf_path` -Path to your `pg\_hba.conf` file. +Path to your `pg_hba.conf` file. ####`pg_ident_conf_path` -Path to your `pg\_ident.conf` file. +Path to your `pg_ident.conf` file. ####`postgresql_conf_path` Path to your `postgresql.conf` file. @@ -427,10 +427,7 @@ Path to your `postgresql.conf` file. Path to your `recovery.conf` file. ####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you di -sagree with the defaults and wish to override them yourself. Be sure that your changes of course alig -n with the rest of the module, as some access is required to perform basic `psql` operations for exam -ple. +If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ####`user` This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. @@ -558,7 +555,7 @@ The name of the postgresql PL/Perl package. The ensure parameter passed on to postgresql PL/Perl package resource. -###Resource: postgresql::server::config\_entry +###Resource: postgresql::server::config_entry This resource can be used to modify your `postgresql.conf` configuration file. Each resource maps to a line inside your `postgresql.conf` file, for example: @@ -654,7 +651,7 @@ Define database as a template. Defaults to `false`. ####`connect_settings` Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::database\_grant +###Resource: postgresql::server::database_grant This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. ####`namevar` @@ -732,7 +729,7 @@ Port to use when connecting. Default to 'undef' which generally defaults to 5432 ####`connect_settings` Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::pg\_hba\_rule +###Resource: postgresql::server::pg_hba_rule This defined type allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/8.2/static/auth-pg-hba-conf.html). For example: @@ -799,7 +796,7 @@ This provides the target for the rule, and is generally an internal only propert ####`postgresql_version` Defaults to the version set in `postgresql::server`. Use this if you want to manage `pg_hba.conf` without managing the entire PostgreSQL instance. -###Resource: postgresql::server::pg\_ident\_rule +###Resource: postgresql::server::pg_ident_rule This defined type allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). For example: @@ -965,7 +962,7 @@ Name of the schma. Defaults to `namevar`. Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::table\_grant +###Resource: postgresql::server::table_grant This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. ####`namevar` @@ -1017,7 +1014,7 @@ Name of the tablespace. Defaults to `namevar`. ####`connect_settings` Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::validate\_db\_connection +###Resource: postgresql::validate_db_connection This resource can be utilised inside composite manifests to validate that a client has a valid connection with a remote PostgreSQL database. It can be ran from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests, so it is often used when chained to other tasks such as: starting an application server, performing a database migration. @@ -1067,7 +1064,7 @@ Upon failure, sets the number of attempts before giving up and failing the resou This will ensure the database is created before running the test. This only really works if your test is local. Defaults to `true`. -### Custom Resource: postgresql\_psql +### Custom Resource: postgresql_psql This type allows puppet to run psql statements. #### `name` @@ -1091,14 +1088,14 @@ Multiple environment variables should be specified as an array. #### `port` The port of the database server to execute the SQL command against. -#### `psql\_group` +#### `psql_group` The system user group account under which the psql command should be executed. Defaults to 'postgres' -#### `psql\_path` +#### `psql_path` The path to psql executable. Defaults to 'psql' -#### `psql\_user` +#### `psql_user` The system user account under which the psql command should be executed. Defaults to "postgres" @@ -1106,7 +1103,7 @@ Defaults to "postgres" If 'true', then the SQL will only be executed via a notify/subscribe event. Valid values are true or false. Defaults to false. -#### `search\_path` +#### `search_path` The schema search path to use when executing the SQL command #### `unless` @@ -1115,7 +1112,7 @@ generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -### Custom Resource: postgresql\_conf +### Custom Resource: postgresql_conf This type allows puppet to manage postgresql.conf parameters. #### `name` @@ -1127,7 +1124,7 @@ The path to postgresql.conf. Defaults to '/etc/postgresql.conf' #### `value` The value to set for this parameter. -### Custom Resource: postgresql\_replication\_slot +### Custom Resource: postgresql_replication_slot This type allows to create and destroy replication slots to register warm standby replication on a Postgresql master server. @@ -1135,12 +1132,12 @@ master server. #### `name` The name of the slot to create. Must be a validt replication slot name. This is the namevar. -###Function: postgresql\_password +###Function: postgresql_password If you need to generate a postgres encrypted password, use `postgresql_password`. You can call it from your production manifests if you don't mind them containing the clear text versions of your passwords, or you can call it from the command line and then copy and paste the encrypted password into your manifest: $ puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' -###Function: postgresql\_acls\_to\_resources\_hash(acl\_array, id, order\_offset) +###Function: postgresql_acls_to_resources_hash(acl_array, id, order_offset) This internal function converts a list of `pg_hba.conf` based acls (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. **This function should only be used internally by the module**. From e8c661e207283de90badfd7f62d2d7c9eb8911c4 Mon Sep 17 00:00:00 2001 From: Stefan Warten Date: Wed, 7 Oct 2015 16:24:41 +0200 Subject: [PATCH 0038/1000] Added parameter description in README, before-relation if restart_on_change is false, and unit tests for both conditions of the parameter --- README.md | 3 +++ manifests/server/config_entry.pp | 7 ++++++- spec/unit/classes/server_spec.rb | 22 ++++++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 584970ebde..85e6f44b8d 100644 --- a/README.md +++ b/README.md @@ -380,6 +380,9 @@ This setting can be used to override the default postgresql service provider. If ####`service_reload` This setting can be used to override the default reload command for your PostgreSQL service. If not specified, the module will the default reload command for your OS distro. +####`service_restart_on_change` +This setting can be used to override the default behaviour to restart your Postgresql service when a config entry has been changed that requires a service restart to become active. Defaults to `true`. + ####`service_status` This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service name is the default for your OS distro. diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 6c91908b25..50ec085e72 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -23,7 +23,12 @@ before => Class['postgresql::server::reload'], } } else { - Postgresql_conf {} + Postgresql_conf { + before => [ + Class['postgresql::server::service'], + Class['postgresql::server::reload'], + ], + } } } diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index c29473ac34..b42343cbc8 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -60,6 +60,28 @@ end end + describe 'service_restart_on_change => false' do + let(:params) {{ :service_restart_on_change => false }} + it { is_expected.to contain_class("postgresql::params") } + it { is_expected.to contain_class("postgresql::server") } + it { is_expected.to_not contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + } + it 'should validate connection' do + is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + end + end + + describe 'service_restart_on_change => true' do + let(:params) {{ :service_restart_on_change => true }} + it { is_expected.to contain_class("postgresql::params") } + it { is_expected.to contain_class("postgresql::server") } + it { is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + } + it 'should validate connection' do + is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + end + end + describe 'service_reload => /bin/true' do let(:params) {{ :service_reload => '/bin/true' }} it { is_expected.to contain_class("postgresql::params") } From 2f46f6fd25ed4c4c49d6ccc7aee3817e2b549b72 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Wed, 28 Oct 2015 18:17:52 +0200 Subject: [PATCH 0039/1000] Use double qoutes around database name. When using a database name that contains dashes or underscores, the CREATE DATABASE statement fails with a syntax error. Use double quotes around the database name to solve this. --- manifests/server/database.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index bf279ae74e..894b4df000 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -73,7 +73,7 @@ } postgresql_psql { "Create db '${dbname}'": - command => "CREATE DATABASE ${dbname} WITH OWNER=${owner} ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + command => "CREATE DATABASE \"${dbname}\" WITH OWNER=${owner} ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", db => $default_db, require => Class['postgresql::server::service'] From 2f9cf7be4fc54a533d577b4b93f8556010a7ad7b Mon Sep 17 00:00:00 2001 From: Patrick Hervieux Date: Wed, 4 Nov 2015 16:13:32 +0100 Subject: [PATCH 0040/1000] Add support for Ubuntu 15.10 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 9ca3be141a..a136fa4aa1 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -88,6 +88,7 @@ default => undef, }, 'Ubuntu' => $::operatingsystemrelease ? { + /^(15.10)$/ => '9.4', /^(15.04)$/ => '9.4', /^(14.10)$/ => '9.4', /^(14.04)$/ => '9.3', From e53d799bc7757e71fbffd954761d65d7fc70f4db Mon Sep 17 00:00:00 2001 From: Matthias Jacob Date: Thu, 2 Jan 2014 22:12:48 +0100 Subject: [PATCH 0041/1000] Added .gitattributes to maintain line endings for .sh files --- .gitattributes | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitattributes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000..2e05fd47de --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.sh eol=lf From df03ea739670bd481e90860fd2b72268aea723de Mon Sep 17 00:00:00 2001 From: Johannes Linke Date: Fri, 6 Nov 2015 09:05:45 +0100 Subject: [PATCH 0042/1000] Maintain line endings for .rb files as well --- .gitattributes | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitattributes b/.gitattributes index 2e05fd47de..e1fb344e08 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1 +1,2 @@ *.sh eol=lf +*.rb eol=lf From 244097c9420cd969401d83c6bf138f3681ecea15 Mon Sep 17 00:00:00 2001 From: Oriol Demaria Date: Tue, 10 Nov 2015 20:33:34 +0000 Subject: [PATCH 0043/1000] OpenBSD version is now 9.4 --- manifests/globals.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 9ca3be141a..8c2b918c88 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -102,7 +102,10 @@ default => '9.2', }, 'FreeBSD' => '93', - 'OpenBSD' => '9.3', + 'OpenBSD' => $::operatingsystemrelease ? { + /5\.6/ => '9.3', + /5\.[7-8]/ => '9.4', + }, 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', From 9590de98d604d091f42266b275add2bc4f0cec74 Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Wed, 18 Nov 2015 17:49:16 -0700 Subject: [PATCH 0044/1000] (maint) removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs --- .travis.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 7e8ed57bbd..c418ab5f2a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,8 +6,6 @@ script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake matrix: fast_finish: true include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 1.9.3 env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 @@ -16,9 +14,5 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - rvm: 2.1.6 env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" notifications: email: false From 9f0141f9554da51f183bbcdb8b96f5053f7e758f Mon Sep 17 00:00:00 2001 From: Jason Downs Date: Thu, 19 Nov 2015 11:06:19 -0800 Subject: [PATCH 0045/1000] Fix paths to work on Amazon Linux, update unit test --- manifests/params.pp | 14 ++++++++++---- spec/unit/classes/server/initdb_spec.rb | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index d874f2c4c6..3885c07db2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -42,7 +42,7 @@ $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/bin') $datadir = $::operatingsystem ? { - 'Amazon' => pick($datadir, '/var/lib/pgsql9/data'), + 'Amazon' => pick($datadir, "/var/lib/pgsql${package_version}/data"), default => pick($datadir, '/var/lib/pgsql/data'), } $confdir = pick($confdir, $datadir) @@ -55,10 +55,16 @@ $docs_package_name = pick($docs_package_name, "postgresql${package_version}-docs") $plperl_package_name = pick($plperl_package_name, "postgresql${package_version}-plperl") $plpython_package_name = pick($plpython_package_name, "postgresql${package_version}-plpython") - $service_name = pick($service_name, "postgresql-${version}") - $bindir = pick($bindir, "/usr/pgsql-${version}/bin") + $service_name = $::operatingsystem ? { + 'Amazon' => pick($service_name, "postgresql${version}"), + default => pick($service_name, "postgresql-${version}"), + } + $bindir = $::operatingsystem ? { + 'Amazon' => pick($bindir, '/usr/bin'), + default => pick($bindir, "/usr/pgsql-${version}/bin"), + } $datadir = $::operatingsystem ? { - 'Amazon' => pick($datadir, "/var/lib/pgsql9/${version}/data"), + 'Amazon' => pick($datadir, "/var/lib/pgsql${package_version}/data"), default => pick($datadir, "/var/lib/pgsql/${version}/data"), } $confdir = pick($confdir, $datadir) diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index ab7632d8a1..5ddfb70045 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -30,7 +30,7 @@ :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end - it { is_expected.to contain_file('/var/lib/pgsql9/data').with_ensure('directory') } + it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } end end From 123f8294bdf3af832d967bc00ee42f119a9c8740 Mon Sep 17 00:00:00 2001 From: tphoney Date: Mon, 23 Nov 2015 12:13:45 +0000 Subject: [PATCH 0046/1000] 4.6.1 release prep --- CHANGELOG.md | 5 +++++ metadata.json | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49ad2cc6b7..b904bc6a56 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +## Supported Release 4.6.1 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + ## 2015-09-01 - Supported Release 4.6.0 ### Summary This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. diff --git a/metadata.json b/metadata.json index f822f06664..5d9bf48222 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.6.0", + "version": "4.6.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -64,7 +64,7 @@ "requirements": [ { "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.3.0" + "version_requirement": ">= 3.0.0 < 2015.4.0" }, { "name": "puppet", From 95aa691c62fa8de23c5514fd0b2f7cdb07043fdb Mon Sep 17 00:00:00 2001 From: Fabrizio Regini Date: Sun, 29 Nov 2015 13:18:46 +0100 Subject: [PATCH 0047/1000] fix quote around locale options --- manifests/server/database.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 894b4df000..f1adf646b7 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -45,7 +45,7 @@ if ($version != '8.1') { $locale_option = $locale ? { undef => '', - default => "LC_COLLATE=${locale} LC_CTYPE=${locale}", + default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", } $public_revoke_privilege = 'CONNECT' } else { From a6872994a34fb5e00a9d2c8b4bc97498586871ac Mon Sep 17 00:00:00 2001 From: Jesse Reynolds Date: Tue, 8 Dec 2015 10:12:36 +1100 Subject: [PATCH 0048/1000] postgresql::server::db is a defined type not a class --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4d0a49e3c5..77eeaa047c 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,7 @@ Usage ###Creating a database -There are many ways to set up a postgres database using the `postgresql::server::db` class. For instance, to set up a database for PuppetDB: +There are many ways to set up a postgres database using the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: class { 'postgresql::server': } From aa044ba2956b46641f4e34ba5bee9cbb63dc7f85 Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Mon, 21 Dec 2015 23:36:00 +0100 Subject: [PATCH 0049/1000] OpenBSD 5.9 will also ship a PostgreSQL 9.4 version --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 6af19ca9c5..a1801fa564 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -105,7 +105,7 @@ 'FreeBSD' => '93', 'OpenBSD' => $::operatingsystemrelease ? { /5\.6/ => '9.3', - /5\.[7-8]/ => '9.4', + /5\.[7-9]/ => '9.4', }, 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { From 5aac739f94efc2bd32880ffcd801f277ef81af61 Mon Sep 17 00:00:00 2001 From: Jorie Tappa Date: Thu, 21 Jan 2016 14:26:29 -0600 Subject: [PATCH 0050/1000] DOC-1496: README re-write. --- README.md | 1343 ++++++++++++++++++++++++++--------------------------- 1 file changed, 655 insertions(+), 688 deletions(-) diff --git a/README.md b/README.md index 77eeaa047c..e114f17fd5 100644 --- a/README.md +++ b/README.md @@ -1,33 +1,36 @@ -postgresql -========== +# postgresql -Table of Contents ------------------ -1. [Overview - What is the PostgreSQL module?](#overview) +#### Table of Contents + +1. [Overview - What is the posgresql module?](#overview) 2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with PostgreSQL module](#setup) - * [PE 3.2 supported module](#pe-32-supported-module) +3. [Setup - The basics of getting started with posgresql module](#setup) + * [PE Supported module](#supported-module) * [Configuring the server](#configuring-the-server) -4. [Usage - How to use the module for various tasks](#usage) -5. [Reference - The classes, defines,functions and facts available in this module](#reference) +4. [Usage - Configuration options and additional functionality](#usage) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) + * [Classes](#classes) + * [Defined Types](#defined-types) + * [Types](#types) + * [Functions](#functions) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) -8. [Transfer Notice - Notice of authorship change](#transfer-notice) -9. [Contributors - List of module contributors](#contributors) + * [Transfer Notice - Notice of authorship change](#transfer-notice) + * [Contributors - List of module contributors](#contributors) +8. [Tests](#tests) +9. [Transfer Notice - Notice of authorship change](#transfer-notice) +10. [Contributors - List of module contributors](#contributors) -Overview --------- +## Overview -The PostgreSQL module allows you to easily manage postgres databases with Puppet. +The posgresql module allows you to easily manage PostgreSQL databases with Puppet. -Module Description -------------------- +## Module description -PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage PostgreSQL packages and services on several operating systems, while also supporting basic management of PostgreSQL databases and users. The module offers support for basic management of common security settings. +PostgreSQL is a high-performance, free, open-source relational database server. The posgresql module allows you to manage PostgreSQL packages and services on several operating systems, while also supporting basic management of PostgreSQL databases and users. The module offers support for basic management of common security settings. -Setup ------ +## Setup **What puppetlabs-PostgreSQL affects:** @@ -37,26 +40,29 @@ Setup **Introductory Questions** -The postgresql module offers many security configuration settings. Before getting started, you will want to consider: +The posgresql module offers many security configuration settings. Before getting started, you will want to consider: -* Do you want/need to allow remote connections? +* Do you want or need to allow remote connections? * If yes, what about TCP connections? * How restrictive do you want the database superuser's permissions to be? Your answers to these questions will determine which of the module's parameters you'll want to specify values for. -###PE 3.2 supported module +### Supported module + +Puppet Enterprise 3.2 introduced Puppet Labs supported modules. The version of the posgresql module that ships with PE is supported via normal [Puppet Enterprise support](http://puppetlabs.com/services/customer-support) channels. If you would like to access the [supported module](http://forge.puppetlabs.com/supported) version, you will need to uninstall the shipped module and install the supported version from the Puppet Forge. You can do this by first running -PE 3.2 introduces Puppet Labs supported modules. The version of the postgresql module that ships within PE 3.2 is supported via normal [Puppet Enterprise support](http://puppetlabs.com/services/customer-support) channels. If you would like to access the [supported module](http://forge.puppetlabs.com/supported) version, you will need to uninstall the shipped module and install the supported version from the Puppet Forge. You can do this by first running + puppet module uninstall puppetlabs-postgresql - # puppet module uninstall puppetlabs-postgresql and then running - # puppet module install puppetlabs/postgresql + puppet module install puppetlabs/postgresql -###Configuring the server +## Usage -The main configuration you'll need to do will be around the `postgresql::server` class. The default parameters are reasonable, but fairly restrictive regarding permissions for who can connect and from where. To manage a PostgreSQL server with sane defaults: +### Configuring the server + +The main configuration you'll need to do will be around the `postgresql::server` class. The default parameters are reasonable, but fairly restrictive regarding permissions for who can connect and from where. To manage a PostgreSQL server with defaults: class { 'postgresql::server': } @@ -70,19 +76,16 @@ For a more customized configuration: postgres_password => 'TPSrep0rt!', } -Once you've completed your configuration of `postgresql::server`, you can test out your settings from the command line: +Once you've completed your configuration of `postgresql::server`, you can test your settings from the command line: - $ psql -h localhost -U postgres - $ psql -h my.postgres.server -U + psql -h localhost -U postgres + psql -h my.postgres.server -U -If you get an error message from these commands, it means that your permissions are set in a way that restricts access from where you're trying to connect. That might be a good thing or a bad thing, depending on your goals. +If you get an error message from these commands, it means that your permissions are set in a way that restricts access from where you're trying to connect. That could be a good or bad thing, depending on your goals. For more details about server configuration parameters consult the [PostgreSQL Runtime Configuration docs](http://www.postgresql.org/docs/current/static/runtime-config.html). -Usage ------ - -###Creating a database +### Creating a database There are many ways to set up a postgres database using the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: @@ -93,7 +96,7 @@ There are many ways to set up a postgres database using the `postgresql::server: password => postgresql_password('mydatabaseuser', 'mypassword'), } -###Managing users, roles and permissions +### Managing users, roles and permissions To manage users, roles and permissions: @@ -120,80 +123,98 @@ In this example, you would grant ALL privileges on the test1 database and on the At this point, you would just need to plunk these database name/username/password values into your PuppetDB config files, and you are good to go. -###Managing remote users, roles and permissions +### Overriding defaults -Remote SQL objects are managed using the same Puppet resources as local SQL objects with the additional of a connect_settings hash. This provides control over how Puppet should connect to the remote Postgres instances and the version that should be used when generating SQL commands. +The `postgresql::globals` class allows you to configure the main settings for this module in a global way, to be used by the other classes and defined resources. On its own it does nothing. -When provided the connect_settings hash can contain environment variables to control Postgres client connections, such as: PGHOST, PGPORT, PGPASSWORD PGSSLKEY (see http://www.postgresql.org/docs/9.4/static/libpq-envars.html) Additionally the special value of DBVERSION can be provided to specify the target database's version. If the connect_settings hash is omitted or empty then Puppet will connect to the local Postgres instance. +For example, if you wanted to overwrite the default `locale` and `encoding` for all classes you could use the following combination: -A connect_settings hash can be provided with each of the Puppet resources or a default connect_settings hash can be set in postgresql::globals. Per resource configuration of connect_settings allows for SQL object to be creating on multiple database by multiple users. + class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', + }-> + class { 'postgresql::server': + } - $connection_settings_super2 = { - 'PGUSER' => "super2", - 'PGPASSWORD' => "foobar2", - 'PGHOST' => "127.0.0.1", - 'PGPORT' => "5432", - 'PGDATABASE' => "postgres", - } +If you want to use the upstream PostgreSQL packaging, and be specific about the version you wish to download, you could use something like this: - include postgresql::server + class { 'postgresql::globals': + manage_package_repo => true, + version => '9.2', + }-> + class { 'postgresql::server': } - # Connect with no special settings, i.e domain sockets, user postges - postgresql::server::role{'super2': - password_hash => "foobar2", - superuser => true, +### Managing remote users, roles and permissions - connect_settings => {}, - require => [ - Class['postgresql::globals'], - Class['postgresql::server::service'], - ], - } + Remote SQL objects are managed using the same Puppet resources as local SQL objects with the additional of a connect_settings hash. This provides control over how Puppet should connect to the remote Postgres instances and the version that should be used when generating SQL commands. - # Now using this new user connect via TCP - postgresql::server::database { 'db1': - connect_settings => $connection_settings_super2, + When provided the connect_settings hash can contain environment variables to control Postgres client connections, such as: PGHOST, PGPORT, PGPASSWORD PGSSLKEY (see http://www.postgresql.org/docs/9.4/static/libpq-envars.html) Additionally the special value of DBVERSION can be provided to specify the target database's version. If the connect_settings hash is omitted or empty then Puppet will connect to the local Postgres instance. - require => Postgresql::Server::Role['super2'], - } + A connect_settings hash can be provided with each of the Puppet resources or a default connect_settings hash can be set in postgresql::globals. Per resource configuration of connect_settings allows for SQL object to be creating on multiple database by multiple users. + + $connection_settings_super2 = { + 'PGUSER' => "super2", + 'PGPASSWORD' => "foobar2", + 'PGHOST' => "127.0.0.1", + 'PGPORT' => "5432", + 'PGDATABASE' => "postgres", + } + + include postgresql::server + + # Connect with no special settings, i.e domain sockets, user postges + postgresql::server::role{'super2': + password_hash => "foobar2", + superuser => true, + + connect_settings => {}, + require => [ + Class['postgresql::globals'], + Class['postgresql::server::service'], + ], + } + + # Now using this new user connect via TCP + postgresql::server::database { 'db1': + connect_settings => $connection_settings_super2, + + require => Postgresql::Server::Role['super2'], + } -Reference ---------- +## Reference -The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the below settings, they allow you a decent amount of control over your security settings. +The posgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. Classes: -* [postgresql::client](#class-postgresqlclient) -* [postgresql::globals](#class-postgresqlglobals) -* [postgresql::lib::devel](#class-postgresqllibdevel) -* [postgresql::lib::java](#class-postgresqllibjava) -* [postgresql::lib::docs](#class-postgresqllibdocs) -* [postgresql::lib::perl](#class-postgresqllibperl) -* [postgresql::lib::python](#class-postgresqllibpython) -* [postgresql::server](#class-postgresqlserver) -* [postgresql::server::plperl](#class-postgresqlserverplperl) -* [postgresql::server::plpython](#class-postgresqlserverplpython) -* [postgresql::server::contrib](#class-postgresqlservercontrib) -* [postgresql::server::postgis](#class-postgresqlserverpostgis) - -Resources: - -* [postgresql::server::config_entry](#resource-postgresqlserverconfig_entry) -* [postgresql::server::db](#resource-postgresqlserverdb) -* [postgresql::server::database](#resource-postgresqlserverdatabase) -* [postgresql::server::database_grant](#resource-postgresqlserverdatabase_grant) -* [postgresql::server::extension](#resource-postgresqlserverextension) -* [postgresql::server::pg_hba_rule](#resource-postgresqlserverpg_hba_rule) -* [postgresql::server::pg_ident_rule](#resource-postgresqlserverpg_ident_rule) -* [postgresql::server::recovery](#resource-postgresqlserverrecovery) -* [postgresql::server::role](#resource-postgresqlserverrole) -* [postgresql::server::schema](#resource-postgresqlserverschema) -* [postgresql::server::table_grant](#resource-postgresqlservertable_grant) -* [postgresql::server::tablespace](#resource-postgresqlservertablespace) -* [postgresql::validate_db_connection](#resource-postgresqlvalidate_db_connection) - -Custom Resources: +* [postgresql::client](#postgresqlclient) +* [postgresql::globals](#postgresqlglobals) +* [postgresql::lib::devel](#postgresqllibdevel) +* [postgresql::lib::java](#postgresqllibjava) +* [postgresql::lib::perl](#postgresqllibperl) +* [postgresql::lib::python](#postgresqllibpython) +* [postgresql::server](#postgresqlserver) +* [postgresql::server::plperl](#postgresqlserverplperl) +* [postgresql::server::contrib](#postgresqlservercontrib) +* [postgresql::server::postgis](#postgresqlserverpostgis) + +Defined Types: + +* [postgresql::server::config_entry](#postgresqlserverconfig_entry) +* [postgresql::server::database](#postgresqlserverdatabase) +* [postgresql::server::database_grant](#postgresqlserverdatabase_grant) +* [postgresql::server::db](#postgresqlserverdb) +* [postgresql::server::extension](#postgresqlserverextension) +* [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) +* [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) +* [postgresql::server::recovery](#postgresqlserverrecovery) +* [postgresql::server::role](#postgresqlserverrole) +* [postgresql::server::schema](#postgresqlserverschema) +* [postgresql::server::table_grant](#postgresqlservertable_grant) +* [postgresql::server::tablespace](#postgresqlservertablespace) +* [postgresql::validate_db_connection](#postgresqlvalidate_db_connection) + +Types: * [postgresql_psql](#custom-resource-postgresql_psql) * [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) @@ -204,381 +225,358 @@ Functions: * [postgresql_password](#function-postgresql_password) * [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) +### Classes -###Class: postgresql::globals -*Note:* most server specific defaults should be overriden in the `postgresql::server` class. This class should only be used if you are using a non-standard OS or if you are changing elements such as `version` or `manage_package_repo` that can only be changed here. +#### postgresql::client +Installs PostgreSQL client software. Alter the following parameters if you have a custom version you would like to install. -This class allows you to configure the main settings for this module in a global way, to be used by the other classes and defined resources. On its own it does nothing. +>**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. -For example, if you wanted to overwrite the default `locale` and `encoding` for all classes you could use the following combination: +##### `package_ensure` +Sets the ensure parameter passed on to PostgreSQL client package resource. Default: 'present'. - class { 'postgresql::globals': - encoding => 'UTF-8', - locale => 'en_US.UTF-8', - }-> - class { 'postgresql::server': - } +##### `package_name` +Sets the name of the PostgreSQL client package. Default: 'file'. -That would make the `encoding` and `locale` the default for all classes and defined resources in this module. +##### `validcon_script_path` +Specifies the path to validate the connection script. Default: '/usr/local/bin/validate_postgresql_connection.sh'. -If you want to use the upstream PostgreSQL packaging, and be specific about the version you wish to download, you could use something like this: +#### postgresql::lib::docs +Installs PostgreSQL bindings for Postgres-Docs. Alter the following parameters if you have a custom version you would like to install - class { 'postgresql::globals': - manage_package_repo => true, - version => '9.2', - }-> - class { 'postgresql::server': } +>**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. -####`client_package_name` -This setting can be used to override the default postgresql client package name. If not specified, the module will use whatever package name is the default for your OS distro. +##### `package_name` +Specifies the name of the PostgreSQL docs package. -####`server_package_name` -This setting can be used to override the default postgresql server package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`contrib_package_name` -This setting can be used to override the default postgresql contrib package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`devel_package_name` -This setting can be used to override the default postgresql devel package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`java_package_name` -This setting can be used to override the default postgresql java package name. If not specified, the module will use whatever package name is the default for your OS distro. +##### `package_ensure` +The ensure parameter passed on to postgresql docs package resource. -####`docs_package_name` -This setting can be used to override the default postgresql docs package name. If not specified, the module will use whatever package name is the default for your OS distro. -####`perl_package_name` -This setting can be used to override the default postgresql Perl package name. If not specified, the module will use whatever package name is the default for your OS distro. +#### postgresql::globals +>**Note:** Most server specific defaults should be overriden in the `postgresql::server` class. This class should only be used if you are using a non-standard OS or if you are changing elements such as `version` or `manage_package_repo` that can only be changed here. -####`plperl_package_name` -This setting can be used to override the default postgresql PL/perl package name. If not specified, the module will use whatever package name is the default for your OS distro. +##### `bindir` +Overrides the default PostgreSQL binaries directory for the target platform. Default: OS dependent. -####`plpython_package_name` -This setting can be used to override the default postgresql PL/python package name. If not specified, the module will use whatever package name is the default for your OS distro. +##### `client_package_name` +Overrides the default PostgreSQL client package name. Default: OS dependent. -####`python_package_name` -This setting can be used to override the default postgresql Python package name. If not specified, the module will use whatever package name is the default for your OS distro. +##### `confdir` +Overrides the default PostgreSQL configuration directory for the target platform. Default: OS dependent. -####`service_ensure` -This setting can be used to override the default postgresql service ensure status. If not specified, the module will use `ensure` instead. +##### `contrib_package_name` +Overrides the default PostgreSQL contrib package name. Default: OS dependent. -####`service_name` -This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. +##### `createdb_path` +**Deprecated.** +Path to the `createdb` command. Default: "${bindir}/createdb". -####`service_provider` -This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service provider is the default for your OS distro. +##### `datadir` +Overrides the default PostgreSQL data directory for the target platform. Default: OS dependent. -####`service_status` -This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service status is the default for your OS distro. +>**Note:** Changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set `needs_initdb = true` in order to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). -####`default_database` -This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". +**Warning:** If datadir is changed from the default, Puppet will not manage purging of the original data directory, which will cause it to fail if the data directory is changed back to the original. -####`initdb_path` -Path to the `initdb` command. +##### `default_database` +Specifies the name of the default database to connect with. On most systems, this will be "postgres". -####`createdb_path` -**Deprecated** -Path to the `createdb` command. +##### `devel_package_name` +Overrides the default PostgreSQL devel package name. Default: OS dependent. -####`psql_path` -Path to the `psql` command. +##### `docs_package_name` +Overrides the default PostgreSQL docs package name. If not specified, the module will use the default for your OS distro. -####`pg_hba_conf_path` -Path to your `pg_hba.conf` file. +##### `encoding` +Sets the default encoding for all databases created with this module. On certain operating systems, this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Defaults to the operating system's default encoding. -####`pg_ident_conf_path` -Path to your `pg_ident.conf` file. +##### `group` +Overrides the default PostgreSQL user group to be used for related files in the file system. Default: 'postgres'. -####`postgresql_conf_path` -Path to your `postgresql.conf` file. +##### `initdb_path` +Path to the `initdb` command. -####`recovery_conf_path` -Path to your `recovery.conf` file. +##### `java_package_name` +Overrides the default PostgreSQL java package name. Default: OS dependent. -####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. +##### `locale` +Sets the default database locale for all databases created with this module. On certain operating systems, this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** -####`datadir` -This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. Please note that changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set needs_initdb to true in order to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). +##### `logdir` +Overrides the default PostgreSQL log directory. Default: initdb's default path. -Warning: If datadir is changed from the default, puppet will not manage purging of the original data directory, which will cause it to fail if the data directory is changed back to the original. +##### `manage_package_repo` +Sets up official PostgreSQL repositories on your host if set to 'true'. Default: 'false'. -####`confdir` -This setting can be used to override the default postgresql configuration directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. +##### `needs_initdb` +This setting can be used to explicitly call the initdb operation after server package is installed and before the PostgreSQL service is started. Default: OS dependent. -####`bindir` -This setting can be used to override the default postgresql binaries directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. +##### `perl_package_name` +Overrides the default PostgreSQL Perl package name. Default: OS dependent. -####`xlogdir` -This setting can be used to override the default postgresql xlog directory. If not specified the module will use initdb's default path. +##### `pg_hba_conf_defaults` +Disables the defaults supplied with the module for `pg_hba.conf` if set to 'false'. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. Default: 'true'. -####`logdir` -This setting can be used to override the default postgresql log directory. If not specified the module will use initdb's default path. +##### `pg_hba_conf_path` +Specifies the path to your `pg_hba.conf` file. Default: "${confdir}/pg_hba.conf". -####`user` -This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. +##### `pg_ident_conf_path` +Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". -####`group` -This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. +##### `plperl_package_name` +Overrides the default PostgreSQL PL/perl package name. Default: OS dependent. -####`version` -The version of PostgreSQL to install/manage. This is a simple way of providing a specific version such as '9.2' or '8.4' for example. +##### `plpython_package_name` +Overrides the default PostgreSQL PL/python package name. Default: OS dependent. -Defaults to your operating system default. +##### `postgis_version` +Defines the version of PostGIS to install, if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. -####`postgis_version` -The version of PostGIS to install if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. +##### `postgresql_conf_path` +Sets the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". -####`needs_initdb` -This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. +##### `psql_path` +Sets the path to the `psql` command. -####`encoding` -This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. +##### `python_package_name` +Overrides the default PostgreSQL Python package name. Default: OS dependent. -####`locale` -This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. +##### `recovery_conf_path` +Path to your `recovery.conf` file. -####`repo_proxy` -This will set the proxy option for the official PostgreSQL yum-repositories only, Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. +##### `repo_proxy` +Sets the proxy option for the official PostgreSQL yum-repositories only, Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. +##### `server_package_name` +Overrides the default PostgreSQL server package name. Default: OS dependent. -#####Debian +##### `service_name` +Overrides the default PostgreSQL service name. Default: OS dependent. -On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. +##### `service_provider` +Overrides the default PostgreSQL service provider. Default: OS dependent. -####`manage_package_repo` -If `true` this will setup the official PostgreSQL repositories on your host. Defaults to `false`. +##### `service_status` +Overrides the default status check command for your PostgreSQL service. Default: OS dependent. -###Class: postgresql::server -The following list are options that you can set in the `config_hash` parameter of `postgresql::server`. +##### `user` +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. -####`postgres_password` -This value defaults to `undef`, meaning the super user account in the postgres database is a user called `postgres` and this account does not have a password. If you provide this setting, the module will set the password for the `postgres` user to your specified value. +##### `version` +The version of PostgreSQL to install/manage. This is a simple way of providing a specific version such as '9.2' or '8.4' for example. Default: OS system default. -####`package_name` -The name of the package to use for installing the server software. Defaults to the default for your OS distro. +##### `xlogdir` +Overrides the default PostgreSQL xlog directory. Default: initdb's default path. -####`package_ensure` -Value to pass through to the `package` resource when creating the server instance. Defaults to `undef`. -####`plperl_package_name` -This sets the default package name for the PL/Perl extension. Defaults to utilising the operating system default. +####postgresql::lib::devel +Installs the packages containing the development libraries for PostgreSQL and symlinks pg_config into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). -####`plpython_package_name` -This sets the default package name for the PL/Python extension. Defaults to utilising the operating system default. +##### `link_pg_config` +By default on all but Debian systems, if the bin directory used by the PostgreSQL package is not `/usr/bin` or `/usr/local/bin`, +this class will symlink `pg_config` from the package's bin dir into `/usr/bin`. Set `link_pg_config` to +false to disable this behavior. -####`service_manage` -This setting selects whether Puppet should manage the service. Defaults to `true`. +##### `package_ensure` +Overrides the `ensure` parameter during package installation. Defaults to `present`. -####`service_name` -This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. +##### `package_name` +Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. -####`service_provider` -This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service name is the default for your OS distro. -####`service_reload` -This setting can be used to override the default reload command for your PostgreSQL service. If not specified, the module will the default reload command for your OS distro. +####postgresql::lib::java +Installs PostgreSQL bindings for Java (JDBC). Alter the following parameters if you have a custom version you would like to install -####`service_restart_on_change` -This setting can be used to override the default behaviour to restart your Postgresql service when a config entry has been changed that requires a service restart to become active. Defaults to `true`. +>**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. -####`service_status` -This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service name is the default for your OS distro. +##### `package_ensure` +Sets the ensure parameter passed on to PostgreSQL java package resource. -####`default_database` -This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". +##### `package_name` +Specifies the name of the PostgreSQL java package. -####`listen_addresses` -This value defaults to `localhost`, meaning the postgres server will only accept connections from localhost. If you'd like to be able to connect to postgres from remote machines, you can override this setting. A value of `*` will tell postgres to accept connections from any remote machine. Alternately, you can specify a comma-separated list of hostnames or IP addresses. (For more info, have a look at the `postgresql.conf` file from your system's postgres package). -####`port` -This value defaults to `5432`, meaning the postgres server will listen on TCP port 5432. Note that the same port number is used for all IP addresses the server listens on. Also note that for RedHat systems and early Debian systems, changing the port will cause the server to come to a full stop before being able to make the change. +#### postgresql::lib::perl +Installs the PostgreSQL Perl libraries. For customer requirements you can customize the following parameters: -####`ip_mask_deny_postgres_user` -This value defaults to `0.0.0.0/0`. Sometimes it can be useful to block the superuser account from remote connections if you are allowing other database users to connect remotely. Set this to an IP and mask for which you want to deny connections by the postgres superuser account. So, e.g., the default value of `0.0.0.0/0` will match any remote IP and deny access, so the postgres user won't be able to connect remotely at all. Conversely, a value of `0.0.0.0/32` would not match any remote IP, and thus the deny rule will not be applied and the postgres user will be allowed to connect. +##### `package_ensure` +Sets the ensure parameter passed on to PostgreSQL perl package resource. -####`ip_mask_allow_all_users` -This value defaults to `127.0.0.1/32`. By default, Postgres does not allow any database user accounts to connect via TCP from remote machines. If you'd like to allow them to, you can override this setting. You might set it to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. +##### `package_name` +Specifies the name of the PostgreSQL perl package to install. -####`ipv4acls` -List of strings for access control for connection method, users, databases, IPv4 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). -####`ipv6acls` -List of strings for access control for connection method, users, databases, IPv6 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). +#### postgresql::server::plpython +Installs the PL/Python procedural language for PostgreSQL. -####`initdb_path` -Path to the `initdb` command. +##### `package_name` +Specifies the name of the postgresql PL/Python package. -####`createdb_path` -**Deprecated** -Path to the `createdb` command. +##### `package_ensure` +Specifies the ensure parameter passed on to PostgreSQL PL/Python package resource. -####`psql_path` -Path to the `psql` command. -####`pg_hba_conf_path` -Path to your `pg_hba.conf` file. +####postgresql::lib::python +Installs PostgreSQL Python libraries. For customer requirements you can customize the following parameters: -####`pg_ident_conf_path` -Path to your `pg_ident.conf` file. +##### `package_ensure` +The ensure parameter passed on to PostgreSQL python package resource. -####`postgresql_conf_path` -Path to your `postgresql.conf` file. +##### `package_name` +The name of the PostgreSQL python package. -####`recovery_conf_path` -Path to your `recovery.conf` file. -####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. +####postgresql::server -####`user` -This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. +##### `createdb_path` +**Deprecated.** +Specifies the path to the `createdb` command. Default: "${bindir}/createdb". -####`group` -This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. +##### `default_database` +Specifies the name of the default database to connect with. On most systems this will be "postgres". -####`needs_initdb` -This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. +##### `encoding` +Sets the default encoding for all databases created with this module. On certain operating systems this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef. -####`encoding` -This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. +##### `group` +Overrides the default PostgreSQL user group to be used for related files in the file system. Default: OS dependent default. -####`locale` -This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. +##### `initdb_path` +Specifies the path to the `initdb` command. Default: "${bindir}/initdb". -#####Debian +##### `ipv4acls` +Lists strings for access control for connection method, users, databases, IPv4 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (**Note:** The link will take you to documentation for the most recent version of PostgreSQL, however links for earlier versions can be found there too). -On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. +##### `ipv6acls` +Lists strings for access control for connection method, users, databases, IPv6 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (**Note:** The link will take you to documentation for the most recent version of PostgreSQL, however links for earlier versions can be found there too). -####`manage_pg_hba_conf` -This value defaults to `true`. Whether or not manage the pg_hba.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. +##### `ip_mask_allow_all_users` +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow them to, you can override this setting. You can set it to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. Default: `127.0.0.1/32`. -####`manage_pg_ident_conf` -This value defaults to `true`. Whether or not manage the pg_ident.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. +##### `ip_mask_deny_postgres_user` +Specifies an IP and mask to deny connections from specific users while also allowing remote users. Sometimes it can be useful to block the superuser account from remote connections if you are allowing other database users to connect remotely. For example, the default value `0.0.0.0/0` will match any remote IP and deny access, so the postgres user won't be able to connect remotely at all. Conversely, a value of `0.0.0.0/32` would not match any remote IP, and thus the deny rule will not be applied and the postgres user will be allowed to connect. Default: `0.0.0.0/0`. -####`manage_recovery_conf` -This value defaults to `false`. Whether or not manage the recovery.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not create the file. +##### `listen_addresses` +This value defaults to `localhost`, meaning the postgres server will only accept connections from localhost. If you'd like to be able to connect to postgres from remote machines, you can override this setting. A value of `*` will tell postgres to accept connections from any remote machine. Alternately, you can specify a comma-separated list of hostnames or IP addresses. (For more info, have a look at the `postgresql.conf` file from your system's postgres package). -###Class: postgresql::client +##### `locale` +Sets the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** -This class installs postgresql client software. Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): +##### `manage_pg_hba_conf` +This value defaults to `true`. Whether or not manage the pg_hba.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. -####`validcon_script_path` -Path to validate connection script. Defaults to `/usr/local/bin/validate_postgresql_connection.sh`. +##### `manage_pg_ident_conf` +Overwrites the pg_ident.conf file. If set to `true`, Puppet will overwrite the file. If set to `false`, Puppet will not modify the file. Default: `true`. -####`package_name` -The name of the postgresql client package. +##### `manage_recovery_conf` +Specifies whether or not manage the recovery.conf. If set to `true`, Puppet will overwrite this file. If set to `false`, Puppet will not create the file. Default: `false`. -####`package_ensure` -The ensure parameter passed on to postgresql client package resource. +##### `needs_initdb` +Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. Default: OS dependent. +##### `package_ensure` +Passes a value through to the `package` resource when creating the server instance. Default: undef. -###Class: postgresql::server::contrib -Installs the postgresql contrib package. +##### `package_name` +Specifies the name of the package to use for installing the server software. Default: OS dependent. -####`package_name` -The name of the postgresql contrib package. +##### `pg_hba_conf_defaults` +If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. -####`package_ensure` -The ensure parameter passed on to postgresql contrib package resource. +##### `pg_hba_conf_path` +Specifies the path to your `pg_hba.conf` file. -###Class: postgresql::server::postgis -Installs the postgresql postgis packages. +##### `pg_ident_conf_path` +Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". -###Class: postgresql::lib::devel -Installs the packages containing the development libraries for PostgreSQL and -symlinks pg_config into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). +##### `plperl_package_name` +Sets the default package name for the PL/Perl extension. Default: OS dependent. -####`package_ensure` -Override for the `ensure` parameter during package installation. Defaults to `present`. +##### `plpython_package_name` +Sets the default package name for the PL/Python extension. Default: OS dependent. -####`package_name` -Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. +##### `port` +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for RedHat systems and early Debian systems, changing the port will cause the server to come to a full stop before being able to make the change. Default: `5432`, meaning the postgres server will listen on TCP port 5432. -####`link_pg_config` -By default on all but Debian systems, if the bin directory used by the PostgreSQL package is not `/usr/bin` or `/usr/local/bin`, -this class will symlink `pg_config` from the package's bin dir into `/usr/bin`. Set `link_pg_config` to -false to disable this behavior. +##### `postgres_password` +Sets the password for the `postgres` user to your specified value. Default: undef, meaning the superuser account in the postgres database is a user called `postgres` and this account does not have a password. -###Class: postgresql::lib::java -This class installs postgresql bindings for Java (JDBC). Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): +##### `postgresql_conf_path` +Specifies the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". -####`package_name` -The name of the postgresql java package. +##### `psql_path` +Specifies the path to the `psql` command. Default: OS dependent. -####`package_ensure` -The ensure parameter passed on to postgresql java package resource. +##### `service_manage` +Defines whether or not Puppet should manage the service. Default: `true`. -###Class: postgresql::lib::docs -This class installs postgresql bindings for Postgres-Docs. Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): +##### `service_name` +Overrides the default PostgreSQL service name. Default: OS dependent. -####`package_name` -The name of the postgresql docs package. +##### `service_provider` +Overrides the default PostgreSQL service provider. Default: undef. -####`package_ensure` -The ensure parameter passed on to postgresql docs package resource. +##### `service_reload` +Overrides the default reload command for your PostgreSQL service. Default: OS dependent. +##### `service_restart_on_change` +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default: `true`. -###Class: postgresql::lib::perl -This class installs the postgresql Perl libraries. For customer requirements you can customise the following parameters: +##### `service_status` +Overrides the default status check command for your PostgreSQL service. Default: OS dependent. -####`package_name` -The name of the postgresql perl package. +##### `user` +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. -####`package_ensure` -The ensure parameter passed on to postgresql perl package resource. -###Class: postgresql::server::plpython -This class installs the PL/Python procedural language for postgresql. +#### postgresql::server::contrib +Installs the PostgreSQL contrib package. -####`package_name` -The name of the postgresql PL/Python package. +##### `package_ensure` +Sets the ensure parameter passed on to PostgreSQL contrib package resource. -####`package_ensure` -The ensure parameter passed on to postgresql PL/Python package resource. +##### `package_name` +The name of the PostgreSQL contrib package. -###Class: postgresql::lib::python -This class installs the postgresql Python libraries. For customer requirements you can customise the following parameters: -####`package_name` -The name of the postgresql python package. +#### postgresql::server::plperl +Installs the PL/Perl procedural language for postgresql. -####`package_ensure` -The ensure parameter passed on to postgresql python package resource. +##### `package_ensure` +The ensure parameter passed on to PostgreSQL PL/Perl package resource. +##### `package_name` +The name of the PostgreSQL PL/Perl package. -###Class: postgresql::server::plperl -This class installs the PL/Perl procedural language for postgresql. -####`package_name` -The name of the postgresql PL/Perl package. +#### postgresql::server::postgis +Installs the PostgreSQL postgis packages. -####`package_ensure` -The ensure parameter passed on to postgresql PL/Perl package resource. +### Defined Types -###Resource: postgresql::server::config_entry -This resource can be used to modify your `postgresql.conf` configuration file. +#### postgresql::server::config_entry +Modifies your `postgresql.conf` configuration file. -Each resource maps to a line inside your `postgresql.conf` file, for example: +Each resource maps to a line inside the file, for example: postgresql::server::config_entry { 'check_function_bodies': value => 'off', } -####`namevar` -Name of the setting to change. +##### `ensure` +Removes an entry if set to `absent`. -####`ensure` -Set to `absent` to remove an entry. +##### `namevar` +Specifies the name of the setting to change. -####`value` -Value for the setting. +##### `value` +Defines the value for the setting. -###Resource: postgresql::server::db -This is a convenience resource that creates a local database, user and assigns necessary permissions in one go. +#### postgresql::server::db +Creates a local database, user, and assigns necessary permissions, in one go. For example, to create a database called `test1` with a corresponding user of the same name, you can use: @@ -587,158 +585,156 @@ For example, to create a database called `test1` with a corresponding user of th password => 'test1', } -####`namevar` -The namevar for the resource designates the name of the database. +##### `comment` +Defines a comment to be stored about the database using the PostgreSQL COMMENT command. -####`comment` -A comment to be stored about the database using the PostgreSQL COMMENT command. +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. -####`dbname` -The name of the database to be created. Defaults to `namevar`. +##### `dbname` +Sets the name of the database to be created. Default: `namevar`. -####`owner` -Name of the database user who should be set as the owner of the database. Defaults to the $user variable set in `postgresql::server` or `postgresql::globals`. +##### `encoding` +Overrides the character set during creation of the database. Defaults to the default defined during installation. -####`user` -User to create and assign access to the database upon creation. Mandatory. +##### `grant` +Specifies the permissions to grant during creation. Default: `ALL`. + +##### `istemplate` +Specifies that the database is a template, if set to `true`. Default: `false`. -####`password` -Password for the created user. Mandatory. +##### `locale` +Overrides the locale during creation of the database. Defaults to the default defined during installation. -####`encoding` -Override the character set during creation of the database. Defaults to the default defined during installation. +##### `namevar` +Designates the name of the database. -####`locale` -Override the locale during creation of the database. Defaults to the default defined during installation. +##### `owner` +Sets a user as the owner of the database. Default: $user variable set in `postgresql::server` or `postgresql::globals`. -####`grant` -Grant permissions during creation. Defaults to `ALL`. +##### `password` +Sets the password for the created user. Mandatory. -####`tablespace` -The name of the tablespace to allocate this database to. If not specifies, it defaults to the PostgreSQL default. +##### `tablespace` +Defines the name of the tablespace to allocate the created database to. Default: PostgreSQL default. -####`template` -The name of the template database from which to build this database. Defaults to `template0`. +##### `template` +Specifies the name of the template database from which to build this database. Defaults to `template0`. -####`istemplate` -Define database as a template. Defaults to `false`. +##### `user` +User to create and assign access to the database upon creation. Mandatory. -###Resource: postgresql::server::database -This defined type can be used to create a database with no users and no permissions, which is a rare use case. +#### postgresql::server::database +Used to create a database with no users and no permissions, which is a rare use case. -####`namevar` -The name of the database to create. +##### `dbname` +Sets the name of the database, defaults to the `namevar`. -####`dbname` -The name of the database, defaults to the namevar. +##### `encoding` +Overrides the character set during creation of the database. Default: The default defined during installation. -####`owner` -Name of the database user who should be set as the owner of the database. Defaults to the $user variable set in `postgresql::server` or `postgresql::globals`. +##### `istemplate` +Defines the database as a template if set to true. Default: `false`. -####`tablespace` -Tablespace for where to create this database. Defaults to the defaults defined during PostgreSQL installation. +##### `locale` +Overrides the locale during creation of the database. DefaultThe default defined during installation. -####`template` -The name of the template database from which to build this database. Defaults to `template0`. +##### `namevar` +Specifies the name of the database to create. -####`encoding` -Override the character set during creation of the database. Defaults to the default defined during installation. +##### `owner` +Sets name of the database user who will be set as the owner of the database. Default: The $user variable set in `postgresql::server` or `postgresql::globals`. -####`locale` -Override the locale during creation of the database. Defaults to the default defined during installation. +##### `tablespace` +Sets tablespace for where to create this database. Default: The defaults defined during PostgreSQL installation. -####`istemplate` -Define database as a template. Defaults to `false`. +##### `template` +Specifies the name of the template database from which to build this database. Default: `template0`. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::database_grant +#### postgresql::server::database_grant This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. -####`namevar` -Used to uniquely identify this resource, but functionality not used during grant. +#### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. -####`privilege` -Can be one of `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. +##### `db` +Specifies the database to grant access to. -####`db` -Database to grant access to. +##### `namevar` +Specifies a way to uniquely identify this resource, but functionality not used during grant. -####`role` -Role or user whom you are granting access for. +##### `privilege` +Specifies which privileges to grant. Valid options: `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, a space delimited string can be used. -####`psql_db` -Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. +##### `psql_db` +Defines the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. -####`psql_user` -OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +##### `psql_user` +Specifies the OS user for running `psql`. Default: The default user for the module, usually `postgres`. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. +##### `role` +Specifies the role or user whom you are granting access to. -###Resource: postgresql::server::extension -This defined type manages a postgresql extension for a given database. -####`extension` -The extension to activate. If left blank, will use the name of the resource. +#### postgresql::server::extension +Manages a PostgreSQL extension. -####`database` -The database on which to activate the extension. +##### `database` +Specifies the database on which to activate the extension. -####`ensure` -Whether to activate (`present`) or deactivate (`absent`) the extension. +##### `ensure` +Specifies whether to activate (`present`) or deactivate (`absent`) the extension. -####`package_name` -If provided, this will install the given package prior to activating the extension. +#### `extension` +Specifies the extension to activate. If left blank, it will use the name of the resource. -####`package_ensure` -By default, the package specified with `package_name` will be installed when the extension is activated, and removed when the extension is deactivated. You can override this behavior by setting the `ensure` value for the package. +##### `package_name` +Specifies a package to install prior to activating the extension. -###Resource: postgresql::server::grant +##### `package_ensure` +Overrides default package deletion behavior. By default, the package specified with `package_name` will be installed when the extension is activated, and removed when the extension is deactivated. You can override this behavior by setting the `ensure` value for the package. + + +#### postgresql::server::grant This defined type manages grant based access privileges for roles. Consult the PostgreSQL documentation for `grant` for more information. -####`namevar` -Used to uniquely identify this resource, but functionality not used during grant. +##### `db` +Specifies the database which you are granting access on. -####`db` -Database of object which you are granting access on. +##### `namevar` +Sets a unique identifier for this resource, but functionality not used during grant. -####`role` -Role or user whom you are granting access for. +##### `object_type` +Specifies the type of object you are granting privileges on. Valid options: `DATABASE`, `SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL TABLES IN SCHEMA`. -####`privilege` -The privilege you are granting. Can be `ALL`, `ALL PRIVILEGES` or -`object_type` dependent string. +##### `object_name` +Specifies name of `object_type` on which to grant access. -####`object_type` -The type of object you are granting privileges on. Can be `DATABASE`, -`SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL -TABLES IN SCHEMA`. +##### `port` +Port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. -####`object_name` -Object of type `object_type` on which to grant access. +##### `privilege` +Specifies the privilege you are granting. Valid options: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. -####`psql_db` -Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. +##### `psql_db` +Specifies the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. -####`psql_user` -OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +##### `psql_user` +Sets the OS user to run `psql`. Default: the default user for the module, usually `postgres`. -####`port` -Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. +##### `role` +Specifies the role or user whom you are granting access to. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::pg_hba_rule -This defined type allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/8.2/static/auth-pg-hba-conf.html). +#### postgresql::server::pg_hba_rule +Allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). For example: postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up postgresql for access from 200.1.2.0/24", + description => "Open up PostgreSQL for access from 200.1.2.0/24", type => 'host', database => 'app', user => 'app', @@ -749,7 +745,7 @@ For example: This would create a ruleset in `pg_hba.conf` similar to: # Rule Name: allow application network to access app database - # Description: Open up postgresql for access from 200.1.2.0/24 + # Description: Open up PostgreSQL for access from 200.1.2.0/24 # Order: 150 host app app 200.1.2.0/24 md5 @@ -766,41 +762,42 @@ By default, `pg_hba_rule` requires that you include `postgresql::server`, howeve postgresql_version => '9.4', } -####`namevar` -A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf` so the originating resource can be identified. +##### `address` +Sets a CIDR based address for this rule matching when the type is not 'local'. -####`description` -A longer description for this rule if required. Defaults to `none`. This description is placed in the comments above the rule in `pg_hba.conf`. +##### `auth_method` +Provides the method that is used for authentication for the connection that this rule matches. Described further in the `pg_hba.conf` documentation. -####`type` -The type of rule, this is usually one of: `local`, `host`, `hostssl` or `hostnossl`. +##### `auth_option` +For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. -####`database` -A comma separated list of databases that this rule matches. +##### `database` +Sets a comma separated list of databases that this rule matches. -####`user` -A comma separated list of database users that this rule matches. +##### `description` +Defines a longer description for this rule if required. This description is placed in the comments above the rule in `pg_hba.conf`. Defaults: `none`. -####`address` -If the type is not 'local' you can provide a CIDR based address here for rule matching. +##### `namevar` +Defines a unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf`, so the originating resource can be identified. -####`auth_method` -The `auth_method` is described further in the `pg_hba.conf` documentation, but it provides the method that is used for authentication for the connection that this rule matches. +##### `order` +Sets an order for placing the rule in `pg_hba.conf`. Default: `150`. -####`auth_option` -For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. +#### `postgresql_version` +Manages `pg_hba.conf` without managing the entire PostgreSQL instance. Default: The version set in `postgresql::server`. -####`order` -An order for placing the rule in `pg_hba.conf`. Defaults to `150`. +##### `target` +Provides the target for the rule, and is generally an internal only property. **Use with caution.** -####`target` -This provides the target for the rule, and is generally an internal only property. Use with caution. +##### `type` +Sets the type of rule. Valid options: `local`, `host`, `hostssl` or `hostnossl`. -####`postgresql_version` -Defaults to the version set in `postgresql::server`. Use this if you want to manage `pg_hba.conf` without managing the entire PostgreSQL instance. +##### `user` +Sets a comma separated list of users that this rule matches. -###Resource: postgresql::server::pg_ident_rule -This defined type allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). + +#### postgresql::server::pg_ident_rule +Allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). For example: @@ -815,31 +812,31 @@ This would create a user name map in `pg_ident.conf` similar to: # Rule Name: Map the SSL certificate of the backup server as a replication user # Description: none # Order: 150 - sslrepli repli1.example.com replication + sslrepli repli1.example.com replication -####`namevar` -A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_ident.conf` so the originating resource can be identified. +##### `database_username` +Specifies the user name of the the database user. The `system_username` will be mapped to this user name. -####`description` -A longer description for this rule if required. Defaults to `none`. This description is placed in the comments above the rule in `pg_ident.conf`. +##### `description` +Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. Default: `none`. -####`map_name` -Name of the user map, that is used to refer to this mapping in `pg_hba.conf`. +##### `map_name` +Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. -####`system_username` -Operating system user name, the user name used to connect to the database. +##### `namevar` +Sets a unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_ident.conf`, so the originating resource can be identified. -####`database_username` -Database user name, the user name of the the database user. The `system_username` will be mapped to this user name. +##### `order` +Defines an order for placing the mapping in `pg_ident.conf`. Default: 150. -####`order` -An order for placing the mapping in pg_ident.conf. Defaults to 150. +##### `system_username` +Specifies the operating system user name, the user name used to connect to the database. -####`target` -This provides the target for the rule, and is generally an internal only property. Use with caution. +##### `target` +Provides the target for the rule, and is generally an internal only property. **Use with caution.** -###Resource: postgresql::server::recovery -This defined type allows you to create the content for `recovery.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/9.4/static/recovery-config.html). +#### postgresql::server::recovery +Allows you to create the content for `recovery.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). For example: @@ -870,76 +867,77 @@ This would create a `recovery.conf` config file, similar to this: recovery_target = 'immediate' recovery_target_timeline = 'latest' pause_at_recovery_target = true - standby_mode = on + standby_mode = 'on' primary_conninfo = 'host=localhost port=5432' recovery_min_apply_delay = 0 -Only the specified parameters will be recognize in the template! The `recovery.conf` will be only create if at least one parameter set and [manage_recovery_conf](#manage_recovery_conf) set to true. +Only the specified parameters will be recognized in the template! The `recovery.conf` will only be created if at least one parameter is set and [manage_recovery_conf](#manage_recovery_conf) is set to `true`. -Every param value is a String set in the template with inverted comma except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. -`standby_mode` is special, String ('on'/'off') and Boolean (true/false) is allowed, but the postgres documentation says it's a Boolean. +Every param value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. -A detailed description of all above listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/9.4/static/recovery-config.html). +`standby_mode` can be specified with the string ('on'/'off'), or by using a boolean value (true/false). -The parameters are grouped into these three sections: +A detailed description of all above listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +The parameters are grouped into these three sections: -#### [`Archive Recovery Parameters`](http://www.postgresql.org/docs/9.4/static/archive-recovery-settings.html) +##### [`Archive Recovery Parameters`](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) In this section the `restore_command`, `archive_cleanup_command` and `recovery_end_command` parameters are listed. -#### [`Recovery Target Settings`](http://www.postgresql.org/docs/9.4/static/recovery-target-settings.html) +##### [`Recovery Target Settings`](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) In this section the `recovery_target_name`, `recovery_target_time`, `recovery_target_xid`, `recovery_target_inclusive`, `recovery_target`, `recovery_target_timeline` and `pause_at_recovery_target` parameters are listed. -#### [`Standby Server Settings`](http://www.postgresql.org/docs/9.4/static/standby-settings.html) +##### [`Standby Server Settings`](http://www.postgresql.org/docs/current/static/standby-settings.html) In this section the `standby_mode`, `primary_conninfo`, `primary_slot_name`, `trigger_file` and `recovery_min_apply_delay` parameters are listed. -####`target` -This provides the target for the rule, and is generally an internal only property. Use with caution. +##### `target` +Provides the target for the rule, and is generally an internal only property. **Use with caution.** -###Resource: postgresql::server::role -This resource creates a role or user in PostgreSQL. +#### postgresql::server::role +Creates a role or user in PostgreSQL. -####`namevar` -The role name to create. +##### `connection_limit` +Specifies how many concurrent connections the role can make. Default: `-1`, meaning no limit. -####`password_hash` -The hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. - postgresql::server::role { "myusername": - password_hash => postgresql_password('myusername', 'mypassword'), - } +##### `createdb` +Specifies whether to grant the ability to create new databases with this role. Default: `false`. -####`createdb` -Whether to grant the ability to create new databases with this role. Defaults to `false`. +##### `createrole` +Specifies whether to grant the ability to create new roles with this role. Default: `false`. -####`createrole` -Whether to grant the ability to create new roles with this role. Defaults to `false`. +##### `inherit` +Specifies whether to grant inherit capability for the new role. Default: `true`. -####`login` -Whether to grant login capability for the new role. Defaults to `true`. +##### `login` +Specifies whether to grant login capability for the new role. Default: `true`. -####`inherit` -Whether to grant inherit capability for the new role. Defaults to `true`. +##### `namevar` +Specifies the role name to create. -####`superuser` -Whether to grant super user capability for the new role. Defaults to `false`. +##### `password_hash` +Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: -####`replication` -If `true` provides replication capabilities for this role. Defaults to `false`. + postgresql::server::role { "myusername": + password_hash => postgresql_password('myusername', 'mypassword'), + } + +##### `replication` +Provides provides replication capabilities for this role if set to `true`. Default: `false`. -####`connection_limit` -Specifies how many concurrent connections the role can make. Defaults to `-1` meaning no limit. +##### `superuser` +Specifies whether to grant super user capability for the new role. Default: `false`. -####`username` -The username of the role to create, defaults to `namevar`. +##### `username` +Defines the username of the role to create, Default: `namevar`. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. -###Resource: postgresql::server::schema -This defined type can be used to create a schema. For example: +#### postgresql::server::schema +Used to create a schema. For example: postgresql::server::schema { 'isolated': owner => 'jane', @@ -949,51 +947,52 @@ This defined type can be used to create a schema. For example: It will create the schema `isolated` in the database `janedb` if neccessary, assigning the user `jane` ownership permissions. -####`namevar` -The schema name to create. +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. -###`db` -Name of the database in which to create this schema. This must be passed. +##### `db` +**Mandatory**. Sets the name of the database in which to create this schema. This must be passed. -####`owner` -The default owner of the schema. +##### `namevar` +Specifies the name of the schema being created. -####`schema` -Name of the schma. Defaults to `namevar`. +##### `owner` +Sets the default owner of the schema. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. +##### `schema` +Sets the name of the schema. Default: `namevar`. -###Resource: postgresql::server::table_grant -This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. +#### postgresql::server::table_grant +Manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. -####`namevar` -Used to uniquely identify this resource, but functionality not used during grant. - -####`privilege` -Can be one of `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. -####`table` -Table to grant access on. +##### `db` +Specifies which database the table is in. -####`db` -Database of table. +##### `namevar` +Used to uniquely identify this resource, but functionality not used during grant. -####`role` -Role or user whom you are granting access for. +##### `privilege` +Valid options: `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, use a space delimited string. -####`psql_db` +##### `psql_db` Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. -####`psql_user` -OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +##### `psql_user` +Specifies the OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. +##### `role` +Specifies the role or user whom you are granting access for. -###Resource: postgresql::server::tablespace -This defined type can be used to create a tablespace. For example: +##### `table` +Specifies the table to grant access on. + + +#### postgresql::server::tablespace +Creates a tablespace. For example: postgresql::server::tablespace { 'tablespace1': location => '/srv/space1', @@ -1002,24 +1001,24 @@ This defined type can be used to create a tablespace. For example: It will create the location if necessary, assigning it the same permissions as your PostgreSQL server. -####`namevar` -The tablespace name to create. +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. -####`location` -The path to locate this tablespace. +##### `location` +Specifies the path to locate this tablespace. -####`owner` -The default owner of the tablespace. +##### `namevar` +Specifies the tablespace name to create. -####`spcname` -Name of the tablespace. Defaults to `namevar`. +##### `owner` +Specifies the default owner of the tablespace. -####`connect_settings` -Hash of environment variable used when connecting to a remote server. Defaults to connecting to the local Postgres instance. +##### `spcname` +Specifies the name of the tablespace. Default: `namevar`. -###Resource: postgresql::validate_db_connection -This resource can be utilised inside composite manifests to validate that a client has a valid connection with a remote PostgreSQL database. It can be ran from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests, so it is often used when chained to other tasks such as: starting an application server, performing a database migration. +#### postgresql::validate_db_connection +This resource can be utilized inside composite manifests to validate a client has a valid connection with a remote PostgreSQL database. It can be run from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests. It is often used when chained to other tasks such as starting an application server, or performing a database migration. Example usage: @@ -1033,130 +1032,127 @@ Example usage: cwd => '/opt/myrubyapp', } -####`namevar` -Uniquely identify this resource, but functionally does nothing. +##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (database_host, etc.). If provided, the individual parameters take precedence. -####`database_host` -The hostname of the database you wish to test. Defaults to 'undef' which generally uses the designated local unix socket. +##### `create_db_first` +This will ensure the database is created before running the test. This only really works if your test is local. Default: `true`. -####`database_port` -Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. +##### `database_host` +Sets the hostname of the database you wish to test. Default: undef, which generally uses the designated local unix socket. -####`database_name` -The name of the database you wish to test. Defaults to 'postgres'. +##### `database_name` +Specifies the name of the database you wish to test. Default: 'postgres'. -####`database_username` -Username to connect with. Defaults to 'undef', which when using a unix socket and ident auth will be the user you are running as. If the host is remote you must provide a username. +##### `database_port` +Defines the port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. -####`database_password` -Password to connect with. Can be left blank, but that is not recommended. +##### `database_password` +Specifies the password to connect with. Can be left blank, not recommended. -####`connect_settings` -Hash of environment variable used when connecting to a remote server, this is an alternative to providing individual parameters (database_host, etc.). If provided the individual parameters take precedence. +##### `database_username` +Specifies the username to connect with. Default: 'undef', which when using a unix socket and ident auth will be the user you are running as. **If the host is remote you must provide a username.** -####`run_as` -The user to run the `psql` command with for authenticiation. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. It is not needed for remote testing. +##### `namevar` +Specifies a way to uniquely identify this resource, but functionally does nothing. -####`sleep` -Upon failure, sets the number of seconds to sleep for before trying again. +##### `run_as` +Specifies the user to run the `psql` command with for authenticiation as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. -####`tries` -Upon failure, sets the number of attempts before giving up and failing the resource. +##### `sleep` +Sets the number of seconds to sleep for before trying again upon failure. -####`create_db_first` -This will ensure the database is created before running the test. This only really works if your test is local. Defaults to `true`. +##### `tries` +Sets the number of attempts before giving up and failing the resource upon failure. +### Types -### Custom Resource: postgresql_psql -This type allows puppet to run psql statements. +#### postgresql_psql +Enables Puppet to run psql statements. -#### `name` -An arbitrary tag for your own reference; the name of the message. This is the -namevar. +##### `command` +**Required.** Specifies the SQL command to execute via psql. + +##### `cwd` +Specifies the working directory under which the psql command should be executed. Default: '/tmp'. + +##### `db` +Specifies the name of the database to execute the SQL command against. + +##### `environment` +Specifies any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. -#### `command` -The SQL command to execute via psql. Required. +##### `name` +Sets an arbitrary tag for your own reference; the name of the message. This is the +namevar. -#### `cwd` -The working directory under which the psql command should be executed. Defaults -to '/tmp' +##### `port` +Specifies the port of the database server to execute the SQL command against. -#### `db` -The name of the database to execute the SQL command against. +##### `psql_group` +Specifies the system user group account under which the psql command should be executed. Default: 'postgres'. -#### `environment` -Any additional environment variables you want to set for a SQL command. -Multiple environment variables should be specified as an array. +##### `psql_path` +Specifies the path to psql executable. Default: 'psql'. -#### `port` -The port of the database server to execute the SQL command against. +##### `psql_user` +Specifies the system user account under which the psql command should be executed. Default: "postgres". -#### `psql_group` -The system user group account under which the psql command should be executed. -Defaults to 'postgres' +##### `refreshonly` +Specifies that the SQL will only be executed via a notify/subscribe event if `true`. Default: `false`. -#### `psql_path` -The path to psql executable. Defaults to 'psql' +##### `search_path` +Defines the schema search path to use when executing the SQL command. -#### `psql_user` -The system user account under which the psql command should be executed. -Defaults to "postgres" +##### `unless` +Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -#### `refreshonly` -If 'true', then the SQL will only be executed via a notify/subscribe event. -Valid values are true or false. Defaults to false. -#### `search_path` -The schema search path to use when executing the SQL command +#### postgresql_conf +Allows Puppet to manage `postgresql.conf` parameters. -#### `unless` -An optional SQL command to execute prior to the main :command; this is -generally intended to be used for idempotency, to check for the existence of an -object in the database to determine whether or not the main SQL command needs -to be executed at all. +##### `name` +Specifies the PostgreSQL parameter name to manage. This is the `namevar`. -### Custom Resource: postgresql_conf -This type allows puppet to manage postgresql.conf parameters. +##### `target` +Specifies the path to `postgresql.conf`. Default: '/etc/postgresql.conf'. -#### `name` -The postgresql parameter name to manage. This is the namevar. +##### `value` +Specifies the value to set for this parameter. -#### `target` -The path to postgresql.conf. Defaults to '/etc/postgresql.conf' -#### `value` -The value to set for this parameter. +#### postgresql_replication_slot +Allows you to create and destroy replication slots to register warm standby replication on a PostgreSQL master server. -### Custom Resource: postgresql_replication_slot -This type allows to create and destroy replication slots -to register warm standby replication on a Postgresql -master server. +##### `name` +Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. -#### `name` -The name of the slot to create. Must be a validt replication slot name. This is the namevar. +### Functions -###Function: postgresql_password +#### postgresql_password If you need to generate a postgres encrypted password, use `postgresql_password`. You can call it from your production manifests if you don't mind them containing the clear text versions of your passwords, or you can call it from the command line and then copy and paste the encrypted password into your manifest: - $ puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' + puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' + -###Function: postgresql_acls_to_resources_hash(acl_array, id, order_offset) -This internal function converts a list of `pg_hba.conf` based acls (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. +#### postgresql_acls_to_resources_hash(acl_array, id, order_offset) +This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. **This function should only be used internally by the module**. -Limitations ------------- -Works with versions of PostgreSQL from 8.1 through 9.2. +## Limitations + +Works with versions of PostgreSQL from 8.1 through 9.4. -Current it is only actively tested with the following operating systems: +Currently it is only actively tested with the following operating systems: -* Debian 6.x and 7.x +* Debian 6.x and 7.x. * Centos 5.x, 6.x, and 7.x. -* Ubuntu 10.04 and 12.04, 14.04 +* Ubuntu 10.04 and 12.04, 14.04. + +Several other distros are compatible, but are not being actively tested. -Although patches are welcome for making it work with other OS distros, it is considered best effort. ### Apt module support @@ -1164,29 +1160,22 @@ While this module supports both 1.x and 2.x versions of the puppetlabs-apt modul ### Postgis support -Postgis is currently considered an unsupported feature as it doesn't work on -all platforms correctly. +Postgis is currently considered an unsupported feature, as it doesn't work on all platforms correctly. ### All versions of RHEL/Centos -If you have selinux enabled you must add any custom ports you use to the postgresql_port_t context. You can do this as follows: - -``` -# semanage port -a -t postgresql_port_t -p tcp $customport -``` +If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: -Development ------------- -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. + semanage port -a -t postgresql_port_t -p tcp $customport -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. +## Development -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). ### Tests -There are two types of tests distributed with the module. Unit tests with rspec-puppet and system tests using rspec-system. +There are two types of tests distributed with this module. Unit tests with `rspec-puppet` and system tests using `rspec-system`. For unit testing, make sure you have: @@ -1201,7 +1190,7 @@ And then run the unit tests: bundle exec rake spec -The unit tests are ran in Travis-CI as well, if you want to see the results of your own tests register the service hook through Travis-CI via the accounts section for your Github clone of this project. +The unit tests are run in Travis-CI as well, if you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your Github clone of this project. If you want to run the system tests, make sure you also have: @@ -1212,38 +1201,16 @@ Then run the tests using: bundle exec rspec spec/acceptance -To run the tests on different operating systems, see the sets available in .nodeset.yml and run the specific set with the following syntax: +To run the tests on different operating systems, see the sets available in `.nodeset.yml` and run the specific set with the following syntax: RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance -Transfer Notice ----------------- +### Transfer Notice -This Puppet module was originally authored by Inkling Systems. The maintainer preferred that Puppet Labs take ownership of the module for future improvement and maintenance as Puppet Labs is using it in the PuppetDB module. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Inkling. +This Puppet module was originally authored by Inkling Systems. The maintainer preferred that Puppet Labs take ownership of the module for future improvement and maintenance as Puppet Labs is using it in the PuppetDB module. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Inkling. Previously: [https://github.com/inkling/puppet-postgresql](https://github.com/inkling/puppet-postgresql) -Contributors ------------- - - * Andrew Moon - * [Kenn Knowles](https://github.com/kennknowles) ([@kennknowles](https://twitter.com/KennKnowles)) - * Adrien Thebo - * Albert Koch - * Andreas Ntaflos - * Bret Comnes - * Brett Porter - * Chris Price - * dharwood - * Etienne Pelletier - * Florin Broasca - * Henrik - * Hunter Haugen - * Jari Bakken - * Jordi Boggiano - * Ken Barber - * nzakaria - * Richard Arends - * Spenser Gilliland - * stormcrow - * William Van Hevelingen +### Contributors + +View the full list of contributors on [https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors](GitHub). From 6e6d242419f20df379344f111c40f712fc7aac09 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 25 Jan 2016 16:09:30 +0000 Subject: [PATCH 0051/1000] (FM-4049) Update to current msync configs [2c99161] --- .gitignore | 1 + .rspec | 2 ++ .sync.yml | 9 --------- .travis.yml | 15 ++++++++------- CONTRIBUTING.md | 6 +++--- Gemfile | 22 +++++++++++----------- Rakefile | 3 ++- spec/spec_helper.rb | 32 ++++---------------------------- spec/spec_helper_local.rb | 14 ++++++++++++++ 9 files changed, 45 insertions(+), 59 deletions(-) create mode 100644 .rspec delete mode 100644 .sync.yml create mode 100644 spec/spec_helper_local.rb diff --git a/.gitignore b/.gitignore index b5db85e051..3190277498 100644 --- a/.gitignore +++ b/.gitignore @@ -5,5 +5,6 @@ spec/fixtures/ .vagrant/ .bundle/ coverage/ +log/ .idea/ *.iml diff --git a/.rspec b/.rspec new file mode 100644 index 0000000000..16f9cdb013 --- /dev/null +++ b/.rspec @@ -0,0 +1,2 @@ +--color +--format documentation diff --git a/.sync.yml b/.sync.yml deleted file mode 100644 index ac83790739..0000000000 --- a/.sync.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -.travis.yml: - extras: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" -spec/spec_helper.rb: - unmanaged: true diff --git a/.travis.yml b/.travis.yml index c418ab5f2a..e6314a4700 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,18 +1,19 @@ --- sudo: false language: ruby +cache: bundler bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" +script: "bundle exec rake validate lint spec" matrix: fast_finish: true include: - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - rvm: 2.1.6 env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + - rvm: 2.1.5 + env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.5 + env: PUPPET_GEM_VERSION="~> 3.0" + - rvm: 1.9.3 + env: PUPPET_GEM_VERSION="~> 3.0" notifications: email: false diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f1cbde4bbf..bfeaa701ca 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -159,7 +159,7 @@ If you already have those gems installed, make sure they are up-to-date: With all dependencies in place and up-to-date we can now run the tests: ```shell -% rake spec +% bundle exec rake spec ``` This will execute all the [rspec tests](http://rspec-puppet.com/) tests @@ -178,8 +178,8 @@ installed on your system. You can run them by issuing the following command ```shell -% rake spec_clean -% rspec spec/acceptance +% bundle exec rake spec_clean +% bundle exec rspec spec/acceptance ``` This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), diff --git a/Gemfile b/Gemfile index bfe64b186a..ced190e770 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ + if place =~ /^(git[:@][^#]*)#(.*)/ [fake_version, { :git => $1, :branch => $2, :require => false }].compact elsif place =~ /^file:\/\/(.*)/ ['>= 0', { :path => File.expand_path($1), :require => false }] @@ -11,14 +11,16 @@ def location_for(place, fake_version = nil) end group :development, :unit_tests do - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'simplecov', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false + gem 'json', :require => false + gem 'metadata-json-lint', :require => false + gem 'puppet_facts', :require => false + gem 'puppet-blacksmith', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'rspec-puppet', '>= 2.3.2', :require => false + gem 'simplecov', :require => false end - group :system_tests do + gem 'beaker-puppet_install_helper', :require => false if beaker_version = ENV['BEAKER_VERSION'] gem 'beaker', *location_for(beaker_version) end @@ -27,12 +29,10 @@ group :system_tests do else gem 'beaker-rspec', :require => false end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false + gem 'master_manipulator', :require => false + gem 'serverspec', :require => false end - - if facterversion = ENV['FACTER_GEM_VERSION'] gem 'facter', facterversion, :require => false else diff --git a/Rakefile b/Rakefile index 181157e6e0..35ce31140e 100644 --- a/Rakefile +++ b/Rakefile @@ -1,5 +1,6 @@ -require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet_blacksmith/rake_tasks' require 'puppet-lint/tasks/puppet-lint' +require 'puppetlabs_spec_helper/rake_tasks' PuppetLint.configuration.fail_on_warnings = true PuppetLint.configuration.send('relative') diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index ab1e14199b..a7f5b4ecb3 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,31 +1,7 @@ require 'puppetlabs_spec_helper/module_spec_helper' -RSpec.configure do |c| - c.mock_with :rspec do |mock| - mock.syntax = [:expect, :should] - end - c.include PuppetlabsSpec::Files - - c.before :each do - # Store any environment variables away to be restored later - @old_env = {} - ENV.each_key {|k| @old_env[k] = ENV[k]} - - if ENV['STRICT_VARIABLES'] == 'yes' - Puppet.settings[:strict_variables]=true - end - end - - c.after :each do - PuppetlabsSpec::Files.cleanup - end +# put local configuration and setup into spec_helper_local +begin + require 'spec_helper_local' +rescue LoadError end - -# Convenience helper for returning parameters for a type from the -# catalogue. -def param(type, title, param) - param_value(catalogue, type, title, param) -end - -# With rspec-puppet v2.0 this allows coverage checks. -#at_exit { RSpec::Puppet::Coverage.report! } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb new file mode 100644 index 0000000000..e25a51b70a --- /dev/null +++ b/spec/spec_helper_local.rb @@ -0,0 +1,14 @@ +RSpec.configure do |c| + c.mock_with :rspec + + c.include PuppetlabsSpec::Files + c.after :each do + PuppetlabsSpec::Files.cleanup + end +end + +# Convenience helper for returning parameters for a type from the +# catalogue. +def param(type, title, param) + param_value(catalogue, type, title, param) +end From a6ccfb217eecdef253f636fe485ee3b030e603fd Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 27 Jan 2016 15:08:47 -0800 Subject: [PATCH 0052/1000] (MODULES-2968) Add default postgis version for 9.5 This commit also updates the logic that determines the postgis version so that if version association is missing in the future, it will still compile. --- manifests/globals.pp | 3 ++- manifests/params.pp | 20 ++++++++++---------- spec/unit/classes/server_spec.rb | 16 ++++++++++++++++ 3 files changed, 28 insertions(+), 11 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index a1801fa564..674602da1d 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -132,8 +132,9 @@ '91' => '1.5', '9.2' => '2.0', '9.3' => '2.1', - '9.4' => '2.1', '93' => '2.1', + '9.4' => '2.1', + '9.5' => '2.2', default => undef, } $globals_postgis_version = $postgis_version ? { diff --git a/manifests/params.pp b/manifests/params.pp index 3885c07db2..667c2115d4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -76,15 +76,15 @@ $perl_package_name = pick($perl_package_name, 'perl-DBD-Pg') $python_package_name = pick($python_package_name, 'python-psycopg2') - $postgis_package_name = pick( - $postgis_package_name, - $::operatingsystemrelease ? { - /^5\./ => 'postgis', - default => versioncmp($postgis_version, '2') ? { - '-1' => "postgis${package_version}", - default => "postgis2_${package_version}",} - } - ) + if $postgresql::globals::postgis_package_name { + $postgis_package_name = $postgresql::globals::postgis_package_name + } elsif $::operatingsystemrelease =~ /^5\./ { + $postgis_package_name = 'postgis' + } elsif $postgis_version and versioncmp($postgis_version, '2') < 0 { + $postgis_package_name = "postgis${package_version}" + } else { + $postgis_package_name = "postgis2_${package_version}" + } } 'Archlinux': { @@ -141,7 +141,7 @@ $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") - if versioncmp($postgis_version, '2') < 0 { + if $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") } else { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index b42343cbc8..bd56193f1f 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -5,6 +5,7 @@ { :osfamily => 'Debian', :operatingsystem => 'Debian', + :lsbdistid => 'Debian', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', @@ -139,4 +140,19 @@ is_expected.to contain_exec('postgresql_initdb') end end + + describe 'postgresql_version' do + let(:pre_condition) do + <<-EOS + class { 'postgresql::globals': + manage_package_repo => true, + version => '99.5', + before => Class['postgresql::server'], + } + EOS + end + it 'contains the correct package version' do + is_expected.to contain_class('postgresql::repo').with_version('99.5') + end + end end From 2a78c474a3613a468f29fe732a53e188b09459ae Mon Sep 17 00:00:00 2001 From: Sebastian Gerhards Date: Thu, 28 Jan 2016 15:00:01 +0100 Subject: [PATCH 0053/1000] Fix postgresql::server acceptance test descriptions The descriptions of the acceptance tests should match the class under test, i.e. postgresql::server. --- spec/acceptance/00-utf8_encoding_spec.rb | 2 +- spec/acceptance/alternative_port_spec.rb | 2 +- spec/acceptance/default_parameters_spec.rb | 2 +- spec/acceptance/z_alternative_pgdata_spec.rb | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/00-utf8_encoding_spec.rb b/spec/acceptance/00-utf8_encoding_spec.rb index c0a00b4403..2e7770bed1 100644 --- a/spec/acceptance/00-utf8_encoding_spec.rb +++ b/spec/acceptance/00-utf8_encoding_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'with defaults' do pp = <<-EOS class { 'postgresql::globals': diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index fbfad16fba..11094d36ae 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,7 +2,7 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative port' do pp = <<-EOS class { 'postgresql::server': port => '55433' } diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index 81163ca91d..47634828a2 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'with defaults' do pp = <<-EOS class { 'postgresql::server': } diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index 29f09a0898..9f80f96e25 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -8,7 +8,7 @@ shell 'setenforce 0' end -describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative pgdata location' do pp = <<-EOS #file { '/var/lib/pgsql': ensure => directory, } -> From edc8d3c3e3407fdcb3e40540b115b5e533c66042 Mon Sep 17 00:00:00 2001 From: Joseph Yaworski Date: Fri, 29 Jan 2016 13:27:06 -0500 Subject: [PATCH 0054/1000] Add postgresql_version fact --- lib/facter/postgresql_version.rb | 8 ++++++++ spec/unit/postgresql_version_spec.rb | 19 +++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 lib/facter/postgresql_version.rb create mode 100644 spec/unit/postgresql_version_spec.rb diff --git a/lib/facter/postgresql_version.rb b/lib/facter/postgresql_version.rb new file mode 100644 index 0000000000..605479e2fd --- /dev/null +++ b/lib/facter/postgresql_version.rb @@ -0,0 +1,8 @@ +Facter.add(:postgresql_version) do + setcode do + if Facter::Util::Resolution.which('psql') + postgresql_version = Facter::Util::Resolution.exec('psql -V 2>&1') + %r{^psql \(PostgreSQL\) ([\w\.]+)}.match(postgresql_version)[1] + end + end +end diff --git a/spec/unit/postgresql_version_spec.rb b/spec/unit/postgresql_version_spec.rb new file mode 100644 index 0000000000..efe45096ef --- /dev/null +++ b/spec/unit/postgresql_version_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe Facter::Util::Fact do + before do + Facter.clear + end + + describe 'postgresql_version' do + context 'with value' do + before :each do + allow(Facter::Util::Resolution).to receive(:which).with('psql').and_return(true) + allow(Facter::Util::Resolution).to receive(:exec).with('psql -V 2>&1').and_return('psql (PostgreSQL) 9.4.5') + end + it do + expect(Facter.fact(:postgresql_version).value).to eq('9.4.5') + end + end + end +end From e18342829ef8343b58dac5f3a4226876850516a3 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 29 Jan 2016 12:38:02 -0800 Subject: [PATCH 0055/1000] (MODULES-2960) Allow float postgresql_conf values --- .../provider/postgresql_conf/.parsed.rb.swp | Bin 0 -> 12288 bytes lib/puppet/provider/postgresql_conf/parsed.rb | 4 ++-- .../postgresql_conf/.parsed_spec.rb.swp | Bin 0 -> 20480 bytes .../provider/postgresql_conf/parsed_spec.rb | 13 +++++++++++++ 4 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 lib/puppet/provider/postgresql_conf/.parsed.rb.swp create mode 100644 spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp diff --git a/lib/puppet/provider/postgresql_conf/.parsed.rb.swp b/lib/puppet/provider/postgresql_conf/.parsed.rb.swp new file mode 100644 index 0000000000000000000000000000000000000000..5a5c1706197753c54dde9546ab79fb4e15412f2e GIT binary patch literal 12288 zcmeI2&u`pB6vwB9Q)mIvD~FfeP}|AYPAOH9C3i0f1QMtckjrke^4hbTA>OfLkGn0| zfW!rHg)xGL)$S+=RS3j#AdT*ssIpb0l-aO5Zys1!L zR%RJjNjNTUWND$MIWLYAFA?Kr#mn;azKD75Etf}8DkokR<^_-4eB4GcS3|%MI7gsV zlN)bdWw&0xxvST@olUy-%E#x-%!DCe2p9r}fFWQA7y^cXAz%pne+j7U68jwKU2am` zZmyTkT$_*PVh9)lhJYbp2p9r}fFWQA7y^cXAz%m?0{=k*Va(XA4aS~8`v3p!-~W$a zV(bz0BlI0Khu(v3L%Y!P&~wn^7a98*`U(0LQqUfB4SI5wu|J^ip)a9Npb_*A6hIr$ zuU8oR1^OBi&`pS--(O(t8|W+O3n+$s=rZ&d&iZF_=D+p1%`gNE0YktLFa!(%L%LgC3lAOm? zQgr<~ZMHM~xD1o^eIT?x(fOB-)?!efEPVM;K-Nltpn5Fpc+b;qHmti0G>CfVEL72< z?H$-cMoAg-MROgA$%sD?g({paPqc(uH#Ludkh1&K!(bQ>-Tj@#aK3{*?G{~2)C`y- z3B<08shQ_VQw7@UjESq#QCm!6vfS#5Vifl656~%{i>Qr-Iux@k;Z-@xDTOj7S(|9b zB`*jWSc>#BC6&^c6Gz@DdZbCnwsxy?`G}kd$>|vd=~p@HHt{P&#KOVRt<9= zrFmQ*)2~~-d-}yy{DEp_$4MxUdeoe_J?@sbZq+zFXV>+#yOZj`%~b0SR2o zW^-3Jo4Xz6fG;-S_z71JGp>{KCrPOEWXvaFnW&Kp^C^5`$?~|0R(jSeH2b$h)ztnrVzj1sem&M2euTiTj&4^!R_bo~svX{On?`w?u^ex($T?Yc PbNxySedS$eV6lGy(=6LT literal 0 HcmV?d00001 diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index ebe1f70941..7c597a8a0c 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -18,12 +18,12 @@ :to_line => proc { |h| # simple string and numeric values don't need to be enclosed in quotes - if h[:value].is_a?(Fixnum) + if h[:value].is_a?(Numeric) val = h[:value].to_s else val = h[:value] end - dontneedquote = val.match(/^(\w+)$/) + dontneedquote = val.match(/^([\d\.]+|\w+)$/) dontneedequal = h[:name].match(/^(include|include_if_exists)$/i) str = h[:name].downcase # normalize case diff --git a/spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp b/spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp new file mode 100644 index 0000000000000000000000000000000000000000..60e548411734b5f743c6ad039f2f59c8ae1e4b7a GIT binary patch literal 20480 zcmeI3Ta4V)8OKivCE*f6KwMf0I5>c3NirADeUn`ku`i$^5SQ>k+QBhOE$EM z&O|?XZ66(t5r^@VknTKc9W=*x9dcB$qu(NH=s{=8F@venCuCTD;wZk5Bc~Cg%`6mh;n-}_Fzt6a1t_FwuUcfs(3)Y=N&}Z#J=!)~cw_#h% zFAUGN+Mc^s=$n4Ptd=O5_gCee)K)2=6c|w;ak76n*{+P8-<9msWb2Kc zPj=NtDWDWk3Md7X0!jg;fKosypcGIFC;~^&NyzJ99a!Ko&;k#Fd%-Wk5pWy08QcUu-b=`vAOtspYr$S{ z1^Dm^LjDAP0UDqP3V?t&E=PS}1snxOzzyKT%LsWHya@gXo&z>G2tL1*kWaw};C=8G z*aSC&>%l&7C3p|MzW^Gb2y#H^aXYvPTn895I(rEruY$jTm%)qR90 z5L^OY!?EYV@4=Jc3Gi!h4cG$+_!@zg|AKeGL!b-}f&)MUA0x2x0MNkC!PQ_tcozYi z`vC7&Dr#;)XXpd=0d3Fl<7(6GlHuBtSIkwAkrx#tb$Cj42 z)TSMxiyNjBigR~}ownB#DI!bDdb)lcXMEQ7e5=Jb`zX8^=YP;M3k$djW$U@f0ywE9 zP6mwA!0z=OMn%Gi-3fh@+n!6=26O32n|EumhR=^D520U|2+s!*(rv;~5maJ}x zmWst*FrNZ+X_;y>>l+9nit16-!uiBhanQA$Q8mQDbI>D_qR)KWv(P4}cu*OFOl}hM zDX^_Ju*KDLdGNEH()Fw+OczB{hW+9ZjW)(r$8=9*w8glLs3N1i>7%dK{C16AH)16^ z1&ZIK7yLAh-_6Vd%i5abnS9VdmzIruz0@#%@P!Rr+^AHW#Y)vESIf1c(WqDIBh?9m zM-HUBro{5B^LS#D4WE4fQn_l>YDT45uUG3vrCw~7Yt3e}+N{yUpRI62tdgT!PKQ>MFC`-%fmu$q~dBlgfCrzhyg0X%p zV4WztFV#Y{vLW^coqGCS<2`wFZ?w^|AtdVP<56VmtuPqj4pYYf({a3$)D3&9%nvB< z`d--SMt#2*@^~1`cp2r}v8*M-W!kwod6AvszPXcLCU>Ig>N8xFWBKep4$dT97(LEs z^cK+oD@U9&b3B)=)lIcGdYsghV=v7a3-cPilNOKFHLtmurcRpXpu@*IFnN}vrDr*! z*yz9_XE}2`gONdb+B7ZG&t%4AyEYX~h33lHk7v6+pJOLLDNIYvNu{sTy8+qewm3IO z+xwB7+ZoTIW=bh0_if)^WtbCBnh5i*i79ftBtW64vt*WR;&QGqn9HM0@C{^Lqb-_i zocVN-neA>eb&gA~vNg|V$)UL8ke5d-SnlLace7=?0XN+?%LhDM%`I}%?=ZfAQ&!7o zJoMdY-o9o#EV@=q;>8ZSeBSGezr>@->BGeEyeOi_OBZ=3lom%@ZO06PygZsqrps~J zVF8rBKT1enTzm-2jJ#NDpzI(qJxV;Gr4j@HFG8|#0XtQ()k z`o05N;1O^PkHo8u z?OiljfyYtH^B??6MZKiKayu)k83!w|64{QOKfL0MsQr1XI7bKHgl0x(=Zzjtjcmj* zz~~+su|9lJ$GWH7F5fF_Q%v(dL z@@w2sdJ(&om!=%pPS|#f@X1$3_qd*fSY-e<<3pqAx4ZTR!*aRTLl6L-=zg&2wrSYc z=l5u=mb6o{HgRmOi1akqk`Ji8(BZcDzKH+LZe@K&l|fxS71iB_TRRke9(p9!|9N}^ z{|<=t|KVh45#Rn_1&@Ob;DR1l0bgOg{}lKQ;J^hva1>k*-o{%074Q;x0Xz>pa4Yy3 z*bgoRd%y=+>oc$dj)Dph@qjO}{%?aaI0y~^4Sa%lfC)-q0o(#8i0r?RhDGIzQa~x7 z6i^B%1(X6xf%BpO#ZM&!s)WFa--T5|pm;ql?1aG46rbU;FzFc5NwhK%XqdW~&MXig z&xg6SV<`p5!IiO#IAk|Df{`RyZ8JGmD"integer", :value=>42, :comment=>nil, :record_type=>:parsed })).to eq( + "integer = 42" + ) + end + + it "should allow floats" do + expect(provider.to_line( {:name=>"float", :value=>2.71828182845, :comment=>nil, :record_type=>:parsed })).to eq( + "float = 2.71828182845" + ) + end + end end From cd2a54855bfe5103348d1b5654d0554f252eb820 Mon Sep 17 00:00:00 2001 From: jbondpdx Date: Thu, 28 Jan 2016 11:00:51 -0800 Subject: [PATCH 0056/1000] FM-4657: postgresql edit pass --- README.md | 1031 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 607 insertions(+), 424 deletions(-) diff --git a/README.md b/README.md index e114f17fd5..13c1fdc2d9 100644 --- a/README.md +++ b/README.md @@ -1,187 +1,305 @@ # postgresql - #### Table of Contents -1. [Overview - What is the posgresql module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with posgresql module](#setup) - * [PE Supported module](#supported-module) - * [Configuring the server](#configuring-the-server) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +1. [Module Description - What does the module do?](#module-description) +2. [Setup - The basics of getting started with posgresql module](#setup) + * [What postgresql affects](#what-postgresql-affects) + * [Getting started with postgresql](#getting-started-with-postgresql) +3. [Usage - Configuration options and additional functionality](#usage) + * [Configure a server](#configure-a-server) + * [Create a database](#create-a-database) + * [Manage users, roles, and permissions](#manage-users-roles-and-permissions) + * [Override defaults](#override-defaults) + * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pghbaconf) + * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pgidentconf) + * [Validate connectivity](#validate-connectivity) +4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) * [Classes](#classes) * [Defined Types](#defined-types) * [Types](#types) * [Functions](#functions) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - * [Transfer Notice - Notice of authorship change](#transfer-notice) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) * [Contributors - List of module contributors](#contributors) -8. [Tests](#tests) -9. [Transfer Notice - Notice of authorship change](#transfer-notice) -10. [Contributors - List of module contributors](#contributors) - -## Overview - -The posgresql module allows you to easily manage PostgreSQL databases with Puppet. +7. [Tests](#tests) +8. [Contributors - List of module contributors](#contributors) ## Module description -PostgreSQL is a high-performance, free, open-source relational database server. The posgresql module allows you to manage PostgreSQL packages and services on several operating systems, while also supporting basic management of PostgreSQL databases and users. The module offers support for basic management of common security settings. +The posgresql module allows you to manage PostgreSQL databases with Puppet. + +PostgreSQL is a high-performance, free, open-source relational database server. The posgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL. ## Setup -**What puppetlabs-PostgreSQL affects:** +### What postgresql affects -* package/service/configuration files for PostgreSQL -* listened-to ports +* Package, service, and configuration files for PostgreSQL +* Listened-to ports * IP and mask (optional) -**Introductory Questions** +### Getting started with postgresql -The posgresql module offers many security configuration settings. Before getting started, you will want to consider: +To configure a basic default PostgreSQL server, declare the `postgresql::server` class. -* Do you want or need to allow remote connections? - * If yes, what about TCP connections? -* How restrictive do you want the database superuser's permissions to be? +```puppet +class { 'postgresql::server': } +``` -Your answers to these questions will determine which of the module's parameters you'll want to specify values for. +## Usage -### Supported module +### Configure a server -Puppet Enterprise 3.2 introduced Puppet Labs supported modules. The version of the posgresql module that ships with PE is supported via normal [Puppet Enterprise support](http://puppetlabs.com/services/customer-support) channels. If you would like to access the [supported module](http://forge.puppetlabs.com/supported) version, you will need to uninstall the shipped module and install the supported version from the Puppet Forge. You can do this by first running +For default settings, declare the `postgresql::server` class as above. To customize PostgreSQL server settings, specify the [parameters](#postgresqlserver) you want to change: - puppet module uninstall puppetlabs-postgresql +```puppet +class { 'postgresql::server': + ip_mask_deny_postgres_user => '0.0.0.0/32', + ip_mask_allow_all_users => '0.0.0.0/0', + listen_addresses => '*', + ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], + postgres_password => 'TPSrep0rt!', +} +``` -and then running +After configuration, test your settings from the command line: - puppet module install puppetlabs/postgresql +``` +psql -h localhost -U postgres +psql -h my.postgres.server -U +``` -## Usage +If you get an error message from these commands, your permission settings restrict access from the location you're trying to connect from. Depending on whether you want to allow connections from that location, you might need to adjust your permissions. -### Configuring the server +For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). -The main configuration you'll need to do will be around the `postgresql::server` class. The default parameters are reasonable, but fairly restrictive regarding permissions for who can connect and from where. To manage a PostgreSQL server with defaults: +### Create a database - class { 'postgresql::server': } +You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: -For a more customized configuration: +```puppet +class { 'postgresql::server': } - class { 'postgresql::server': - ip_mask_deny_postgres_user => '0.0.0.0/32', - ip_mask_allow_all_users => '0.0.0.0/0', - listen_addresses => '*', - ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], - postgres_password => 'TPSrep0rt!', - } +postgresql::server::db { 'mydatabasename': + user => 'mydatabaseuser', + password => postgresql_password('mydatabaseuser', 'mypassword'), +} +``` -Once you've completed your configuration of `postgresql::server`, you can test your settings from the command line: +### Manage users, roles, and permissions - psql -h localhost -U postgres - psql -h my.postgres.server -U +To manage users, roles, and permissions: -If you get an error message from these commands, it means that your permissions are set in a way that restricts access from where you're trying to connect. That could be a good or bad thing, depending on your goals. +```puppet +class { 'postgresql::server': } -For more details about server configuration parameters consult the [PostgreSQL Runtime Configuration docs](http://www.postgresql.org/docs/current/static/runtime-config.html). +postgresql::server::role { 'marmot': +password_hash => postgresql_password('marmot', 'mypasswd'), +} -### Creating a database +postgresql::server::database_grant { 'test1': + privilege => 'ALL', + db => 'test1', + role => 'marmot', +} -There are many ways to set up a postgres database using the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: +postgresql::server::table_grant { 'my_table of test2': + privilege => 'ALL', + table => 'my_table', + db => 'test2', + role => 'marmot', +} +``` - class { 'postgresql::server': } +This example grants **all** privileges on the test1 database and on the `my_table` table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use. - postgresql::server::db { 'mydatabasename': - user => 'mydatabaseuser', - password => postgresql_password('mydatabaseuser', 'mypassword'), - } +### Override defaults -### Managing users, roles and permissions +The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing. -To manage users, roles and permissions: +For example, to overwrite the default `locale` and `encoding` for all classes, use the following: - class { 'postgresql::server': } +```puppet +class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', +}-> +class { 'postgresql::server': +} +``` - postgresql::server::role { 'marmot': - password_hash => postgresql_password('marmot', 'mypasswd'), - } +To use a specific version of the PostgreSQL package: - postgresql::server::database_grant { 'test1': - privilege => 'ALL', - db => 'test1', - role => 'marmot', - } +```puppet +class { 'postgresql::globals': + manage_package_repo => true, + version => '9.2', +}-> +class { 'postgresql::server': } +``` - postgresql::server::table_grant { 'my_table of test2': - privilege => 'ALL', - table => 'my_table', - db => 'test2', - role => 'marmot', - } +### Manage remote users, roles, and permissions -In this example, you would grant ALL privileges on the test1 database and on the `my_table` table of the test2 database to the user or group specified by dan. +Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. -At this point, you would just need to plunk these database name/username/password values into your PuppetDB config files, and you are good to go. +The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) documentation for a complete list of variables. -### Overriding defaults +Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. -The `postgresql::globals` class allows you to configure the main settings for this module in a global way, to be used by the other classes and defined resources. On its own it does nothing. +You can provide a `connect_settings` hash for each of the Puppet resources, or you can set a default `connect_settings` hash in `postgresql::globals`. Configuring `connect_settings` per resource allows SQL objects to be created on multiple databases by multiple users. -For example, if you wanted to overwrite the default `locale` and `encoding` for all classes you could use the following combination: +```puppet +$connection_settings_super2 = { + 'PGUSER' => "super2", + 'PGPASSWORD' => "foobar2", + 'PGHOST' => "127.0.0.1", + 'PGPORT' => "5432", + 'PGDATABASE' => "postgres", + } - class { 'postgresql::globals': - encoding => 'UTF-8', - locale => 'en_US.UTF-8', - }-> - class { 'postgresql::server': - } +include postgresql::server -If you want to use the upstream PostgreSQL packaging, and be specific about the version you wish to download, you could use something like this: +# Connect with no special settings, i.e domain sockets, user postges +postgresql::server::role{'super2': + password_hash => "foobar2", + superuser => true, - class { 'postgresql::globals': - manage_package_repo => true, - version => '9.2', - }-> - class { 'postgresql::server': } + connect_settings => {}, + require => [ + Class['postgresql::globals'], + Class['postgresql::server::service'], + ], +} -### Managing remote users, roles and permissions +# Now using this new user connect via TCP +postgresql::server::database { 'db1': + connect_settings => $connection_settings_super2, - Remote SQL objects are managed using the same Puppet resources as local SQL objects with the additional of a connect_settings hash. This provides control over how Puppet should connect to the remote Postgres instances and the version that should be used when generating SQL commands. +require => Postgresql::Server::Role['super2'], +} +``` - When provided the connect_settings hash can contain environment variables to control Postgres client connections, such as: PGHOST, PGPORT, PGPASSWORD PGSSLKEY (see http://www.postgresql.org/docs/9.4/static/libpq-envars.html) Additionally the special value of DBVERSION can be provided to specify the target database's version. If the connect_settings hash is omitted or empty then Puppet will connect to the local Postgres instance. +### Create an access rule for pg_hba.conf - A connect_settings hash can be provided with each of the Puppet resources or a default connect_settings hash can be set in postgresql::globals. Per resource configuration of connect_settings allows for SQL object to be creating on multiple database by multiple users. +To create an access rule for `pg_hba.conf`: - $connection_settings_super2 = { - 'PGUSER' => "super2", - 'PGPASSWORD' => "foobar2", - 'PGHOST' => "127.0.0.1", - 'PGPORT' => "5432", - 'PGDATABASE' => "postgres", - } +```puppet +postgresql::server::pg_hba_rule { 'allow application network to access app database': + description => "Open up PostgreSQL for access from 200.1.2.0/24", + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', +} +``` - include postgresql::server +This would create a ruleset in `pg_hba.conf` similar to: - # Connect with no special settings, i.e domain sockets, user postges - postgresql::server::role{'super2': - password_hash => "foobar2", - superuser => true, +``` +# Rule Name: allow application network to access app database +# Description: Open up PostgreSQL for access from 200.1.2.0/24 +# Order: 150 +host app app 200.1.2.0/24 md5 +``` + +By default, `pg_hba_rule` requires that you include `postgresql::server`. However, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following: + +```puppet +postgresql::server::pg_hba_rule { 'allow application network to access app database': + description => "Open up postgresql for access from 200.1.2.0/24", + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', + target => '/path/to/pg_hba.conf', + postgresql_version => '9.4', +} +``` + +### Create user name maps for pg_ident.conf + +To create a user name map for the pg_ident.conf: + +```puppet +postgresql::server::pg_ident_rule{ 'Map the SSL certificate of the backup server as a replication user': + map_name => 'sslrepli', + system_username => 'repli1.example.com', + database_username => 'replication', +} - connect_settings => {}, - require => [ - Class['postgresql::globals'], - Class['postgresql::server::service'], - ], - } +This would create a user name map in `pg_ident.conf` similar to: - # Now using this new user connect via TCP - postgresql::server::database { 'db1': - connect_settings => $connection_settings_super2, +``` +# Rule Name: Map the SSL certificate of the backup server as a replication user +# Description: none +# Order: 150 +sslrepli repli1.example.com replication +``` + +### Create recovery configuration + +To create the recovery configuration file (`recovery.conf`): + +```puppet +postgresql::server::recovery{ 'Create a recovery.conf file with the following defined parameters': + restore_command => 'cp /mnt/server/archivedir/%f %p', + archive_cleanup_command => undef, + recovery_end_command => undef, + recovery_target_name => 'daily backup 2015-01-26', + recovery_target_time => '2015-02-08 22:39:00 EST', + recovery_target_xid => undef, + recovery_target_inclusive => true, + recovery_target => 'immediate', + recovery_target_timeline => 'latest', + pause_at_recovery_target => true, + standby_mode => 'on', + primary_conninfo => 'host=localhost port=5432', + primary_slot_name => undef, + trigger_file => undef, + recovery_min_apply_delay => 0, +} +``` + +The above creates this `recovery.conf` config file: + +``` +restore_command = 'cp /mnt/server/archivedir/%f %p' +recovery_target_name = 'daily backup 2015-01-26' +recovery_target_time = '2015-02-08 22:39:00 EST' +recovery_target_inclusive = true +recovery_target = 'immediate' +recovery_target_timeline = 'latest' +pause_at_recovery_target = true +standby_mode = 'on' +primary_conninfo = 'host=localhost port=5432' +recovery_min_apply_delay = 0 +``` + +Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. + + +### Validate connectivity + +To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql::validate_db_connection` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. - require => Postgresql::Server::Role['super2'], - } +Example usage: -## Reference +```puppet +postgresql::validate_db_connection { 'validate my postgres connection': + database_host => 'my.postgres.host', + database_username => 'mydbuser', + database_password => 'mydbpassword', + database_name => 'mydbname', +}-> +exec { 'rake db:migrate': + cwd => '/opt/myrubyapp', +} +``` + + ## Reference The posgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. @@ -228,673 +346,726 @@ Functions: ### Classes #### postgresql::client -Installs PostgreSQL client software. Alter the following parameters if you have a custom version you would like to install. + +Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. >**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_ensure` -Sets the ensure parameter passed on to PostgreSQL client package resource. Default: 'present'. + +Whether the PostgreSQL client package resource should be present. Valid values: 'present', 'absent'. Default: 'present'. ##### `package_name` + Sets the name of the PostgreSQL client package. Default: 'file'. ##### `validcon_script_path` + Specifies the path to validate the connection script. Default: '/usr/local/bin/validate_postgresql_connection.sh'. #### postgresql::lib::docs -Installs PostgreSQL bindings for Postgres-Docs. Alter the following parameters if you have a custom version you would like to install + +Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. >**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_name` + Specifies the name of the PostgreSQL docs package. ##### `package_ensure` -The ensure parameter passed on to postgresql docs package resource. +Whether the PostgreSQL docs package resource should be present. Valid values: 'present', 'absent'. Default: 'present'. #### postgresql::globals ->**Note:** Most server specific defaults should be overriden in the `postgresql::server` class. This class should only be used if you are using a non-standard OS or if you are changing elements such as `version` or `manage_package_repo` that can only be changed here. + +>**Note:** Most server-specific defaults should be overriden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. ##### `bindir` + Overrides the default PostgreSQL binaries directory for the target platform. Default: OS dependent. ##### `client_package_name` + Overrides the default PostgreSQL client package name. Default: OS dependent. ##### `confdir` + Overrides the default PostgreSQL configuration directory for the target platform. Default: OS dependent. ##### `contrib_package_name` + Overrides the default PostgreSQL contrib package name. Default: OS dependent. ##### `createdb_path` -**Deprecated.** -Path to the `createdb` command. Default: "${bindir}/createdb". + +**Deprecated.** Path to the `createdb` command. Default: "${bindir}/createdb". ##### `datadir` + Overrides the default PostgreSQL data directory for the target platform. Default: OS dependent. ->**Note:** Changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set `needs_initdb = true` in order to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). +>**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). -**Warning:** If datadir is changed from the default, Puppet will not manage purging of the original data directory, which will cause it to fail if the data directory is changed back to the original. +**Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. ##### `default_database` -Specifies the name of the default database to connect with. On most systems, this will be "postgres". + +Specifies the name of the default database to connect with. On most systems, this is 'postgres'. ##### `devel_package_name` + Overrides the default PostgreSQL devel package name. Default: OS dependent. ##### `docs_package_name` -Overrides the default PostgreSQL docs package name. If not specified, the module will use the default for your OS distro. + +Overrides the default PostgreSQL docs package name. If not specified, the module uses the default for your OS distro. ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems, this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Defaults to the operating system's default encoding. + +Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Defaults to the operating system's default encoding. ##### `group` -Overrides the default PostgreSQL user group to be used for related files in the file system. Default: 'postgres'. + +Overrides the default postgres user group to be used for related files in the file system. Default: 'postgres'. ##### `initdb_path` + Path to the `initdb` command. ##### `java_package_name` + Overrides the default PostgreSQL java package name. Default: OS dependent. ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems, this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** + +Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `logdir` + Overrides the default PostgreSQL log directory. Default: initdb's default path. ##### `manage_package_repo` -Sets up official PostgreSQL repositories on your host if set to 'true'. Default: 'false'. + +Sets up official PostgreSQL repositories on your host if set to true. Default: false. ##### `needs_initdb` -This setting can be used to explicitly call the initdb operation after server package is installed and before the PostgreSQL service is started. Default: OS dependent. + +Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. Default: OS dependent. ##### `perl_package_name` + Overrides the default PostgreSQL Perl package name. Default: OS dependent. ##### `pg_hba_conf_defaults` -Disables the defaults supplied with the module for `pg_hba.conf` if set to 'false'. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. Default: 'true'. + +Disables the defaults supplied with the module for `pg_hba.conf` if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. Default: true. ##### `pg_hba_conf_path` -Specifies the path to your `pg_hba.conf` file. Default: "${confdir}/pg_hba.conf". + +Specifies the path to your `pg_hba.conf` file. Default: '${confdir}/pg_hba.conf'. ##### `pg_ident_conf_path` + Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". ##### `plperl_package_name` -Overrides the default PostgreSQL PL/perl package name. Default: OS dependent. + +Overrides the default PostgreSQL PL/Perl package name. Default: OS dependent. ##### `plpython_package_name` -Overrides the default PostgreSQL PL/python package name. Default: OS dependent. + +Overrides the default PostgreSQL PL/Python package name. Default: OS dependent. ##### `postgis_version` + Defines the version of PostGIS to install, if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. ##### `postgresql_conf_path` + Sets the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". ##### `psql_path` + Sets the path to the `psql` command. ##### `python_package_name` + Overrides the default PostgreSQL Python package name. Default: OS dependent. ##### `recovery_conf_path` + Path to your `recovery.conf` file. ##### `repo_proxy` -Sets the proxy option for the official PostgreSQL yum-repositories only, Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. + +Sets the proxy option for the official PostgreSQL yum-repositories only. Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. ##### `server_package_name` + Overrides the default PostgreSQL server package name. Default: OS dependent. ##### `service_name` + Overrides the default PostgreSQL service name. Default: OS dependent. ##### `service_provider` + Overrides the default PostgreSQL service provider. Default: OS dependent. ##### `service_status` + Overrides the default status check command for your PostgreSQL service. Default: OS dependent. ##### `user` + Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. ##### `version` -The version of PostgreSQL to install/manage. This is a simple way of providing a specific version such as '9.2' or '8.4' for example. Default: OS system default. + +The version of PostgreSQL to install and manage. Default: OS system default. ##### `xlogdir` -Overrides the default PostgreSQL xlog directory. Default: initdb's default path. +Overrides the default PostgreSQL xlog directory. Default: initdb's default path. ####postgresql::lib::devel -Installs the packages containing the development libraries for PostgreSQL and symlinks pg_config into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). + +Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). ##### `link_pg_config` -By default on all but Debian systems, if the bin directory used by the PostgreSQL package is not `/usr/bin` or `/usr/local/bin`, -this class will symlink `pg_config` from the package's bin dir into `/usr/bin`. Set `link_pg_config` to -false to disable this behavior. + +If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to false to disable this behavior. Valid values: true, false. Default: true. ##### `package_ensure` + Overrides the `ensure` parameter during package installation. Defaults to `present`. ##### `package_name` -Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. +Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. ####postgresql::lib::java -Installs PostgreSQL bindings for Java (JDBC). Alter the following parameters if you have a custom version you would like to install + +Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install. >**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_ensure` -Sets the ensure parameter passed on to PostgreSQL java package resource. + +Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. ##### `package_name` -Specifies the name of the PostgreSQL java package. +Specifies the name of the PostgreSQL java package. #### postgresql::lib::perl -Installs the PostgreSQL Perl libraries. For customer requirements you can customize the following parameters: + +Installs the PostgreSQL Perl libraries. ##### `package_ensure` -Sets the ensure parameter passed on to PostgreSQL perl package resource. + +Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. ##### `package_name` -Specifies the name of the PostgreSQL perl package to install. +Specifies the name of the PostgreSQL perl package to install. #### postgresql::server::plpython + Installs the PL/Python procedural language for PostgreSQL. ##### `package_name` + Specifies the name of the postgresql PL/Python package. ##### `package_ensure` -Specifies the ensure parameter passed on to PostgreSQL PL/Python package resource. +Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. ####postgresql::lib::python -Installs PostgreSQL Python libraries. For customer requirements you can customize the following parameters: + +Installs PostgreSQL Python libraries. ##### `package_ensure` -The ensure parameter passed on to PostgreSQL python package resource. + +Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. ##### `package_name` -The name of the PostgreSQL python package. +The name of the PostgreSQL Python package. ####postgresql::server ##### `createdb_path` -**Deprecated.** -Specifies the path to the `createdb` command. Default: "${bindir}/createdb". + +**Deprecated.** Specifies the path to the `createdb` command. Default: "${bindir}/createdb". ##### `default_database` -Specifies the name of the default database to connect with. On most systems this will be "postgres". + +Specifies the name of the default database to connect with. On most systems this is "postgres". ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems this will also be used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef. + +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef. ##### `group` -Overrides the default PostgreSQL user group to be used for related files in the file system. Default: OS dependent default. + +Overrides the default postgres user group to be used for related files in the file system. Default: OS dependent default. ##### `initdb_path` + Specifies the path to the `initdb` command. Default: "${bindir}/initdb". ##### `ipv4acls` -Lists strings for access control for connection method, users, databases, IPv4 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (**Note:** The link will take you to documentation for the most recent version of PostgreSQL, however links for earlier versions can be found there too). + +Lists strings for access control for connection method, users, databases, IPv4 addresses; see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ipv6acls` -Lists strings for access control for connection method, users, databases, IPv6 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (**Note:** The link will take you to documentation for the most recent version of PostgreSQL, however links for earlier versions can be found there too). + +Lists strings for access control for connection method, users, databases, IPv6 addresses; see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ip_mask_allow_all_users` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow them to, you can override this setting. You can set it to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. Default: `127.0.0.1/32`. + +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. + +Set to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. Default: `127.0.0.1/32`. ##### `ip_mask_deny_postgres_user` -Specifies an IP and mask to deny connections from specific users while also allowing remote users. Sometimes it can be useful to block the superuser account from remote connections if you are allowing other database users to connect remotely. For example, the default value `0.0.0.0/0` will match any remote IP and deny access, so the postgres user won't be able to connect remotely at all. Conversely, a value of `0.0.0.0/32` would not match any remote IP, and thus the deny rule will not be applied and the postgres user will be allowed to connect. Default: `0.0.0.0/0`. + +Specifies the IP mask from which remote connections should be denied for the postgres superuser. Defaults to `0.0.0.0/0`, which denies any remote connection. ##### `listen_addresses` -This value defaults to `localhost`, meaning the postgres server will only accept connections from localhost. If you'd like to be able to connect to postgres from remote machines, you can override this setting. A value of `*` will tell postgres to accept connections from any remote machine. Alternately, you can specify a comma-separated list of hostnames or IP addresses. (For more info, have a look at the `postgresql.conf` file from your system's postgres package). + +Specifies the addresses the server accepts connections to. Valid values: + * 'localhost': Accept connections from local host only. + * '*': Accept connections from any remote machine. + * Specified comma-separated list of hostnames or IP addresses. ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** + +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. Default: undef, which is effectively `C`. **On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `manage_pg_hba_conf` -This value defaults to `true`. Whether or not manage the pg_hba.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. + +Whether to manage the pg_hba.conf. If set to true, Puppet overwrites this file. If set to false, Puppet does not modify the file. Valid values: true, false. Default ##### `manage_pg_ident_conf` -Overwrites the pg_ident.conf file. If set to `true`, Puppet will overwrite the file. If set to `false`, Puppet will not modify the file. Default: `true`. + +Overwrites the pg_ident.conf file. If set to true, Puppet overwrites the file. If set to false, Puppet does not modify the file. Valid values: true, false. Default: true. ##### `manage_recovery_conf` -Specifies whether or not manage the recovery.conf. If set to `true`, Puppet will overwrite this file. If set to `false`, Puppet will not create the file. Default: `false`. + +Specifies whether or not manage the recovery.conf. If set to true, Puppet overwrites this file. Valid values: true, false. Default: false. ##### `needs_initdb` + Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. Default: OS dependent. ##### `package_ensure` + Passes a value through to the `package` resource when creating the server instance. Default: undef. ##### `package_name` + Specifies the name of the package to use for installing the server software. Default: OS dependent. ##### `pg_hba_conf_defaults` + If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ##### `pg_hba_conf_path` + Specifies the path to your `pg_hba.conf` file. ##### `pg_ident_conf_path` + Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". ##### `plperl_package_name` + Sets the default package name for the PL/Perl extension. Default: OS dependent. ##### `plpython_package_name` + Sets the default package name for the PL/Python extension. Default: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for RedHat systems and early Debian systems, changing the port will cause the server to come to a full stop before being able to make the change. Default: `5432`, meaning the postgres server will listen on TCP port 5432. + +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for RedHat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default: `5432`, meaning the Postgres server listens on TCP port 5432. ##### `postgres_password` -Sets the password for the `postgres` user to your specified value. Default: undef, meaning the superuser account in the postgres database is a user called `postgres` and this account does not have a password. + +Sets the password for the `postgres` user to your specified value. Default: undef, meaning the superuser account in the Postgres database is a user called `postgres` and this account does not have a password. ##### `postgresql_conf_path` + Specifies the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". ##### `psql_path` + Specifies the path to the `psql` command. Default: OS dependent. ##### `service_manage` -Defines whether or not Puppet should manage the service. Default: `true`. + +Defines whether or not Puppet should manage the service. Default: true. ##### `service_name` + Overrides the default PostgreSQL service name. Default: OS dependent. ##### `service_provider` + Overrides the default PostgreSQL service provider. Default: undef. ##### `service_reload` + Overrides the default reload command for your PostgreSQL service. Default: OS dependent. ##### `service_restart_on_change` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default: `true`. + +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default: true. ##### `service_status` + Overrides the default status check command for your PostgreSQL service. Default: OS dependent. ##### `user` + Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. #### postgresql::server::contrib + Installs the PostgreSQL contrib package. ##### `package_ensure` + Sets the ensure parameter passed on to PostgreSQL contrib package resource. ##### `package_name` -The name of the PostgreSQL contrib package. +The name of the PostgreSQL contrib package. #### postgresql::server::plperl + Installs the PL/Perl procedural language for postgresql. ##### `package_ensure` + The ensure parameter passed on to PostgreSQL PL/Perl package resource. ##### `package_name` + The name of the PostgreSQL PL/Perl package. #### postgresql::server::postgis -Installs the PostgreSQL postgis packages. +Installs the PostgreSQL postgis packages. ### Defined Types #### postgresql::server::config_entry + Modifies your `postgresql.conf` configuration file. Each resource maps to a line inside the file, for example: - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } +```puppet +postgresql::server::config_entry { 'check_function_bodies': + value => 'off', +} +``` ##### `ensure` -Removes an entry if set to `absent`. -##### `namevar` -Specifies the name of the setting to change. +Removes an entry if set to 'absent'. Valid values: 'present', 'absent'. ##### `value` -Defines the value for the setting. +Defines the value for the setting. #### postgresql::server::db -Creates a local database, user, and assigns necessary permissions, in one go. - -For example, to create a database called `test1` with a corresponding user of the same name, you can use: - postgresql::server::db { 'test1': - user => 'test1', - password => 'test1', - } +Creates a local database, user, and assigns necessary permissions. ##### `comment` + Defines a comment to be stored about the database using the PostgreSQL COMMENT command. ##### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `dbname` -Sets the name of the database to be created. Default: `namevar`. + +Sets the name of the database to be created. Defaults to the namevar. ##### `encoding` + Overrides the character set during creation of the database. Defaults to the default defined during installation. ##### `grant` + Specifies the permissions to grant during creation. Default: `ALL`. ##### `istemplate` -Specifies that the database is a template, if set to `true`. Default: `false`. + +Specifies that the database is a template, if set to true. Default: false. ##### `locale` -Overrides the locale during creation of the database. Defaults to the default defined during installation. -##### `namevar` -Designates the name of the database. +Overrides the locale during creation of the database. Defaults to the default defined during installation. ##### `owner` + Sets a user as the owner of the database. Default: $user variable set in `postgresql::server` or `postgresql::globals`. ##### `password` -Sets the password for the created user. Mandatory. + +**Required** Sets the password for the created user. ##### `tablespace` + Defines the name of the tablespace to allocate the created database to. Default: PostgreSQL default. ##### `template` + Specifies the name of the template database from which to build this database. Defaults to `template0`. ##### `user` -User to create and assign access to the database upon creation. Mandatory. +User to create and assign access to the database upon creation. Mandatory. #### postgresql::server::database -Used to create a database with no users and no permissions, which is a rare use case. + +Creates a database with no users and no permissions. ##### `dbname` -Sets the name of the database, defaults to the `namevar`. + +Sets the name of the database. Defaults to the namevar. ##### `encoding` + Overrides the character set during creation of the database. Default: The default defined during installation. ##### `istemplate` -Defines the database as a template if set to true. Default: `false`. + +Defines the database as a template if set to true. Default: false. ##### `locale` -Overrides the locale during creation of the database. DefaultThe default defined during installation. -##### `namevar` -Specifies the name of the database to create. +Overrides the locale during creation of the database. DefaultThe default defined during installation. ##### `owner` -Sets name of the database user who will be set as the owner of the database. Default: The $user variable set in `postgresql::server` or `postgresql::globals`. + +Sets name of the database owner. Default: The $user variable set in `postgresql::server` or `postgresql::globals`. ##### `tablespace` + Sets tablespace for where to create this database. Default: The defaults defined during PostgreSQL installation. ##### `template` -Specifies the name of the template database from which to build this database. Default: `template0`. +Specifies the name of the template database from which to build this database. Default: `template0`. #### postgresql::server::database_grant -This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. + +Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. #### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `db` -Specifies the database to grant access to. -##### `namevar` -Specifies a way to uniquely identify this resource, but functionality not used during grant. +Specifies the database to which you are granting access. ##### `privilege` -Specifies which privileges to grant. Valid options: `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, a space delimited string can be used. + +Specifies which privileges to grant. Valid options: `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, you can use a space delimited string. ##### `psql_db` -Defines the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. + +Defines the database to execute the grant against. **This should not ordinarily be changed from the default**, which is `postgres`. ##### `psql_user` + Specifies the OS user for running `psql`. Default: The default user for the module, usually `postgres`. ##### `role` -Specifies the role or user whom you are granting access to. +Specifies the role or user whom you are granting access to. #### postgresql::server::extension + Manages a PostgreSQL extension. ##### `database` + Specifies the database on which to activate the extension. ##### `ensure` -Specifies whether to activate (`present`) or deactivate (`absent`) the extension. + +Specifies whether to activate ('present') or deactivate (absent') the extension. #### `extension` -Specifies the extension to activate. If left blank, it will use the name of the resource. + +Specifies the extension to activate. If left blank, uses the name of the resource. ##### `package_name` + Specifies a package to install prior to activating the extension. ##### `package_ensure` -Overrides default package deletion behavior. By default, the package specified with `package_name` will be installed when the extension is activated, and removed when the extension is deactivated. You can override this behavior by setting the `ensure` value for the package. +Overrides default package deletion behavior. By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. #### postgresql::server::grant -This defined type manages grant based access privileges for roles. Consult the PostgreSQL documentation for `grant` for more information. + +Manages grant-based access privileges for roles. See [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. ##### `db` -Specifies the database which you are granting access on. -##### `namevar` -Sets a unique identifier for this resource, but functionality not used during grant. +Specifies the database to which you are granting access. ##### `object_type` -Specifies the type of object you are granting privileges on. Valid options: `DATABASE`, `SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL TABLES IN SCHEMA`. + +Specifies the type of object to which you are granting privileges. Valid options: `DATABASE`, `SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL TABLES IN SCHEMA`. ##### `object_name` -Specifies name of `object_type` on which to grant access. + +Specifies name of `object_type` to which to grant access. ##### `port` + Port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `privilege` -Specifies the privilege you are granting. Valid options: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. + +Specifies the privilege to grant. Valid options: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. ##### `psql_db` + Specifies the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. ##### `psql_user` + Sets the OS user to run `psql`. Default: the default user for the module, usually `postgres`. ##### `role` -Specifies the role or user whom you are granting access to. +Specifies the role or user whom you are granting access to. #### postgresql::server::pg_hba_rule -Allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). -For example: - - postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up PostgreSQL for access from 200.1.2.0/24", - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - } - -This would create a ruleset in `pg_hba.conf` similar to: - - # Rule Name: allow application network to access app database - # Description: Open up PostgreSQL for access from 200.1.2.0/24 - # Order: 150 - host app app 200.1.2.0/24 md5 - -By default, `pg_hba_rule` requires that you include `postgresql::server`, however, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following. - - postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up postgresql for access from 200.1.2.0/24", - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - target => '/path/to/pg_hba.conf', - postgresql_version => '9.4', - } +Allows you to create an access rule for `pg_hba.conf`. For more details see the [usage example](#create-an-access-rule-for-pghba.conf) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). ##### `address` + Sets a CIDR based address for this rule matching when the type is not 'local'. ##### `auth_method` -Provides the method that is used for authentication for the connection that this rule matches. Described further in the `pg_hba.conf` documentation. + +Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL `pg_hba.conf` documentation. ##### `auth_option` + For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. ##### `database` + Sets a comma separated list of databases that this rule matches. ##### `description` -Defines a longer description for this rule if required. This description is placed in the comments above the rule in `pg_hba.conf`. Defaults: `none`. - -##### `namevar` -Defines a unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf`, so the originating resource can be identified. +Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. Defaults: `none`. +Specifies a way to uniquely identify this resource, but functionally does nothing. ##### `order` + Sets an order for placing the rule in `pg_hba.conf`. Default: `150`. #### `postgresql_version` -Manages `pg_hba.conf` without managing the entire PostgreSQL instance. Default: The version set in `postgresql::server`. + +Manages `pg_hba.conf` without managing the entire PostgreSQL instance. Default: the version set in `postgresql::server`. ##### `target` + Provides the target for the rule, and is generally an internal only property. **Use with caution.** ##### `type` + Sets the type of rule. Valid options: `local`, `host`, `hostssl` or `hostnossl`. ##### `user` -Sets a comma separated list of users that this rule matches. +Sets a comma-separated list of users that this rule matches. -#### postgresql::server::pg_ident_rule -Allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). - -For example: - postgresql::server::pg_ident_rule{ 'Map the SSL certificate of the backup server as a replication user': - map_name => 'sslrepli', - system_username => 'repli1.example.com', - database_username => 'replication', - } - -This would create a user name map in `pg_ident.conf` similar to: +#### postgresql::server::pg_ident_rule - # Rule Name: Map the SSL certificate of the backup server as a replication user - # Description: none - # Order: 150 - sslrepli repli1.example.com replication +Allows you to create user name maps for `pg_ident.conf`. For more details see the [usage example](#create-user-name-maps-for-pgidentconf) above and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). ##### `database_username` -Specifies the user name of the the database user. The `system_username` will be mapped to this user name. + +Specifies the user name of the the database user. The `system_username` is mapped to this user name. ##### `description` + Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. Default: `none`. ##### `map_name` -Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. -##### `namevar` -Sets a unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_ident.conf`, so the originating resource can be identified. +Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. ##### `order` + Defines an order for placing the mapping in `pg_ident.conf`. Default: 150. ##### `system_username` -Specifies the operating system user name, the user name used to connect to the database. + +Specifies the operating system user name (the user name used to connect to the database). ##### `target` -Provides the target for the rule, and is generally an internal only property. **Use with caution.** + +Provides the target for the rule and is generally an internal only property. **Use with caution.** #### postgresql::server::recovery -Allows you to create the content for `recovery.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). - -For example: - - postgresql::server::recovery{ 'Create a recovery.conf file with the following defined parameters': - restore_command => 'cp /mnt/server/archivedir/%f %p', - archive_cleanup_command => undef, - recovery_end_command => undef, - recovery_target_name => 'daily backup 2015-01-26', - recovery_target_time => '2015-02-08 22:39:00 EST', - recovery_target_xid => undef, - recovery_target_inclusive => true, - recovery_target => 'immediate', - recovery_target_timeline => 'latest', - pause_at_recovery_target => true, - standby_mode => 'on', - primary_conninfo => 'host=localhost port=5432', - primary_slot_name => undef, - trigger_file => undef, - recovery_min_apply_delay => 0, - } - -This would create a `recovery.conf` config file, similar to this: - - restore_command = 'cp /mnt/server/archivedir/%f %p' - recovery_target_name = 'daily backup 2015-01-26' - recovery_target_time = '2015-02-08 22:39:00 EST' - recovery_target_inclusive = true - recovery_target = 'immediate' - recovery_target_timeline = 'latest' - pause_at_recovery_target = true - standby_mode = 'on' - primary_conninfo = 'host=localhost port=5432' - recovery_min_apply_delay = 0 - - -Only the specified parameters will be recognized in the template! The `recovery.conf` will only be created if at least one parameter is set and [manage_recovery_conf](#manage_recovery_conf) is set to `true`. - -Every param value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. - -`standby_mode` can be specified with the string ('on'/'off'), or by using a boolean value (true/false). - -A detailed description of all above listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). + +Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). + +Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. + +A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). The parameters are grouped into these three sections: -##### [`Archive Recovery Parameters`](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) -In this section the `restore_command`, `archive_cleanup_command` and `recovery_end_command` parameters are listed. +##### [Archive Recovery Parameters](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) -##### [`Recovery Target Settings`](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) -In this section the `recovery_target_name`, `recovery_target_time`, `recovery_target_xid`, `recovery_target_inclusive`, `recovery_target`, `recovery_target_timeline` and `pause_at_recovery_target` parameters are listed. +* `restore_command` +* `archive_cleanup_command` +* `recovery_end_command` -##### [`Standby Server Settings`](http://www.postgresql.org/docs/current/static/standby-settings.html) -In this section the `standby_mode`, `primary_conninfo`, `primary_slot_name`, `trigger_file` and `recovery_min_apply_delay` parameters are listed. +##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) +* `recovery_target_name` +* `recovery_target_time` +* `recovery_target_xid` +* `recovery_target_inclusive` +* `recovery_target` +* `recovery_target_timeline` +* `pause_at_recovery_target` + +##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) +* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). +* `primary_conninfo` +* `primary_slot_name` +* `trigger_file` +* `recovery_min_apply_delay` ##### `target` Provides the target for the rule, and is generally an internal only property. **Use with caution.** - #### postgresql::server::role Creates a role or user in PostgreSQL. @@ -905,254 +1076,263 @@ Specifies how many concurrent connections the role can make. Default: `-1`, mean Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `createdb` -Specifies whether to grant the ability to create new databases with this role. Default: `false`. +Specifies whether to grant the ability to create new databases with this role. Default: false. ##### `createrole` -Specifies whether to grant the ability to create new roles with this role. Default: `false`. +Specifies whether to grant the ability to create new roles with this role. Default: false. ##### `inherit` -Specifies whether to grant inherit capability for the new role. Default: `true`. +Specifies whether to grant inherit capability for the new role. Default: true. ##### `login` -Specifies whether to grant login capability for the new role. Default: `true`. - -##### `namevar` -Specifies the role name to create. +Specifies whether to grant login capability for the new role. Default: true. ##### `password_hash` Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: - postgresql::server::role { "myusername": - password_hash => postgresql_password('myusername', 'mypassword'), - } +```puppet +postgresql::server::role { "myusername": +password_hash => postgresql_password('myusername', 'mypassword'), +} ##### `replication` -Provides provides replication capabilities for this role if set to `true`. Default: `false`. + +Provides provides replication capabilities for this role if set to true. Default: false. ##### `superuser` -Specifies whether to grant super user capability for the new role. Default: `false`. + +Specifies whether to grant super user capability for the new role. Default: false. ##### `username` -Defines the username of the role to create, Default: `namevar`. +Defines the username of the role to create. Defaults to the namevar. -#### postgresql::server::schema -Used to create a schema. For example: - postgresql::server::schema { 'isolated': - owner => 'jane', - db => 'janedb', - } +#### postgresql::server::schema -It will create the schema `isolated` in the database `janedb` if neccessary, -assigning the user `jane` ownership permissions. +Creates a schema. ##### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `db` -**Mandatory**. Sets the name of the database in which to create this schema. This must be passed. -##### `namevar` -Specifies the name of the schema being created. +**Required**. Sets the name of the database in which to create this schema. ##### `owner` + Sets the default owner of the schema. ##### `schema` -Sets the name of the schema. Default: `namevar`. +Sets the name of the schema. Defaults to the namevar. #### postgresql::server::table_grant -Manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. + +Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. ##### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `db` -Specifies which database the table is in. -##### `namevar` -Used to uniquely identify this resource, but functionality not used during grant. +Specifies which database the table is in. ##### `privilege` -Valid options: `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, use a space delimited string. + +Valid options: `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, use a space-delimited string. ##### `psql_db` -Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. + +Specifies the database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. ##### `psql_user` + Specifies the OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. ##### `role` -Specifies the role or user whom you are granting access for. + +Specifies the role or user to whom you are granting access. ##### `table` -Specifies the table to grant access on. +Specifies the table to which you are granting access. -#### postgresql::server::tablespace -Creates a tablespace. For example: - postgresql::server::tablespace { 'tablespace1': - location => '/srv/space1', - } +#### postgresql::server::tablespace -It will create the location if necessary, assigning it the same permissions as your -PostgreSQL server. +Creates a tablespace. If necessary, also creates the location and assigns the same permissions as the PostgreSQL server. ##### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. ##### `location` -Specifies the path to locate this tablespace. -##### `namevar` -Specifies the tablespace name to create. +Specifies the path to locate this tablespace. ##### `owner` + Specifies the default owner of the tablespace. ##### `spcname` -Specifies the name of the tablespace. Default: `namevar`. +Specifies the name of the tablespace. Defaults to the namevar. #### postgresql::validate_db_connection -This resource can be utilized inside composite manifests to validate a client has a valid connection with a remote PostgreSQL database. It can be run from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests. It is often used when chained to other tasks such as starting an application server, or performing a database migration. - -Example usage: - postgresql::validate_db_connection { 'validate my postgres connection': - database_host => 'my.postgres.host', - database_username => 'mydbuser', - database_password => 'mydbpassword', - database_name => 'mydbname', - }-> - exec { 'rake db:migrate': - cwd => '/opt/myrubyapp', - } +Validates client connection with a remote PostgreSQL database. ##### `connect_settings` + Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (database_host, etc.). If provided, the individual parameters take precedence. ##### `create_db_first` -This will ensure the database is created before running the test. This only really works if your test is local. Default: `true`. + +Ensures that the database is created before running the test. This only works if your test is local. Default: true. ##### `database_host` -Sets the hostname of the database you wish to test. Default: undef, which generally uses the designated local unix socket. + +Sets the hostname of the database you wish to test. Default: undef, which generally uses the designated local Unix socket. ##### `database_name` + Specifies the name of the database you wish to test. Default: 'postgres'. ##### `database_port` + Defines the port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `database_password` + Specifies the password to connect with. Can be left blank, not recommended. ##### `database_username` -Specifies the username to connect with. Default: 'undef', which when using a unix socket and ident auth will be the user you are running as. **If the host is remote you must provide a username.** -##### `namevar` -Specifies a way to uniquely identify this resource, but functionally does nothing. +Specifies the username to connect with. Default: undef. When using a Unix socket and ident auth, this is the user you are running as. **If the host is remote you must provide a username.** ##### `run_as` -Specifies the user to run the `psql` command with for authenticiation as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. + +Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. ##### `sleep` -Sets the number of seconds to sleep for before trying again upon failure. + +Sets the number of seconds to sleep for before trying again after a failure. ##### `tries` -Sets the number of attempts before giving up and failing the resource upon failure. + +Sets the number of attempts after failure before giving up and failing the resource. ### Types #### postgresql_psql + Enables Puppet to run psql statements. ##### `command` + **Required.** Specifies the SQL command to execute via psql. ##### `cwd` + Specifies the working directory under which the psql command should be executed. Default: '/tmp'. ##### `db` + Specifies the name of the database to execute the SQL command against. ##### `environment` + Specifies any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. ##### `name` + Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. ##### `port` + Specifies the port of the database server to execute the SQL command against. ##### `psql_group` + Specifies the system user group account under which the psql command should be executed. Default: 'postgres'. ##### `psql_path` + Specifies the path to psql executable. Default: 'psql'. ##### `psql_user` -Specifies the system user account under which the psql command should be executed. Default: "postgres". + +Specifies the system user account under which the psql command should be executed. Default: 'postgres'. ##### `refreshonly` -Specifies that the SQL will only be executed via a notify/subscribe event if `true`. Default: `false`. + +Specifies whether to execute the SQL only if there is a notify or subscribe event. Valid values: true, false. Default: false. ##### `search_path` + Defines the schema search path to use when executing the SQL command. ##### `unless` -Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. +Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. #### postgresql_conf + Allows Puppet to manage `postgresql.conf` parameters. ##### `name` -Specifies the PostgreSQL parameter name to manage. This is the `namevar`. + +Specifies the PostgreSQL parameter name to manage. This is the namevar. ##### `target` + Specifies the path to `postgresql.conf`. Default: '/etc/postgresql.conf'. ##### `value` -Specifies the value to set for this parameter. +Specifies the value to set for this parameter. #### postgresql_replication_slot + Allows you to create and destroy replication slots to register warm standby replication on a PostgreSQL master server. ##### `name` + Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. ### Functions #### postgresql_password -If you need to generate a postgres encrypted password, use `postgresql_password`. You can call it from your production manifests if you don't mind them containing the clear text versions of your passwords, or you can call it from the command line and then copy and paste the encrypted password into your manifest: - puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' +Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it from the command line and then copy and paste the encrypted password into your manifest: +```puppet +puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' +``` + +Alternatively, you can call this from your production manifests, but the manifests will then contain a clear text version of your passwords. #### postgresql_acls_to_resources_hash(acl_array, id, order_offset) + This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. **This function should only be used internally by the module**. - ## Limitations -Works with versions of PostgreSQL from 8.1 through 9.4. +Works with versions of PostgreSQL from 8.1 through 9.5. -Currently it is only actively tested with the following operating systems: +Currently, the postgresql module is tested on the following operating systems: -* Debian 6.x and 7.x. +* Debian 6.x, 7.x, 8.x. * Centos 5.x, 6.x, and 7.x. * Ubuntu 10.04 and 12.04, 14.04. -Several other distros are compatible, but are not being actively tested. - +Other systems might be compatible, but are not being actively tested. ### Apt module support @@ -1166,8 +1346,9 @@ Postgis is currently considered an unsupported feature, as it doesn't work on al If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: - - semanage port -a -t postgresql_port_t -p tcp $customport +``` +semanage port -a -t postgresql_port_t -p tcp $customport +``` ## Development @@ -1184,32 +1365,34 @@ For unit testing, make sure you have: Install the necessary gems: - bundle install --path=vendor +``` +bundle install --path=vendor +``` And then run the unit tests: - bundle exec rake spec +``` +bundle exec rake spec +``` -The unit tests are run in Travis-CI as well, if you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your Github clone of this project. +The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your Github clone of this project. -If you want to run the system tests, make sure you also have: +To run the system tests, make sure you also have: * vagrant > 1.2.x * Virtualbox > 4.2.10 Then run the tests using: - bundle exec rspec spec/acceptance +``` +bundle exec rspec spec/acceptance +``` To run the tests on different operating systems, see the sets available in `.nodeset.yml` and run the specific set with the following syntax: - RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance - -### Transfer Notice - -This Puppet module was originally authored by Inkling Systems. The maintainer preferred that Puppet Labs take ownership of the module for future improvement and maintenance as Puppet Labs is using it in the PuppetDB module. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Inkling. - -Previously: [https://github.com/inkling/puppet-postgresql](https://github.com/inkling/puppet-postgresql) +``` +RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance +``` ### Contributors From 355376989d11bd0daf5d8365dba8a817514ebe05 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 29 Jan 2016 14:23:39 -0800 Subject: [PATCH 0057/1000] Whoops --- .../provider/postgresql_conf/.parsed.rb.swp | Bin 12288 -> 0 bytes .../postgresql_conf/.parsed_spec.rb.swp | Bin 20480 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 lib/puppet/provider/postgresql_conf/.parsed.rb.swp delete mode 100644 spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp diff --git a/lib/puppet/provider/postgresql_conf/.parsed.rb.swp b/lib/puppet/provider/postgresql_conf/.parsed.rb.swp deleted file mode 100644 index 5a5c1706197753c54dde9546ab79fb4e15412f2e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeI2&u`pB6vwB9Q)mIvD~FfeP}|AYPAOH9C3i0f1QMtckjrke^4hbTA>OfLkGn0| zfW!rHg)xGL)$S+=RS3j#AdT*ssIpb0l-aO5Zys1!L zR%RJjNjNTUWND$MIWLYAFA?Kr#mn;azKD75Etf}8DkokR<^_-4eB4GcS3|%MI7gsV zlN)bdWw&0xxvST@olUy-%E#x-%!DCe2p9r}fFWQA7y^cXAz%pne+j7U68jwKU2am` zZmyTkT$_*PVh9)lhJYbp2p9r}fFWQA7y^cXAz%m?0{=k*Va(XA4aS~8`v3p!-~W$a zV(bz0BlI0Khu(v3L%Y!P&~wn^7a98*`U(0LQqUfB4SI5wu|J^ip)a9Npb_*A6hIr$ zuU8oR1^OBi&`pS--(O(t8|W+O3n+$s=rZ&d&iZF_=D+p1%`gNE0YktLFa!(%L%LgC3lAOm? zQgr<~ZMHM~xD1o^eIT?x(fOB-)?!efEPVM;K-Nltpn5Fpc+b;qHmti0G>CfVEL72< z?H$-cMoAg-MROgA$%sD?g({paPqc(uH#Ludkh1&K!(bQ>-Tj@#aK3{*?G{~2)C`y- z3B<08shQ_VQw7@UjESq#QCm!6vfS#5Vifl656~%{i>Qr-Iux@k;Z-@xDTOj7S(|9b zB`*jWSc>#BC6&^c6Gz@DdZbCnwsxy?`G}kd$>|vd=~p@HHt{P&#KOVRt<9= zrFmQ*)2~~-d-}yy{DEp_$4MxUdeoe_J?@sbZq+zFXV>+#yOZj`%~b0SR2o zW^-3Jo4Xz6fG;-S_z71JGp>{KCrPOEWXvaFnW&Kp^C^5`$?~|0R(jSeH2b$h)ztnrVzj1sem&M2euTiTj&4^!R_bo~svX{On?`w?u^ex($T?Yc PbNxySedS$eV6lGy(=6LT diff --git a/spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp b/spec/unit/provider/postgresql_conf/.parsed_spec.rb.swp deleted file mode 100644 index 60e548411734b5f743c6ad039f2f59c8ae1e4b7a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20480 zcmeI3Ta4V)8OKivCE*f6KwMf0I5>c3NirADeUn`ku`i$^5SQ>k+QBhOE$EM z&O|?XZ66(t5r^@VknTKc9W=*x9dcB$qu(NH=s{=8F@venCuCTD;wZk5Bc~Cg%`6mh;n-}_Fzt6a1t_FwuUcfs(3)Y=N&}Z#J=!)~cw_#h% zFAUGN+Mc^s=$n4Ptd=O5_gCee)K)2=6c|w;ak76n*{+P8-<9msWb2Kc zPj=NtDWDWk3Md7X0!jg;fKosypcGIFC;~^&NyzJ99a!Ko&;k#Fd%-Wk5pWy08QcUu-b=`vAOtspYr$S{ z1^Dm^LjDAP0UDqP3V?t&E=PS}1snxOzzyKT%LsWHya@gXo&z>G2tL1*kWaw};C=8G z*aSC&>%l&7C3p|MzW^Gb2y#H^aXYvPTn895I(rEruY$jTm%)qR90 z5L^OY!?EYV@4=Jc3Gi!h4cG$+_!@zg|AKeGL!b-}f&)MUA0x2x0MNkC!PQ_tcozYi z`vC7&Dr#;)XXpd=0d3Fl<7(6GlHuBtSIkwAkrx#tb$Cj42 z)TSMxiyNjBigR~}ownB#DI!bDdb)lcXMEQ7e5=Jb`zX8^=YP;M3k$djW$U@f0ywE9 zP6mwA!0z=OMn%Gi-3fh@+n!6=26O32n|EumhR=^D520U|2+s!*(rv;~5maJ}x zmWst*FrNZ+X_;y>>l+9nit16-!uiBhanQA$Q8mQDbI>D_qR)KWv(P4}cu*OFOl}hM zDX^_Ju*KDLdGNEH()Fw+OczB{hW+9ZjW)(r$8=9*w8glLs3N1i>7%dK{C16AH)16^ z1&ZIK7yLAh-_6Vd%i5abnS9VdmzIruz0@#%@P!Rr+^AHW#Y)vESIf1c(WqDIBh?9m zM-HUBro{5B^LS#D4WE4fQn_l>YDT45uUG3vrCw~7Yt3e}+N{yUpRI62tdgT!PKQ>MFC`-%fmu$q~dBlgfCrzhyg0X%p zV4WztFV#Y{vLW^coqGCS<2`wFZ?w^|AtdVP<56VmtuPqj4pYYf({a3$)D3&9%nvB< z`d--SMt#2*@^~1`cp2r}v8*M-W!kwod6AvszPXcLCU>Ig>N8xFWBKep4$dT97(LEs z^cK+oD@U9&b3B)=)lIcGdYsghV=v7a3-cPilNOKFHLtmurcRpXpu@*IFnN}vrDr*! z*yz9_XE}2`gONdb+B7ZG&t%4AyEYX~h33lHk7v6+pJOLLDNIYvNu{sTy8+qewm3IO z+xwB7+ZoTIW=bh0_if)^WtbCBnh5i*i79ftBtW64vt*WR;&QGqn9HM0@C{^Lqb-_i zocVN-neA>eb&gA~vNg|V$)UL8ke5d-SnlLace7=?0XN+?%LhDM%`I}%?=ZfAQ&!7o zJoMdY-o9o#EV@=q;>8ZSeBSGezr>@->BGeEyeOi_OBZ=3lom%@ZO06PygZsqrps~J zVF8rBKT1enTzm-2jJ#NDpzI(qJxV;Gr4j@HFG8|#0XtQ()k z`o05N;1O^PkHo8u z?OiljfyYtH^B??6MZKiKayu)k83!w|64{QOKfL0MsQr1XI7bKHgl0x(=Zzjtjcmj* zz~~+su|9lJ$GWH7F5fF_Q%v(dL z@@w2sdJ(&om!=%pPS|#f@X1$3_qd*fSY-e<<3pqAx4ZTR!*aRTLl6L-=zg&2wrSYc z=l5u=mb6o{HgRmOi1akqk`Ji8(BZcDzKH+LZe@K&l|fxS71iB_TRRke9(p9!|9N}^ z{|<=t|KVh45#Rn_1&@Ob;DR1l0bgOg{}lKQ;J^hva1>k*-o{%074Q;x0Xz>pa4Yy3 z*bgoRd%y=+>oc$dj)Dph@qjO}{%?aaI0y~^4Sa%lfC)-q0o(#8i0r?RhDGIzQa~x7 z6i^B%1(X6xf%BpO#ZM&!s)WFa--T5|pm;ql?1aG46rbU;FzFc5NwhK%XqdW~&MXig z&xg6SV<`p5!IiO#IAk|Df{`RyZ8JGmD Date: Fri, 29 Jan 2016 16:20:20 -0700 Subject: [PATCH 0058/1000] Schedule apt update after install of repo --- manifests/repo/apt_postgresql_org.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 1487e2cf85..60ac2b1042 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -19,4 +19,5 @@ } Apt::Source['apt.postgresql.org']->Package<|tag == 'postgresql'|> + Class['Apt::Update'] -> Package<|tag == 'postgresql'|> } From d71e3f754d92f3e3cc6bbe6db2a5ba131cd366fb Mon Sep 17 00:00:00 2001 From: Brett Maton Date: Fri, 29 Jan 2016 11:14:47 +0000 Subject: [PATCH 0059/1000] Fix password change failing postgres db user password change failing when postgres is listening on non standard port number. --- manifests/server/passwd.pp | 1 + spec/unit/classes/server_spec.rb | 1 + 2 files changed, 2 insertions(+) diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index 358a044ea4..ba50098196 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -22,6 +22,7 @@ cwd => '/tmp', environment => [ "PGPASSWORD=${postgres_password}", + "PGPORT=${port}", "NEWPASSWD_ESCAPED=${escaped}", ], # With this command we're passing -h to force TCP authentication, which diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index bd56193f1f..14891fe5f5 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -45,6 +45,7 @@ 'user' => 'postgres', 'environment' => [ "PGPASSWORD=new-p@s$word-to-set", + "PGPORT=5432", "NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$" ], 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null", From 9004ad574704dd34fe361fd7fe788a03c395ff33 Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Mon, 1 Feb 2016 14:35:15 +0000 Subject: [PATCH 0060/1000] Changelog, metadata and nodeset update for 4.7.0 --- CHANGELOG.md | 33 +++++++++++++++++++ metadata.json | 5 +-- .../nodesets/debian-8-x86-vcloud.yml | 16 +++++++++ 3 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 spec/acceptance/nodesets/debian-8-x86-vcloud.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index b904bc6a56..edd4ff25d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,36 @@ +## Supported Release 4.7.0 +### Summary +A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. + +#### Features +- Remote DB support - Connection-settings allows a hash of options that can be used when connecting to a remote DB. +- Debian 8 support. +- Updated systemd-override to support fedora and CentOS paths. +- Adds the ability to define the extension name separately from the title of the resource, which allows you to add the extension to more than one database. +- Added parameter to disable automatic service restarts on config changes. +- Ubuntu 15.10 compatibility. +- OpenBSD version is now 9.4. +- Added .gitattributes to maintain line endings for .sh and .rb files. +- Adds default postgis version for 9.5. +- Allows float postgresql_conf values. +- Schedule apt update after install of repo. + +#### Bugfixes +- Fixed systemd-override for RedHat systems with unmanaged Yum repos. +- Removed inherits postgresql::params. +- Multi-node tests are now not ran by default. +- Change apt::pin to apt_postgresql_org to prevent error message. +- Removed syntax error near UTF8. +- Removal of extra blanks and backslashes in README. +- Double quotes now used around database name to prevent syntax error. +- Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. +- Removed inherits postgresql::params. +- Fixed paths to work on Amazon Linux. +- Fixed quotes around locale options. +- Huge README update. +- Update to use current msync configs. +- Fixes postgresql::server acceptance test descriptions. + ## Supported Release 4.6.1 ###Summary diff --git a/metadata.json b/metadata.json index 5d9bf48222..025c28135c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.6.1", + "version": "4.7.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -49,7 +49,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "6", - "7" + "7", + "8" ] }, { diff --git a/spec/acceptance/nodesets/debian-8-x86-vcloud.yml b/spec/acceptance/nodesets/debian-8-x86-vcloud.yml new file mode 100644 index 0000000000..4c116bcebb --- /dev/null +++ b/spec/acceptance/nodesets/debian-8-x86-vcloud.yml @@ -0,0 +1,16 @@ +HOSTS: + 'debian-8-vcloud': + roles: + - master + platform: debian-8-x86 + hypervisor: vcloud + template: debian-8-i386 +CONFIG: + type: foss + ssh: + keys: "~/.ssh/id_rsa-acceptance" + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + From 5354d0f1eadfc676c783a29b611793e05fe66d5a Mon Sep 17 00:00:00 2001 From: James Sweeny Date: Thu, 28 Jan 2016 15:14:04 -0500 Subject: [PATCH 0061/1000] (MODULES-3024) Quote database objects when creating databases Prior to this commit, when creating databases with a name or owner that has characters which must be quoted (e.g., "pe-postgres"), the postgresql::server::database define fails due to a SQL syntax error. --- manifests/server/database.pp | 8 ++++---- spec/acceptance/db_spec.rb | 18 +++++++++--------- spec/unit/defines/server/database_spec.rb | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index f1adf646b7..fab12b53ae 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -55,7 +55,7 @@ $template_option = $template ? { undef => '', - default => "TEMPLATE=${template}", + default => "TEMPLATE=\"${template}\"", } $encoding_option = $encoding ? { @@ -65,7 +65,7 @@ $tablespace_option = $tablespace ? { undef => '', - default => "TABLESPACE=${tablespace}", + default => "TABLESPACE=\"${tablespace}\"", } if $createdb_path != undef{ @@ -73,7 +73,7 @@ } postgresql_psql { "Create db '${dbname}'": - command => "CREATE DATABASE \"${dbname}\" WITH OWNER=${owner} ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", db => $default_db, require => Class['postgresql::server::service'] @@ -99,7 +99,7 @@ default => 'shobj_description', } Postgresql_psql[ "Create db '${dbname}'" ]-> - postgresql_psql {"COMMENT ON DATABASE ${dbname} IS '${comment}'": + postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, } diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 643511967e..5c62237d35 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -8,14 +8,14 @@ class { 'postgresql::server': postgres_password => 'space password', } - postgresql::server::tablespace { 'postgresql_test_db': + postgresql::server::tablespace { 'postgresql-test-db': location => '#{tmpdir}', } -> - postgresql::server::db { 'postgresql_test_db': + postgresql::server::db { 'postgresql-test-db': comment => 'testcomment', - user => 'test', + user => 'test-user', password => 'test1', - tablespace => 'postgresql_test_db', + tablespace => 'postgresql-test-db', } EOS @@ -27,12 +27,12 @@ class { 'postgresql::server': shell("chmod 600 /root/.pgpass") shell("psql -U postgres -h localhost --command='\\l'") - psql('--command="select datname from pg_database" postgresql_test_db') do |r| - expect(r.stdout).to match(/postgresql_test_db/) + psql('--command="select datname from pg_database" "postgresql-test-db"') do |r| + expect(r.stdout).to match(/postgresql-test-db/) expect(r.stderr).to eq('') end - psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test\'"') do |r| + psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') do |r| expect(r.stdout).to match(/\(1 row\)/) end @@ -43,11 +43,11 @@ class { 'postgresql::server': else comment_information_function = "obj_description" end - psql("--dbname postgresql_test_db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql_test_db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") do |r| + psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") do |r| expect(r.stdout).to match(/\(1 row\)/) end ensure - psql('--command="drop database postgresql_test_db" postgres') + psql('--command="drop database "postgresql-test-db" postgres') psql('--command="DROP USER test"') end end diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 16564d76bd..439623ebcf 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -27,7 +27,7 @@ let (:params) {{ :comment => 'test comment', :connect_settings => {} }} - it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE test IS 'test comment'").with_connect_settings( {} ) } + it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE \"test\" IS 'test comment'").with_connect_settings( {} ) } end context "with specific db connection settings - default port" do From 810448afa0af3d3da61c4c8c90d45d5f780da76f Mon Sep 17 00:00:00 2001 From: Farzad FARID Date: Mon, 1 Feb 2016 19:27:22 +0100 Subject: [PATCH 0062/1000] Escape case where password ends with '$'. postgresql_escape returned an invalid string if the password end in '$': postgres=# alter role "postgres" password $$foo$$$; ERROR: syntax error at or near "$" LINE 1: alter role "postgres" password $$foo$$$; --- lib/puppet/parser/functions/postgresql_escape.rb | 4 ++-- spec/unit/functions/postgresql_escape_spec.rb | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/puppet/parser/functions/postgresql_escape.rb b/lib/puppet/parser/functions/postgresql_escape.rb index 4089a4e94d..1ec11b8579 100644 --- a/lib/puppet/parser/functions/postgresql_escape.rb +++ b/lib/puppet/parser/functions/postgresql_escape.rb @@ -11,7 +11,7 @@ module Puppet::Parser::Functions password = args[0] - if password !~ /\$\$/ + if password !~ /\$\$/ and password[-1] != '$' retval = "$$#{password}$$" else escape = Digest::MD5.hexdigest(password)[0..5].gsub(/\d/,'') @@ -20,6 +20,6 @@ module Puppet::Parser::Functions end retval = "$#{escape}$#{password}$#{escape}$" end - retval + retval end end diff --git a/spec/unit/functions/postgresql_escape_spec.rb b/spec/unit/functions/postgresql_escape_spec.rb index f7eec6a83f..b4c9488a26 100644 --- a/spec/unit/functions/postgresql_escape_spec.rb +++ b/spec/unit/functions/postgresql_escape_spec.rb @@ -8,3 +8,7 @@ it { is_expected.to run.with_params('fo$$o'). and_return('$ed$fo$$o$ed$') } end +describe 'postgresql_escape', :type => :puppet_function do + it { is_expected.to run.with_params('foo$'). + and_return('$a$foo$$a$') } +end From 7e27a989c03b3635c5bcba811ba67101888aacce Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Tue, 2 Feb 2016 10:51:20 -0800 Subject: [PATCH 0063/1000] Fix quoting --- spec/acceptance/db_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 5c62237d35..449c4b0fe2 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -47,7 +47,7 @@ class { 'postgresql::server': expect(r.stdout).to match(/\(1 row\)/) end ensure - psql('--command="drop database "postgresql-test-db" postgres') + psql('--command=\'drop database "postgresql-test-db" postgres\'') psql('--command="DROP USER test"') end end From baa90be132c9a0c0416f57f4c2906394f0f6c627 Mon Sep 17 00:00:00 2001 From: Brandon Weeks Date: Mon, 1 Feb 2016 10:27:21 -0800 Subject: [PATCH 0064/1000] Allow puppetlabs-concat 2.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 5d9bf48222..2a0dda7aef 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <2.0.0"} + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} ], "operatingsystem_support": [ { From feb7f05271454713ae6efdbe095b0d34b6c8c2dc Mon Sep 17 00:00:00 2001 From: Shawn Sterling Date: Wed, 3 Feb 2016 16:05:56 -0800 Subject: [PATCH 0065/1000] amazon linux defaults to postgresql92 now, this workaround will let it install --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 667c2115d4..aa5eef74ab 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -30,7 +30,7 @@ $version_parts = split($version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" - if $version == $postgresql::globals::default_version { + if $version == $postgresql::globals::default_version and $::operatingsystem != 'Amazon' { $client_package_name = pick($client_package_name, 'postgresql') $server_package_name = pick($server_package_name, 'postgresql-server') $contrib_package_name = pick($contrib_package_name,'postgresql-contrib') From 58f3f13762f794f731f57bdc07d4e362ef620367 Mon Sep 17 00:00:00 2001 From: Martijn Storck Date: Thu, 4 Feb 2016 11:04:14 +0100 Subject: [PATCH 0066/1000] Fix markdown error in README --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 13c1fdc2d9..4b6eca420a 100644 --- a/README.md +++ b/README.md @@ -1094,6 +1094,7 @@ Sets the hash to use during password creation. If the password is not already pr postgresql::server::role { "myusername": password_hash => postgresql_password('myusername', 'mypassword'), } +``` ##### `replication` From dc62d48a5bcebc4b6e61d48754ed719d50827ba0 Mon Sep 17 00:00:00 2001 From: Andreas Ntaflos Date: Tue, 9 Feb 2016 17:42:53 +0100 Subject: [PATCH 0067/1000] Correctly set $service_provider The `$service_provider` variable in params.pp is user-definable via `postgresql::globals::service_provider`. Thus params.pp should reference that variable correctly, like other variables from globals.pp. --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 667c2115d4..66c8f11800 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -14,7 +14,7 @@ $service_enable = true $service_manage = true $service_restart_on_change = true - $service_provider = $service_provider + $service_provider = $postgresql::globals::service_provider $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) From 8db810e2686ce8552beec2e49cd318dd47b3d9d8 Mon Sep 17 00:00:00 2001 From: Gerlof Fokkema Date: Sun, 7 Feb 2016 04:06:10 +0100 Subject: [PATCH 0068/1000] $service_provider statement doesn't seem to do anything. The cause turned out to be a misconfigured setting for OS type Archlinux. --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 667c2115d4..d54db12a79 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -112,7 +112,7 @@ $psql_path = pick($psql_path, "${bindir}/psql") $service_status = $service_status - $service_reload = "service ${service_name} reload" + $service_reload = "systemctl reload ${service_name}" $python_package_name = pick($python_package_name, 'python-psycopg2') # Archlinux does not have a perl::DBD::Pg package $perl_package_name = pick($perl_package_name, 'undef') From a690089f89de6f388162ee79ca967503679fd58e Mon Sep 17 00:00:00 2001 From: Aselinux Date: Fri, 12 Feb 2016 01:27:02 +0000 Subject: [PATCH 0069/1000] postgres server init script naming on amazon linux ami On current amazon linux ami (details below), and open puppet (details below), the postgres module (installed as part of puppetlabs/puppetdb) currently, tries to start postgressql server with /etc/init.d/postgresql9.4 , while the init script doesn't have the dot in the version number, so it needs to use /etc/init.d/postgresql94 From what I see in all available postgresql server rpms, currently on amazon linux ami, seems all the init scripts of postgresql doesn't have a dot in the suffix version number. Supporting info: [root@puppet ~]# yum list postgres* | grep 'server\.'; postgresql94-server.x86_64 9.4.5-1.63.amzn1 @amzn-updates postgresql8-server.x86_64 8.4.20-4.51.amzn1 amzn-updates postgresql92-server.x86_64 9.2.14-1.56.amzn1 amzn-updates postgresql93-server.x86_64 9.3.10-1.60.amzn1 amzn-updates for i in postgresql8-server.x86_64 postgresql92-server.x86_64 postgresql93-server.x86_64 postgresql94-server.x86_64; do echo $i; repoquery -l $i | grep init.d; done postgresql8-server.x86_64 /etc/rc.d/init.d/postgresql postgresql92-server.x86_64 /etc/rc.d/init.d/postgresql92 postgresql93-server.x86_64 /etc/rc.d/init.d/postgresql93 postgresql94-server.x86_64 [root@puppet ~]# puppet --version 4.3.2 [root@puppet ~]# rpm -qa | grep puppet | grep server puppetserver-2.2.1-1.el6.noarch [root@puppet ~]# [root@puppet ~]# cat /etc/os-release NAME="Amazon Linux AMI" VERSION="2015.09" ID="amzn" ID_LIKE="rhel fedora" VERSION_ID="2015.09" PRETTY_NAME="Amazon Linux AMI 2015.09" ANSI_COLOR="0;33" CPE_NAME="cpe:/o:amazon:linux:2015.09:ga" HOME_URL="http://aws.amazon.com/amazon-linux-ami/" [root@puppet ~]# [root@puppet ~]# cat /etc/system-release Amazon Linux AMI release 2015.09 --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 66c8f11800..5c549278dc 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -56,7 +56,7 @@ $plperl_package_name = pick($plperl_package_name, "postgresql${package_version}-plperl") $plpython_package_name = pick($plpython_package_name, "postgresql${package_version}-plpython") $service_name = $::operatingsystem ? { - 'Amazon' => pick($service_name, "postgresql${version}"), + 'Amazon' => pick($service_name, "postgresql${version_parts[0]}${version_parts[1]}"), default => pick($service_name, "postgresql-${version}"), } $bindir = $::operatingsystem ? { From cddfd664807314e2bc37d549860ea9d719df45c8 Mon Sep 17 00:00:00 2001 From: jbondpdx Date: Fri, 12 Feb 2016 15:44:27 -0800 Subject: [PATCH 0070/1000] correcting formatting error in README --- README.md | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 4b6eca420a..5f26abdf93 100644 --- a/README.md +++ b/README.md @@ -229,13 +229,14 @@ postgresql::server::pg_ident_rule{ 'Map the SSL certificate of the backup server system_username => 'repli1.example.com', database_username => 'replication', } +``` This would create a user name map in `pg_ident.conf` similar to: ``` -# Rule Name: Map the SSL certificate of the backup server as a replication user -# Description: none -# Order: 150 +#Rule Name: Map the SSL certificate of the backup server as a replication user +#Description: none +#Order: 150 sslrepli repli1.example.com replication ``` @@ -280,10 +281,9 @@ recovery_min_apply_delay = 0 Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. - ### Validate connectivity -To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql::validate_db_connection` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. +To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql::validate_db_connection` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. Example usage: @@ -299,11 +299,11 @@ exec { 'rake db:migrate': } ``` - ## Reference +## Reference The posgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. -Classes: +**Classes:** * [postgresql::client](#postgresqlclient) * [postgresql::globals](#postgresqlglobals) @@ -316,7 +316,7 @@ Classes: * [postgresql::server::contrib](#postgresqlservercontrib) * [postgresql::server::postgis](#postgresqlserverpostgis) -Defined Types: +**Defined Types:** * [postgresql::server::config_entry](#postgresqlserverconfig_entry) * [postgresql::server::database](#postgresqlserverdatabase) @@ -332,13 +332,13 @@ Defined Types: * [postgresql::server::tablespace](#postgresqlservertablespace) * [postgresql::validate_db_connection](#postgresqlvalidate_db_connection) -Types: +**Types:** * [postgresql_psql](#custom-resource-postgresql_psql) * [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) * [postgresql_conf](#custom-resource-postgresql_conf) -Functions: +**Functions:** * [postgresql_password](#function-postgresql_password) * [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) @@ -367,7 +367,7 @@ Specifies the path to validate the connection script. Default: '/usr/local/bin/v Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. ->**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_name` @@ -379,7 +379,7 @@ Whether the PostgreSQL docs package resource should be present. Valid values: 'p #### postgresql::globals ->**Note:** Most server-specific defaults should be overriden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. +**Note:** Most server-specific defaults should be overriden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. ##### `bindir` @@ -405,7 +405,7 @@ Overrides the default PostgreSQL contrib package name. Default: OS dependent. Overrides the default PostgreSQL data directory for the target platform. Default: OS dependent. ->**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). +**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). **Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. @@ -545,11 +545,11 @@ Overrides the `ensure` parameter during package installation. Defaults to `prese Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. -####postgresql::lib::java +#### postgresql::lib::java Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install. ->**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_ensure` @@ -583,7 +583,7 @@ Specifies the name of the postgresql PL/Python package. Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. -####postgresql::lib::python +#### postgresql::lib::python Installs PostgreSQL Python libraries. @@ -595,7 +595,7 @@ Specifies whether the package is present. Valid values: 'present', 'absent'. Def The name of the PostgreSQL Python package. -####postgresql::server +#### postgresql::server ##### `createdb_path` @@ -1108,7 +1108,6 @@ Specifies whether to grant super user capability for the new role. Default: fals Defines the username of the role to create. Defaults to the namevar. - #### postgresql::server::schema Creates a schema. From abd6c6fe078854d8fa27e3fe0fb1c8eb4b827a41 Mon Sep 17 00:00:00 2001 From: icetrain Date: Mon, 15 Feb 2016 13:11:26 +0100 Subject: [PATCH 0071/1000] Add missing onlyif_function to sequence grant code --- manifests/server/grant.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 447ba186df..2227915ea6 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -96,11 +96,13 @@ validate_string($unless_privilege,'USAGE','ALL','ALL PRIVILEGES') $unless_function = 'has_sequence_privilege' $on_db = $db + $onlyif_function = undef } 'ALL SEQUENCES IN SCHEMA': { validate_string($_privilege,'USAGE','ALL','ALL PRIVILEGES') $unless_function = 'custom' $on_db = $db + $onlyif_function = undef $schema = $object_name @@ -247,4 +249,4 @@ if($db != undef and defined(Postgresql::Server::Database[$db])) { Postgresql::Server::Database[$db]->Postgresql_psql["grant:${name}"] } -} \ No newline at end of file +} From 8ce25cc6f337be42e4db23dac33b16383df39118 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Tue, 16 Feb 2016 16:01:03 +0000 Subject: [PATCH 0072/1000] (FM-4046) Update to current msync configs [006831f] This moves all copyright statements to the NOTICE file in accordance with the ASFs guidelines on applying the Apache-2.0 license. --- .gitattributes | 5 ++++- .gitignore | 1 + .travis.yml | 1 + Gemfile | 39 +++++++++++++++------------------------ LICENSE | 2 +- NOTICE | 23 +++++++++++++++++++---- Rakefile | 31 +++++++++++++++++++++++++++++++ spec/spec_helper.rb | 1 + 8 files changed, 73 insertions(+), 30 deletions(-) diff --git a/.gitattributes b/.gitattributes index e1fb344e08..900ea0cbb5 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,5 @@ -*.sh eol=lf +#This file is generated by ModuleSync, do not edit. *.rb eol=lf +*.erb eol=lf +*.pp eol=lf +*.sh eol=lf diff --git a/.gitignore b/.gitignore index 3190277498..dd126f2fb2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +#This file is generated by ModuleSync, do not edit. pkg/ Gemfile.lock vendor/ diff --git a/.travis.yml b/.travis.yml index e6314a4700..588fb5b002 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,3 +1,4 @@ +#This file is generated by ModuleSync, do not edit. --- sudo: false language: ruby diff --git a/Gemfile b/Gemfile index ced190e770..e490bc9b98 100644 --- a/Gemfile +++ b/Gemfile @@ -1,12 +1,14 @@ +#This file is generated by ModuleSync, do not edit. + source ENV['GEM_SOURCE'] || "https://rubygems.org" -def location_for(place, fake_version = nil) +def location_for(place, version = nil) if place =~ /^(git[:@][^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact + [version, { :git => $1, :branch => $2, :require => false}].compact elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] + ['>= 0', { :path => File.expand_path($1), :require => false}] else - [place, { :require => false }] + [place, version, { :require => false}].compact end end @@ -20,29 +22,18 @@ group :development, :unit_tests do gem 'simplecov', :require => false end group :system_tests do + gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') + gem 'beaker', *location_for(ENV['BEAKER_VERSION']) + gem 'serverspec', :require => false gem 'beaker-puppet_install_helper', :require => false - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end gem 'master_manipulator', :require => false - gem 'serverspec', :require => false + gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) end -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end +gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) +gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end -# vim:ft=ruby +if File.exists? "#{__FILE__}.local" + eval(File.read("#{__FILE__}.local"), binding) +end diff --git a/LICENSE b/LICENSE index 7a29c73c87..d645695673 100644 --- a/LICENSE +++ b/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2013 Puppet Labs + Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/NOTICE b/NOTICE index c01b4637bc..295ce296de 100644 --- a/NOTICE +++ b/NOTICE @@ -1,8 +1,8 @@ -Puppetlabs postgresql module +postgresql puppet module -Copyright 2012 Inkling Systems Inc -Copyright 2012-2013 Puppet Labs Inc -Copyright 2012-2013 Camptocamp SA. +Copyright (C) 2012-2016 Puppet Labs, Inc. +Copyright (C) 2012 Inkling Systems Inc +Copyright (C) 2012-2013 Camptocamp SA. This product includes software developed by: The Puppet Labs Inc (http://www.puppetlabs.com/). @@ -12,3 +12,18 @@ This product includes also software developed by: This product includes also software developed by: Inkling Systems Inc (https://www.inkling.com/) + +Puppet Labs can be contacted at: info@puppetlabs.com + + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/Rakefile b/Rakefile index 35ce31140e..7e9a13d5df 100644 --- a/Rakefile +++ b/Rakefile @@ -9,3 +9,34 @@ PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.send('disable_documentation') PuppetLint.configuration.send('disable_single_quote_string_with_variables') PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] + +desc 'Generate pooler nodesets' +task :gen_nodeset do + require 'beaker-hostgenerator' + require 'securerandom' + require 'fileutils' + + agent_target = ENV['TEST_TARGET'] + if ! agent_target + STDERR.puts 'TEST_TARGET environment variable is not set' + STDERR.puts 'setting to default value of "redhat-64default."' + agent_target = 'redhat-64default.' + end + + master_target = ENV['MASTER_TEST_TARGET'] + if ! master_target + STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' + STDERR.puts 'setting to default value of "redhat7-64mdcl"' + master_target = 'redhat7-64mdcl' + end + + targets = "#{master_target}-#{agent_target}" + cli = BeakerHostGenerator::CLI.new([targets]) + nodeset_dir = "tmp/nodesets" + nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" + FileUtils.mkdir_p(nodeset_dir) + File.open(nodeset, 'w') do |fh| + fh.print(cli.execute) + end + puts nodeset +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index a7f5b4ecb3..22d5d689f4 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,4 @@ +#This file is generated by ModuleSync, do not edit. require 'puppetlabs_spec_helper/module_spec_helper' # put local configuration and setup into spec_helper_local From e06fc02731fc737de3b334f194798ccdf1ea554d Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Wed, 17 Feb 2016 12:54:02 -0700 Subject: [PATCH 0073/1000] Revert "Add postgresql_version fact" --- lib/facter/postgresql_version.rb | 8 -------- spec/unit/postgresql_version_spec.rb | 19 ------------------- 2 files changed, 27 deletions(-) delete mode 100644 lib/facter/postgresql_version.rb delete mode 100644 spec/unit/postgresql_version_spec.rb diff --git a/lib/facter/postgresql_version.rb b/lib/facter/postgresql_version.rb deleted file mode 100644 index 605479e2fd..0000000000 --- a/lib/facter/postgresql_version.rb +++ /dev/null @@ -1,8 +0,0 @@ -Facter.add(:postgresql_version) do - setcode do - if Facter::Util::Resolution.which('psql') - postgresql_version = Facter::Util::Resolution.exec('psql -V 2>&1') - %r{^psql \(PostgreSQL\) ([\w\.]+)}.match(postgresql_version)[1] - end - end -end diff --git a/spec/unit/postgresql_version_spec.rb b/spec/unit/postgresql_version_spec.rb deleted file mode 100644 index efe45096ef..0000000000 --- a/spec/unit/postgresql_version_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'spec_helper' - -describe Facter::Util::Fact do - before do - Facter.clear - end - - describe 'postgresql_version' do - context 'with value' do - before :each do - allow(Facter::Util::Resolution).to receive(:which).with('psql').and_return(true) - allow(Facter::Util::Resolution).to receive(:exec).with('psql -V 2>&1').and_return('psql (PostgreSQL) 9.4.5') - end - it do - expect(Facter.fact(:postgresql_version).value).to eq('9.4.5') - end - end - end -end From 0d4e9327f4a0109d86aef679456b2a223237439a Mon Sep 17 00:00:00 2001 From: Bryan Jen Date: Wed, 17 Feb 2016 17:53:42 -0700 Subject: [PATCH 0074/1000] Release prep for 4.7.1. --- CHANGELOG.md | 16 ++++++++++++++++ metadata.json | 3 ++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index edd4ff25d0..4325ee2350 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +## Supported Release 4.7.1 +### Summary +This release contains some bugfixes and documentation updates. + +#### Bugfixes +- (MODULES-3024) Quote database objects when creating databases. +- Properly escape case where password ends with '$'. +- Fixes password change when postgres is configure to non-standard port. +- Unpins concat dependency to be able to use concat 2.x. +- Workaround to fix installing on Amazon Linux. +- Fixes proper defaulting of `$service_provider` parameter. +- Fixes postgres server init script naming on Amazon Linux. +- Fixes service reload parameter on Arch Linux. +- Adds missing onlyif_function to sequence grant code. +- Fixes to the markdown of the README. + ## Supported Release 4.7.0 ### Summary A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. diff --git a/metadata.json b/metadata.json index 6ba1e2368b..f9e5ced597 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.7.0", + "version": "4.7.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -12,6 +12,7 @@ {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} ], + "data_provider": null, "operatingsystem_support": [ { "operatingsystem": "RedHat", From f6dd7ca4820e928f4251a3606d96ba1f4a4c7a6d Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 18 Feb 2016 10:05:56 -0800 Subject: [PATCH 0075/1000] Update quoting because addresses are not floats --- lib/puppet/provider/postgresql_conf/parsed.rb | 2 +- spec/unit/provider/postgresql_conf/parsed_spec.rb | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index 7c597a8a0c..88bd303f3b 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -23,7 +23,7 @@ else val = h[:value] end - dontneedquote = val.match(/^([\d\.]+|\w+)$/) + dontneedquote = val.match(/^(\d+.?\d+|\w+)$/) dontneedequal = h[:name].match(/^(include|include_if_exists)$/i) str = h[:name].downcase # normalize case diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index 7646e3f108..5055043781 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -137,6 +137,11 @@ ) end + it "quotes addresses" do + expect(provider.to_line( {:name=>"listen_addresses", :value=>"0.0.0.0", :comment=>nil, :record_type=>:parsed })).to eq( + "listen_addresses = '0.0.0.0'" + ) + end end end From ef94a2c51df6d683975b3fad31d4855c4665f7fb Mon Sep 17 00:00:00 2001 From: Michael Moll Date: Sat, 20 Feb 2016 19:55:19 +0100 Subject: [PATCH 0076/1000] Ubuntu/vidid and newer use systemd --- manifests/globals.pp | 9 ++++----- manifests/params.pp | 3 +++ 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 674602da1d..04602c3730 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -88,12 +88,11 @@ default => undef, }, 'Ubuntu' => $::operatingsystemrelease ? { - /^(15.10)$/ => '9.4', - /^(15.04)$/ => '9.4', - /^(14.10)$/ => '9.4', - /^(14.04)$/ => '9.3', - /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(10.04|10.10|11.04)$/ => '8.4', + /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', + /^(14.04)$/ => '9.3', + /^(14.10|15.04|15.10)$/ => '9.4', + /^(16.04)$/ => '9.5', default => undef, }, default => undef, diff --git a/manifests/params.pp b/manifests/params.pp index de50fe5e3b..cabe9d96a7 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -159,6 +159,9 @@ if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8.0') >= 0 { # Jessie uses systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") + } elsif $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '15.04') >= 0 { + # Ubuntu releases since vivid use systemd + $service_status = pick($service_status, "/usr/sbin/service ${service_name} status") } else { $service_status = pick($service_status, "/etc/init.d/${service_name} status | /bin/egrep -q 'Running clusters: .+|online'") } From 740c0b3b4063c8d0585f55b0d060837533630860 Mon Sep 17 00:00:00 2001 From: Travis Fields Date: Wed, 24 Feb 2016 20:44:15 -0800 Subject: [PATCH 0077/1000] Update `postgresql::globals::default_connect_settings` and default to {} - Add missing parameter `default_connect_settings` to class `postgresql::server` which was required by all of the classes and actually would have failed if the tests where not masking the issue - Remove test param that was masking the issue --- README.md | 18 +++++++++++------- manifests/globals.pp | 2 +- manifests/server.pp | 2 +- spec/unit/defines/server/database_spec.rb | 3 +-- spec/unit/defines/server/role_spec.rb | 3 --- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 5f26abdf93..99caab3fda 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ PostgreSQL is a high-performance, free, open-source relational database server. ### Getting started with postgresql -To configure a basic default PostgreSQL server, declare the `postgresql::server` class. +To configure a basic default PostgreSQL server, declare the `postgresql::server` class. ```puppet class { 'postgresql::server': } @@ -182,7 +182,7 @@ require => Postgresql::Server::Role['super2'], ### Create an access rule for pg_hba.conf -To create an access rule for `pg_hba.conf`: +To create an access rule for `pg_hba.conf`: ```puppet postgresql::server::pg_hba_rule { 'allow application network to access app database': @@ -242,7 +242,7 @@ sslrepli repli1.example.com replication ### Create recovery configuration -To create the recovery configuration file (`recovery.conf`): +To create the recovery configuration file (`recovery.conf`): ```puppet postgresql::server::recovery{ 'Create a recovery.conf file with the following defined parameters': @@ -535,7 +535,7 @@ Installs the packages containing the development libraries for PostgreSQL and sy ##### `link_pg_config` -If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to false to disable this behavior. Valid values: true, false. Default: true. +If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to false to disable this behavior. Valid values: true, false. Default: true. ##### `package_ensure` @@ -585,7 +585,7 @@ Specifies whether the package is present. Valid values: 'present', 'absent'. Def #### postgresql::lib::python -Installs PostgreSQL Python libraries. +Installs PostgreSQL Python libraries. ##### `package_ensure` @@ -605,6 +605,10 @@ The name of the PostgreSQL Python package. Specifies the name of the default database to connect with. On most systems this is "postgres". +##### `default_connect_settings` + +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined-types. i.e. `postgresql::server::role` + ##### `encoding` Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef. @@ -627,7 +631,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a ##### `ip_mask_allow_all_users` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. Set to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. Default: `127.0.0.1/32`. @@ -1035,7 +1039,7 @@ Provides the target for the rule and is generally an internal only property. **U Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). -Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. +Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). diff --git a/manifests/globals.pp b/manifests/globals.pp index 674602da1d..fa5cc5d846 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -27,7 +27,7 @@ $pg_ident_conf_path = undef, $postgresql_conf_path = undef, $recovery_conf_path = undef, - $default_connect_settings = undef, + $default_connect_settings = {}, $pg_hba_conf_defaults = undef, diff --git a/manifests/server.pp b/manifests/server.pp index 5469f26797..99b87fdfd3 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -18,7 +18,7 @@ $service_reload = $postgresql::params::service_reload, $service_status = $postgresql::params::service_status, $default_database = $postgresql::params::default_database, - + $default_connect_settings = $postgresql::globals::default_connect_settings, $listen_addresses = $postgresql::params::listen_addresses, $port = $postgresql::params::port, $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 439623ebcf..232ee31a3f 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -24,8 +24,7 @@ it { is_expected.to contain_postgresql_psql("Create db 'test'") } context "with comment set to 'test comment'" do - let (:params) {{ :comment => 'test comment', - :connect_settings => {} }} + let (:params) {{ :comment => 'test comment' }} it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE \"test\" IS 'test comment'").with_connect_settings( {} ) } end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 3540d49e09..88833a113b 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -20,7 +20,6 @@ let :params do { :password_hash => 'new-pa$s', - :connect_settings => {}, } end @@ -35,7 +34,6 @@ 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", 'port' => "5432", - 'connect_settings' => {}, }) end it 'should have alter role for "test" user with password as ****' do @@ -44,7 +42,6 @@ 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'port' => "5432", - 'connect_settings' => {}, }) end From 35bfae52301569a9eab47596df8a4141aebf7246 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 4 Mar 2016 16:15:57 -0800 Subject: [PATCH 0078/1000] Remove unused variable and update template comment --- manifests/server/config.pp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 592cd6a171..a1daac881c 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -14,7 +14,6 @@ $user = $postgresql::server::user $group = $postgresql::server::group $version = $postgresql::server::_version - $manage_package_repo = $postgresql::server::manage_package_repo $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf $manage_recovery_conf = $postgresql::server::manage_recovery_conf @@ -162,6 +161,11 @@ if $::osfamily == 'RedHat' { if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' { + # Template uses: + # - $::operatingsystem + # - $service_name + # - $port + # - $datadir file { 'systemd-override': ensure => present, path => "/etc/systemd/system/${service_name}.service", From d73b4f2affbf677b3ca46ebbde5d7bc9d05894cb Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Mon, 14 Mar 2016 14:39:30 +0100 Subject: [PATCH 0079/1000] Do not leak the DB password when overriding environment variable NEWPGPASSWD --- lib/puppet/provider/postgresql_psql/ruby.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 690e437be3..a2819dc6ff 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -38,7 +38,11 @@ def get_environment env_name = $1 value = $2 if environment.include?(env_name) || environment.include?(env_name.to_sym) - warning "Overriding environment setting '#{env_name}' with '#{value}'" + if env_name == 'NEWPGPASSWD' + warning "Overriding environment setting '#{env_name}' with '****'" + else + warning "Overriding environment setting '#{env_name}' with '#{value}'" + end end environment[env_name] = value else From 31914f35471010cc4a7ee9b3338db4221f0f84c2 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 4 Apr 2016 14:35:11 +0100 Subject: [PATCH 0080/1000] (maint) fix test to run under strict variables --- spec/unit/classes/server_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 14891fe5f5..852b7e497a 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -6,7 +6,8 @@ :osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistid => 'Debian', - :operatingsystemrelease => '6.0', + :lsbdistcodename => 'jessie', + :operatingsystemrelease => '8.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', From 2527dc2f20f629d71bc65c3f473367248ce856c3 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 4 Apr 2016 20:31:57 +0200 Subject: [PATCH 0081/1000] Minor Fixes on the Documentation * Remove duplicate item from 4.7.1 changelog * Fix spelling mistakes on README * Document missing postgresql_psql argument onlyif --- CHANGELOG.md | 1 - README.md | 42 +++++++++++++++++++++++------------------- 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4325ee2350..011bf900a3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,7 +40,6 @@ A release with a considerable amount of new features, including remote db suppor - Removal of extra blanks and backslashes in README. - Double quotes now used around database name to prevent syntax error. - Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. -- Removed inherits postgresql::params. - Fixed paths to work on Amazon Linux. - Fixed quotes around locale options. - Huge README update. diff --git a/README.md b/README.md index 99caab3fda..7428483aca 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ #### Table of Contents 1. [Module Description - What does the module do?](#module-description) -2. [Setup - The basics of getting started with posgresql module](#setup) +2. [Setup - The basics of getting started with postgresql module](#setup) * [What postgresql affects](#what-postgresql-affects) * [Getting started with postgresql](#getting-started-with-postgresql) 3. [Usage - Configuration options and additional functionality](#usage) @@ -27,9 +27,9 @@ ## Module description -The posgresql module allows you to manage PostgreSQL databases with Puppet. +The postgresql module allows you to manage PostgreSQL databases with Puppet. -PostgreSQL is a high-performance, free, open-source relational database server. The posgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL. +PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL. ## Setup @@ -160,7 +160,7 @@ $connection_settings_super2 = { include postgresql::server -# Connect with no special settings, i.e domain sockets, user postges +# Connect with no special settings, i.e domain sockets, user postgres postgresql::server::role{'super2': password_hash => "foobar2", superuser => true, @@ -301,7 +301,7 @@ exec { 'rake db:migrate': ## Reference -The posgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. +The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. **Classes:** @@ -379,7 +379,7 @@ Whether the PostgreSQL docs package resource should be present. Valid values: 'p #### postgresql::globals -**Note:** Most server-specific defaults should be overriden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. +**Note:** Most server-specific defaults should be overridden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. ##### `bindir` @@ -405,7 +405,7 @@ Overrides the default PostgreSQL contrib package name. Default: OS dependent. Overrides the default PostgreSQL data directory for the target platform. Default: OS dependent. -**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). +**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). **Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. @@ -499,7 +499,7 @@ Path to your `recovery.conf` file. ##### `repo_proxy` -Sets the proxy option for the official PostgreSQL yum-repositories only. Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. +Sets the proxy option for the official PostgreSQL yum-repositories only. Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. ##### `server_package_name` @@ -696,7 +696,7 @@ Sets the default package name for the PL/Python extension. Default: OS dependent ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for RedHat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default: `5432`, meaning the Postgres server listens on TCP port 5432. +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default: `5432`, meaning the Postgres server listens on TCP port 5432. ##### `postgres_password` @@ -860,7 +860,7 @@ Defines the database as a template if set to true. Default: false. ##### `locale` -Overrides the locale during creation of the database. DefaultThe default defined during installation. +Overrides the locale during creation of the database. The default defined during installation. ##### `owner` @@ -1013,7 +1013,7 @@ Allows you to create user name maps for `pg_ident.conf`. For more details see th ##### `database_username` -Specifies the user name of the the database user. The `system_username` is mapped to this user name. +Specifies the user name of the database user. The `system_username` is mapped to this user name. ##### `description` @@ -1256,6 +1256,10 @@ Specifies any additional environment variables you want to set for a SQL command Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. +##### `onlyif` + +Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. + ##### `port` Specifies the port of the database server to execute the SQL command against. @@ -1282,7 +1286,7 @@ Defines the schema search path to use when executing the SQL command. ##### `unless` -Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. +The inverse of `onlyif`. #### postgresql_conf @@ -1333,7 +1337,7 @@ Works with versions of PostgreSQL from 8.1 through 9.5. Currently, the postgresql module is tested on the following operating systems: * Debian 6.x, 7.x, 8.x. -* Centos 5.x, 6.x, and 7.x. +* CentOS 5.x, 6.x, and 7.x. * Ubuntu 10.04 and 12.04, 14.04. Other systems might be compatible, but are not being actively tested. @@ -1342,11 +1346,11 @@ Other systems might be compatible, but are not being actively tested. While this module supports both 1.x and 2.x versions of the puppetlabs-apt module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. -### Postgis support +### PostGIS support -Postgis is currently considered an unsupported feature, as it doesn't work on all platforms correctly. +PostGIS is currently considered an unsupported feature, as it doesn't work on all platforms correctly. -### All versions of RHEL/Centos +### All versions of RHEL/CentOS If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: @@ -1379,12 +1383,12 @@ And then run the unit tests: bundle exec rake spec ``` -The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your Github clone of this project. +The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your GitHub clone of this project. To run the system tests, make sure you also have: -* vagrant > 1.2.x -* Virtualbox > 4.2.10 +* Vagrant > 1.2.x +* VirtualBox > 4.2.10 Then run the tests using: From b2cb2dfff05d4dfcf6cf693288325fa8268b3148 Mon Sep 17 00:00:00 2001 From: Ondrej Prazak Date: Wed, 30 Mar 2016 10:05:46 +0200 Subject: [PATCH 0082/1000] Adds timestamps into logs by default --- manifests/globals.pp | 1 + manifests/params.pp | 1 + manifests/server.pp | 2 ++ manifests/server/config.pp | 7 +++++++ 4 files changed, 11 insertions(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index f3ad15f6eb..5349b3c878 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -36,6 +36,7 @@ $bindir = undef, $xlogdir = undef, $logdir = undef, + $log_line_prefix = undef, $user = undef, $group = undef, diff --git a/manifests/params.pp b/manifests/params.pp index cabe9d96a7..60331f82de 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -4,6 +4,7 @@ $postgis_version = $postgresql::globals::globals_postgis_version $listen_addresses = 'localhost' $port = 5432 + $log_line_prefix = '%t ' $ip_mask_deny_postgres_user = '0.0.0.0/0' $ip_mask_allow_all_users = '127.0.0.1/32' $ipv4acls = [] diff --git a/manifests/server.pp b/manifests/server.pp index 99b87fdfd3..f4fa2f44dc 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -38,6 +38,8 @@ $xlogdir = $postgresql::params::xlogdir, $logdir = $postgresql::params::logdir, + $log_line_prefix = $postgresql::params::log_line_prefix, + $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, $user = $postgresql::params::user, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index a1daac881c..b00a79b18e 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -20,6 +20,7 @@ $datadir = $postgresql::server::datadir $logdir = $postgresql::server::logdir $service_name = $postgresql::server::service_name + $log_line_prefix = $postgresql::server::log_line_prefix if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file @@ -115,6 +116,12 @@ } } + # Allow timestamps in log by default + if $log_line_prefix { + postgresql::server::config_entry {'log_line_prefix': + value => $log_line_prefix, + } + } # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. From 5ddafcaf8da49c977fde29bac6c1f4ceb02735c4 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Mon, 11 Apr 2016 16:31:32 -0700 Subject: [PATCH 0083/1000] (MODULES-3241) Add fedora 23 It has the same defaults as fedora 22 --- manifests/globals.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5349b3c878..79e5b2dd42 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -61,11 +61,11 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { - /^(22)$/ => '9.4', - /^(21)$/ => '9.3', + /^(22|23)$/ => '9.4', + /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', - /^(17)$/ => '9.1', - default => undef, + /^(17)$/ => '9.1', + default => undef, }, 'Amazon' => '9.2', default => $::operatingsystemrelease ? { From cf5140777b3d1c415dff2e8bc9516a8ace1ffd7b Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 13 Apr 2016 20:50:02 +0100 Subject: [PATCH 0084/1000] Update to newest modulesync_configs [9ca280f] --- .travis.yml | 17 ++++++++++++++++- spec/acceptance/nodesets/centos-510-x64.yml | 10 ---------- spec/acceptance/nodesets/centos-59-x64.yml | 10 ---------- .../nodesets/centos-64-x64-2-hosts.yml | 18 ------------------ spec/acceptance/nodesets/centos-64-x64-pe.yml | 12 ------------ spec/acceptance/nodesets/centos-64-x64.yml | 10 ---------- spec/acceptance/nodesets/centos-65-x64.yml | 10 ---------- spec/acceptance/nodesets/centos-7-x64.yml | 10 ++++++++++ spec/acceptance/nodesets/debian-607-x64.yml | 10 ---------- spec/acceptance/nodesets/debian-73-x64.yml | 10 ---------- spec/acceptance/nodesets/debian-8-x64.yml | 10 ++++++++++ .../nodesets/debian-8-x86-vcloud.yml | 16 ---------------- spec/acceptance/nodesets/default.yml | 14 +++++++------- spec/acceptance/nodesets/docker/centos-7.yml | 12 ++++++++++++ spec/acceptance/nodesets/docker/debian-8.yml | 11 +++++++++++ .../nodesets/docker/ubuntu-14.04.yml | 12 ++++++++++++ .../nodesets/ubuntu-server-10044-x64.yml | 10 ---------- .../nodesets/ubuntu-server-12042-x64.yml | 10 ---------- .../nodesets/ubuntu-server-1404-x64.yml | 11 ----------- 19 files changed, 78 insertions(+), 145 deletions(-) delete mode 100644 spec/acceptance/nodesets/centos-510-x64.yml delete mode 100644 spec/acceptance/nodesets/centos-59-x64.yml delete mode 100644 spec/acceptance/nodesets/centos-64-x64-2-hosts.yml delete mode 100644 spec/acceptance/nodesets/centos-64-x64-pe.yml delete mode 100644 spec/acceptance/nodesets/centos-64-x64.yml delete mode 100644 spec/acceptance/nodesets/centos-65-x64.yml create mode 100644 spec/acceptance/nodesets/centos-7-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-607-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-73-x64.yml create mode 100644 spec/acceptance/nodesets/debian-8-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-8-x86-vcloud.yml create mode 100644 spec/acceptance/nodesets/docker/centos-7.yml create mode 100644 spec/acceptance/nodesets/docker/debian-8.yml create mode 100644 spec/acceptance/nodesets/docker/ubuntu-14.04.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-10044-x64.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-12042-x64.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-1404-x64.yml diff --git a/.travis.yml b/.travis.yml index 588fb5b002..4e2c66df32 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,18 +3,33 @@ sudo: false language: ruby cache: bundler -bundler_args: --without system_tests script: "bundle exec rake validate lint spec" matrix: fast_finish: true include: - rvm: 2.1.6 + dist: trusty + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 + script: bundle exec rake beaker + services: docker + sudo: required + - rvm: 2.1.6 + dist: trusty + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 + script: bundle exec rake beaker + services: docker + sudo: required + - rvm: 2.1.6 + bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 2.1.5 + bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - rvm: 2.1.5 + bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 1.9.3 + bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 3.0" notifications: email: false diff --git a/spec/acceptance/nodesets/centos-510-x64.yml b/spec/acceptance/nodesets/centos-510-x64.yml deleted file mode 100644 index 12c9e7893a..0000000000 --- a/spec/acceptance/nodesets/centos-510-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-510-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-510-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/centos-59-x64.yml b/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86aa..0000000000 --- a/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml b/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml deleted file mode 100644 index 574b238208..0000000000 --- a/spec/acceptance/nodesets/centos-64-x64-2-hosts.yml +++ /dev/null @@ -1,18 +0,0 @@ -HOSTS: - database: - roles: - - default - - database - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant - client: - roles: - - client - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss \ No newline at end of file diff --git a/spec/acceptance/nodesets/centos-64-x64-pe.yml b/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b9..0000000000 --- a/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/spec/acceptance/nodesets/centos-64-x64.yml b/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 0639835490..0000000000 --- a/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/centos-65-x64.yml b/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e8..0000000000 --- a/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/centos-7-x64.yml b/spec/acceptance/nodesets/centos-7-x64.yml new file mode 100644 index 0000000000..1a40c8950f --- /dev/null +++ b/spec/acceptance/nodesets/centos-7-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-7-x64: + roles: + - agent + - default + platform: redhat-7-x86_64 + hypervisor: vagrant + box: puppetlabs/centos-7.2-64-nocm +CONFIG: + type: foss diff --git a/spec/acceptance/nodesets/debian-607-x64.yml b/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42d03..0000000000 --- a/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/debian-73-x64.yml b/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index 3e31a82760..0000000000 --- a/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/debian-8-x64.yml b/spec/acceptance/nodesets/debian-8-x64.yml new file mode 100644 index 0000000000..fef6e63ca5 --- /dev/null +++ b/spec/acceptance/nodesets/debian-8-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + debian-8-x64: + roles: + - agent + - default + platform: debian-8-amd64 + hypervisor: vagrant + box: puppetlabs/debian-8.2-64-nocm +CONFIG: + type: foss diff --git a/spec/acceptance/nodesets/debian-8-x86-vcloud.yml b/spec/acceptance/nodesets/debian-8-x86-vcloud.yml deleted file mode 100644 index 4c116bcebb..0000000000 --- a/spec/acceptance/nodesets/debian-8-x86-vcloud.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - 'debian-8-vcloud': - roles: - - master - platform: debian-8-x86 - hypervisor: vcloud - template: debian-8-i386 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml index 0639835490..dba339c46a 100644 --- a/spec/acceptance/nodesets/default.yml +++ b/spec/acceptance/nodesets/default.yml @@ -1,10 +1,10 @@ HOSTS: - centos-64-x64: + ubuntu-1404-x64: roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant + - agent + - default + platform: ubuntu-14.04-amd64 + hypervisor: vagrant + box: puppetlabs/ubuntu-14.04-64-nocm CONFIG: - type: git + type: foss diff --git a/spec/acceptance/nodesets/docker/centos-7.yml b/spec/acceptance/nodesets/docker/centos-7.yml new file mode 100644 index 0000000000..a3333aac53 --- /dev/null +++ b/spec/acceptance/nodesets/docker/centos-7.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-7-x64: + platform: el-7-x86_64 + hypervisor: docker + image: centos:7 + docker_preserve_image: true + docker_cmd: '["/usr/sbin/init"]' + # install various tools required to get the image up to usable levels + docker_image_commands: + - 'yum install -y crontabs tar wget openssl sysvinit-tools iproute which initscripts' +CONFIG: + trace_limit: 200 diff --git a/spec/acceptance/nodesets/docker/debian-8.yml b/spec/acceptance/nodesets/docker/debian-8.yml new file mode 100644 index 0000000000..df5c31944f --- /dev/null +++ b/spec/acceptance/nodesets/docker/debian-8.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-8-x64: + platform: debian-8-amd64 + hypervisor: docker + image: debian:8 + docker_preserve_image: true + docker_cmd: '["/sbin/init"]' + docker_image_commands: + - 'apt-get update && apt-get install -y net-tools wget locales strace lsof && echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen' +CONFIG: + trace_limit: 200 diff --git a/spec/acceptance/nodesets/docker/ubuntu-14.04.yml b/spec/acceptance/nodesets/docker/ubuntu-14.04.yml new file mode 100644 index 0000000000..b1efa58390 --- /dev/null +++ b/spec/acceptance/nodesets/docker/ubuntu-14.04.yml @@ -0,0 +1,12 @@ +HOSTS: + ubuntu-1404-x64: + platform: ubuntu-14.04-amd64 + hypervisor: docker + image: ubuntu:14.04 + docker_preserve_image: true + docker_cmd: '["/sbin/init"]' + docker_image_commands: + # ensure that upstart is booting correctly in the container + - 'rm /usr/sbin/policy-rc.d && rm /sbin/initctl && dpkg-divert --rename --remove /sbin/initctl && apt-get update && apt-get install -y net-tools wget && locale-gen en_US.UTF-8' +CONFIG: + trace_limit: 200 diff --git a/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e40..0000000000 --- a/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f8..0000000000 --- a/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c2..0000000000 --- a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git From 291dbd9a875414d0f8e263e9eb6570737b47a043 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Thu, 21 Apr 2016 16:52:32 -0400 Subject: [PATCH 0085/1000] Fix validation script to work with FreeBSD. The validate_postgresql_connection.sh script was coded to rely on bash which is not available by default in FreeBSD. Updated script to use /bin/sh which is a valid POSIX shell. --- files/validate_postgresql_connection.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/files/validate_postgresql_connection.sh b/files/validate_postgresql_connection.sh index f126d99be4..2b3d629445 100644 --- a/files/validate_postgresql_connection.sh +++ b/files/validate_postgresql_connection.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/sh # usage is: validate_db_connection 2 50 psql @@ -8,7 +8,9 @@ PSQL=$3 STATE=1 -for (( c=1; c<=$TRIES; c++ )) +c=1 + +while [ $c -le $TRIES ] do echo $c if [ $c -gt 1 ] @@ -24,6 +26,7 @@ do then exit 0 fi +$c++ done echo 'Unable to connect to postgresql' From 47ab296f36f66075554b4ccdb7553b0154bedfd0 Mon Sep 17 00:00:00 2001 From: Jan Fabry Date: Thu, 28 Apr 2016 23:24:48 +0200 Subject: [PATCH 0086/1000] Don't overwrite or calculate the environment twice MODULES-3311 --- lib/puppet/provider/postgresql_psql/ruby.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index a2819dc6ff..166c8bc280 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -30,7 +30,7 @@ def run_sql_command(sql) private def get_environment - environment = resource[:connect_settings] || {} + environment = (resource[:connect_settings] || {}).dup if envlist = resource[:environment] envlist = [envlist] unless envlist.is_a? Array envlist.each do |setting| @@ -55,7 +55,6 @@ def get_environment def run_command(command, user, group, environment) command = command.join ' ' - environment = get_environment if Puppet::PUPPETVERSION.to_f < 3.0 require 'puppet/util/execution' Puppet::Util::Execution.withenv environment do From 2187434624955d6088d367a76535a4f968fc33cc Mon Sep 17 00:00:00 2001 From: Wyatt Alt Date: Tue, 31 May 2016 13:44:39 -0700 Subject: [PATCH 0087/1000] (maint) fix broken links in readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7428483aca..02b5bd7e07 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,8 @@ * [Create a database](#create-a-database) * [Manage users, roles, and permissions](#manage-users-roles-and-permissions) * [Override defaults](#override-defaults) - * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pghbaconf) - * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pgidentconf) + * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pg_hbaconf) + * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pg_identconf) * [Validate connectivity](#validate-connectivity) 4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) * [Classes](#classes) From 79050c111b8c9f7f1b731e08a46cbc1e98cd7f1c Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 1 Jun 2016 18:04:56 +0200 Subject: [PATCH 0088/1000] don't create empty lines in recovery template --- templates/recovery.conf | 60 ++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/templates/recovery.conf b/templates/recovery.conf index 6fb47892e1..a678faee0d 100644 --- a/templates/recovery.conf +++ b/templates/recovery.conf @@ -1,47 +1,47 @@ -<% if @restore_command %> +<% if @restore_command -%> restore_command = '<%= @restore_command %>' -<% end %> -<% if @archive_cleanup_command %> +<% end -%> +<% if @archive_cleanup_command -%> archive_cleanup_command = '<%= @archive_cleanup_command %>' -<% end %> -<% if @recovery_end_command %> +<% end -%> +<% if @recovery_end_command -%> recovery_end_command = '<%= @recovery_end_command %>' -<% end %> +<% end -%> -<% if @recovery_target_name %> +<% if @recovery_target_name -%> recovery_target_name = '<%= @recovery_target_name %>' -<% end %> -<% if @recovery_target_time %> +<% end -%> +<% if @recovery_target_time -%> recovery_target_time = '<%= @recovery_target_time %>' -<% end %> -<% if @recovery_target_xid %> +<% end -%> +<% if @recovery_target_xid -%> recovery_target_xid = '<%= @recovery_target_xid %>' -<% end %> -<% if @recovery_target_inclusive %> +<% end -%> +<% if @recovery_target_inclusive -%> recovery_target_inclusive = <%= @recovery_target_inclusive %> -<% end %> -<% if @recovery_target %> +<% end -%> +<% if @recovery_target -%> recovery_target = '<%= @recovery_target %>' -<% end %> -<% if @recovery_target_timeline %> +<% end -%> +<% if @recovery_target_timeline -%> recovery_target_timeline = '<%= @recovery_target_timeline %>' -<% end %> -<% if @pause_at_recovery_target %> +<% end -%> +<% if @pause_at_recovery_target -%> pause_at_recovery_target = <%= @pause_at_recovery_target %> -<% end %> +<% end -%> -<% if @standby_mode %> +<% if @standby_mode -%> standby_mode = <%= @standby_mode %> -<% end %> -<% if @primary_conninfo %> +<% end -%> +<% if @primary_conninfo -%> primary_conninfo = '<%= @primary_conninfo %>' -<% end %> -<% if @primary_slot_name %> +<% end -%> +<% if @primary_slot_name -%> primary_slot_name = '<%= @primary_slot_name %>' -<% end %> -<% if @trigger_file %> +<% end -%> +<% if @trigger_file -%> trigger_file = '<%= @trigger_file %>' -<% end %> -<% if @recovery_min_apply_delay %> +<% end -%> +<% if @recovery_min_apply_delay -%> recovery_min_apply_delay = <%= @recovery_min_apply_delay %> -<% end %> +<% end -%> From 9c2a99b9e58e8e352a9c550418fab7190f2b21cf Mon Sep 17 00:00:00 2001 From: Dominic Cleal Date: Fri, 3 Jun 2016 23:17:27 +0100 Subject: [PATCH 0089/1000] (MODULES-3442) Use empty array for missing resource relationships Empty require/before relationships in the server extension package resource are changed from undef to empty arrays to work around PUP-6385 in Puppet 4.5.x. Previously undef was passed literally through create_resources() causing Puppet to fail to find the resource named `undef`. --- manifests/server/extension.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 14b51f2c78..1c9b684ade 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -15,7 +15,7 @@ 'present': { $command = "CREATE EXTENSION \"${extension}\"" $unless_comp = '=' - $package_require = undef + $package_require = [] $package_before = Postgresql_psql["Add ${extension} extension to ${database}"] } @@ -23,7 +23,7 @@ $command = "DROP EXTENSION \"${extension}\"" $unless_comp = '!=' $package_require = Postgresql_psql["Add ${extension} extension to ${database}"] - $package_before = undef + $package_before = [] } default: { From b1900b0f556c8b03360492c2ca2ef78ec1f57839 Mon Sep 17 00:00:00 2001 From: Dominic Cleal Date: Thu, 26 May 2016 09:48:13 +0100 Subject: [PATCH 0090/1000] (MODULES-3416) Add Fedora 24 with PostgreSQL 9.5 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 79e5b2dd42..22991e31df 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -61,6 +61,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(24)$/ => '9.5', /^(22|23)$/ => '9.4', /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', From cfd669235b07a397814c2d0b9732591cd379dd13 Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Sat, 4 Jun 2016 00:22:15 +0200 Subject: [PATCH 0091/1000] Let the module handle OpenBSD 6.x versions as well, and bump default postgresql version here to 9.5 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 79e5b2dd42..9777024ca6 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -106,6 +106,7 @@ 'OpenBSD' => $::operatingsystemrelease ? { /5\.6/ => '9.3', /5\.[7-9]/ => '9.4', + /6\.[0-9]/ => '9.5', }, 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { From 63ee3a55f18f6c8e2da2b7d35ecba38bebf0b2e7 Mon Sep 17 00:00:00 2001 From: micah-uber Date: Tue, 7 Jun 2016 17:26:36 -0700 Subject: [PATCH 0092/1000] Update config_entry.pp add ability to set log_min_duration_statement --- manifests/server/config_entry.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 50ec085e72..9ac7bfa9f3 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -16,7 +16,7 @@ } case $name { - /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { + /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time|log_min_duration_statement/: { if $postgresql::server::service_restart_on_change { Postgresql_conf { notify => Class['postgresql::server::service'], From d72a58cde1822213bd7dfaff9227a894c26b666d Mon Sep 17 00:00:00 2001 From: tphoney Date: Thu, 30 Jun 2016 11:19:07 +0100 Subject: [PATCH 0093/1000] {maint} modulesync 0794b2c --- CONTRIBUTING.md | 6 ++---- Rakefile | 4 ++-- manifests/server/grant.pp | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bfeaa701ca..3c3f1e7999 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -208,11 +208,9 @@ review. Additional Resources ==================== -* [Getting additional help](http://puppetlabs.com/community/get-help) +* [Getting additional help](http://puppet.com/community/get-help) -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) +* [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) * [General GitHub documentation](http://help.github.com/) diff --git a/Rakefile b/Rakefile index 7e9a13d5df..8906d23cd8 100644 --- a/Rakefile +++ b/Rakefile @@ -4,11 +4,11 @@ require 'puppetlabs_spec_helper/rake_tasks' PuppetLint.configuration.fail_on_warnings = true PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_140chars') PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.send('disable_documentation') PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp", "bundle/**/*", "vendor/**/*"] desc 'Generate pooler nodesets' task :gen_nodeset do diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 2227915ea6..697313a721 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -111,7 +111,7 @@ 'ALL PRIVILEGES' => 'USAGE', default => $_privilege, } - + # This checks if there is a difference between the sequences in the # specified schema and the sequences for which the role has the specified # privilege. It uses the EXCEPT clause which computes the set of rows From 99cd56c2e3d032455dfc409550373295ac88da2e Mon Sep 17 00:00:00 2001 From: Taylan Develioglu Date: Wed, 1 Jun 2016 10:34:47 +0200 Subject: [PATCH 0094/1000] Add .erb suffix to recovery.conf template --- manifests/server/recovery.pp | 2 +- templates/{recovery.conf => recovery.conf.erb} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename templates/{recovery.conf => recovery.conf.erb} (100%) diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 924866e965..22645b929a 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -32,7 +32,7 @@ # Create the recovery.conf content concat::fragment { 'recovery.conf': target => $target, - content => template('postgresql/recovery.conf'), + content => template('postgresql/recovery.conf.erb'), } } } diff --git a/templates/recovery.conf b/templates/recovery.conf.erb similarity index 100% rename from templates/recovery.conf rename to templates/recovery.conf.erb From 6cb8d100d04b9ab87aef4588af34ad7b60eef4e0 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 8 Jul 2016 13:34:33 +0100 Subject: [PATCH 0095/1000] (MODULES-3581) modulesync [067d08a] --- Gemfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index e490bc9b98..9b5b2146b3 100644 --- a/Gemfile +++ b/Gemfile @@ -16,10 +16,11 @@ group :development, :unit_tests do gem 'json', :require => false gem 'metadata-json-lint', :require => false gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '>= 2.3.2', :require => false gem 'simplecov', :require => false + gem 'puppet-blacksmith', :require => false + gem 'rest-client', '~> 1.8.0', :require => false end group :system_tests do gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') From 82c6716d4845bde01a03c58b2123b3009c0d97ca Mon Sep 17 00:00:00 2001 From: Nate Potter Date: Sat, 9 Jul 2016 13:53:34 -0700 Subject: [PATCH 0096/1000] (MODULES-3247) Enable schema and database ownership change Currently postgresql::server::schema, postgresql::server::db and postgresql::server::database allow creating new schemas and databases if they don't already exist and assigning owners to them. This patch enables changing the owner of a schema or database that already exists if the change_ownership variable is set to true. --- README.md | 18 ++- manifests/server/database.pp | 127 ++++++++++++---------- manifests/server/db.pp | 34 +++--- manifests/server/schema.pp | 31 ++++-- spec/unit/defines/server/database_spec.rb | 7 ++ spec/unit/defines/server/schema_spec.rb | 12 ++ 6 files changed, 146 insertions(+), 83 deletions(-) diff --git a/README.md b/README.md index 02b5bd7e07..9cff390962 100644 --- a/README.md +++ b/README.md @@ -792,7 +792,7 @@ Defines the value for the setting. #### postgresql::server::db -Creates a local database, user, and assigns necessary permissions. +Creates or modifies a local database, user, and assigns necessary permissions. ##### `comment` @@ -842,9 +842,13 @@ Specifies the name of the template database from which to build this database. D User to create and assign access to the database upon creation. Mandatory. +##### `change_ownership` + +Specifies whether to create a new database or change the owner of an existing one. Default: false. + #### postgresql::server::database -Creates a database with no users and no permissions. +Creates or modifies a database with no users and no permissions. ##### `dbname` @@ -874,6 +878,10 @@ Sets tablespace for where to create this database. Default: The defaults defined Specifies the name of the template database from which to build this database. Default: `template0`. +##### `change_ownership` + +Specifies whether to create a new database or change the owner of an existing one. Default: false. + #### postgresql::server::database_grant Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. @@ -1114,7 +1122,7 @@ Defines the username of the role to create. Defaults to the namevar. #### postgresql::server::schema -Creates a schema. +Creates or modifies a schema. ##### `connect_settings` @@ -1132,6 +1140,10 @@ Sets the default owner of the schema. Sets the name of the schema. Defaults to the namevar. +##### `change_ownership` + +Specifies whether to create a new schema or change the owner of an existing one. Default: false. + #### postgresql::server::table_grant Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. diff --git a/manifests/server/database.pp b/manifests/server/database.pp index fab12b53ae..0d453bc4cb 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -9,6 +9,7 @@ $locale = $postgresql::server::locale, $istemplate = false, $connect_settings = $postgresql::server::default_connect_settings, + $change_ownership = false, ) { $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user @@ -40,73 +41,87 @@ connect_settings => $connect_settings, } - # Optionally set the locale switch. Older versions of createdb may not accept - # --locale, so if the parameter is undefined its safer not to pass it. - if ($version != '8.1') { - $locale_option = $locale ? { - undef => '', - default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", + if $change_ownership { + # Change owner for existing database + if !$owner { + fail('Must specify an owner to change database ownership.') + } + postgresql_psql { "Change owner of db '${dbname}' to ${owner}": + command => "ALTER DATABASE \"${dbname}\" OWNER TO ${owner}", + onlyif => "SELECT datname FROM pg_database WHERE datname='${dbname}'", + db => $default_db, + require => Class['postgresql::server::service'] } - $public_revoke_privilege = 'CONNECT' } else { - $locale_option = '' - $public_revoke_privilege = 'ALL' - } - - $template_option = $template ? { - undef => '', - default => "TEMPLATE=\"${template}\"", - } - - $encoding_option = $encoding ? { - undef => '', - default => "ENCODING='${encoding}'", - } + # Create a new database + # Optionally set the locale switch. Older versions of createdb may not accept + # --locale, so if the parameter is undefined its safer not to pass it. + if ($version != '8.1') { + $locale_option = $locale ? { + undef => '', + default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", + } + $public_revoke_privilege = 'CONNECT' + } else { + $locale_option = '' + $public_revoke_privilege = 'ALL' + } - $tablespace_option = $tablespace ? { - undef => '', - default => "TABLESPACE=\"${tablespace}\"", - } + $template_option = $template ? { + undef => '', + default => "TEMPLATE=\"${template}\"", + } - if $createdb_path != undef{ - warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') - } + $encoding_option = $encoding ? { + undef => '', + default => "ENCODING='${encoding}'", + } - postgresql_psql { "Create db '${dbname}'": - command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", - unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", - db => $default_db, - require => Class['postgresql::server::service'] - }~> + $tablespace_option = $tablespace ? { + undef => '', + default => "TABLESPACE=\"${tablespace}\"", + } - # This will prevent users from connecting to the database unless they've been - # granted privileges. - postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": - db => $default_db, - refreshonly => true, - } + if $createdb_path != undef{ + warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') + } - Postgresql_psql[ "Create db '${dbname}'" ]-> - postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": - unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", - db => $default_db, - } + postgresql_psql { "Create db '${dbname}'": + command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", + db => $default_db, + require => Class['postgresql::server::service'] + }~> - if $comment { - # The shobj_description function was only introduced with 8.2 - $comment_information_function = $version ? { - '8.1' => 'obj_description', - default => 'shobj_description', + # This will prevent users from connecting to the database unless they've been + # granted privileges. + postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": + db => $default_db, + refreshonly => true, } + Postgresql_psql[ "Create db '${dbname}'" ]-> - postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": - unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", - db => $dbname, + postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": + unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", + db => $default_db, } - } - # Build up dependencies on tablespace - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] + if $comment { + # The shobj_description function was only introduced with 8.2 + $comment_information_function = $version ? { + '8.1' => 'obj_description', + default => 'shobj_description', + } + Postgresql_psql[ "Create db '${dbname}'" ]-> + postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": + unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", + db => $dbname, + } + } + + # Build up dependencies on tablespace + if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { + Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] + } } } diff --git a/manifests/server/db.pp b/manifests/server/db.pp index b4c1232cfa..b170ee5e56 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -3,26 +3,28 @@ define postgresql::server::db ( $user, $password, - $comment = undef, - $dbname = $title, - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $grant = 'ALL', - $tablespace = undef, - $template = 'template0', - $istemplate = false, - $owner = undef + $comment = undef, + $dbname = $title, + $encoding = $postgresql::server::encoding, + $locale = $postgresql::server::locale, + $grant = 'ALL', + $tablespace = undef, + $template = 'template0', + $istemplate = false, + $owner = undef, + $change_ownership = false, ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: - comment => $comment, - encoding => $encoding, - tablespace => $tablespace, - template => $template, - locale => $locale, - istemplate => $istemplate, - owner => $owner, + comment => $comment, + encoding => $encoding, + tablespace => $tablespace, + template => $template, + locale => $locale, + istemplate => $istemplate, + owner => $owner, + change_ownership => $change_ownership, } } diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 74a00dedb7..bbf4bc48aa 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -17,6 +17,7 @@ $owner = undef, $schema = $title, $connect_settings = $postgresql::server::default_connect_settings, + $change_ownership = false, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -39,19 +40,33 @@ connect_settings => $connect_settings, } - $schema_title = "Create Schema '${title}'" + $schema_exists = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" $authorization = $owner? { undef => '', default => "AUTHORIZATION \"${owner}\"", } - $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" - $unless = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" - - postgresql_psql { $schema_title: - command => $schema_command, - unless => $unless, - require => Class['postgresql::server'], + if $change_ownership { + # Change owner for existing schema + if !$owner { + fail('Must specify an owner to change schema ownership.') + } + $schema_title = "Change owner of schema '${schema}' to ${owner}" + $schema_command = "ALTER SCHEMA \"${schema}\" OWNER TO ${owner}" + postgresql_psql { $schema_title: + command => $schema_command, + onlyif => $schema_exists, + require => Class['postgresql::server'], + } + } else { + # Create a new schema + $schema_title = "Create Schema '${title}'" + $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" + postgresql_psql { $schema_title: + command => $schema_command, + unless => $schema_exists, + require => Class['postgresql::server'], + } } if($owner != undef and defined(Postgresql::Server::Role[$owner])) { diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 232ee31a3f..1148cc7b3e 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -69,4 +69,11 @@ class {'postgresql::server':}" it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } end + + context "with change_ownership set to true" do + let (:params) {{ :change_ownership => true, + :owner => 'test_owner' }} + + it { is_expected.to contain_postgresql_psql("Change owner of db 'test' to test_owner") } + end end diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index f5d106fae9..4589f74243 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -29,4 +29,16 @@ end it { should contain_postgresql__server__schema('test') } + + context "with change_ownership set to true" do + let :params do + { + :owner => 'nate', + :db => 'natedb', + :change_ownership => true, + } + end + + it { is_expected.to contain_postgresql_psql("Change owner of schema 'test' to nate") } + end end From 6cef1f4be7cb4dcbcb3693a5a5b531adb4be2bb9 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 18 Jul 2016 13:39:50 +0100 Subject: [PATCH 0097/1000] Prep for 4.8.0 --- CHANGELOG.md | 23 ++++++++++++++++++++++- README.md | 8 ++++++++ metadata.json | 9 +++------ 3 files changed, 33 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 011bf900a3..e5e02991ce 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,24 @@ +## Supported Release 4.8.0 +### Summary +This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. + +#### Features +- Add `default_connect_settings` parameter to `postgresql::server` +- Running under strict variables is now supported +- Add timestamps into logs by default + +#### Bugfixes +- Obscure password in postgresql\_psql type +- Fix ip address quoting in postgresql\_conf type +- Fix handling of systemd service on Ubuntu +- Mark log_min_duration_statement setting as requiring a service restart +- Add fixes for Fedora 23, Fedora 24, FreeBSD, OpenBSD +- Fix environment handling to avoid "Overriding environment setting" message +- Work around PUP-6385, using empty arrays instead of undef when specifying resource relationships +- README editorial pass +- Reduce whitespace in templates +- Update build/test infrastructure + ## Supported Release 4.7.1 ### Summary This release contains some bugfixes and documentation updates. @@ -559,7 +580,7 @@ the stage for the large scale refactoring work of 3.0.0. ####Features -####Bugfixes +####Bugfixes - Use boolean for refreshonly. - Fix postgresql::plperl documentation. - Add two missing parameters to config::beforeservice diff --git a/README.md b/README.md index 02b5bd7e07..2cdbd6a9b0 100644 --- a/README.md +++ b/README.md @@ -445,6 +445,10 @@ Sets the default database locale for all databases created with this module. On Overrides the default PostgreSQL log directory. Default: initdb's default path. +##### `log_line_prefix` + +Set a prefix for the server logs. Default: `'%t '` + ##### `manage_package_repo` Sets up official PostgreSQL repositories on your host if set to true. Default: false. @@ -650,6 +654,10 @@ Specifies the addresses the server accepts connections to. Valid values: Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. Default: undef, which is effectively `C`. **On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +##### `log_line_prefix` + +Set a prefix for the server logs. Default: `'%t '` + ##### `manage_pg_hba_conf` Whether to manage the pg_hba.conf. If set to true, Puppet overwrites this file. If set to false, Puppet does not modify the file. Valid values: true, false. Default diff --git a/metadata.json b/metadata.json index f9e5ced597..2a59dc9d22 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.7.1", + "version": "4.8.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -59,15 +59,12 @@ "operatingsystemrelease": [ "10.04", "12.04", - "14.04" + "14.04", + "16.04" ] } ], "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.4.0" - }, { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" From 793f51554b2a7efc25c0731cff40b5b4a3925b7a Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 27 Jul 2016 15:56:35 +0100 Subject: [PATCH 0098/1000] (MAINT) Update for modulesync_config 72d19f184 --- .gitignore | 3 ++- .travis.yml | 2 +- Gemfile | 19 ++++++++++--------- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index dd126f2fb2..0cd25de9af 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,8 @@ pkg/ Gemfile.lock vendor/ -spec/fixtures/ +spec/fixtures/manifests/ +spec/fixtures/modules/ .vagrant/ .bundle/ coverage/ diff --git a/.travis.yml b/.travis.yml index 4e2c66df32..f631db04fb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,7 +19,7 @@ matrix: script: bundle exec rake beaker services: docker sudo: required - - rvm: 2.1.6 + - rvm: 2.1.9 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 2.1.5 diff --git a/Gemfile b/Gemfile index 9b5b2146b3..c7da908d9f 100644 --- a/Gemfile +++ b/Gemfile @@ -13,14 +13,12 @@ def location_for(place, version = nil) end group :development, :unit_tests do - gem 'json', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false - gem 'puppet-blacksmith', :require => false - gem 'rest-client', '~> 1.8.0', :require => false + gem 'metadata-json-lint', :require => false + gem 'puppet_facts', :require => false + gem 'puppet-blacksmith', '>= 3.4.0', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'rspec-puppet', '>= 2.3.2', :require => false + gem 'simplecov', :require => false end group :system_tests do gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') @@ -31,10 +29,13 @@ group :system_tests do gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) end +# json_pure 2.0.2 added a requirement on ruby >= 2. We pin to json_pure 2.0.1 +# if using ruby 1.x +gem 'json_pure', '<=2.0.1', :require => false if RUBY_VERSION =~ /^1\./ + gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) - if File.exists? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) end From 53c67fed60aacafef723fbebbeb7244cb2e80a38 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Tue, 21 Jun 2016 03:22:34 +0200 Subject: [PATCH 0099/1000] Allow username and password as integers Fixes: String can't be coerced into Fixnum --- lib/puppet/parser/functions/postgresql_password.rb | 2 +- spec/unit/functions/postgresql_password_spec.rb | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb index 0689e0e5b0..e5d262079f 100644 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ b/lib/puppet/parser/functions/postgresql_password.rb @@ -13,6 +13,6 @@ module Puppet::Parser::Functions username = args[0] password = args[1] - 'md5' + Digest::MD5.hexdigest(password + username) + 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) end end diff --git a/spec/unit/functions/postgresql_password_spec.rb b/spec/unit/functions/postgresql_password_spec.rb index b5aa00bfd3..89699f6fc7 100644 --- a/spec/unit/functions/postgresql_password_spec.rb +++ b/spec/unit/functions/postgresql_password_spec.rb @@ -3,4 +3,6 @@ describe 'postgresql_password', :type => :puppet_function do it { is_expected.to run.with_params('foo', 'bar'). and_return('md596948aad3fcae80c08a35c9b5958cd89') } + it { is_expected.to run.with_params('foo', 1234). + and_return('md539a0e1b308278a8de5e007cd1f795920') } end From 898222d0e9ead0aed33c237d0d7058eecfd40d2a Mon Sep 17 00:00:00 2001 From: Hal Deadman Date: Mon, 15 Aug 2016 16:00:10 -0400 Subject: [PATCH 0100/1000] handle case where default database name is not the same as user note selector doesn't include inline equals expression due to puppet 3 --- manifests/server/passwd.pp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index ba50098196..11d048902b 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -5,6 +5,14 @@ $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port + $database = $postgresql::server::default_database + + # psql will default to connecting as $user if you don't specify name + $_datbase_user_same = $database == $user + $_dboption = $_datbase_user_same ? { + false => " --dbname ${database}", + default => '' + } if ($postgres_password != undef) { # NOTE: this password-setting logic relies on the pg_hba.conf being @@ -15,7 +23,7 @@ exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user - command => "${psql_path} -c \"ALTER ROLE \\\"${user}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"", + command => "${psql_path}${_dboption} -c \"ALTER ROLE \\\"${user}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"", user => $user, group => $group, logoutput => true, From fc708897c03123446904e082087958fd8917e4da Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 26 Aug 2016 09:28:58 +0200 Subject: [PATCH 0101/1000] Update modulesync_config [a3fe424] --- .rubocop.yml | 508 ++++++++++++++++++++++ .travis.yml | 9 +- Gemfile | 55 ++- Rakefile | 4 - spec/acceptance/nodesets/centos-7-x64.yml | 2 +- 5 files changed, 546 insertions(+), 32 deletions(-) create mode 100644 .rubocop.yml diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000000..5aadd1b64f --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,508 @@ +require: rubocop-rspec +AllCops: + TargetRubyVersion: 1.9 + Include: + - ./**/*.rb + Exclude: + - vendor/**/* + - .vendor/**/* + - pkg/**/* + - spec/fixtures/**/* +Lint/ConditionPosition: + Enabled: True + +Lint/ElseLayout: + Enabled: True + +Lint/UnreachableCode: + Enabled: True + +Lint/UselessComparison: + Enabled: True + +Lint/EnsureReturn: + Enabled: True + +Lint/HandleExceptions: + Enabled: True + +Lint/LiteralInCondition: + Enabled: True + +Lint/ShadowingOuterLocalVariable: + Enabled: True + +Lint/LiteralInInterpolation: + Enabled: True + +Style/HashSyntax: + Enabled: True + +Style/RedundantReturn: + Enabled: True + +Lint/AmbiguousOperator: + Enabled: True + +Lint/AssignmentInCondition: + Enabled: True + +Style/SpaceBeforeComment: + Enabled: True + +Style/AndOr: + Enabled: True + +Style/RedundantSelf: + Enabled: True + +# Method length is not necessarily an indicator of code quality +Metrics/MethodLength: + Enabled: False + +# Module length is not necessarily an indicator of code quality +Metrics/ModuleLength: + Enabled: False + +Style/WhileUntilModifier: + Enabled: True + +Lint/AmbiguousRegexpLiteral: + Enabled: True + +Lint/Eval: + Enabled: True + +Lint/BlockAlignment: + Enabled: True + +Lint/DefEndAlignment: + Enabled: True + +Lint/EndAlignment: + Enabled: True + +Lint/DeprecatedClassMethods: + Enabled: True + +Lint/Loop: + Enabled: True + +Lint/ParenthesesAsGroupedExpression: + Enabled: True + +Lint/RescueException: + Enabled: True + +Lint/StringConversionInInterpolation: + Enabled: True + +Lint/UnusedBlockArgument: + Enabled: True + +Lint/UnusedMethodArgument: + Enabled: True + +Lint/UselessAccessModifier: + Enabled: True + +Lint/UselessAssignment: + Enabled: True + +Lint/Void: + Enabled: True + +Style/AccessModifierIndentation: + Enabled: True + +Style/AccessorMethodName: + Enabled: True + +Style/Alias: + Enabled: True + +Style/AlignArray: + Enabled: True + +Style/AlignHash: + Enabled: True + +Style/AlignParameters: + Enabled: True + +Metrics/BlockNesting: + Enabled: True + +Style/AsciiComments: + Enabled: True + +Style/Attr: + Enabled: True + +Style/BracesAroundHashParameters: + Enabled: True + +Style/CaseEquality: + Enabled: True + +Style/CaseIndentation: + Enabled: True + +Style/CharacterLiteral: + Enabled: True + +Style/ClassAndModuleCamelCase: + Enabled: True + +Style/ClassAndModuleChildren: + Enabled: False + +Style/ClassCheck: + Enabled: True + +# Class length is not necessarily an indicator of code quality +Metrics/ClassLength: + Enabled: False + +Style/ClassMethods: + Enabled: True + +Style/ClassVars: + Enabled: True + +Style/WhenThen: + Enabled: True + +Style/WordArray: + Enabled: True + +Style/UnneededPercentQ: + Enabled: True + +Style/Tab: + Enabled: True + +Style/SpaceBeforeSemicolon: + Enabled: True + +Style/TrailingBlankLines: + Enabled: True + +Style/SpaceInsideBlockBraces: + Enabled: True + +Style/SpaceInsideBrackets: + Enabled: True + +Style/SpaceInsideHashLiteralBraces: + Enabled: True + +Style/SpaceInsideParens: + Enabled: True + +Style/LeadingCommentSpace: + Enabled: True + +Style/SpaceBeforeFirstArg: + Enabled: True + +Style/SpaceAfterColon: + Enabled: True + +Style/SpaceAfterComma: + Enabled: True + +Style/SpaceAfterMethodName: + Enabled: True + +Style/SpaceAfterNot: + Enabled: True + +Style/SpaceAfterSemicolon: + Enabled: True + +Style/SpaceAroundEqualsInParameterDefault: + Enabled: True + +Style/SpaceAroundOperators: + Enabled: True + +Style/SpaceBeforeBlockBraces: + Enabled: True + +Style/SpaceBeforeComma: + Enabled: True + +Style/CollectionMethods: + Enabled: True + +Style/CommentIndentation: + Enabled: True + +Style/ColonMethodCall: + Enabled: True + +Style/CommentAnnotation: + Enabled: True + +# 'Complexity' is very relative +Metrics/CyclomaticComplexity: + Enabled: False + +Style/ConstantName: + Enabled: True + +Style/Documentation: + Enabled: False + +Style/DefWithParentheses: + Enabled: True + +Style/PreferredHashMethods: + Enabled: True + +Style/DotPosition: + EnforcedStyle: trailing + +Style/DoubleNegation: + Enabled: True + +Style/EachWithObject: + Enabled: True + +Style/EmptyLineBetweenDefs: + Enabled: True + +Style/IndentArray: + Enabled: True + +Style/IndentHash: + Enabled: True + +Style/IndentationConsistency: + Enabled: True + +Style/IndentationWidth: + Enabled: True + +Style/EmptyLines: + Enabled: True + +Style/EmptyLinesAroundAccessModifier: + Enabled: True + +Style/EmptyLiteral: + Enabled: True + +# Configuration parameters: AllowURI, URISchemes. +Metrics/LineLength: + Enabled: False + +Style/MethodCallParentheses: + Enabled: True + +Style/MethodDefParentheses: + Enabled: True + +Style/LineEndConcatenation: + Enabled: True + +Style/TrailingWhitespace: + Enabled: True + +Style/StringLiterals: + Enabled: True + +Style/TrailingCommaInArguments: + Enabled: True + +Style/TrailingCommaInLiteral: + Enabled: True + +Style/GlobalVars: + Enabled: True + +Style/GuardClause: + Enabled: True + +Style/IfUnlessModifier: + Enabled: True + +Style/MultilineIfThen: + Enabled: True + +Style/NegatedIf: + Enabled: True + +Style/NegatedWhile: + Enabled: True + +Style/Next: + Enabled: True + +Style/SingleLineBlockParams: + Enabled: True + +Style/SingleLineMethods: + Enabled: True + +Style/SpecialGlobalVars: + Enabled: True + +Style/TrivialAccessors: + Enabled: True + +Style/UnlessElse: + Enabled: True + +Style/VariableInterpolation: + Enabled: True + +Style/VariableName: + Enabled: True + +Style/WhileUntilDo: + Enabled: True + +Style/EvenOdd: + Enabled: True + +Style/FileName: + Enabled: True + +Style/For: + Enabled: True + +Style/Lambda: + Enabled: True + +Style/MethodName: + Enabled: True + +Style/MultilineTernaryOperator: + Enabled: True + +Style/NestedTernaryOperator: + Enabled: True + +Style/NilComparison: + Enabled: True + +Style/FormatString: + Enabled: True + +Style/MultilineBlockChain: + Enabled: True + +Style/Semicolon: + Enabled: True + +Style/SignalException: + Enabled: True + +Style/NonNilCheck: + Enabled: True + +Style/Not: + Enabled: True + +Style/NumericLiterals: + Enabled: True + +Style/OneLineConditional: + Enabled: True + +Style/OpMethod: + Enabled: True + +Style/ParenthesesAroundCondition: + Enabled: True + +Style/PercentLiteralDelimiters: + Enabled: True + +Style/PerlBackrefs: + Enabled: True + +Style/PredicateName: + Enabled: True + +Style/RedundantException: + Enabled: True + +Style/SelfAssignment: + Enabled: True + +Style/Proc: + Enabled: True + +Style/RaiseArgs: + Enabled: True + +Style/RedundantBegin: + Enabled: True + +Style/RescueModifier: + Enabled: True + +# based on https://github.com/voxpupuli/modulesync_config/issues/168 +Style/RegexpLiteral: + EnforcedStyle: percent_r + Enabled: True + +Lint/UnderscorePrefixedVariableName: + Enabled: True + +Metrics/ParameterLists: + Enabled: False + +Lint/RequireParentheses: + Enabled: True + +Style/SpaceBeforeFirstArg: + Enabled: True + +Style/ModuleFunction: + Enabled: True + +Lint/Debugger: + Enabled: True + +Style/IfWithSemicolon: + Enabled: True + +Style/Encoding: + Enabled: True + +Style/BlockDelimiters: + Enabled: True + +Style/MultilineBlockLayout: + Enabled: True + +# 'Complexity' is very relative +Metrics/AbcSize: + Enabled: False + +# 'Complexity' is very relative +Metrics/PerceivedComplexity: + Enabled: False + +Lint/UselessAssignment: + Enabled: True + +Style/ClosingParenthesisIndentation: + Enabled: False + +# RSpec + +# We don't use rspec in this way +RSpec/DescribeClass: + Enabled: False + +# Example length is not necessarily an indicator of code quality +RSpec/ExampleLength: + Enabled: False + +RSpec/NamedSubject: + Enabled: False diff --git a/.travis.yml b/.travis.yml index f631db04fb..4e549bf77a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,21 +7,24 @@ script: "bundle exec rake validate lint spec" matrix: fast_finish: true include: - - rvm: 2.1.6 + - rvm: 2.3.1 dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 script: bundle exec rake beaker services: docker sudo: required - - rvm: 2.1.6 + - rvm: 2.3.1 dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 script: bundle exec rake beaker services: docker sudo: required + - rvm: 2.3.1 + bundler_args: --without system_tests + env: PUPPET_GEM_VERSION="~> 4.0" - rvm: 2.1.9 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + env: PUPPET_GEM_VERSION="~> 4.0" - rvm: 2.1.5 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" diff --git a/Gemfile b/Gemfile index c7da908d9f..c97275bd82 100644 --- a/Gemfile +++ b/Gemfile @@ -2,39 +2,46 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" -def location_for(place, version = nil) - if place =~ /^(git[:@][^#]*)#(.*)/ - [version, { :git => $1, :branch => $2, :require => false}].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false}] +def location_from_env(env, default_location = []) + if location = ENV[env] + if location =~ /^((?:git|https?)[:@][^#]*)#(.*)/ + [{ :git => $1, :branch => $2, :require => false }] + elsif location =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [location, { :require => false }] + end else - [place, version, { :require => false}].compact + default_location end end group :development, :unit_tests do - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', '>= 3.4.0', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false + gem 'metadata-json-lint' + gem 'puppet_facts' + gem 'puppet-blacksmith', '>= 3.4.0' + gem 'puppetlabs_spec_helper', '>= 1.2.1' + gem 'rspec-puppet', '>= 2.3.2' + gem 'rspec-puppet-facts' + gem 'simplecov' + gem 'parallel_tests' + gem 'rubocop', '0.41.2' if RUBY_VERSION < '2.0.0' + gem 'rubocop' if RUBY_VERSION >= '2.0.0' + gem 'rubocop-rspec', '~> 1.6' if RUBY_VERSION >= '2.3.0' + gem 'json_pure', '<= 2.0.1' if RUBY_VERSION < '2.0.0' end group :system_tests do - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) + gem 'beaker', *location_from_env('BEAKER_VERSION', []) if RUBY_VERSION >= '2.3.0' + gem 'beaker', *location_from_env('BEAKER_VERSION', ['< 3']) if RUBY_VERSION < '2.3.0' + gem 'beaker-rspec', *location_from_env('BEAKER_RSPEC_VERSION', ['>= 3.4']) + gem 'serverspec' + gem 'beaker-puppet_install_helper' + gem 'master_manipulator' + gem 'beaker-hostgenerator', *location_from_env('BEAKER_HOSTGENERATOR_VERSION', []) end -# json_pure 2.0.2 added a requirement on ruby >= 2. We pin to json_pure 2.0.1 -# if using ruby 1.x -gem 'json_pure', '<=2.0.1', :require => false if RUBY_VERSION =~ /^1\./ - -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) +gem 'facter', *location_from_env('FACTER_GEM_VERSION') +gem 'puppet', *location_from_env('PUPPET_GEM_VERSION') if File.exists? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) diff --git a/Rakefile b/Rakefile index 8906d23cd8..3e8d4cb952 100644 --- a/Rakefile +++ b/Rakefile @@ -2,13 +2,9 @@ require 'puppet_blacksmith/rake_tasks' require 'puppet-lint/tasks/puppet-lint' require 'puppetlabs_spec_helper/rake_tasks' -PuppetLint.configuration.fail_on_warnings = true PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_140chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.send('disable_documentation') PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp", "bundle/**/*", "vendor/**/*"] desc 'Generate pooler nodesets' task :gen_nodeset do diff --git a/spec/acceptance/nodesets/centos-7-x64.yml b/spec/acceptance/nodesets/centos-7-x64.yml index 1a40c8950f..5eebdefbfa 100644 --- a/spec/acceptance/nodesets/centos-7-x64.yml +++ b/spec/acceptance/nodesets/centos-7-x64.yml @@ -3,7 +3,7 @@ HOSTS: roles: - agent - default - platform: redhat-7-x86_64 + platform: el-7-x86_64 hypervisor: vagrant box: puppetlabs/centos-7.2-64-nocm CONFIG: From 0d196cf92d21e0f00adcd388f17b209356995bb6 Mon Sep 17 00:00:00 2001 From: Hal Deadman Date: Fri, 19 Aug 2016 14:48:21 -0400 Subject: [PATCH 0102/1000] allow specification of different folder for working directory --- README.md | 4 + manifests/globals.pp | 1 + manifests/params.pp | 1 + manifests/server.pp | 2 +- manifests/server/initdb.pp | 25 +++--- manifests/server/passwd.pp | 3 +- manifests/server/role.pp | 8 +- manifests/server/schema.pp | 10 ++- manifests/server/tablespace.pp | 8 +- manifests/validate_db_connection.pp | 3 +- spec/unit/classes/server/initdb_spec.rb | 86 +++++++++++++++++++ .../defines/validate_db_connection_spec.rb | 14 ++- 12 files changed, 137 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 150f2f24de..d7f715ebce 100644 --- a/README.md +++ b/README.md @@ -453,6 +453,10 @@ Set a prefix for the server logs. Default: `'%t '` Sets up official PostgreSQL repositories on your host if set to true. Default: false. +##### `module_workdir` + +Specifies working directory under which the psql command should be executed. May need to specify if /tmp is on volume mounted with noexec option. Default: /tmp + ##### `needs_initdb` Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. Default: OS dependent. diff --git a/manifests/globals.pp b/manifests/globals.pp index a56f95ff06..089fe126b4 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -55,6 +55,7 @@ $manage_recovery_conf = undef, $manage_package_repo = undef, + $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/params.pp b/manifests/params.pp index 60331f82de..bc12c998d4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -20,6 +20,7 @@ $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) $package_ensure = 'present' + $module_workdir = pick($module_workdir,'/tmp') # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $::osfamily { diff --git a/manifests/server.pp b/manifests/server.pp index f4fa2f44dc..a7a448d427 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -53,7 +53,7 @@ $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, $manage_recovery_conf = $postgresql::params::manage_recovery_conf, - + $module_workdir = $postgresql::params::module_workdir, #Deprecated $version = undef, ) inherits postgresql::params { diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index b0df326319..04d5aa83a3 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,16 +1,17 @@ # PRIVATE CLASS: do not call directly class postgresql::server::initdb { - $needs_initdb = $postgresql::server::needs_initdb - $initdb_path = $postgresql::server::initdb_path - $datadir = $postgresql::server::datadir - $xlogdir = $postgresql::server::xlogdir - $logdir = $postgresql::server::logdir - $encoding = $postgresql::server::encoding - $locale = $postgresql::server::locale - $group = $postgresql::server::group - $user = $postgresql::server::user - $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port + $needs_initdb = $postgresql::server::needs_initdb + $initdb_path = $postgresql::server::initdb_path + $datadir = $postgresql::server::datadir + $xlogdir = $postgresql::server::xlogdir + $logdir = $postgresql::server::logdir + $encoding = $postgresql::server::encoding + $locale = $postgresql::server::locale + $group = $postgresql::server::group + $user = $postgresql::server::user + $psql_path = $postgresql::server::psql_path + $port = $postgresql::server::port + $module_workdir = $postgresql::server::module_workdir # Set the defaults for the postgresql_psql resource Postgresql_psql { @@ -18,6 +19,7 @@ psql_group => $group, psql_path => $psql_path, port => $port, + cwd => $module_workdir, } # Make sure the data directory exists, and has the correct permissions. @@ -81,6 +83,7 @@ group => $group, logoutput => on_failure, require => File[$require_before_initdb], + cwd => $module_workdir, } # The package will take care of this for us the first time, but if we # ever need to init a new db we need to copy these files explicitly diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index 11d048902b..bb922eea10 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -6,6 +6,7 @@ $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port $database = $postgresql::server::default_database + $module_workdir = $postgresql::server::module_workdir # psql will default to connecting as $user if you don't specify name $_datbase_user_same = $database == $user @@ -27,7 +28,7 @@ user => $user, group => $group, logoutput => true, - cwd => '/tmp', + cwd => $module_workdir, environment => [ "PGPASSWORD=${postgres_password}", "PGPORT=${port}", diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 3637b6908a..b7f2be85cc 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -13,9 +13,10 @@ $username = $title, $connect_settings = $postgresql::server::default_connect_settings, ) { - $psql_user = $postgresql::server::user - $psql_group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + $psql_user = $postgresql::server::user + $psql_group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path + $module_workdir = $postgresql::server::module_workdir # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port @@ -57,6 +58,7 @@ psql_group => $psql_group, psql_path => $psql_path, connect_settings => $connect_settings, + cwd => $module_workdir, require => [ Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], Class['postgresql::server'], diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index bbf4bc48aa..00eb5abb18 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -19,10 +19,11 @@ $connect_settings = $postgresql::server::default_connect_settings, $change_ownership = false, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $version = $postgresql::server::_version + $user = $postgresql::server::user + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path + $version = $postgresql::server::_version + $module_workdir = $postgresql::server::module_workdir # If the connection settings do not contain a port, then use the local server port if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { @@ -37,6 +38,7 @@ psql_group => $group, psql_path => $psql_path, port => $port, + cwd => $module_workdir, connect_settings => $connect_settings, } diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 8fb22b571f..23ab919e0b 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -5,9 +5,10 @@ $spcname = $title, $connect_settings = $postgresql::server::default_connect_settings, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + $user = $postgresql::server::user + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path + $module_workdir = $postgresql::server::module_workdir # If the connection settings do not contain a port, then use the local server port if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { @@ -22,6 +23,7 @@ psql_path => $psql_path, port => $port, connect_settings => $connect_settings, + cwd => $module_workdir, } if ($owner == undef) { diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index bbdc94424d..9c17419bfd 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -19,6 +19,7 @@ include postgresql::params $psql_path = $postgresql::params::psql_path + $module_workdir = $postgresql::params::module_workdir $validcon_script_path = $postgresql::client::validcon_script_path $cmd_init = "${psql_path} --tuples-only --quiet " @@ -67,7 +68,7 @@ exec { $exec_name: command => "echo 'Unable to connect to defined database using: ${cmd}' && false", unless => $validate_cmd, - cwd => '/tmp', + cwd => $module_workdir, environment => $env, logoutput => 'on_failure', user => $run_as, diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 5ddfb70045..54044fbb99 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -32,5 +32,91 @@ end it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } end + + describe 'exec with module_workdir => /var/tmp' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6.0', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + module_workdir => '/var/tmp', + }-> + class { 'postgresql::server': } + EOS + end + + it 'should contain exec with specified working directory' do + is_expected.to contain_exec('postgresql_initdb').with ({ + :cwd => '/var/tmp', + }) + end + end + + describe 'exec with module_workdir => undef' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6.0', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + }-> + class { 'postgresql::server': } + EOS + end + + it 'should contain exec with default working directory' do + is_expected.to contain_exec('postgresql_initdb').with ({ + :cwd => '/tmp', + }) + end + end + + + describe 'postgresql_psql with module_workdir => /var/tmp' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6.0', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + module_workdir => '/var/tmp', + encoding => 'test', + needs_initdb => false, + }-> + class { 'postgresql::server': } + EOS + end + it 'should contain postgresql_psql with specified working directory' do + is_expected.to contain_postgresql_psql('Set template1 encoding to test').with({ + :cwd => '/var/tmp', + }) + end + end end diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index 9cf5048f4e..c7406dc7d7 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -52,12 +52,18 @@ end let :pre_condition do - "class { 'postgresql::client': validcon_script_path => '/opt/something/validate.sh' }" - end + <<-EOS + class { 'postgresql::globals': + module_workdir => '/var/tmp', + } -> + class { 'postgresql::client': validcon_script_path => '/opt/something/validate.sh' } + EOS + end - it 'should have proper path for validate command' do + it 'should have proper path for validate command and correct cwd' do is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with({ - :unless => %r'^/opt/something/validate.sh\s+\d+' + :unless => %r'^/opt/something/validate.sh\s+\d+', + :cwd => '/var/tmp', }) end From 84454c6a7471249f745d3dc1b6f195b5b38cc3f7 Mon Sep 17 00:00:00 2001 From: Jan Fabry Date: Thu, 8 Sep 2016 00:43:52 +0200 Subject: [PATCH 0103/1000] Grant role with unit tests (#762) * Adding grant_role and updating README * Add unit tests for grant_role * Define relationships with role and group But only if they are defined, similar to other defined types in this module. * Add connect_settings to grant_role Only require Postgresql::Server if it is not specified. This check might change, depending on MODULES-3229. * Document grant_role/connect_settings * Add 'ensure' to grant_role Does not affect the relationships with Role[$user] and $Role[$group]. They don't have have an ensure argument (yet), so there is no situation where you would first revoke the membership and then drop the role. * Fix variable typo (user => role) * Use correct quotes for identifier * Add validation for group and role * Puppet 3 treats numbers like strings --- README.md | 33 ++++ manifests/server/grant_role.pp | 51 +++++++ spec/unit/defines/server/grant_role_spec.rb | 161 ++++++++++++++++++++ 3 files changed, 245 insertions(+) create mode 100644 manifests/server/grant_role.pp create mode 100644 spec/unit/defines/server/grant_role_spec.rb diff --git a/README.md b/README.md index d7f715ebce..0212fd452b 100644 --- a/README.md +++ b/README.md @@ -323,6 +323,7 @@ The postgresql module comes with many options for configuring the server. While * [postgresql::server::database_grant](#postgresqlserverdatabase_grant) * [postgresql::server::db](#postgresqlserverdb) * [postgresql::server::extension](#postgresqlserverextension) +* [postgresql::server::grant_role](#postgresqlservergrant_role) * [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) * [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) * [postgresql::server::recovery](#postgresqlserverrecovery) @@ -982,6 +983,38 @@ Sets the OS user to run `psql`. Default: the default user for the module, usuall Specifies the role or user whom you are granting access to. +#### postgresql::server::grant_role + +Allows you to assign a role to a (group) role. See [PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) for more information. + +##### `group` + +Specifies the group role to which you are assigning a role. + +##### `role` + +Specifies the role you want to assign to a group. + +##### `ensure` + +Specifies whether to grant ('present') or revoke ('absent') the membership. Default: 'present'. + +##### `port` + +Port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. + +##### `psql_db` + +Specifies the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. + +##### `psql_user` + +Sets the OS user to run `psql`. Default: the default user for the module, usually `postgres`. + +##### `connect_settings` + +Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. + #### postgresql::server::pg_hba_rule Allows you to create an access rule for `pg_hba.conf`. For more details see the [usage example](#create-an-access-rule-for-pghba.conf) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp new file mode 100644 index 0000000000..6a5d1244e9 --- /dev/null +++ b/manifests/server/grant_role.pp @@ -0,0 +1,51 @@ +# Define for granting membership to a role. See README.md for more information +define postgresql::server::grant_role ( + $group, + $role, + $ensure = 'present', + $psql_db = $postgresql::server::default_database, + $psql_user = $postgresql::server::user, + $port = $postgresql::server::port, + $connect_settings = $postgresql::server::default_connect_settings, +) { + validate_string($group) + validate_string($role) + if empty($group) { + fail('$group must be set') + } + if empty($role) { + fail('$role must be set') + } + case $ensure { + 'present': { + $command = "GRANT \"${group}\" TO \"${role}\"" + $unless_comp = '=' + } + 'absent': { + $command = "REVOKE \"${group}\" FROM \"${role}\"" + $unless_comp = '!=' + } + default: { + fail("Unknown value for ensure '${ensure}'.") + } + } + + postgresql_psql { "grant_role:${name}": + command => $command, + unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '${group}' AND u.usename = '${role}') AS t WHERE t.count ${unless_comp} 1", + db => $psql_db, + psql_user => $psql_user, + port => $port, + connect_settings => $connect_settings, + } + + if ! $connect_settings or empty($connect_settings) { + Class['postgresql::server']->Postgresql_psql["grant_role:${name}"] + } + if defined(Postgresql::Server::Role[$role]) { + Postgresql::Server::Role[$role]->Postgresql_psql["grant_role:${name}"] + } + if defined(Postgresql::Server::Role[$group]) { + Postgresql::Server::Role[$group]->Postgresql_psql["grant_role:${name}"] + } +} diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb new file mode 100644 index 0000000000..37f3ec7341 --- /dev/null +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -0,0 +1,161 @@ +require 'spec_helper' + +describe 'postgresql::server::grant_role', :type => :define do + let :pre_condition do + "class { 'postgresql::server': }" + end + + let :facts do + {:osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6.0', + :kernel => 'Linux', :concat_basedir => tmpfilename('postgis'), + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let (:title) { 'test' } + + let (:params) { { + :group => 'my_group', + :role => 'my_role', + } } + + context "with mandatory arguments only" do + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ + :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", + :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count = 1", + }).that_requires('Class[postgresql::server]') + } + end + + context "validation" do + context "group invalid type" do + let (:params) { { + :group => ['a', 'b'], + :role => 'r', + } } + + it { + expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) + } + end + + context "role invalid type" do + let (:params) { { + :group => 'g', + :role => true, + } } + + it { + expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) + } + end + + context "group empty" do + let (:params) { { + :group => '', + :role => 'r', + } } + + it { + expect { catalogue }.to raise_error(/\$group must be set/) + } + end + + context "role empty" do + let (:params) { { + :group => 'g', + :role => :undef, + } } + + it { + expect { catalogue }.to raise_error(/\$role must be set/) + } + end + end + + context "with db arguments" do + let (:params) { super().merge({ + :psql_db => 'postgres', + :psql_user => 'postgres', + :port => '5432', + }) } + + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ + :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", + :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count = 1", + :db => params[:psql_db], + :psql_user => params[:psql_user], + :port => params[:port], + }).that_requires('Class[postgresql::server]') + } + end + + context "with ensure => absent" do + let (:params) { super().merge({ + :ensure => 'absent', + }) } + + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ + :command => "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", + :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count != 1", + }).that_requires('Class[postgresql::server]') + } + end + + context "with ensure => invalid" do + let (:params) { super().merge({ + :ensure => 'invalid', + }) } + + it { + expect { catalogue }.to raise_error(Puppet::Error, /Unknown value for ensure/) + } + end + + context "with user defined" do + let :pre_condition do + "class { 'postgresql::server': } +postgresql::server::role { '#{params[:role]}': }" + end + + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") + } + it { + is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") + } + end + + context "with group defined" do + let :pre_condition do + "class { 'postgresql::server': } +postgresql::server::role { '#{params[:group]}': }" + end + + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") + } + it { + is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") + } + end + + context "with connect_settings" do + let (:params) { super().merge({ + :connect_settings => { 'PGHOST' => 'postgres-db-server' }, + }) } + + it { + is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings( { 'PGHOST' => 'postgres-db-server' } ) + } + it { + is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]') + } + end +end From 8a77183664df8acf6a8150bda23051cce09e17e2 Mon Sep 17 00:00:00 2001 From: Brian Almeida Date: Sun, 11 Sep 2016 20:51:25 -0400 Subject: [PATCH 0104/1000] (#3858) Fix unless check in grant_role to work with roles as well as users --- manifests/server/grant_role.pp | 2 +- spec/acceptance/server/grant_role_spec.rb | 62 +++++++++++++++++++++ spec/unit/defines/server/grant_role_spec.rb | 6 +- 3 files changed, 66 insertions(+), 4 deletions(-) create mode 100644 spec/acceptance/server/grant_role_spec.rb diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 6a5d1244e9..066355982f 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -32,7 +32,7 @@ postgresql_psql { "grant_role:${name}": command => $command, - unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '${group}' AND u.usename = '${role}') AS t WHERE t.count ${unless_comp} 1", + unless => "SELECT 1 WHERE pg_has_role('${role}', '${group}', 'MEMBER') ${unless_comp} true", db => $psql_db, psql_user => $psql_user, port => $port, diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb new file mode 100644 index 0000000000..616d86caea --- /dev/null +++ b/spec/acceptance/server/grant_role_spec.rb @@ -0,0 +1,62 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server::grant_role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'should grant a role to a user' do + begin + pp = <<-EOS.unindent + $db = 'grant_role_test' + $user = 'psql_grant_role_tester' + $group = 'test_group' + $password = 'psql_grant_role_pw' + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the role was granted to the user + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end + +end diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 37f3ec7341..2a04bef4dd 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -26,7 +26,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count = 1", + :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') = true", }).that_requires('Class[postgresql::server]') } end @@ -87,7 +87,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count = 1", + :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') = true", :db => params[:psql_db], :psql_user => params[:psql_user], :port => params[:port], @@ -103,7 +103,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", - :unless => "SELECT t.count FROM (SELECT count(*) FROM pg_user AS u JOIN pg_auth_members AS am ON (u.usesysid = am.member) JOIN pg_roles AS r ON (r.oid = am.roleid) WHERE r.rolname = '#{params[:group]}' AND u.usename = '#{params[:role]}') AS t WHERE t.count != 1", + :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') != true", }).that_requires('Class[postgresql::server]') } end From 1942df4055b7e2f38f404c45b08bf5072d59b19b Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Tue, 20 Sep 2016 18:18:07 +0200 Subject: [PATCH 0105/1000] Fix SQL style on role.pp --- manifests/server/role.pp | 20 ++++++++++---------- spec/unit/defines/server/role_spec.rb | 12 ++++++------ 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index b7f2be85cc..c4a8f104d8 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -67,45 +67,45 @@ postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", environment => $environment, require => Class['Postgresql::Server'], } postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolsuper=${superuser}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}", } postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreatedb=${createdb}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}", } postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreaterole=${createrole}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}", } postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcanlogin=${login}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}", } postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolinherit=${inherit}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}", } if(versioncmp($version, '9.1') >= 0) { if $replication_sql == '' { postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", } } else { postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", } } } postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolconnlimit=${connection_limit}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } if $password_hash { @@ -117,7 +117,7 @@ } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": command => "ALTER ROLE \"${username}\" ${password_sql}", - unless => "SELECT usename FROM pg_shadow WHERE usename='${username}' and passwd='${pwd_hash_sql}'", + unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'", environment => $environment, } } diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 88833a113b..5c608cfee2 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -32,7 +32,7 @@ is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => "5432", }) end @@ -40,7 +40,7 @@ is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'port' => "5432", }) end @@ -65,7 +65,7 @@ is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => "5432", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', @@ -78,7 +78,7 @@ is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'port' => "5432", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', @@ -110,7 +110,7 @@ is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', @@ -122,7 +122,7 @@ is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', From c0f59d159bbf27e007d10439bb00c78771a7c117 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 23 Sep 2016 10:46:37 +0200 Subject: [PATCH 0106/1000] Default role of grant_role to namevar Most of the times users are part of a single group. This change make it easier to grant a role to an array of roles. --- README.md | 2 +- manifests/server/grant_role.pp | 2 +- spec/unit/defines/server/grant_role_spec.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0212fd452b..28de81e389 100644 --- a/README.md +++ b/README.md @@ -993,7 +993,7 @@ Specifies the group role to which you are assigning a role. ##### `role` -Specifies the role you want to assign to a group. +Specifies the role you want to assign to a group. If left blank, uses the name of the resource. ##### `ensure` diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 066355982f..d73aa78729 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -1,7 +1,7 @@ # Define for granting membership to a role. See README.md for more information define postgresql::server::grant_role ( $group, - $role, + $role = $name, $ensure = 'present', $psql_db = $postgresql::server::default_database, $psql_user = $postgresql::server::user, diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 2a04bef4dd..badcd9ca9d 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -68,7 +68,7 @@ context "role empty" do let (:params) { { :group => 'g', - :role => :undef, + :role => '', } } it { From f83665aa2559cae67c603c020cd6c0199a7ac831 Mon Sep 17 00:00:00 2001 From: K Jonathan Harker Date: Wed, 5 Oct 2016 14:13:56 -0700 Subject: [PATCH 0107/1000] Remove duplicate RedHat default section A duplicate default_version default section was added in https://github.com/puppetlabs/puppetlabs-postgresql/commit/1eb45d07f163ab3e3fd117d9de4bc4351b228853 This removes the duplicate default section. --- manifests/globals.pp | 6 ------ 1 file changed, 6 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 089fe126b4..dcb2906660 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -76,12 +76,6 @@ /^5\./ => '8.1', default => undef, }, - default => $::operatingsystemrelease ? { - /^7\./ => '9.2', - /^6\./ => '8.4', - /^5\./ => '8.1', - default => undef, - }, }, 'Debian' => $::operatingsystem ? { 'Debian' => $::operatingsystemrelease ? { From c6b66628243ccfe7a1f104d60654101d28ccaec8 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 10 Oct 2016 14:27:13 +0100 Subject: [PATCH 0108/1000] Update modulesync_config [51f469d] --- .sync.yml | 20 ++++++++++++++++++++ .travis.yml | 4 ++-- 2 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 .sync.yml diff --git a/.sync.yml b/.sync.yml new file mode 100644 index 0000000000..781584adc0 --- /dev/null +++ b/.sync.yml @@ -0,0 +1,20 @@ +--- +.travis.yml: + includes: + - rvm: 2.3.1 + env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" + bundler_args: --without system_tests + - rvm: 2.1.9 + env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" + bundler_args: --without system_tests + - rvm: 2.1.5 + env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + bundler_args: --without system_tests + - rvm: 2.1.5 + env: PUPPET_GEM_VERSION="~> 3.0" + bundler_args: --without system_tests + - rvm: 1.9.3 + env: PUPPET_GEM_VERSION="~> 3.0" + bundler_args: --without system_tests +spec/spec_helper.rb: + allow_deprecations: true diff --git a/.travis.yml b/.travis.yml index 4e549bf77a..6b0a0975f2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,10 +21,10 @@ matrix: sudo: required - rvm: 2.3.1 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" + env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - rvm: 2.1.9 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" + env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - rvm: 2.1.5 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" From 03263c9155e69d4d5f87864b1e49251107453e16 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 10 Oct 2016 16:26:22 -0700 Subject: [PATCH 0109/1000] adds single revoke test --- spec/acceptance/server/grant_role_spec.rb | 77 +++++++++++++++++++++-- 1 file changed, 73 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 616d86caea..334cc6bb0e 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -1,13 +1,19 @@ require 'spec_helper_acceptance' describe 'postgresql::server::grant_role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + db = 'grant_role_test' + user = 'psql_grant_role_tester' + group = 'test_group' + password = 'psql_grant_role_pw' + it 'should grant a role to a user' do begin pp = <<-EOS.unindent - $db = 'grant_role_test' - $user = 'psql_grant_role_tester' - $group = 'test_group' - $password = 'psql_grant_role_pw' + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} class { 'postgresql::server': } @@ -59,4 +65,67 @@ class { 'postgresql::server': } end end + it 'should revoke a role from a user' do + begin + pp = <<-EOS + + $db = "#{db}" + $user = "#{user}" + $group = "#{group}" + $password = #{password} + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + + postgresql::server::grant_role {"revoke ${group} from ${user}": + ensure => absent, + role => $user, + group => $group, + } + EOS + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :expect_changes => true) + + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(/\(0 rows\)/) + expect(r.stderr).to eq('') + end + end + end + end From a120447f68a93bf7fe0b8efba6505f196f5b6a22 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Tue, 18 Oct 2016 10:01:16 +0100 Subject: [PATCH 0110/1000] Adding a negative test case for grant role --- spec/acceptance/server/grant_role_spec.rb | 41 +++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 334cc6bb0e..f24a8d1ed9 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -128,4 +128,45 @@ class { 'postgresql::server': } end end + it 'should not grant permission to a nonexistent user' do + begin + pp = <<-EOS + + $db = "#{db}" + $user = "#{user}" + $group = "#{group}" + $password = #{password} + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => absent, + } + + postgresql::server::database { $db: + } + + # Create a role to grant to the nonexistent user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the nonexistent user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user + group => $group, + } + EOS + apply_manifest(pp, :expect_failures => true) + + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(/\(0 rows\)/) + expect(r.stderr).to eq('') + end + end + end + end From 5837c717447def73c82d97554fb98b763a5658f5 Mon Sep 17 00:00:00 2001 From: Leo Antunes Date: Wed, 19 Oct 2016 11:06:51 +0200 Subject: [PATCH 0111/1000] globals: add postgis version for 9.6 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 089fe126b4..2745358571 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -138,6 +138,7 @@ '93' => '2.1', '9.4' => '2.1', '9.5' => '2.2', + '9.6' => '2.3', default => undef, } $globals_postgis_version = $postgis_version ? { From 55c30b9943ca6346050ad96a99191628659be287 Mon Sep 17 00:00:00 2001 From: Jeroen Hooyberghs Date: Wed, 19 Oct 2016 12:50:37 -0700 Subject: [PATCH 0112/1000] (MODULES-1850) replace validate_string by validate_re for real verification on input --- manifests/server/grant.pp | 47 +++++++++++++------------- spec/unit/defines/server/grant_spec.rb | 19 ++++++++++- 2 files changed, 42 insertions(+), 24 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 697313a721..465520151a 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -37,20 +37,21 @@ $_privilege = upcase($privilege) ## Validate that the object type is known - validate_string($_object_type, - #'COLUMN', - 'DATABASE', - #'FOREIGN SERVER', - #'FOREIGN DATA WRAPPER', - #'FUNCTION', - #'PROCEDURAL LANGUAGE', - 'SCHEMA', - 'SEQUENCE', - 'ALL SEQUENCES IN SCHEMA', - 'TABLE', - 'ALL TABLES IN SCHEMA', - #'TABLESPACE', - #'VIEW', + validate_re($_object_type,[ + #'^COLUMN$', + '^DATABASE$', + #'^FOREIGN SERVER$', + #'^FOREIGN DATA WRAPPER$', + #'^FUNCTION$', + #'^PROCEDURAL LANGUAGE$', + '^SCHEMA$', + '^SEQUENCE$', + '^ALL SEQUENCES IN SCHEMA$', + '^TABLE$', + '^ALL TABLES IN SCHEMA$', + #'^TABLESPACE$', + #'^VIEW$', + ] ) # You can use ALL TABLES IN SCHEMA by passing schema_name to object_name # You can use ALL SEQUENCES IN SCHEMA by passing schema_name to object_name @@ -71,8 +72,8 @@ 'ALL PRIVILEGES' => 'CREATE', default => $_privilege, } - validate_string($unless_privilege,'CREATE','CONNECT','TEMPORARY','TEMP', - 'ALL','ALL PRIVILEGES') + validate_re($unless_privilege, [ '^$', '^CREATE$','^CONNECT$','^TEMPORARY$','^TEMP$', + '^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_database_privilege' $on_db = $psql_db $onlyif_function = undef @@ -83,7 +84,7 @@ 'ALL PRIVILEGES' => 'CREATE', default => $_privilege, } - validate_string($_privilege, 'CREATE', 'USAGE', 'ALL', 'ALL PRIVILEGES') + validate_re($_privilege, [ '^$', '^CREATE$', '^USAGE$', '^ALL$', '^ALL PRIVILEGES$' ]) $unless_function = 'has_schema_privilege' $on_db = $db $onlyif_function = undef @@ -93,13 +94,13 @@ 'ALL' => 'USAGE', default => $_privilege, } - validate_string($unless_privilege,'USAGE','ALL','ALL PRIVILEGES') + validate_re($unless_privilege, [ '^$', '^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_sequence_privilege' $on_db = $db $onlyif_function = undef } 'ALL SEQUENCES IN SCHEMA': { - validate_string($_privilege,'USAGE','ALL','ALL PRIVILEGES') + validate_re($_privilege, [ '^$', '^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'custom' $on_db = $db $onlyif_function = undef @@ -142,8 +143,8 @@ 'ALL' => 'INSERT', default => $_privilege, } - validate_string($unless_privilege,'SELECT','INSERT','UPDATE','DELETE', - 'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES') + validate_re($unless_privilege,[ '^$', '^SELECT$','^INSERT$','^UPDATE$','^DELETE$', + '^TRUNCATE$','^REFERENCES$','^TRIGGER$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_table_privilege' $on_db = $db $onlyif_function = $onlyif_exists ? { @@ -152,8 +153,8 @@ } } 'ALL TABLES IN SCHEMA': { - validate_string($_privilege,'SELECT','INSERT','UPDATE','DELETE', - 'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES') + validate_re($_privilege, [ '^$', '^SELECT$','^INSERT$','^UPDATE$','^DELETE$', + '^TRUNCATE$','^REFERENCES$','^TRIGGER$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'custom' $on_db = $db $onlyif_function = undef diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 45d9cce5f1..efc9accf1c 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -133,4 +133,21 @@ it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( '5678' ) } end -end \ No newline at end of file + + context 'invalid objectype' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'usage', + :object_type => 'invalid', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.and_raise_error(/"INVALID" does not match/) } + end +end From 968661402e6a9f42cb41ccfffb71082c99d64e44 Mon Sep 17 00:00:00 2001 From: Andreas de Pretis Date: Wed, 19 Oct 2016 21:55:24 +0200 Subject: [PATCH 0113/1000] Fix deprecated apt::source parameters --- .fixtures.yml | 4 ++-- manifests/repo/apt_postgresql_org.pp | 16 ++++++++++------ metadata.json | 2 +- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 44121bb74e..1c3e753af3 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,8 +1,8 @@ fixtures: repositories: - apt: + apt: repo: "https://github.com/puppetlabs/puppetlabs-apt.git" - branch: "1.8.x" + branch: "2.0.0" stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 60ac2b1042..3a3f03c98a 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -10,12 +10,16 @@ priority => 500, }-> apt::source { 'apt.postgresql.org': - location => 'http://apt.postgresql.org/pub/repos/apt/', - release => "${::lsbdistcodename}-pgdg", - repos => "main ${postgresql::repo::version}", - key => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', - key_source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', - include_src => false, + location => 'http://apt.postgresql.org/pub/repos/apt/', + release => "${::lsbdistcodename}-pgdg", + repos => "main ${postgresql::repo::version}", + key => { + id => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', + source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', + }, + include => { + src => false, + }, } Apt::Source['apt.postgresql.org']->Package<|tag == 'postgresql'|> diff --git a/metadata.json b/metadata.json index 2a59dc9d22..976d2bc8a7 100644 --- a/metadata.json +++ b/metadata.json @@ -9,7 +9,7 @@ "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, - {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, + {"name":"puppetlabs/apt","version_requirement":">=2.0.0 <3.0.0"}, {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} ], "data_provider": null, From 91bfcabdd77bfee9bd23cb7d4f50995146cef76c Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 20 Oct 2016 09:48:29 +0100 Subject: [PATCH 0114/1000] (MODULES-3983) Update parallel_tests for ruby 2.0.0 --- Gemfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index c97275bd82..8222ef0a7a 100644 --- a/Gemfile +++ b/Gemfile @@ -24,7 +24,8 @@ group :development, :unit_tests do gem 'rspec-puppet', '>= 2.3.2' gem 'rspec-puppet-facts' gem 'simplecov' - gem 'parallel_tests' + gem 'parallel_tests', '< 2.10.0' if RUBY_VERSION < '2.0.0' + gem 'parallel_tests' if RUBY_VERSION >= '2.0.0' gem 'rubocop', '0.41.2' if RUBY_VERSION < '2.0.0' gem 'rubocop' if RUBY_VERSION >= '2.0.0' gem 'rubocop-rspec', '~> 1.6' if RUBY_VERSION >= '2.3.0' From 15dd5aad7e691edbf130644e778947553cd565e2 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Tue, 1 Nov 2016 10:58:40 -0400 Subject: [PATCH 0115/1000] Change - Add default postgres version for Fedora 24 to globals class Fedora 24 provides postgresql 9.5 in the default yum repos. --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 79e5b2dd42..22991e31df 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -61,6 +61,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(24)$/ => '9.5', /^(22|23)$/ => '9.4', /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', From e26f6686e843361d22ee8228490f9363969f8d58 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 7 Nov 2016 16:47:02 +0100 Subject: [PATCH 0116/1000] Fix (database|table)_grant documentation --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0212fd452b..f4916ce03e 100644 --- a/README.md +++ b/README.md @@ -909,7 +909,7 @@ Specifies the database to which you are granting access. ##### `privilege` -Specifies which privileges to grant. Valid options: `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, you can use a space delimited string. +Specifies comma-separated list of privileges to grant. Valid options: `ALL`, `CREATE`, `CONNECT`, `TEMPORARY`, `TEMP`. ##### `psql_db` @@ -1033,7 +1033,7 @@ For certain `auth_method` settings there are extra options that can be passed. C ##### `database` -Sets a comma separated list of databases that this rule matches. +Sets a comma-separated list of databases that this rule matches. ##### `description` @@ -1203,7 +1203,7 @@ Specifies which database the table is in. ##### `privilege` -Valid options: `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`, so if you need to add multiple privileges, use a space-delimited string. +Specifies comma-separated list of privileges to grant. Valid options: `ALL`, `SELECT`, `INSERT`, `UPDATE`, `DELETE`, `TRUNCATE`, `REFERENCES`, `TRIGGER`. ##### `psql_db` From 89827602e75c45d735a4c6287f794b02c471e89d Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Tue, 8 Nov 2016 12:01:33 +0100 Subject: [PATCH 0117/1000] Add missing grant resource to TOC --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index f4916ce03e..5e7aaa1c28 100644 --- a/README.md +++ b/README.md @@ -323,6 +323,7 @@ The postgresql module comes with many options for configuring the server. While * [postgresql::server::database_grant](#postgresqlserverdatabase_grant) * [postgresql::server::db](#postgresqlserverdb) * [postgresql::server::extension](#postgresqlserverextension) +* [postgresql::server::grant](#postgresqlservergrant) * [postgresql::server::grant_role](#postgresqlservergrant_role) * [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) * [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) From 65eab8e4cbb0760ebaf317a8fb2e51dd4e51de5f Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Tue, 8 Nov 2016 15:04:07 +0000 Subject: [PATCH 0118/1000] (#3967) Fixed unless check in grant_role so that it works for granting roles to superusers Added acceptance test for granting a role to a superuser --- manifests/server/grant_role.pp | 2 +- spec/acceptance/server/grant_role_spec.rb | 60 ++++++++++++++++++++- spec/unit/defines/server/grant_role_spec.rb | 6 +-- 3 files changed, 63 insertions(+), 5 deletions(-) diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 066355982f..1696bd5ebd 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -32,7 +32,7 @@ postgresql_psql { "grant_role:${name}": command => $command, - unless => "SELECT 1 WHERE pg_has_role('${role}', '${group}', 'MEMBER') ${unless_comp} true", + unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '${group}' AND r_role.rolname = '${role}') ${unless_comp} true", db => $psql_db, psql_user => $psql_user, port => $port, diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index f24a8d1ed9..e802a412c7 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -65,6 +65,65 @@ class { 'postgresql::server': } end end + it 'should grant a role to a superuser' do + begin + pp = <<-EOS.unindent + $db = "#{db}" + $user = "#{user}" + $group = "#{group}" + $password = #{password} + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + superuser => true, + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the role was granted to the user + psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end + it 'should revoke a role from a user' do begin pp = <<-EOS @@ -168,5 +227,4 @@ class { 'postgresql::server': } end end end - end diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 2a04bef4dd..6df6adef8d 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -26,7 +26,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') = true", + :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", }).that_requires('Class[postgresql::server]') } end @@ -87,7 +87,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') = true", + :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", :db => params[:psql_db], :psql_user => params[:psql_user], :port => params[:port], @@ -103,7 +103,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ :command => "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE pg_has_role('#{params[:role]}', '#{params[:group]}', 'MEMBER') != true", + :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true", }).that_requires('Class[postgresql::server]') } end From 1ecedce29e088fca7ff552dbded5787f297fd31f Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 8 Nov 2016 14:54:49 +0000 Subject: [PATCH 0119/1000] MODULES-3816 no release 3.4.3 fixing changelog --- CHANGELOG.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e5e02991ce..e4480c7e75 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -265,14 +265,6 @@ kind of thing rather than trying to weave it into the main module logic itself. - Link pg_config binary into /usr/bin. - Fix fedora support by using systemd. - Initdb should create xlogdir if set. - -##2014-08-27 - Supported Release 3.4.3 -###Summary - -This release fixes Ubuntu 10.04 with Facter 2.2. - -####Features -####Bugfixes - Use a regular expression to match the major OS version on Ubuntu. ##2014-07-31 - Supported Release 3.4.2 From 953d863abda0ddb7f848160e52ff068eb8abe4a1 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 9 Nov 2016 12:14:21 -0800 Subject: [PATCH 0120/1000] (MODULES-3704) Update gemfile template to be identical --- .travis.yml | 3 ++ Gemfile | 101 +++++++++++++++++++++++++++++++++++----------------- 2 files changed, 71 insertions(+), 33 deletions(-) diff --git a/.travis.yml b/.travis.yml index 6b0a0975f2..e279ee3cb8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,6 +4,9 @@ sudo: false language: ruby cache: bundler script: "bundle exec rake validate lint spec" +#Inserting below due to the following issue: https://github.com/travis-ci/travis-ci/issues/3531#issuecomment-88311203 +before_install: + - gem update bundler matrix: fast_finish: true include: diff --git a/Gemfile b/Gemfile index 8222ef0a7a..8871c66381 100644 --- a/Gemfile +++ b/Gemfile @@ -2,48 +2,83 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" -def location_from_env(env, default_location = []) - if location = ENV[env] - if location =~ /^((?:git|https?)[:@][^#]*)#(.*)/ - [{ :git => $1, :branch => $2, :require => false }] - elsif location =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [location, { :require => false }] - end +# Determines what type of gem is requested based on place_or_version. +def gem_type(place_or_version) + if place_or_version =~ /^git:/ + :git + elsif place_or_version =~ /^file:/ + :file else - default_location + :gem end end -group :development, :unit_tests do - gem 'metadata-json-lint' - gem 'puppet_facts' - gem 'puppet-blacksmith', '>= 3.4.0' - gem 'puppetlabs_spec_helper', '>= 1.2.1' - gem 'rspec-puppet', '>= 2.3.2' - gem 'rspec-puppet-facts' - gem 'simplecov' - gem 'parallel_tests', '< 2.10.0' if RUBY_VERSION < '2.0.0' - gem 'parallel_tests' if RUBY_VERSION >= '2.0.0' - gem 'rubocop', '0.41.2' if RUBY_VERSION < '2.0.0' - gem 'rubocop' if RUBY_VERSION >= '2.0.0' - gem 'rubocop-rspec', '~> 1.6' if RUBY_VERSION >= '2.3.0' - gem 'json_pure', '<= 2.0.1' if RUBY_VERSION < '2.0.0' +# Find a location or specific version for a gem. place_or_version can be a +# version, which is most often used. It can also be git, which is specified as +# `git://somewhere.git#branch`. You can also use a file source location, which +# is specified as `file://some/location/on/disk`. +def location_for(place_or_version, fake_version = nil) + if place_or_version =~ /^(git[:@][^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place_or_version =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place_or_version, { :require => false }] + end +end + +# Used for gem conditionals +supports_windows = false + +group :development do + gem 'puppet-lint', :require => false + gem 'metadata-json-lint', :require => false + gem 'puppet_facts', :require => false + gem 'puppet-blacksmith', '>= 3.4.0', :require => false, :platforms => 'ruby' + gem 'puppetlabs_spec_helper', '>= 1.2.1', :require => false + gem 'rspec-puppet', '>= 2.3.2', :require => false + gem 'rspec-puppet-facts', :require => false + gem 'mocha', '< 1.2.0', :require => false + gem 'simplecov', :require => false + gem 'parallel_tests', '< 2.10.0', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') + gem 'parallel_tests', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.0.0') + gem 'rubocop', '0.41.2', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') + gem 'rubocop', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.0.0') + gem 'rubocop-rspec', '~> 1.6', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') + gem 'pry', :require => false + gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') end + group :system_tests do - gem 'beaker', *location_from_env('BEAKER_VERSION', []) if RUBY_VERSION >= '2.3.0' - gem 'beaker', *location_from_env('BEAKER_VERSION', ['< 3']) if RUBY_VERSION < '2.3.0' - gem 'beaker-rspec', *location_from_env('BEAKER_RSPEC_VERSION', ['>= 3.4']) - gem 'serverspec' - gem 'beaker-puppet_install_helper' - gem 'master_manipulator' - gem 'beaker-hostgenerator', *location_from_env('BEAKER_HOSTGENERATOR_VERSION', []) + gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 2.20') if supports_windows + gem 'beaker', *location_for(ENV['BEAKER_VERSION']) if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') and ! supports_windows + gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '< 3') if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.3.0') and ! supports_windows + gem 'beaker-pe', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') + gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') if ! supports_windows + gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '~> 5.1') if supports_windows + gem 'beaker-puppet_install_helper', :require => false + gem 'master_manipulator', :require => false + gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) end -gem 'facter', *location_from_env('FACTER_GEM_VERSION') -gem 'puppet', *location_from_env('PUPPET_GEM_VERSION') +gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) +# Only explicitly specify Facter/Hiera if a version has been specified. +# Otherwise it can lead to strange bundler behavior. If you are seeing weird +# gem resolution behavior, try setting `DEBUG_RESOLVER` environment variable +# to `1` and then run bundle install. +gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) if ENV['FACTER_GEM_VERSION'] +gem 'hiera', *location_for(ENV['HIERA_GEM_VERSION']) if ENV['HIERA_GEM_VERSION'] + + +# Evaluate Gemfile.local if it exists if File.exists? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) end + +# Evaluate ~/.gemfile if it exists +if File.exists?(File.join(Dir.home, '.gemfile')) + eval(File.read(File.join(Dir.home, '.gemfile')), binding) +end + +# vim:ft=ruby From e21a9a8b5e6f55d3d3ed7c40a1dc980af6d34410 Mon Sep 17 00:00:00 2001 From: olevole Date: Sat, 12 Nov 2016 18:56:53 +0300 Subject: [PATCH 0121/1000] Change default user, group and data directory to proper value on FreeBSD platform for PostgresQL 9.6: see https://svnweb.freebsd.org/ports?view=revision&revision=r421360 and https://github.com/freebsd/freebsd-ports/blob/master/UPDATING#L314 for details --- manifests/params.pp | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index bc12c998d4..515c9fb448 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -172,10 +172,20 @@ } 'FreeBSD': { - $link_pg_config = true - $user = pick($user, 'pgsql') - $group = pick($group, 'pgsql') + case $version { + '96': { + $user = pick($user, 'postgres') + $group = pick($group, 'postgres') + $datadir = pick($datadir, "/var/db/postgres/data${version}") + } + default: { + $user = pick($user, 'pgsql') + $group = pick($group, 'pgsql') + $datadir = pick($datadir, '/usr/local/pgsql/data') + } + } + $link_pg_config = true $client_package_name = pick($client_package_name, "databases/postgresql${version}-client") $server_package_name = pick($server_package_name, "databases/postgresql${version}-server") $contrib_package_name = pick($contrib_package_name, "databases/postgresql${version}-contrib") @@ -187,7 +197,6 @@ $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/local/bin') - $datadir = pick($datadir, '/usr/local/pgsql/data') $confdir = pick($confdir, $datadir) $service_status = pick($service_status, "/usr/local/etc/rc.d/${service_name} onestatus") $service_reload = "service ${service_name} reload" From 1b4091b7e246543840f5eaafb371c06816c231fa Mon Sep 17 00:00:00 2001 From: K Jonathan Harker Date: Wed, 5 Oct 2016 14:13:56 -0700 Subject: [PATCH 0122/1000] Remove duplicate RedHat default section A duplicate default_version default section was added in https://github.com/puppetlabs/puppetlabs-postgresql/commit/1eb45d07f163ab3e3fd117d9de4bc4351b228853 This removes the duplicate default section. --- manifests/globals.pp | 6 ------ 1 file changed, 6 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 2745358571..bc1f309573 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -76,12 +76,6 @@ /^5\./ => '8.1', default => undef, }, - default => $::operatingsystemrelease ? { - /^7\./ => '9.2', - /^6\./ => '8.4', - /^5\./ => '8.1', - default => undef, - }, }, 'Debian' => $::operatingsystem ? { 'Debian' => $::operatingsystemrelease ? { From 0ae4b7737964f246183c0258e805d3a066823e28 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 17 Nov 2016 11:56:24 -0800 Subject: [PATCH 0123/1000] changes to updated yumrepo --- manifests/repo/yum_postgresql_org.pp | 2 +- spec/unit/classes/globals_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 5cfaf4b159..2f671044f8 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -19,7 +19,7 @@ yumrepo { 'yum.postgresql.org': descr => "PostgreSQL ${postgresql::repo::version} \$releasever - \$basearch", - baseurl => "http://yum.postgresql.org/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch", + baseurl => "https://download.postgresql.org/pub/repos/yum/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch", enabled => 1, gpgcheck => 1, gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index ce79336233..8dff05e439 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -43,7 +43,7 @@ is_expected.to contain_class("postgresql::globals") end end - + describe 'manage_package_repo on RHEL => true' do let(:params) do { @@ -51,7 +51,7 @@ :repo_proxy => 'http://proxy-server:8080', } end - + it 'should pull in class postgresql::repo' do is_expected.to contain_class("postgresql::repo") end From ecef5c130db14c07ba4459254d4d208e4559017b Mon Sep 17 00:00:00 2001 From: Ben Roberts Date: Thu, 24 Nov 2016 17:19:03 +0000 Subject: [PATCH 0124/1000] (MODULES-4011) Add support for Gentoo-based operatingsystems (#810) * Add support for Gentoo-based operatingsystems - Add params.pp support for osfamily=Gentoo - Make `postgresql::client` management of `postgresql-client` package optional. (Gentoo does not split client/server/devel/contrib packages). Add spec test for this new behaviour - Ensure ::server::contrib and ::lib::devel fail on gentoo for same reason - Extend the systemd-override to Gentoo to propagate port and datadir changes Fixes https://tickets.puppetlabs.com/browse/MODULES-4011 --- manifests/client.pp | 10 +++++--- manifests/globals.pp | 1 + manifests/lib/devel.pp | 4 +++ manifests/params.pp | 24 ++++++++++++++++++ manifests/server/config.pp | 21 ++++++++++++++++ manifests/server/contrib.pp | 4 +++ spec/unit/classes/client_spec.rb | 11 ++++++++ spec/unit/classes/lib/devel_spec.rb | 19 ++++++++++++++ spec/unit/classes/server/config_spec.rb | 32 ++++++++++++++++++++++++ spec/unit/classes/server/contrib_spec.rb | 15 +++++++++++ templates/systemd-override.erb | 8 +++++- 11 files changed, 144 insertions(+), 5 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index 8cc6230ac1..b805749721 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -8,10 +8,12 @@ validate_absolute_path($validcon_script_path) validate_string($package_name) - package { 'postgresql-client': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', + if $package_name != 'UNSET' { + package { 'postgresql-client': + ensure => $package_ensure, + name => $package_name, + tag => 'postgresql', + } } file { $validcon_script_path: diff --git a/manifests/globals.pp b/manifests/globals.pp index bc1f309573..c97f5f7daf 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -98,6 +98,7 @@ /Archlinux/ => '9.2', default => '9.2', }, + 'Gentoo' => '9.5', 'FreeBSD' => '93', 'OpenBSD' => $::operatingsystemrelease ? { /5\.6/ => '9.3', diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 5f1ad1ccbe..bbc5272da2 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -8,6 +8,10 @@ validate_string($package_name) + if $::osfamily == 'Gentoo' { + fail('osfamily Gentoo does not have a separate "devel" package, postgresql::lib::devel is not supported') + } + package { 'postgresql-devel': ensure => $package_ensure, name => $package_name, diff --git a/manifests/params.pp b/manifests/params.pp index 515c9fb448..55ca3605ff 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -171,6 +171,30 @@ $psql_path = pick($psql_path, '/usr/bin/psql') } + 'Gentoo': { + $user = pick($user, 'postgres') + $group = pick($group, 'postgres') + + $client_package_name = pick($client_package_name, 'UNSET') + $server_package_name = pick($server_package_name, 'postgresql') + $contrib_package_name = pick_default($contrib_package_name, undef) + $devel_package_name = pick_default($devel_package_name, undef) + $java_package_name = pick($java_package_name, 'jdbc-postgresql') + $perl_package_name = pick($perl_package_name, 'DBD-Pg') + $plperl_package_name = undef + $python_package_name = pick($python_package_name, 'psycopg') + + $service_name = pick($service_name, "postgresql-${version}") + $bindir = pick($bindir, "/usr/lib/postgresql-${version}/bin") + $datadir = pick($datadir, "/var/lib/postgresql/${version}_data") + $confdir = pick($confdir, "/etc/postgresql-${version}") + $service_status = pick($service_status, "systemctl status ${service_name}") + $service_reload = "systemctl reload ${service_name}" + $psql_path = pick($psql_path, "${bindir}/psql") + + $needs_initdb = pick($needs_initdb, true) + } + 'FreeBSD': { case $version { '96': { diff --git a/manifests/server/config.pp b/manifests/server/config.pp index b00a79b18e..a507c2826b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -189,4 +189,25 @@ } } } + elsif $::osfamily == 'Gentoo' { + # Template uses: + # - $::operatingsystem + # - $service_name + # - $port + # - $datadir + file { 'systemd-override': + ensure => present, + path => "/etc/systemd/system/${service_name}.service", + owner => root, + group => root, + content => template('postgresql/systemd-override.erb'), + notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ], + before => Class['postgresql::server::reload'], + } + exec { 'restart-systemd': + command => 'systemctl daemon-reload', + refreshonly => true, + path => '/bin:/usr/bin:/usr/local/bin' + } + } } diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index e119d9c99a..4c6cdc14b1 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -5,6 +5,10 @@ ) inherits postgresql::params { validate_string($package_name) + if $::osfamily == 'Gentoo' { + fail('osfamily Gentoo does not have a separate "contrib" package, postgresql::server::contrib is not supported.') + } + package { 'postgresql-contrib': ensure => $package_ensure, name => $package_name, diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 3d63b4647e..3f2e58f4b1 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -44,4 +44,15 @@ }) end end + + describe 'with client package name explicitly set undef' do + let :params do + { + :package_name => 'UNSET' + } + end + it 'should not manage postgresql-client package' do + is_expected.not_to contain_package('postgresql-client') + end + end end diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 17aa7f2171..ca0ebb3b80 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -51,4 +51,23 @@ } end + describe 'on Gentoo' do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + } + end + let :params do + { + :link_pg_config => false, + } + end + + it 'should fail to compile' do + expect { + is_expected.to compile + }.to raise_error(/is not supported/) + end + end end diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index c03032d9b3..56b7e9c971 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -98,4 +98,36 @@ class { 'postgresql::server': } end end end + + describe 'on Gentoo' do + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + version => '9.5', + }-> + class { 'postgresql::server': } + EOS + end + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => 'unused', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + it 'should have the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with ({ + :ensure => 'present', + :path => '/etc/systemd/system/postgresql-9.5.service', + :owner => 'root', + :group => 'root', + }) + is_expected.to contain_file('systemd-override') \ + .with_content(/.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service/) + end + end end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index b84f764d0b..e26843616b 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -41,4 +41,19 @@ }) end end + + describe 'on Gentoo' do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + } + end + + it 'should fail to compile' do + expect { + is_expected.to compile + }.to raise_error(/is not supported/) + end + end end diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index eb4f787f77..5a2a31c614 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -1,8 +1,14 @@ -<%- if scope.lookupvar('::operatingsystem') == 'Fedora' -%> +<%- if scope.lookupvar('::osfamily') == 'Gentoo' -%> +.include /usr/lib64/systemd/system/<%= @service_name %>.service +<%- elsif scope.lookupvar('::operatingsystem') == 'Fedora' -%> .include /lib/systemd/system/<%= @service_name %>.service <% else -%> .include /usr/lib/systemd/system/<%= @service_name %>.service <% end -%> [Service] Environment=PGPORT=<%= @port %> +<%- if scope.lookupvar('::osfamily') == 'Gentoo' -%> +Environment=DATA_DIR=<%= @datadir %> +<%- else -%> Environment=PGDATA=<%= @datadir %> +<%- end -%> From f294021fe308533e5ed276751b4253c37c0a176d Mon Sep 17 00:00:00 2001 From: Ben Pillet Date: Thu, 24 Nov 2016 09:20:44 -0800 Subject: [PATCH 0125/1000] Set permissions/ownership on rpm gpg key (#819) * Set permissions/ownership on rpm gpg key --- manifests/repo/yum_postgresql_org.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 2f671044f8..fdd61b4ed5 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -6,6 +6,9 @@ file { $gpg_key_path: source => 'puppet:///modules/postgresql/RPM-GPG-KEY-PGDG', + owner => 'root', + group => 'root', + mode => '0644', before => Yumrepo['yum.postgresql.org'] } From bb77e05d72b099871e7cfb1c3090799c48925a96 Mon Sep 17 00:00:00 2001 From: Ryan DeShone Date: Fri, 30 Sep 2016 15:42:28 -0400 Subject: [PATCH 0126/1000] Allow overriding of repository URL --- README.md | 6 +++- manifests/globals.pp | 2 ++ manifests/repo.pp | 1 + manifests/repo/apt_postgresql_org.pp | 6 +++- manifests/repo/yum_postgresql_org.pp | 5 ++- spec/unit/classes/globals_spec.rb | 46 ++++++++++++++++++++-------- 6 files changed, 50 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 5e7aaa1c28..8c249a69cc 100644 --- a/README.md +++ b/README.md @@ -457,7 +457,7 @@ Sets up official PostgreSQL repositories on your host if set to true. Default: f ##### `module_workdir` -Specifies working directory under which the psql command should be executed. May need to specify if /tmp is on volume mounted with noexec option. Default: /tmp +Specifies working directory under which the psql command should be executed. May need to specify if /tmp is on volume mounted with noexec option. Default: /tmp ##### `needs_initdb` @@ -511,6 +511,10 @@ Path to your `recovery.conf` file. Sets the proxy option for the official PostgreSQL yum-repositories only. Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. +##### `repo_baseurl` + +Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. Defaults to the official PostgreSQL repository. + ##### `server_package_name` Overrides the default PostgreSQL server package name. Default: OS dependent. diff --git a/manifests/globals.pp b/manifests/globals.pp index c97f5f7daf..9a588bbe88 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -44,6 +44,7 @@ $version = undef, $postgis_version = undef, $repo_proxy = undef, + $repo_baseurl = undef, $needs_initdb = undef, @@ -146,6 +147,7 @@ class { 'postgresql::repo': version => $globals_version, proxy => $repo_proxy, + baseurl => $repo_baseurl, } } } diff --git a/manifests/repo.pp b/manifests/repo.pp index 58d859fc93..5ec63c7d1b 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -2,6 +2,7 @@ class postgresql::repo ( $version = undef, $proxy = undef, + $baseurl = undef, ) { case $::osfamily { 'RedHat', 'Linux': { diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 60ac2b1042..71327da12e 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -5,12 +5,16 @@ # # http://www.postgresql.org/download/linux/debian/ # + $default_baseurl = 'http://apt.postgresql.org/pub/repos/apt/' + + $baseurl_real = pick($postgresql::repo::baseurl,$default_baseurl) + apt::pin { 'apt_postgresql_org': originator => 'apt.postgresql.org', priority => 500, }-> apt::source { 'apt.postgresql.org': - location => 'http://apt.postgresql.org/pub/repos/apt/', + location => $baseurl_real, release => "${::lsbdistcodename}-pgdg", repos => "main ${postgresql::repo::version}", key => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index fdd61b4ed5..c2dc4c0888 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -19,10 +19,13 @@ $label1 = 'redhat' $label2 = 'rhel' } + $default_baseurl = "https://download.postgresql.org/pub/repos/yum/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch" + + $baseurl_real = pick($postgresql::repo::baseurl,$default_baseurl) yumrepo { 'yum.postgresql.org': descr => "PostgreSQL ${postgresql::repo::version} \$releasever - \$basearch", - baseurl => "https://download.postgresql.org/pub/repos/yum/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch", + baseurl => $baseurl_real, enabled => 1, gpgcheck => 1, gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index 8dff05e439..7b75fa4ba0 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -1,31 +1,31 @@ require 'spec_helper' -describe 'postgresql::globals', :type => :class do - context "on a debian 6" do +describe 'postgresql::globals', type: :class do + context 'on a debian 6' do let (:facts) do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze', + :lsbdistcodename => 'squeeze' } end describe 'with no parameters' do it 'should work' do - is_expected.to contain_class("postgresql::globals") + is_expected.to contain_class('postgresql::globals') end end describe 'manage_package_repo => true' do let(:params) do { - :manage_package_repo => true, + manage_package_repo: true } end it 'should pull in class postgresql::repo' do - is_expected.to contain_class("postgresql::repo") + is_expected.to contain_class('postgresql::repo') end end end @@ -33,27 +33,27 @@ context 'on redhat family systems' do let (:facts) do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.1', + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '7.1' } end describe 'with no parameters' do it 'should work' do - is_expected.to contain_class("postgresql::globals") + is_expected.to contain_class('postgresql::globals') end end describe 'manage_package_repo on RHEL => true' do let(:params) do { - :manage_package_repo => true, - :repo_proxy => 'http://proxy-server:8080', + manage_package_repo: true, + repo_proxy: 'http://proxy-server:8080' } end it 'should pull in class postgresql::repo' do - is_expected.to contain_class("postgresql::repo") + is_expected.to contain_class('postgresql::repo') end it do @@ -63,5 +63,25 @@ ) end end + + describe 'repo_baseurl on RHEL => mirror.localrepo.com' do + let(:params) do + { + manage_package_repo: true, + repo_baseurl: 'http://mirror.localrepo.com' + } + end + + it 'should pull in class postgresql::repo' do + is_expected.to contain_class('postgresql::repo') + end + + it do + should contain_yumrepo('download.postgresql.org').with( + 'enabled' => '1', + 'baseurl' => 'http://mirror.localrepo.com' + ) + end + end end end From 06b98a0ae4e0943ce15109f6a1932d7d46f2816e Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 24 Nov 2016 17:35:25 +0000 Subject: [PATCH 0127/1000] Make baseurl a private variable, fix tests --- manifests/repo/apt_postgresql_org.pp | 7 ++++--- manifests/repo/yum_postgresql_org.pp | 4 ++-- spec/unit/classes/globals_spec.rb | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 71327da12e..71f76d5ab6 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -1,20 +1,21 @@ # PRIVATE CLASS: do not use directly class postgresql::repo::apt_postgresql_org inherits postgresql::repo { -include ::apt + include ::apt + # Here we have tried to replicate the instructions on the PostgreSQL site: # # http://www.postgresql.org/download/linux/debian/ # $default_baseurl = 'http://apt.postgresql.org/pub/repos/apt/' - $baseurl_real = pick($postgresql::repo::baseurl,$default_baseurl) + $_baseurl = pick($postgresql::repo::baseurl, $default_baseurl) apt::pin { 'apt_postgresql_org': originator => 'apt.postgresql.org', priority => 500, }-> apt::source { 'apt.postgresql.org': - location => $baseurl_real, + location => $_baseurl, release => "${::lsbdistcodename}-pgdg", repos => "main ${postgresql::repo::version}", key => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index c2dc4c0888..1ee8c9acb3 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -21,11 +21,11 @@ } $default_baseurl = "https://download.postgresql.org/pub/repos/yum/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch" - $baseurl_real = pick($postgresql::repo::baseurl,$default_baseurl) + $_baseurl = pick($postgresql::repo::baseurl, $default_baseurl) yumrepo { 'yum.postgresql.org': descr => "PostgreSQL ${postgresql::repo::version} \$releasever - \$basearch", - baseurl => $baseurl_real, + baseurl => $_baseurl, enabled => 1, gpgcheck => 1, gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index 7b75fa4ba0..ea3ff9d9fc 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -77,7 +77,7 @@ end it do - should contain_yumrepo('download.postgresql.org').with( + should contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', 'baseurl' => 'http://mirror.localrepo.com' ) From 81706ea9fca8c859a06a41a4eaf5ebb5a88ce8c7 Mon Sep 17 00:00:00 2001 From: TP Honey Date: Thu, 24 Nov 2016 18:01:41 +0000 Subject: [PATCH 0128/1000] Added timezone as an additional configuration feature Closes #808. Closes #817 . --- README.md | 4 ++++ manifests/globals.pp | 1 + manifests/params.pp | 1 + manifests/server.pp | 1 + manifests/server/config.pp | 6 ++++++ manifests/server/config_entry.pp | 2 +- 6 files changed, 14 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5e7aaa1c28..3d3a41278b 100644 --- a/README.md +++ b/README.md @@ -443,6 +443,10 @@ Overrides the default PostgreSQL java package name. Default: OS dependent. Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +##### `timezone` + +Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. + ##### `logdir` Overrides the default PostgreSQL log directory. Default: initdb's default path. diff --git a/manifests/globals.pp b/manifests/globals.pp index c97f5f7daf..58c9beafba 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -49,6 +49,7 @@ $encoding = undef, $locale = undef, + $timezone = undef, $manage_pg_hba_conf = undef, $manage_pg_ident_conf = undef, diff --git a/manifests/params.pp b/manifests/params.pp index 55ca3605ff..d40a1eb8ff 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -11,6 +11,7 @@ $ipv6acls = [] $encoding = $postgresql::globals::encoding $locale = $postgresql::globals::locale + $timezone = $postgresql::globals::timezone $service_ensure = 'running' $service_enable = true $service_manage = true diff --git a/manifests/server.pp b/manifests/server.pp index a7a448d427..98cb3ebb02 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -49,6 +49,7 @@ $encoding = $postgresql::params::encoding, $locale = $postgresql::params::locale, + $timezone = $postgresql::params::timezone, $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index a507c2826b..205dd222ad 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -21,6 +21,7 @@ $logdir = $postgresql::server::logdir $service_name = $postgresql::server::service_name $log_line_prefix = $postgresql::server::log_line_prefix + $timezone = $postgresql::server::timezone if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file @@ -110,6 +111,11 @@ postgresql::server::config_entry { 'data_directory': value => $datadir, } + if $timezone { + postgresql::server::config_entry { 'timezone': + value => $timezone, + } + } if $logdir { postgresql::server::config_entry { 'log_directory': value => $logdir, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 9ac7bfa9f3..d1d501f080 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -16,7 +16,7 @@ } case $name { - /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time|log_min_duration_statement/: { + /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time|log_min_duration_statement/: { if $postgresql::server::service_restart_on_change { Postgresql_conf { notify => Class['postgresql::server::service'], From b4948bd4741c617951e6b4a3b01bbb8a135787d5 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:23:22 +0100 Subject: [PATCH 0129/1000] Revert "Enable schema and database ownership change" This reverts commit 82c6716d4845bde01a03c58b2123b3009c0d97ca. It will be added back with a cleaner design with the following commits. --- README.md | 18 +-- manifests/server/database.pp | 127 ++++++++++------------ manifests/server/db.pp | 34 +++--- manifests/server/schema.pp | 31 ++---- spec/unit/defines/server/database_spec.rb | 7 -- spec/unit/defines/server/schema_spec.rb | 12 -- 6 files changed, 83 insertions(+), 146 deletions(-) diff --git a/README.md b/README.md index b3f6ffa9f0..a44819d187 100644 --- a/README.md +++ b/README.md @@ -814,7 +814,7 @@ Defines the value for the setting. #### postgresql::server::db -Creates or modifies a local database, user, and assigns necessary permissions. +Creates a local database, user, and assigns necessary permissions. ##### `comment` @@ -864,13 +864,9 @@ Specifies the name of the template database from which to build this database. D User to create and assign access to the database upon creation. Mandatory. -##### `change_ownership` - -Specifies whether to create a new database or change the owner of an existing one. Default: false. - #### postgresql::server::database -Creates or modifies a database with no users and no permissions. +Creates a database with no users and no permissions. ##### `dbname` @@ -900,10 +896,6 @@ Sets tablespace for where to create this database. Default: The defaults defined Specifies the name of the template database from which to build this database. Default: `template0`. -##### `change_ownership` - -Specifies whether to create a new database or change the owner of an existing one. Default: false. - #### postgresql::server::database_grant Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. @@ -1176,7 +1168,7 @@ Defines the username of the role to create. Defaults to the namevar. #### postgresql::server::schema -Creates or modifies a schema. +Creates a schema. ##### `connect_settings` @@ -1194,10 +1186,6 @@ Sets the default owner of the schema. Sets the name of the schema. Defaults to the namevar. -##### `change_ownership` - -Specifies whether to create a new schema or change the owner of an existing one. Default: false. - #### postgresql::server::table_grant Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 0d453bc4cb..fab12b53ae 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -9,7 +9,6 @@ $locale = $postgresql::server::locale, $istemplate = false, $connect_settings = $postgresql::server::default_connect_settings, - $change_ownership = false, ) { $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user @@ -41,87 +40,73 @@ connect_settings => $connect_settings, } - if $change_ownership { - # Change owner for existing database - if !$owner { - fail('Must specify an owner to change database ownership.') - } - postgresql_psql { "Change owner of db '${dbname}' to ${owner}": - command => "ALTER DATABASE \"${dbname}\" OWNER TO ${owner}", - onlyif => "SELECT datname FROM pg_database WHERE datname='${dbname}'", - db => $default_db, - require => Class['postgresql::server::service'] + # Optionally set the locale switch. Older versions of createdb may not accept + # --locale, so if the parameter is undefined its safer not to pass it. + if ($version != '8.1') { + $locale_option = $locale ? { + undef => '', + default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", } + $public_revoke_privilege = 'CONNECT' } else { - # Create a new database - # Optionally set the locale switch. Older versions of createdb may not accept - # --locale, so if the parameter is undefined its safer not to pass it. - if ($version != '8.1') { - $locale_option = $locale ? { - undef => '', - default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", - } - $public_revoke_privilege = 'CONNECT' - } else { - $locale_option = '' - $public_revoke_privilege = 'ALL' - } + $locale_option = '' + $public_revoke_privilege = 'ALL' + } - $template_option = $template ? { - undef => '', - default => "TEMPLATE=\"${template}\"", - } + $template_option = $template ? { + undef => '', + default => "TEMPLATE=\"${template}\"", + } - $encoding_option = $encoding ? { - undef => '', - default => "ENCODING='${encoding}'", - } + $encoding_option = $encoding ? { + undef => '', + default => "ENCODING='${encoding}'", + } - $tablespace_option = $tablespace ? { - undef => '', - default => "TABLESPACE=\"${tablespace}\"", - } + $tablespace_option = $tablespace ? { + undef => '', + default => "TABLESPACE=\"${tablespace}\"", + } - if $createdb_path != undef{ - warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') - } + if $createdb_path != undef{ + warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') + } - postgresql_psql { "Create db '${dbname}'": - command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", - unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", - db => $default_db, - require => Class['postgresql::server::service'] - }~> + postgresql_psql { "Create db '${dbname}'": + command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", + db => $default_db, + require => Class['postgresql::server::service'] + }~> - # This will prevent users from connecting to the database unless they've been - # granted privileges. - postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": - db => $default_db, - refreshonly => true, - } + # This will prevent users from connecting to the database unless they've been + # granted privileges. + postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": + db => $default_db, + refreshonly => true, + } - Postgresql_psql[ "Create db '${dbname}'" ]-> - postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": - unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", - db => $default_db, - } + Postgresql_psql[ "Create db '${dbname}'" ]-> + postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": + unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", + db => $default_db, + } - if $comment { - # The shobj_description function was only introduced with 8.2 - $comment_information_function = $version ? { - '8.1' => 'obj_description', - default => 'shobj_description', - } - Postgresql_psql[ "Create db '${dbname}'" ]-> - postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": - unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", - db => $dbname, - } + if $comment { + # The shobj_description function was only introduced with 8.2 + $comment_information_function = $version ? { + '8.1' => 'obj_description', + default => 'shobj_description', } - - # Build up dependencies on tablespace - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] + Postgresql_psql[ "Create db '${dbname}'" ]-> + postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": + unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", + db => $dbname, } } + + # Build up dependencies on tablespace + if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { + Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] + } } diff --git a/manifests/server/db.pp b/manifests/server/db.pp index b170ee5e56..b4c1232cfa 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -3,28 +3,26 @@ define postgresql::server::db ( $user, $password, - $comment = undef, - $dbname = $title, - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $grant = 'ALL', - $tablespace = undef, - $template = 'template0', - $istemplate = false, - $owner = undef, - $change_ownership = false, + $comment = undef, + $dbname = $title, + $encoding = $postgresql::server::encoding, + $locale = $postgresql::server::locale, + $grant = 'ALL', + $tablespace = undef, + $template = 'template0', + $istemplate = false, + $owner = undef ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: - comment => $comment, - encoding => $encoding, - tablespace => $tablespace, - template => $template, - locale => $locale, - istemplate => $istemplate, - owner => $owner, - change_ownership => $change_ownership, + comment => $comment, + encoding => $encoding, + tablespace => $tablespace, + template => $template, + locale => $locale, + istemplate => $istemplate, + owner => $owner, } } diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 00eb5abb18..945a1ffeb4 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -17,7 +17,6 @@ $owner = undef, $schema = $title, $connect_settings = $postgresql::server::default_connect_settings, - $change_ownership = false, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -42,33 +41,19 @@ connect_settings => $connect_settings, } - $schema_exists = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" + $schema_title = "Create Schema '${title}'" $authorization = $owner? { undef => '', default => "AUTHORIZATION \"${owner}\"", } - if $change_ownership { - # Change owner for existing schema - if !$owner { - fail('Must specify an owner to change schema ownership.') - } - $schema_title = "Change owner of schema '${schema}' to ${owner}" - $schema_command = "ALTER SCHEMA \"${schema}\" OWNER TO ${owner}" - postgresql_psql { $schema_title: - command => $schema_command, - onlyif => $schema_exists, - require => Class['postgresql::server'], - } - } else { - # Create a new schema - $schema_title = "Create Schema '${title}'" - $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" - postgresql_psql { $schema_title: - command => $schema_command, - unless => $schema_exists, - require => Class['postgresql::server'], - } + $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" + $unless = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" + + postgresql_psql { $schema_title: + command => $schema_command, + unless => $unless, + require => Class['postgresql::server'], } if($owner != undef and defined(Postgresql::Server::Role[$owner])) { diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 1148cc7b3e..232ee31a3f 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -69,11 +69,4 @@ class {'postgresql::server':}" it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } end - - context "with change_ownership set to true" do - let (:params) {{ :change_ownership => true, - :owner => 'test_owner' }} - - it { is_expected.to contain_postgresql_psql("Change owner of db 'test' to test_owner") } - end end diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index 4589f74243..f5d106fae9 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -29,16 +29,4 @@ end it { should contain_postgresql__server__schema('test') } - - context "with change_ownership set to true" do - let :params do - { - :owner => 'nate', - :db => 'natedb', - :change_ownership => true, - } - end - - it { is_expected.to contain_postgresql_psql("Change owner of schema 'test' to nate") } - end end From dd9b6349db95a9110b58dc07c9cbec6fc7355e63 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:30:09 +0100 Subject: [PATCH 0130/1000] Change create database resource title --- manifests/server/database.pp | 14 +++++++------- spec/unit/defines/server/database_spec.rb | 8 ++++---- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index fab12b53ae..0dec25d5c0 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -68,11 +68,11 @@ default => "TABLESPACE=\"${tablespace}\"", } - if $createdb_path != undef{ + if $createdb_path != undef { warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') } - postgresql_psql { "Create db '${dbname}'": + postgresql_psql { "CREATE DATABASE \"${dbname}\"": command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", db => $default_db, @@ -81,12 +81,12 @@ # This will prevent users from connecting to the database unless they've been # granted privileges. - postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": + postgresql_psql { "REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": db => $default_db, refreshonly => true, } - Postgresql_psql[ "Create db '${dbname}'" ]-> + Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", db => $default_db, @@ -98,7 +98,7 @@ '8.1' => 'obj_description', default => 'shobj_description', } - Postgresql_psql[ "Create db '${dbname}'" ]-> + Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, @@ -106,7 +106,7 @@ } # Build up dependencies on tablespace - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql[ "Create db '${dbname}'" ] + if $tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace]) { + Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql["CREATE DATABASE \"${dbname}\""] } } diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 232ee31a3f..ef0ba213dc 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -21,7 +21,7 @@ end it { is_expected.to contain_postgresql__server__database('test') } - it { is_expected.to contain_postgresql_psql("Create db 'test'") } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"') } context "with comment set to 'test comment'" do let (:params) {{ :comment => 'test comment' }} @@ -37,7 +37,7 @@ let (:params) {{ :connect_settings => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', }}} - it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } end context "with specific db connection settings - including port" do @@ -51,7 +51,7 @@ class {'postgresql::server':}" 'DBVERSION' => '9.1', 'PGPORT' => '1234' }}} - it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( nil ) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( nil ) } end @@ -66,7 +66,7 @@ class {'postgresql::server':}" class {'postgresql::server':}" end - it { is_expected.to contain_postgresql_psql("Create db 'test'").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } end end From f428416a834ec95f101abd012ea382ff3ec6110d Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:01:52 +0100 Subject: [PATCH 0131/1000] Change create schema resource title This can be considered a bug fix, because the old names would conflict when there are schemas with the same name on different databases. --- manifests/server/schema.pp | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 945a1ffeb4..971dfcce35 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -41,22 +41,18 @@ connect_settings => $connect_settings, } - $schema_title = "Create Schema '${title}'" - $authorization = $owner? { + $authorization = $owner ? { undef => '', default => "AUTHORIZATION \"${owner}\"", } - $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" - $unless = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" - - postgresql_psql { $schema_title: - command => $schema_command, - unless => $unless, + postgresql_psql { "${db}: CREATE SCHEMA \"${schema}\"": + command => "CREATE SCHEMA \"${schema}\" ${authorization}", + unless => "SELECT 1 FROM pg_namespace WHERE nspname = '${schema}'", require => Class['postgresql::server'], } - if($owner != undef and defined(Postgresql::Server::Role[$owner])) { - Postgresql::Server::Role[$owner]->Postgresql_psql[$schema_title] + if $owner != undef and defined(Postgresql::Server::Role[$owner]) { + Postgresql::Server::Role[$owner]->Postgresql_psql["${db}: CREATE SCHEMA \"${schema}\""] } } From 96a752ac10855d9aee686019f846e7b976059c4c Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 12:06:41 +0100 Subject: [PATCH 0132/1000] Change create tablespace resource title --- manifests/server/tablespace.pp | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 23ab919e0b..37972e02d4 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -26,14 +26,12 @@ cwd => $module_workdir, } - if ($owner == undef) { + if $owner == undef { $owner_section = '' } else { $owner_section = "OWNER \"${owner}\"" } - $create_tablespace_command = "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'" - file { $location: ensure => directory, owner => $user, @@ -45,14 +43,13 @@ require => Class['postgresql::server'], } - $create_ts = "Create tablespace '${spcname}'" - postgresql_psql { "Create tablespace '${spcname}'": - command => $create_tablespace_command, - unless => "SELECT spcname FROM pg_tablespace WHERE spcname='${spcname}'", + postgresql_psql { "CREATE TABLESPACE \"${spcname}\"": + command => "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'", + unless => "SELECT 1 FROM pg_tablespace WHERE spcname = '${spcname}'", require => [Class['postgresql::server'], File[$location]], } - if($owner != undef and defined(Postgresql::Server::Role[$owner])) { - Postgresql::Server::Role[$owner]->Postgresql_psql[$create_ts] + if $owner != undef and defined(Postgresql::Server::Role[$owner]) { + Postgresql::Server::Role[$owner]->Postgresql_psql["CREATE TABLESPACE \"${spcname}\""] } } From b6d6afc8a7111bfd434e61fc4fb78a6cae2942c9 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:13:29 +0100 Subject: [PATCH 0133/1000] Set default db on database class --- manifests/server/database.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 0dec25d5c0..5d555a5d77 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -33,6 +33,7 @@ # Set the defaults for the postgresql_psql resource Postgresql_psql { + db => $default_db, psql_user => $user, psql_group => $group, psql_path => $psql_path, @@ -75,21 +76,18 @@ postgresql_psql { "CREATE DATABASE \"${dbname}\"": command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", - db => $default_db, require => Class['postgresql::server::service'] }~> # This will prevent users from connecting to the database unless they've been # granted privileges. postgresql_psql { "REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": - db => $default_db, refreshonly => true, } Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", - db => $default_db, } if $comment { From fdbadc627e02d1820843058ecccb95f56bbc85a4 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:49:54 +0100 Subject: [PATCH 0134/1000] Improve SQL style on database.pp --- manifests/server/database.pp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 5d555a5d77..13b43cde2d 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -46,7 +46,7 @@ if ($version != '8.1') { $locale_option = $locale ? { undef => '', - default => "LC_COLLATE='${locale}' LC_CTYPE='${locale}'", + default => "LC_COLLATE = '${locale}' LC_CTYPE = '${locale}'", } $public_revoke_privilege = 'CONNECT' } else { @@ -56,17 +56,17 @@ $template_option = $template ? { undef => '', - default => "TEMPLATE=\"${template}\"", + default => "TEMPLATE = \"${template}\"", } $encoding_option = $encoding ? { undef => '', - default => "ENCODING='${encoding}'", + default => "ENCODING = '${encoding}'", } $tablespace_option = $tablespace ? { undef => '', - default => "TABLESPACE=\"${tablespace}\"", + default => "TABLESPACE = \"${tablespace}\"", } if $createdb_path != undef { @@ -74,8 +74,8 @@ } postgresql_psql { "CREATE DATABASE \"${dbname}\"": - command => "CREATE DATABASE \"${dbname}\" WITH OWNER=\"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", - unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", + command => "CREATE DATABASE \"${dbname}\" WITH OWNER = \"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", require => Class['postgresql::server::service'] }~> @@ -86,8 +86,8 @@ } Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> - postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": - unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", + postgresql_psql { "UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": + unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", } if $comment { @@ -97,8 +97,8 @@ default => 'shobj_description', } Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> - postgresql_psql {"COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": - unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", + postgresql_psql { "COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": + unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, } } From c49d02661b0f801037bd2d78ec5cb00d850dbd5d Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:50:57 +0100 Subject: [PATCH 0135/1000] Support changing database owners This also automatically requires the owner role on the database class. --- manifests/server/database.pp | 15 +++++++++++++-- spec/unit/defines/server/database_spec.rb | 6 ++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 13b43cde2d..d6cce69e37 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -2,7 +2,7 @@ define postgresql::server::database( $comment = undef, $dbname = $title, - $owner = $postgresql::server::user, + $owner = undef, $tablespace = undef, $template = 'template0', $encoding = $postgresql::server::encoding, @@ -74,7 +74,7 @@ } postgresql_psql { "CREATE DATABASE \"${dbname}\"": - command => "CREATE DATABASE \"${dbname}\" WITH OWNER = \"${owner}\" ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", + command => "CREATE DATABASE \"${dbname}\" WITH ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", require => Class['postgresql::server::service'] }~> @@ -103,6 +103,17 @@ } } + if $owner { + postgresql_psql { "ALTER DATABASE \"${dbname}\" OWNER TO \"${owner}\"": + unless => "SELECT 1 FROM pg_database JOIN pg_roles rol ON datdba = rol.oid WHERE datname = '${dbname}' AND rolname = '${owner}'", + require => Postgresql_psql["CREATE DATABASE \"${dbname}\""], + } + + if defined(Postgresql::Server::Role[$owner]) { + Postgresql::Server::Role[$owner]->Postgresql_psql["ALTER DATABASE \"${dbname}\" OWNER TO \"${owner}\""] + } + } + # Build up dependencies on tablespace if $tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace]) { Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql["CREATE DATABASE \"${dbname}\""] diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index ef0ba213dc..c9993f61c8 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -69,4 +69,10 @@ class {'postgresql::server':}" it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } end + + context "with different owner" do + let (:params) {{ :owner => 'test_owner' }} + + it { is_expected.to contain_postgresql_psql('ALTER DATABASE "test" OWNER TO "test_owner"') } + end end From 8a04b57a913cd2c6c3c38f739820d355a88cdb26 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 28 Nov 2016 11:54:17 +0100 Subject: [PATCH 0136/1000] Support changing schema owners --- manifests/server/schema.pp | 25 ++++++++++++++----------- spec/unit/defines/server/schema_spec.rb | 11 +++++++++++ 2 files changed, 25 insertions(+), 11 deletions(-) diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 971dfcce35..fb7bb312a4 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -13,9 +13,9 @@ # } # define postgresql::server::schema( - $db = $postgresql::server::default_database, - $owner = undef, - $schema = $title, + $db = $postgresql::server::default_database, + $owner = undef, + $schema = $title, $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user @@ -41,18 +41,21 @@ connect_settings => $connect_settings, } - $authorization = $owner ? { - undef => '', - default => "AUTHORIZATION \"${owner}\"", - } - postgresql_psql { "${db}: CREATE SCHEMA \"${schema}\"": - command => "CREATE SCHEMA \"${schema}\" ${authorization}", + command => "CREATE SCHEMA \"${schema}\"", unless => "SELECT 1 FROM pg_namespace WHERE nspname = '${schema}'", require => Class['postgresql::server'], } - if $owner != undef and defined(Postgresql::Server::Role[$owner]) { - Postgresql::Server::Role[$owner]->Postgresql_psql["${db}: CREATE SCHEMA \"${schema}\""] + if $owner { + postgresql_psql { "${db}: ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\"": + command => "ALTER SCHEMA \"${schema}\" OWNER TO ${owner}", + unless => "SELECT 1 FROM pg_namespace JOIN pg_roles rol ON nspowner = rol.oid WHERE nspname = '${schema}' AND rolname = '${owner}'", + require => Postgresql_psql["${db}: CREATE SCHEMA \"${schema}\""], + } + + if defined(Postgresql::Server::Role[$owner]) { + Postgresql::Server::Role[$owner]->Postgresql_psql["${db}: ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\""] + } } } diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index f5d106fae9..c8fa3d9703 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -29,4 +29,15 @@ end it { should contain_postgresql__server__schema('test') } + + context "with different owner" do + let :params do + { + :owner => 'nate', + :db => 'natedb', + } + end + + it { is_expected.to contain_postgresql_psql('natedb: ALTER SCHEMA "test" OWNER TO "nate"') } + end end From 954fff723b2cca511225923930f5d3d03fe5e95e Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 21 Sep 2016 16:04:45 +0200 Subject: [PATCH 0137/1000] Support changing tablespace owners --- manifests/server/tablespace.pp | 19 ++++++++++--------- spec/unit/defines/server/tablespace_spec.rb | 11 +++++++++++ 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 37972e02d4..cf0b65dc0b 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -26,12 +26,6 @@ cwd => $module_workdir, } - if $owner == undef { - $owner_section = '' - } else { - $owner_section = "OWNER \"${owner}\"" - } - file { $location: ensure => directory, owner => $user, @@ -44,12 +38,19 @@ } postgresql_psql { "CREATE TABLESPACE \"${spcname}\"": - command => "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'", + command => "CREATE TABLESPACE \"${spcname}\" LOCATION '${location}'", unless => "SELECT 1 FROM pg_tablespace WHERE spcname = '${spcname}'", require => [Class['postgresql::server'], File[$location]], } - if $owner != undef and defined(Postgresql::Server::Role[$owner]) { - Postgresql::Server::Role[$owner]->Postgresql_psql["CREATE TABLESPACE \"${spcname}\""] + if $owner { + postgresql_psql { "ALTER TABLESPACE \"${spcname}\" OWNER TO \"${owner}\"": + unless => "SELECT 1 FROM pg_tablespace JOIN pg_roles rol ON spcowner = rol.oid WHERE spcname = '${spcname}' AND rolname = '${owner}'", + require => Postgresql_psql["CREATE TABLESPACE \"${spcname}\""], + } + + if defined(Postgresql::Server::Role[$owner]) { + Postgresql::Server::Role[$owner]->Postgresql_psql["ALTER TABLESPACE \"${spcname}\" OWNER TO \"${owner}\""] + } } } diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 560a50eee2..50a93e222e 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -28,4 +28,15 @@ end it { is_expected.to contain_postgresql__server__tablespace('test') } + + context "with different owner" do + let :params do + { + :location => '/srv/data/foo', + :owner => 'test_owner', + } + end + + it { is_expected.to contain_postgresql_psql('ALTER TABLESPACE "test" OWNER TO "test_owner"') } + end end From 904e10650136983a2904ce9eb74994d12f2760c9 Mon Sep 17 00:00:00 2001 From: Chris Reeves Date: Tue, 29 Nov 2016 15:24:42 +0000 Subject: [PATCH 0138/1000] Make grant spec tests less sensitive to whitespace Make the spec tests for postgresql::server::grant on sequences less sensitive to whitespace in the SQL. --- spec/unit/defines/server/grant_spec.rb | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index efc9accf1c..fe7963622b 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -48,10 +48,11 @@ it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => "GRANT USAGE ON SEQUENCE \"test\" TO\n \"test\"", - 'unless' => "SELECT 1 WHERE has_sequence_privilege('test',\n 'test', 'USAGE')", - }) } + { + 'command' => /GRANT USAGE ON SEQUENCE "test" TO\s* "test"/m, + 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)/m, + } + ) } end context 'all sequences' do @@ -71,10 +72,11 @@ it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => "GRANT USAGE ON ALL SEQUENCES IN SCHEMA \"public\" TO\n \"test\"", - 'unless' => "SELECT 1 FROM (\n SELECT sequence_name\n FROM information_schema.sequences\n WHERE sequence_schema='public'\n EXCEPT DISTINCT\n SELECT object_name as sequence_name\n FROM information_schema.role_usage_grants\n WHERE object_type='SEQUENCE'\n AND grantee='test'\n AND object_schema='public'\n AND privilege_type='USAGE'\n ) P\n HAVING count(P.sequence_name) = 0", - }) } + { + 'command' => /GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"/m, + 'unless' => /SELECT 1 FROM \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\) P\s* HAVING count\(P\.sequence_name\) = 0/m, + } + ) } end context "with specific db connection settings - default port" do From cd8a7da81be37d38ac72a1113c38ee2845d1334c Mon Sep 17 00:00:00 2001 From: Chris Reeves Date: Tue, 29 Nov 2016 15:35:49 +0000 Subject: [PATCH 0139/1000] Add acceptance tests for grants on sequences --- spec/acceptance/server/grant_spec.rb | 122 +++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 spec/acceptance/server/grant_spec.rb diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb new file mode 100644 index 0000000000..67440767b7 --- /dev/null +++ b/spec/acceptance/server/grant_spec.rb @@ -0,0 +1,122 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server::grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + db = 'grant_priv_test' + owner = 'psql_grant_priv_owner' + user = 'psql_grant_priv_tester' + password = 'psql_grant_role_pw' + + pp_setup = <<-EOS.unindent + $db = #{db} + $owner = #{owner} + $user = #{user} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $owner: + password_hash => postgresql_password($owner, $password), + } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $owner: + ensure => present, + } + + postgresql::server::database { $db: + owner => $owner, + require => Postgresql::Server::Role[$owner], + } + + # Create a user to grant privileges to + postgresql::server::role { $user: + db => $db, + require => Postgresql::Server::Database[$db], + } + + # Make a local user for ident auth + user { $user: + ensure => present, + } + + # Grant them connect to the database + postgresql::server::database_grant { "allow connect for ${user}": + privilege => 'CONNECT', + db => $db, + role => $user, + } + EOS + + context 'sequence' do + it 'should grant usage on a sequence to a user' do + begin + pp = pp_setup + <<-EOS.unindent + + postgresql_psql { 'create test sequence': + command => 'CREATE SEQUENCE test_seq', + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant usage on test_seq': + privilege => 'USAGE', + object_type => 'SEQUENCE', + object_name => 'test_seq', + db => $db, + role => $user, + require => [ Postgresql_psql['create test sequence'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end + end + + context 'all sequences' do + it 'should grant usage on all sequences to a user' do + begin + pp = pp_setup + <<-EOS.unindent + + postgresql_psql { 'create test sequences': + command => 'CREATE SEQUENCE test_seq2; CREATE SEQUENCE test_seq3;', + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq2'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant usage on all sequences': + privilege => 'USAGE', + object_type => 'ALL SEQUENCES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test sequences'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privileges were granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end + end +end From 670298dafbab110e8585d8c3031f32cb9697003b Mon Sep 17 00:00:00 2001 From: Chris Reeves Date: Tue, 29 Nov 2016 15:48:03 +0000 Subject: [PATCH 0140/1000] Add more acceptance tests for grants on sequences Add additional acceptance tests for granting UPDATE permissions on sequences. (MODULES-4158) --- spec/acceptance/server/grant_spec.rb | 68 ++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 67440767b7..2c57310545 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -82,6 +82,40 @@ class { 'postgresql::server': } end end end + + it 'should grant update on a sequence to a user' do + begin + pp = pp_setup + <<-EOS.unindent + + postgresql_psql { 'create test sequence': + command => 'CREATE SEQUENCE test_seq', + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant update on test_seq': + privilege => 'UPDATE', + object_type => 'SEQUENCE', + object_name => 'test_seq', + db => $db, + role => $user, + require => [ Postgresql_psql['create test sequence'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end end context 'all sequences' do @@ -118,5 +152,39 @@ class { 'postgresql::server': } end end end + + it 'should grant update on all sequences to a user' do + begin + pp = pp_setup + <<-EOS.unindent + + postgresql_psql { 'create test sequences': + command => 'CREATE SEQUENCE test_seq2; CREATE SEQUENCE test_seq3;', + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq2'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant usage on all sequences': + privilege => 'UPDATE', + object_type => 'ALL SEQUENCES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test sequences'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privileges were granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end end end From 35758e48e49b11777135a3bd81e06e36891228a5 Mon Sep 17 00:00:00 2001 From: Chris Reeves Date: Tue, 29 Nov 2016 16:10:34 +0000 Subject: [PATCH 0141/1000] (MODULES-4158) Grant SELECT, UPDATE perms on sequences Add support for granting SELECT and UPDATE permissions on sequences (MODULES-4158). This requires a significant change to the unless statement used to determine whether the permission has already been granted. The previous statement used the standard SQL information_schema tables, however these provide limited information on sequence permissions. In order to retrieve the current permission set with the necessary level of detail we must query the pg_class system catalog and parse out the permisions from there. --- manifests/server/grant.pp | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 465520151a..28537905d2 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -94,13 +94,13 @@ 'ALL' => 'USAGE', default => $_privilege, } - validate_re($unless_privilege, [ '^$', '^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) + validate_re($unless_privilege, [ '^$', '^USAGE$', '^SELECT$', '^UPDATE$', '^ALL$', '^ALL PRIVILEGES$' ]) $unless_function = 'has_sequence_privilege' $on_db = $db $onlyif_function = undef } 'ALL SEQUENCES IN SCHEMA': { - validate_re($_privilege, [ '^$', '^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) + validate_re($_privilege, [ '^$', '^USAGE$', '^SELECT$', '^UPDATE$', '^ALL$', '^ALL PRIVILEGES$' ]) $unless_function = 'custom' $on_db = $db $onlyif_function = undef @@ -130,9 +130,33 @@ WHERE sequence_schema='${schema}' EXCEPT DISTINCT SELECT object_name as sequence_name - FROM information_schema.role_usage_grants - WHERE object_type='SEQUENCE' - AND grantee='${role}' + FROM ( + SELECT object_schema, + object_name, + grantee, + CASE privs_split + WHEN 'r' THEN 'SELECT' + WHEN 'w' THEN 'UPDATE' + WHEN 'U' THEN 'USAGE' + END AS privilege_type + FROM ( + SELECT DISTINCT + object_schema, + object_name, + (regexp_split_to_array(regexp_replace(privs,E'\/.*',''),'='))[1] AS grantee, + regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'\/.*',''),'='))[2],E'\\s*') AS privs_split + FROM ( + SELECT n.nspname as object_schema, + c.relname as object_name, + regexp_split_to_table(array_to_string(c.relacl,','),',') AS privs + FROM pg_catalog.pg_class c + LEFT JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid + WHERE c.relkind = 'S' + AND n.nspname NOT IN ( 'pg_catalog', 'information_schema' ) + ) P1 + ) P2 + ) P3 + WHERE grantee='${role}' AND object_schema='${schema}' AND privilege_type='${custom_privilege}' ) P From 6c212ee339580b3774e1bec52b1ef4b8a62c8597 Mon Sep 17 00:00:00 2001 From: Chris Reeves Date: Tue, 29 Nov 2016 17:34:29 +0000 Subject: [PATCH 0142/1000] Remove unnecessary backslash escape in regex Remove unnecessary backslash escape in SQL regex for sequence grant unless query (it was causing ruby validation to fail). --- manifests/server/grant.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 28537905d2..eeb42fcc9c 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -143,8 +143,8 @@ SELECT DISTINCT object_schema, object_name, - (regexp_split_to_array(regexp_replace(privs,E'\/.*',''),'='))[1] AS grantee, - regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'\/.*',''),'='))[2],E'\\s*') AS privs_split + (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, + regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split FROM ( SELECT n.nspname as object_schema, c.relname as object_name, From f830a3ef6a74fc539d43601ea666021a7579a1a3 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 1 Dec 2016 11:38:31 -0800 Subject: [PATCH 0143/1000] (MODULES-3631) msync Gemfile for 1.9 frozen strings --- Gemfile | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index 8871c66381..8a568f6a5a 100644 --- a/Gemfile +++ b/Gemfile @@ -32,33 +32,34 @@ supports_windows = false group :development do gem 'puppet-lint', :require => false - gem 'metadata-json-lint', :require => false + gem 'metadata-json-lint', :require => false, :platforms => 'ruby' gem 'puppet_facts', :require => false gem 'puppet-blacksmith', '>= 3.4.0', :require => false, :platforms => 'ruby' gem 'puppetlabs_spec_helper', '>= 1.2.1', :require => false gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'rspec-puppet-facts', :require => false + gem 'rspec-puppet-facts', :require => false, :platforms => 'ruby' gem 'mocha', '< 1.2.0', :require => false - gem 'simplecov', :require => false - gem 'parallel_tests', '< 2.10.0', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') - gem 'parallel_tests', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.0.0') - gem 'rubocop', '0.41.2', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') - gem 'rubocop', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.0.0') - gem 'rubocop-rspec', '~> 1.6', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') + gem 'simplecov', :require => false, :platforms => 'ruby' + gem 'parallel_tests', '< 2.10.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem 'parallel_tests', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.0.0') + gem 'rubocop', '0.41.2', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem 'rubocop', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.0.0') + gem 'rubocop-rspec', '~> 1.6', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') gem 'pry', :require => false - gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.0.0') + gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') end group :system_tests do gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 2.20') if supports_windows - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') and ! supports_windows - gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '< 3') if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.3.0') and ! supports_windows - gem 'beaker-pe', :require => false if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.3.0') + gem 'beaker', *location_for(ENV['BEAKER_VERSION']) if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') and ! supports_windows + gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '< 3') if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.3.0') and ! supports_windows + gem 'beaker-pe', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') if ! supports_windows gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '~> 5.1') if supports_windows gem 'beaker-puppet_install_helper', :require => false gem 'master_manipulator', :require => false gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) + gem 'beaker-abs', *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) From 0c79f49b2c1a45712d3c48cbb51b9fb6374701b4 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Tue, 6 Dec 2016 16:16:55 -0800 Subject: [PATCH 0144/1000] (FM-5939) removes spec.opts --- spec/spec.opts | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 spec/spec.opts diff --git a/spec/spec.opts b/spec/spec.opts deleted file mode 100644 index 91cd6427ed..0000000000 --- a/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace From 347327f220949f0f2a4cdf9d690b055edf3a9d22 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 9 Dec 2016 11:30:52 -0800 Subject: [PATCH 0145/1000] fixes for grant_spec --- spec/acceptance/server/grant_spec.rb | 94 +++++++++++++++++++--------- 1 file changed, 64 insertions(+), 30 deletions(-) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 2c57310545..c961d5fc65 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -2,12 +2,13 @@ describe 'postgresql::server::grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - db = 'grant_priv_test' - owner = 'psql_grant_priv_owner' - user = 'psql_grant_priv_tester' - password = 'psql_grant_role_pw' + let(:db) { 'grant_priv_test' } + let(:owner) { 'psql_grant_priv_owner' } + let(:user) { 'psql_grant_priv_tester' } + let(:password) { 'psql_grant_role_pw' } + let(:pp_install) { "class {'postgresql::server': }"} - pp_setup = <<-EOS.unindent + let(:pp_setup) { pp_setup = <<-EOS.unindent $db = #{db} $owner = #{owner} $user = #{user} @@ -46,7 +47,8 @@ class { 'postgresql::server': } db => $db, role => $user, } - EOS + EOS + } context 'sequence' do it 'should grant usage on a sequence to a user' do @@ -72,13 +74,21 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_install, :catch_failures => true) - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end end end end @@ -106,13 +116,21 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_install, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end end end end @@ -142,13 +160,21 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_install, :catch_failures => true) - ## Check that the privileges were granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privileges were granted to the user, this check is not available on version < 9.0 + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end end end end @@ -176,13 +202,21 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_install, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) - ## Check that the privileges were granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + ## Check that the privileges were granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end end end end From c50910611064ecf0220511eceee51948756919d2 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Tue, 20 Sep 2016 18:02:29 +0200 Subject: [PATCH 0146/1000] Revert "Update config_entry.pp add ability to set log_min_duration_statement" --- manifests/server/config_entry.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index d1d501f080..08f6a099dc 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -16,7 +16,7 @@ } case $name { - /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time|log_min_duration_statement/: { + /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { if $postgresql::server::service_restart_on_change { Postgresql_conf { notify => Class['postgresql::server::service'], From 4d20aeeab332c2ae680e4aaa28bbb4070872935a Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 21 Sep 2016 16:12:22 +0200 Subject: [PATCH 0147/1000] Support changing database tablespaces --- manifests/server/database.pp | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index d6cce69e37..b03729c917 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -114,8 +114,15 @@ } } - # Build up dependencies on tablespace - if $tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace]) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql["CREATE DATABASE \"${dbname}\""] + if $tablespace { + postgresql_psql { "ALTER DATABASE \"${dbname}\" SET ${tablespace_option}": + unless => "SELECT 1 FROM pg_database JOIN pg_tablespace spc ON dattablespace = spc.oid WHERE datname = '${dbname}' AND spcname = '${tablespace}'", + require => Postgresql_psql["CREATE DATABASE \"${dbname}\""], + } + + if defined(Postgresql::Server::Tablespace[$tablespace]) { + # The tablespace must be there, before we create the database. + Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql["CREATE DATABASE \"${dbname}\""] + } } } From 83e2500e59d6ef7e423ae8cf0727c67019088ba4 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 14 Dec 2016 13:29:35 -0800 Subject: [PATCH 0148/1000] gettext and spec.opts --- Gemfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Gemfile b/Gemfile index 8a568f6a5a..3d46720d2f 100644 --- a/Gemfile +++ b/Gemfile @@ -47,6 +47,8 @@ group :development do gem 'rubocop-rspec', '~> 1.6', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') gem 'pry', :require => false gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem 'fast_gettext', '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem 'fast_gettext', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') end group :system_tests do From 09340196ab4a387464ddf4f164b27f81a442d61c Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 19 Dec 2016 11:38:31 -0500 Subject: [PATCH 0149/1000] Change - Add support for Fedora 25 to globals class Added support for Fedora 25. Fedora 25 provides postgresql-server version 9.5. --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 2c777c290f..85ef0965da 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -64,7 +64,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { - /^(24)$/ => '9.5', + /^(24|25)$/ => '9.5', /^(22|23)$/ => '9.4', /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', From 8854a1c738bfa2ffb44648cadacbf930179a15f7 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 12 Dec 2016 15:23:26 -0500 Subject: [PATCH 0150/1000] Change - Ensure that postgres directories have proper SELinux labels The postgresql data directory and log directory need to have proper SELinux labels set when SELinux is enabled. --- manifests/server/initdb.pp | 35 +++++++++++++------ spec/unit/classes/server/config_spec.rb | 3 ++ spec/unit/classes/server/initdb_spec.rb | 5 +++ spec/unit/classes/server/plpython_spec.rb | 1 + spec/unit/defines/server/config_entry_spec.rb | 4 +++ 5 files changed, 37 insertions(+), 11 deletions(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 04d5aa83a3..2252a198f1 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -22,30 +22,43 @@ cwd => $module_workdir, } + if $::osfamily == 'RedHat' and $::selinux == true { + $seltype = 'postgresql_db_t' + $logdir_type = 'postgresql_log_t' + } + + else { + $seltype = undef + $logdir_type = undef + } + # Make sure the data directory exists, and has the correct permissions. file { $datadir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, } if($xlogdir) { # Make sure the xlog directory exists, and has the correct permissions. file { $xlogdir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, } } if($logdir) { # Make sure the log directory exists, and has the correct permissions. file { $logdir: - ensure => directory, - owner => $user, - group => $group, + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, } } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 56b7e9c971..16e1aef064 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -15,6 +15,7 @@ :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it 'should have the correct systemd-override file' do @@ -62,6 +63,7 @@ class { 'postgresql::server': } :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it 'should have the correct systemd-override file' do @@ -117,6 +119,7 @@ class { 'postgresql::server': } :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => false, } end it 'should have the correct systemd-override file' do diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 54044fbb99..3482970069 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -14,6 +14,7 @@ :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } @@ -28,6 +29,7 @@ :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } @@ -43,6 +45,7 @@ :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let (:pre_condition) do @@ -71,6 +74,7 @@ class { 'postgresql::server': } :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let (:pre_condition) do @@ -99,6 +103,7 @@ class { 'postgresql::server': } :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index f2e1654115..29a1440b7b 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -10,6 +10,7 @@ :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 34963b8bf9..b05fad0984 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -10,6 +10,7 @@ :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end @@ -39,6 +40,7 @@ :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} @@ -58,6 +60,7 @@ :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} @@ -77,6 +80,7 @@ :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} From 679a0f3ebedda10db7fab80239093190c1ead50e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 5 Jan 2017 18:11:26 +0100 Subject: [PATCH 0151/1000] Remove deprecated force parameter from concat Prevents warnings like: Scope(Concat[/var/lib/pgsql/data/pg_ident.conf]): The $force parameter to concat is deprecated and has no effect --- manifests/server/config.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 205dd222ad..1e2347e174 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -154,7 +154,6 @@ concat { $pg_ident_conf_path: owner => $user, group => $group, - force => true, # do not crash if there is no pg_ident_rules mode => '0640', warn => true, notify => Class['postgresql::server::reload'], @@ -165,7 +164,6 @@ concat { $recovery_conf_path: owner => $user, group => $group, - force => true, # do not crash if there is no recovery conf file mode => '0640', warn => true, notify => Class['postgresql::server::reload'], From 8ec4ce5dddee59a382972f1646da8f2e934127ab Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 5 Jan 2017 15:32:47 -0800 Subject: [PATCH 0152/1000] (MODULES-4097) Sync travis.yml --- .travis.yml | 2 +- Gemfile | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index e279ee3cb8..5eebcf5540 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,7 @@ sudo: false language: ruby cache: bundler -script: "bundle exec rake validate lint spec" +script: "bundle exec rake release_checks" #Inserting below due to the following issue: https://github.com/travis-ci/travis-ci/issues/3531#issuecomment-88311203 before_install: - gem update bundler diff --git a/Gemfile b/Gemfile index 3d46720d2f..5820775a36 100644 --- a/Gemfile +++ b/Gemfile @@ -59,6 +59,7 @@ group :system_tests do gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') if ! supports_windows gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '~> 5.1') if supports_windows gem 'beaker-puppet_install_helper', :require => false + gem 'beaker-module_install_helper', :require => false gem 'master_manipulator', :require => false gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) gem 'beaker-abs', *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') From 1f9931dbd2457d454b1b0c85a1fcb36cb7364a90 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Wed, 11 Jan 2017 13:09:13 +0100 Subject: [PATCH 0153/1000] Fix validation script to work with dash --- files/validate_postgresql_connection.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/validate_postgresql_connection.sh b/files/validate_postgresql_connection.sh index 2b3d629445..1c3506c71a 100644 --- a/files/validate_postgresql_connection.sh +++ b/files/validate_postgresql_connection.sh @@ -26,7 +26,7 @@ do then exit 0 fi -$c++ + c=$((c+1)) done echo 'Unable to connect to postgresql' From a9414b63f16182f6b93daa1841ca6b26720792c7 Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Thu, 19 Jan 2017 14:41:54 +0000 Subject: [PATCH 0154/1000] Implement beaker-module_install_helper and cleanup spec_helper_acceptance.rb Removed workaround for solaris ca certs as this is now covered by beaker-puppet_install_helper --- spec/spec_helper_acceptance.rb | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 2525ec3fcc..050660d4c7 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,8 +1,12 @@ require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' require 'beaker/puppet_install_helper' +require 'beaker/module_install_helper' run_puppet_install_helper +install_ca_certs unless ENV['PUPPET_INSTALL_TYPE'] =~ /pe/i +install_module_on(hosts) +install_module_dependencies_on(hosts) UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] @@ -39,19 +43,12 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) shell("su #{shellescape(user)} -c #{shellescape(psql)}", :acceptable_exit_codes => exit_codes, &block) end - RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - # Readable test descriptions c.formatter = :documentation # Configure all nodes in nodeset c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'postgresql') - # Set up selinux if appropriate. if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' pp = <<-EOS @@ -83,19 +80,13 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) end hosts.each do |host| - on host, "/bin/touch #{default['puppetpath']}/hiera.yaml" + on host, "/bin/touch #{host['puppetpath']}/hiera.yaml" on host, 'chmod 755 /root' if fact_on(host, 'osfamily') == 'Debian' on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" on host, '/usr/sbin/locale-gen' on host, '/usr/sbin/update-locale' end - - on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','--force','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } end - - end end From 9d3ae90b6aea102b7201e80add438f796b4185d0 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 19 Jan 2017 16:16:14 -0800 Subject: [PATCH 0155/1000] (MODULES-4098) Sync the rest of the files --- .gitignore | 12 ++++++++++++ .project | 6 +++--- .sync.yml | 21 ++++----------------- .travis.yml | 15 +++------------ CONTRIBUTING.md | 3 +-- Gemfile | 10 ++++------ MAINTAINERS.md | 6 ++++++ Rakefile | 7 +++---- 8 files changed, 36 insertions(+), 44 deletions(-) create mode 100644 MAINTAINERS.md diff --git a/.gitignore b/.gitignore index 0cd25de9af..f6e8b46c29 100644 --- a/.gitignore +++ b/.gitignore @@ -1,12 +1,24 @@ #This file is generated by ModuleSync, do not edit. pkg/ Gemfile.lock +Gemfile.local vendor/ spec/fixtures/manifests/ spec/fixtures/modules/ +log/ +junit/ .vagrant/ .bundle/ coverage/ log/ .idea/ +.metadata *.iml +.*.sw[op] +.yardoc +.yardwarns +.DS_Store +tmp/ +vendor/ +doc/ + diff --git a/.project b/.project index a680a0bce7..96606a4a1a 100644 --- a/.project +++ b/.project @@ -1,12 +1,12 @@ - postgresql + puppetlabs-postgresql - org.cloudsmith.geppetto.pp.dsl.ui.modulefileBuilder + com.puppetlabs.geppetto.pp.dsl.ui.modulefileBuilder @@ -17,7 +17,7 @@ - org.cloudsmith.geppetto.pp.dsl.ui.puppetNature + com.puppetlabs.geppetto.pp.dsl.ui.puppetNature org.eclipse.xtext.ui.shared.xtextNature diff --git a/.sync.yml b/.sync.yml index 781584adc0..5850feded2 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,20 +1,7 @@ --- -.travis.yml: - includes: - - rvm: 2.3.1 - env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - bundler_args: --without system_tests - - rvm: 2.1.9 - env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - bundler_args: --without system_tests - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - bundler_args: --without system_tests - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - bundler_args: --without system_tests - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - bundler_args: --without system_tests +NOTICE: + unmanaged: true +appveyor.yml: + delete: true spec/spec_helper.rb: allow_deprecations: true diff --git a/.travis.yml b/.travis.yml index 5eebcf5540..4981b25921 100644 --- a/.travis.yml +++ b/.travis.yml @@ -24,18 +24,9 @@ matrix: sudo: required - rvm: 2.3.1 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - - rvm: 2.1.9 + env: PUPPET_GEM_VERSION="~> 4.0" + - rvm: 2.1.7 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" STDLIB_LOG_DEPRECATIONS="false" - - rvm: 2.1.5 - bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.5 - bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 3.0" + env: PUPPET_GEM_VERSION="~> 4.0" notifications: email: false diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3c3f1e7999..990edba7e7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -43,7 +43,7 @@ Checklist (and a short version for the impatient) - Make sure you have a [GitHub account](https://github.com/join) - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. + - [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. * Preferred method: @@ -215,4 +215,3 @@ Additional Resources * [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/Gemfile b/Gemfile index 5820775a36..5d863251d6 100644 --- a/Gemfile +++ b/Gemfile @@ -49,15 +49,13 @@ group :development do gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem 'fast_gettext', '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') gem 'fast_gettext', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem 'rainbow', '< 2.2.0', :require => false end group :system_tests do - gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 2.20') if supports_windows - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') and ! supports_windows - gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '< 3') if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.3.0') and ! supports_windows - gem 'beaker-pe', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') if ! supports_windows - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '~> 5.1') if supports_windows + gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '>= 3') + gem 'beaker-pe', :require => false + gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION']) gem 'beaker-puppet_install_helper', :require => false gem 'beaker-module_install_helper', :require => false gem 'master_manipulator', :require => false diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 0000000000..d8c8f6f681 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,6 @@ +## Maintenance + +Maintainers: + - Puppet Forge Modules Team `forge-modules |at| puppet |dot| com` + +Tickets: https://tickets.puppet.com/browse/MODULES. Make sure to set component to `postgresql`. diff --git a/Rakefile b/Rakefile index 3e8d4cb952..d12d85495d 100644 --- a/Rakefile +++ b/Rakefile @@ -1,10 +1,9 @@ -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? +PuppetLint.configuration.fail_on_warnings = true PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') desc 'Generate pooler nodesets' task :gen_nodeset do From fd19448dbc5f967a19b951f8d6415307655bf6e8 Mon Sep 17 00:00:00 2001 From: Christoph Berg Date: Wed, 8 Feb 2017 15:25:49 +0100 Subject: [PATCH 0156/1000] Fix typo: hostnosssl --- manifests/server/pg_hba_rule.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 406568fbca..eb1e275cb2 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -28,7 +28,7 @@ fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { validate_re($type, '^(local|host|hostssl|hostnossl)$', - "The type you specified [${type}] must be one of: local, host, hostssl, hostnosssl") + "The type you specified [${type}] must be one of: local, host, hostssl, hostnossl") if($type =~ /^host/ and $address == undef) { fail('You must specify an address property when type is host based') From 073645a5c65a1aa15cb63e0d910dbea4bece0344 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 8 Feb 2017 10:51:48 -0800 Subject: [PATCH 0157/1000] (MODULES-1127) allow LANGUAGE as valid object_type A community request came in from someone wanting to be able to grant usage on language and it was being blocked by `validate_re` in ::server::grant. This commit adds LANGUAGE to the allowed list of object types. --- manifests/server/grant.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index eeb42fcc9c..223d60be82 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -49,6 +49,7 @@ '^ALL SEQUENCES IN SCHEMA$', '^TABLE$', '^ALL TABLES IN SCHEMA$', + '^LANGUAGE$', #'^TABLESPACE$', #'^VIEW$', ] From 98976bda3d540eabd7fbd55c809885a7aa59c7e9 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 8 Feb 2017 15:41:05 -0800 Subject: [PATCH 0158/1000] (MODULES-1127) add actual object type def and spec test Adding LANGUAGE to the initial validation list was not enough, some additional params needed to be defined. Acceptance tests were also added to verify USAGE could be granted on the plpgsql language, which ships with postgres --- manifests/server/grant.pp | 17 ++++++++++-- spec/acceptance/server/grant_spec.rb | 40 ++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 2 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 223d60be82..246b403d02 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -219,6 +219,18 @@ ) P HAVING count(P.table_name) = 0" } + 'LANGUAGE': { + $unless_privilege = $_privilege ? { + 'ALL' => 'USAGE', + 'ALL PRIVILEGES' => 'USAGE', + default => $_privilege, + } + validate_re($unless_privilege, [ '^$','^CREATE$','^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) + $unless_function = 'has_language_privilege' + $on_db = $psql_db + $onlyif_function = undef + } + default: { fail("Missing privilege validation for object type ${_object_type}") } @@ -249,8 +261,9 @@ } $_onlyif = $onlyif_function ? { - 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", - default => undef, + 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", + 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", + default => undef, } $grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${_togrant_object}\" TO diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index c961d5fc65..01a85f0959 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -5,6 +5,8 @@ let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } + #testing grants on language requires a superuser + let(:superuser) { 'postgres' } let(:password) { 'psql_grant_role_pw' } let(:pp_install) { "class {'postgresql::server': }"} @@ -50,6 +52,44 @@ class { 'postgresql::server': } EOS } + context 'GRANT * on LANGUAGE' do + let(:pp_lang) { pp_setup + <<-EOS.unindent + + postgresql_psql { 'make sure plpgsql exists': + command => 'CREATE OR REPLACE LANGUAGE plpgsql', + db => $db, + psql_user => $superuser, + unless => "SELECT 1 from pg_language where lanname = 'plpgsql'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant usage on plpgsql': + psql_user => '#{superuser}', + privilege => 'USAGE', + object_type => 'LANGUAGE', + object_name => 'plpgsql', + role => $user, + db => $db, + require => [ Postgresql_psql['make sure plpgsql exists'], + Postgresql::Server::Role[$user], ] + } + EOS + } + + it 'is expected to run idempotently' do + apply_manifest(pp_lang, :catch_failures => true) + apply_manifest(pp_lang, :catch_changes => true) + end + + it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + end + context 'sequence' do it 'should grant usage on a sequence to a user' do begin From d7fac652e19756177010e95fdd8c0d9a642c98cc Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 9 Feb 2017 09:44:36 -0800 Subject: [PATCH 0159/1000] (MODULES-1127) add spec test for onlyif_exists function This adds an additional test for the onlyif_exists function which should skip the command if the language specified does not exist. This is a hardcoded psql command that could need to be updated in the future and should be tested for. --- manifests/server/grant.pp | 5 +- spec/acceptance/server/grant_spec.rb | 81 +++++++++++++++++----------- 2 files changed, 55 insertions(+), 31 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 246b403d02..7eaf506c91 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -228,7 +228,10 @@ validate_re($unless_privilege, [ '^$','^CREATE$','^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_language_privilege' $on_db = $psql_db - $onlyif_function = undef + $onlyif_function = $onlyif_exists ? { + true => 'language_exists', + default => undef, + } } default: { diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 01a85f0959..94b75dc7f8 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -52,40 +52,61 @@ class { 'postgresql::server': } EOS } - context 'GRANT * on LANGUAGE' do - let(:pp_lang) { pp_setup + <<-EOS.unindent - - postgresql_psql { 'make sure plpgsql exists': - command => 'CREATE OR REPLACE LANGUAGE plpgsql', - db => $db, - psql_user => $superuser, - unless => "SELECT 1 from pg_language where lanname = 'plpgsql'", - require => Postgresql::Server::Database[$db], + context 'LANGUAGE' do + describe 'GRANT * ON LANGUAGE' do + let(:pp_lang) { pp_setup + <<-EOS.unindent + + postgresql_psql { 'make sure plpgsql exists': + command => 'CREATE OR REPLACE LANGUAGE plpgsql', + db => $db, + psql_user => $superuser, + unless => "SELECT 1 from pg_language where lanname = 'plpgsql'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant usage on plpgsql': + psql_user => '#{superuser}', + privilege => 'USAGE', + object_type => 'LANGUAGE', + object_name => 'plpgsql', + role => $user, + db => $db, + require => [ Postgresql_psql['make sure plpgsql exists'], + Postgresql::Server::Role[$user], ] } + EOS + } - postgresql::server::grant { 'grant usage on plpgsql': - psql_user => '#{superuser}', - privilege => 'USAGE', - object_type => 'LANGUAGE', - object_name => 'plpgsql', - role => $user, - db => $db, - require => [ Postgresql_psql['make sure plpgsql exists'], - Postgresql::Server::Role[$user], ] - } - EOS - } + it 'is expected to run idempotently' do + apply_manifest(pp_lang, :catch_failures => true) + apply_manifest(pp_lang, :catch_changes => true) + end - it 'is expected to run idempotently' do - apply_manifest(pp_lang, :catch_failures => true) - apply_manifest(pp_lang, :catch_changes => true) - end + it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end + + let(:pp_onlyif) { pp_setup + <<-EOS.unindent + postgresql::server::grant { 'grant usage on BSql': + psql_user => '#{superuser}', + privilege => 'USAGE', + object_type => 'LANGUAGE', + object_name => 'bsql', + role => $user, + db => $db, + onlyif_exists => true, + } + EOS + } - it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + #test onlyif_exists function + it 'is expected to not GRANT USAGE ON (dummy)LANGUAGE BSql to ROLE' do + apply_manifest(pp_onlyif, :catch_failures => true) + apply_manifest(pp_onlyif, :catch_changes => true) end end end From c487fcbbaf06222ba6c23e81c7016bf22dcfd550 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 10 Feb 2017 10:32:42 -0800 Subject: [PATCH 0160/1000] (maint) Schemas for a db should come after db --- manifests/server/schema.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index fb7bb312a4..f0e762e64b 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -24,6 +24,8 @@ $version = $postgresql::server::_version $module_workdir = $postgresql::server::module_workdir + Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] + # If the connection settings do not contain a port, then use the local server port if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { $port = undef From df7743c44368f62b5ff93e2d95906ee97e7e2dd0 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 9 Feb 2017 14:27:20 -0800 Subject: [PATCH 0161/1000] (maint) fix grant_spec test Tests from #838 broke because the CREATE AND REPLACE LANGUAGE command is not available until postgresql 9. I originally thought that using only CREATE LANGUAGE would not be idempotent, but it turns out it is. This commit changes CREATE AND REPLACE LANGUAGE to CREATE LANGUAGE. --- manifests/server/grant.pp | 2 +- spec/acceptance/server/grant_spec.rb | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 7eaf506c91..2836f17fe0 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -227,7 +227,7 @@ } validate_re($unless_privilege, [ '^$','^CREATE$','^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_language_privilege' - $on_db = $psql_db + $on_db = $db $onlyif_function = $onlyif_exists ? { true => 'language_exists', default => undef, diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 94b75dc7f8..4b95cb646d 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -5,8 +5,6 @@ let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } - #testing grants on language requires a superuser - let(:superuser) { 'postgres' } let(:password) { 'psql_grant_role_pw' } let(:pp_install) { "class {'postgresql::server': }"} @@ -54,12 +52,14 @@ class { 'postgresql::server': } context 'LANGUAGE' do describe 'GRANT * ON LANGUAGE' do + #testing grants on language requires a superuser + let(:superuser) { 'postgres' } let(:pp_lang) { pp_setup + <<-EOS.unindent postgresql_psql { 'make sure plpgsql exists': - command => 'CREATE OR REPLACE LANGUAGE plpgsql', + command => 'CREATE LANGUAGE plpgsql', db => $db, - psql_user => $superuser, + psql_user => '#{superuser}', unless => "SELECT 1 from pg_language where lanname = 'plpgsql'", require => Postgresql::Server::Database[$db], } From fceaabf66f791964364bd5a36c2fafe05f58f904 Mon Sep 17 00:00:00 2001 From: Michael Moll Date: Sat, 11 Feb 2017 15:19:57 +0100 Subject: [PATCH 0162/1000] support Debian/stretch and Ubuntu/yakkety --- manifests/globals.pp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 85ef0965da..b005c62b0e 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -81,9 +81,10 @@ }, 'Debian' => $::operatingsystem ? { 'Debian' => $::operatingsystemrelease ? { - /^6\./ => '8.4', - /^(wheezy|7\.)/ => '9.1', - /^(jessie|8\.)/ => '9.4', + /^(squeeze|6\.)/ => '8.4', + /^(wheezy|7\.)/ => '9.1', + /^(jessie|8\.)/ => '9.4', + /^(stretch|9\.)/ => '9.6', default => undef, }, 'Ubuntu' => $::operatingsystemrelease ? { @@ -91,7 +92,7 @@ /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(14.04)$/ => '9.3', /^(14.10|15.04|15.10)$/ => '9.4', - /^(16.04)$/ => '9.5', + /^(16.04|16.10)$/ => '9.5', default => undef, }, default => undef, From f985be6d3c150cec6d5b636aa856d31177f8a72d Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 13 Feb 2017 08:35:53 -0500 Subject: [PATCH 0163/1000] Change - Remove deprecated force parameter on concat resources The $force parameter to concat is deprecated and has no effect. --- manifests/server/config.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 205dd222ad..1e2347e174 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -154,7 +154,6 @@ concat { $pg_ident_conf_path: owner => $user, group => $group, - force => true, # do not crash if there is no pg_ident_rules mode => '0640', warn => true, notify => Class['postgresql::server::reload'], @@ -165,7 +164,6 @@ concat { $recovery_conf_path: owner => $user, group => $group, - force => true, # do not crash if there is no recovery conf file mode => '0640', warn => true, notify => Class['postgresql::server::reload'], From ae0e64310e694f99e02be7d096f6c3ee672535e2 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 13 Feb 2017 07:31:21 -0800 Subject: [PATCH 0164/1000] (maint) accomodate old pgsql version We still support older OSes like redhat 5 which, by default, installs postgresql 8.1. This version does not support the CONNECT privilege, which is used to set up the grant tests. Fixing this completely is both out of scope and low priority given the age of 8.1, so this commit adds a bandaid to skip these tests if pgsql is below 8.4 --- spec/acceptance/server/grant_spec.rb | 45 ++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 12 deletions(-) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 4b95cb646d..63f2d7e47d 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -77,18 +77,31 @@ class { 'postgresql::server': } EOS } - it 'is expected to run idempotently' do - apply_manifest(pp_lang, :catch_failures => true) - apply_manifest(pp_lang, :catch_changes => true) - end + it 'is expected to run idempotently' do + apply_manifest(pp_install) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] - it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') + if version >= '8.4.0' + apply_manifest(pp_lang, :catch_failures => true) + apply_manifest(pp_lang, :catch_changes => true) + end + end + + it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '8.4.0' + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| + expect(r.stdout).to match(/\(1 row\)/) + expect(r.stderr).to eq('') + end + end end - end let(:pp_onlyif) { pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant usage on BSql': @@ -105,8 +118,16 @@ class { 'postgresql::server': } #test onlyif_exists function it 'is expected to not GRANT USAGE ON (dummy)LANGUAGE BSql to ROLE' do - apply_manifest(pp_onlyif, :catch_failures => true) - apply_manifest(pp_onlyif, :catch_changes => true) + apply_manifest(pp_install) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '8.4.0' + apply_manifest(pp_onlyif, :catch_failures => true) + apply_manifest(pp_onlyif, :catch_changes => true) + end end end end From 87bb11d68bc98575f0d247859c8ea87577df6e34 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 13 Feb 2017 11:13:52 -0800 Subject: [PATCH 0165/1000] (MODULES-1508) edit validation regex in config_entry manifest unix_socket_directories, new in 9.3, requires a server restart for changes. Only recognized config attributes trigger a restart, so this adds it to the list to be recognized. --- manifests/server/config_entry.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 08f6a099dc..7c34737de8 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -16,7 +16,7 @@ } case $name { - /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { + /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_director(y|ies)|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { if $postgresql::server::service_restart_on_change { Postgresql_conf { notify => Class['postgresql::server::service'], From 5befa0c1a05db2bbd6ad6944aaffe08bb179cc16 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 13 Feb 2017 12:04:27 -0800 Subject: [PATCH 0166/1000] (MODULES-1508) add unit test This adds a unit test to make sure that unix_socket_directories notifies a service restart --- spec/unit/defines/server/config_entry_spec.rb | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index b05fad0984..34f0c70002 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -110,4 +110,27 @@ :value => 'off' }) end end + + context 'unix_socket_directories' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7.0', + :kernel => 'Linux', + :concat_basedir => tmpfilename('contrib'), + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, + } + end + let(:params) {{ :ensure => 'present', :name => 'unix_socket_directories', :value => '/var/pgsql, /opt/postgresql, /root/' }} + + it 'should restart the server and change unix_socket_directories to the provided list' do + is_expected.to contain_postgresql_conf('unix_socket_directories') + .with({ :name => 'unix_socket_directories', + :value => '/var/pgsql, /opt/postgresql, /root/'}) + .that_notifies('Class[postgresql::server::service]') + end + end end From d71ba9d133329d03cf0144c77bc10c7ffd0600a4 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 13 Feb 2017 22:02:46 -0800 Subject: [PATCH 0167/1000] (MODULES-1508) add acceptance test This is an acceptance test to test config entries in general, specifically unix_socket_directories. The manifest should run without failures and the provided list of socket dirs should be present in the config file. --- spec/acceptance/server/config_entry_spec.rb | 38 +++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 spec/acceptance/server/config_entry_spec.rb diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb new file mode 100644 index 0000000000..6e562592da --- /dev/null +++ b/spec/acceptance/server/config_entry_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server::config_entry' do + + let(:pp_setup) { <<-EOS + class { 'postgresql::server': + postgresql_conf_path => '/tmp/postgresql.conf', + } + EOS + } + + context 'unix_socket_directories' do + let(:pp_test) { pp_setup + <<-EOS + postgresql::server::config_entry { 'unix_socket_directories': + value => '/var/socket/, /root/' + } + EOS + } + + #get postgresql version + apply_manifest("class { 'postgresql::server': }") + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.3' + it 'is expected to run idempotently' do + apply_manifest(pp_test, :catch_failures => true) + apply_manifest(pp_test, :catch_changes => true) + end + + it 'is expected to contain directories' do + shell('cat /tmp/postgresql.conf') do |output| + expect(output.stdout).to contain("unix_socket_directories = '/var/socket/, /root/'") + end + end + end + end +end From 911f791eef03b1140bb6b34b8148de894905d90f Mon Sep 17 00:00:00 2001 From: Taylan Develioglu Date: Mon, 2 Jan 2017 16:43:58 +0100 Subject: [PATCH 0168/1000] Remove unnecessary `client_package_name` parameter from server. This was missed during some re-factor a long time back. --- manifests/server.pp | 1 - manifests/server/install.pp | 1 - 2 files changed, 2 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 98cb3ebb02..2e90178197 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -3,7 +3,6 @@ $postgres_password = undef, $package_name = $postgresql::params::server_package_name, - $client_package_name = $postgresql::params::client_package_name, $package_ensure = $postgresql::params::package_ensure, $plperl_package_name = $postgresql::params::plperl_package_name, diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 8724f9f379..57fd0d35b2 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -2,7 +2,6 @@ class postgresql::server::install { $package_ensure = $postgresql::server::package_ensure $package_name = $postgresql::server::package_name - $client_package_name = $postgresql::server::client_package_name $_package_ensure = $package_ensure ? { true => 'present', From 8810572ed2830a08729ac539442bb4b065ba9e2f Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 23 Feb 2017 14:45:34 -0800 Subject: [PATCH 0169/1000] (MODULES-1707) add logic to params.pp for jdbc driver package on Debian the name of the jdbc driver package is different on Debian 6. This adds logic in params.pp to account for that. --- manifests/params.pp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index d40a1eb8ff..322e1d662f 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -150,7 +150,13 @@ $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } $devel_package_name = pick($devel_package_name, 'libpq-dev') - $java_package_name = pick($java_package_name, 'libpostgresql-jdbc-java') + $java_package_name = $::operatingsystem ? { + 'Debian' => $::lsbmajdistrelease ? { + /^6/ => pick($java_package_name, 'libjava'), + default => pick($java_package_name, 'libpostgresql-jdbc-java'), + }, + default => pick($java_package_name, 'libpostgresql-jdbc-java'), + } $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") $plpython_package_name = pick($plpython_package_name, "postgresql-plpython-${version}") From b0854b87cc20723cd5a47599b3863ec3cf06d68c Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 23 Feb 2017 15:47:14 -0800 Subject: [PATCH 0170/1000] (MODULES-1707) use operatingsystemrelease and update unit test lsbmajdistrelease was causing spec failures because it is not available for Debian, so this changes to operatingsystemrelease. also, the unit test for the postgresql::lib::java manifest needed to be updated. --- manifests/params.pp | 6 +++--- spec/unit/classes/lib/java_spec.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 322e1d662f..b07f8f2930 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -150,9 +150,9 @@ $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } $devel_package_name = pick($devel_package_name, 'libpq-dev') - $java_package_name = $::operatingsystem ? { - 'Debian' => $::lsbmajdistrelease ? { - /^6/ => pick($java_package_name, 'libjava'), + $java_package_name = $::operatingsystem ? { + 'Debian' => $::operatingsystemrelease ? { + /^6/ => pick($java_package_name, 'libpg-java'), default => pick($java_package_name, 'libpostgresql-jdbc-java'), }, default => pick($java_package_name, 'libpostgresql-jdbc-java'), diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index f31c3f032e..76dbbd987e 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -10,7 +10,7 @@ } end it { is_expected.to contain_package('postgresql-jdbc').with( - :name => 'libpostgresql-jdbc-java', + :name => 'libpg-java', :ensure => 'present', :tag => 'postgresql' )} From 5c535b98e674104b952bb166de248b49d696ac72 Mon Sep 17 00:00:00 2001 From: Dagan McGregor Date: Tue, 28 Feb 2017 13:44:37 +1300 Subject: [PATCH 0171/1000] Update $allowed_auth_methods for newer PostgreSQL versions 9.5 and 9.6 --- manifests/server/pg_hba_rule.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index eb1e275cb2..0eecdc5725 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -35,6 +35,8 @@ } $allowed_auth_methods = $postgresql_version ? { + '9.6' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], + '9.5' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.3' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.2' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], @@ -44,7 +46,7 @@ '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], - default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt'] + default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] } $auth_method_regex = join(['^(', join($allowed_auth_methods, '|'), ')$'],'') From 68df8db773cffba86b4165595dff193912bef84f Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 6 Mar 2017 11:41:41 -0800 Subject: [PATCH 0172/1000] (MODULES-4490) release prep for 4.9.0 --- CHANGELOG.md | 20 ++++++++++++++++++++ metadata.json | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e4480c7e75..4946eff5e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,23 @@ +## Supported Release 4.9.0 +### Summary +This release adds several types and, among other bugs, fixes an issue with the yum URL. + +#### Features +- Modifying ownership of databases and schemas now available (MODULES-3247) +- Use `module_workdir` to specify a custom directory in which to execute psql commands +- `grant_role` and `grant` types added! +- Support for parallel unit testing (parallel_tests) +- Override download/installation repo URL with `repo_baseurl` +- Set your timezone with `timezone` +- Grant privileges on LANGUAGEs +- Added support for Debian Stretch and Ubuntu Yakkety Yak + +#### Bugfixes +- Usernames and passwords are now converted to strings before password hash is created +- Specify default database name if it is not the username +- Update to yum repo +- Schema name conflicts fix + ## Supported Release 4.8.0 ### Summary This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. diff --git a/metadata.json b/metadata.json index 2a59dc9d22..a3e2c693c9 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.8.0", + "version": "4.9.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From b6fbbb3600f8bab904cdb980aa429b56b731443e Mon Sep 17 00:00:00 2001 From: Theo Chatzimichos Date: Sat, 11 Mar 2017 18:28:05 +0100 Subject: [PATCH 0173/1000] fix default params for SUSE family OSes - remove the old openSUSE 13.2 - add default value '94' to cover all the recent and supported openSUSE distros - use the old initscript for SLE 11 SPx, systemd commands for anything else --- manifests/globals.pp | 4 ++-- manifests/params.pp | 9 +++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index b005c62b0e..22f44d13f9 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -111,10 +111,10 @@ 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', - default => '93', + default => '94', }, 'OpenSuSE' => $::operatingsystemrelease ? { - '13.2' => '93', + default => '94', }, default => undef, }, diff --git a/manifests/params.pp b/manifests/params.pp index b07f8f2930..80ef0e4df5 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -278,8 +278,13 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - $service_status = pick($service_status, "/etc/init.d/${service_name} status") - $service_reload = "/etc/init.d/${service_name} reload" + if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, 11.4) <= 0 { + $service_status = pick($service_status, "/etc/init.d/${service_name} status") + $service_reload = "/etc/init.d/${service_name} reload" + } else { + $service_status = pick($service_status, "systemctl status ${service_name}") + $service_reload = "systemctl reload ${service_name}" + } $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) From 1c32ba19e4fc9c738cb685b20ac3b5eedb9d2a85 Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Mon, 20 Mar 2017 13:57:25 +0000 Subject: [PATCH 0174/1000] (maint) Fix CI issue where acceptance tests fail on SLES Caused by float passed to versioncmp function which expects a string, which is only executed when OS == SLES --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 80ef0e4df5..8b30728bda 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -278,7 +278,7 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, 11.4) <= 0 { + if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, '11.4') <= 0 { $service_status = pick($service_status, "/etc/init.d/${service_name} status") $service_reload = "/etc/init.d/${service_name} reload" } else { From 896d036f79b86caaa165601d10053aee0f2790b4 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Tue, 21 Mar 2017 10:06:05 +1100 Subject: [PATCH 0175/1000] Align postgis default version with postgres version As the values for the postgis version is hard-coded, this module currently installs by default older, unsupported versions of postgis. This commit updates the module to align with current default postgis versions for each related postgres version. --- manifests/globals.pp | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 22f44d13f9..298439d8c9 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -127,15 +127,15 @@ $default_postgis_version = $globals_version ? { '8.1' => '1.3.6', - '8.4' => '1.5', - '9.0' => '1.5', - '9.1' => '1.5', - '91' => '1.5', - '9.2' => '2.0', - '9.3' => '2.1', - '93' => '2.1', - '9.4' => '2.1', - '9.5' => '2.2', + '8.4' => '2.0', + '9.0' => '2.1', + '9.1' => '2.1', + '91' => '2.1', + '9.2' => '2.3', + '9.3' => '2.3', + '93' => '2.3', + '9.4' => '2.3', + '9.5' => '2.3', '9.6' => '2.3', default => undef, } From 4730254076c6c3c538a37efe363d8fd74b1fdad2 Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Wed, 22 Mar 2017 15:08:09 +0000 Subject: [PATCH 0176/1000] [MODULES-4528] Replace Puppet.version.to_f version comparison from spec_helper.rb --- .gitattributes | 6 +++--- locales/config.yaml | 26 ++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 3 deletions(-) create mode 100644 locales/config.yaml diff --git a/.gitattributes b/.gitattributes index 900ea0cbb5..02d4646b9b 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,5 +1,5 @@ #This file is generated by ModuleSync, do not edit. -*.rb eol=lf +*.rb eol=lf *.erb eol=lf -*.pp eol=lf -*.sh eol=lf +*.pp eol=lf +*.sh eol=lf diff --git a/locales/config.yaml b/locales/config.yaml new file mode 100644 index 0000000000..b29e15251f --- /dev/null +++ b/locales/config.yaml @@ -0,0 +1,26 @@ +--- +# This is the project-specific configuration file for setting up +# fast_gettext for your project. +gettext: + # This is used for the name of the .pot and .po files; they will be + # called .pot? + project_name: puppetlabs-postgresql + # This is used in comments in the .pot and .po files to indicate what + # project the files belong to and should bea little more desctiptive than + # + package_name: puppetlabs-postgresql + # The locale that the default messages in the .pot file are in + default_locale: en + # The email used for sending bug reports. + bugs_address: docs@puppet.com + # The holder of the copyright. + copyright_holder: Puppet, Inc. + # This determines which comments in code should be eligible for translation. + # Any comments that start with this string will be externalized. (Leave + # empty to include all.) + comments_tag: TRANSLATOR + # Patterns for +Dir.glob+ used to find all files that might contain + # translatable content, relative to the project root directory + source_files: + - 'metadata.json' + \ No newline at end of file From 433962432137863b6d763f7ac1108f4c1b477a77 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 23 Mar 2017 14:00:40 +0000 Subject: [PATCH 0177/1000] (FM-6116) - Adding POT file for metadata.json --- locales/puppetlabs-postgresql.pot | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 locales/puppetlabs-postgresql.pot diff --git a/locales/puppetlabs-postgresql.pot b/locales/puppetlabs-postgresql.pot new file mode 100644 index 0000000000..4d8c4566c8 --- /dev/null +++ b/locales/puppetlabs-postgresql.pot @@ -0,0 +1,18 @@ +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2017-03-21 14:19+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Translate Toolkit 2.0.0\n" + +#. metadata.json +#: .summary +msgid "Offers support for basic management of PostgreSQL databases." +msgstr "" From 63ad3437f291c378c6ae95ea30ac4be5de0c7734 Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Tue, 28 Mar 2017 13:24:46 +0100 Subject: [PATCH 0178/1000] Revert "fix default params for SUSE family OSes" This reverts commit b6fbbb3600f8bab904cdb980aa429b56b731443e. --- manifests/globals.pp | 4 ++-- manifests/params.pp | 9 ++------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 298439d8c9..d7b37650de 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -111,10 +111,10 @@ 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', - default => '94', + default => '93', }, 'OpenSuSE' => $::operatingsystemrelease ? { - default => '94', + '13.2' => '93', }, default => undef, }, diff --git a/manifests/params.pp b/manifests/params.pp index 8b30728bda..b07f8f2930 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -278,13 +278,8 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, '11.4') <= 0 { - $service_status = pick($service_status, "/etc/init.d/${service_name} status") - $service_reload = "/etc/init.d/${service_name} reload" - } else { - $service_status = pick($service_status, "systemctl status ${service_name}") - $service_reload = "systemctl reload ${service_name}" - } + $service_status = pick($service_status, "/etc/init.d/${service_name} status") + $service_reload = "/etc/init.d/${service_name} reload" $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) From d3ebee00fb791f0d0d0188036ec54df250cec0ee Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Wed, 29 Mar 2017 11:48:32 +0100 Subject: [PATCH 0179/1000] [msync] 786266 Implement puppet-module-gems, a45803 Remove metadata.json from locales config --- Gemfile | 43 ++++++++++++++++--------------------------- locales/config.yaml | 3 +-- 2 files changed, 17 insertions(+), 29 deletions(-) diff --git a/Gemfile b/Gemfile index 5d863251d6..46cb2eacec 100644 --- a/Gemfile +++ b/Gemfile @@ -29,38 +29,27 @@ end # Used for gem conditionals supports_windows = false +ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments +minor_version = "#{ruby_version_segments[0]}.#{ruby_version_segments[1]}" group :development do - gem 'puppet-lint', :require => false - gem 'metadata-json-lint', :require => false, :platforms => 'ruby' - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', '>= 3.4.0', :require => false, :platforms => 'ruby' - gem 'puppetlabs_spec_helper', '>= 1.2.1', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'rspec-puppet-facts', :require => false, :platforms => 'ruby' - gem 'mocha', '< 1.2.0', :require => false - gem 'simplecov', :require => false, :platforms => 'ruby' - gem 'parallel_tests', '< 2.10.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem 'parallel_tests', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.0.0') - gem 'rubocop', '0.41.2', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem 'rubocop', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.0.0') - gem 'rubocop-rspec', '~> 1.6', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') - gem 'pry', :require => false - gem 'json_pure', '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem 'fast_gettext', '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem 'fast_gettext', :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem 'rainbow', '< 2.2.0', :require => false + gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" + gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] + gem "puppet-module-posix-dev-r#{minor_version}", :require => false, :platforms => "ruby" + gem "puppet-module-win-dev-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] + gem "json_pure", '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem "fast_gettext", '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem "fast_gettext", :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') end group :system_tests do - gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '>= 3') - gem 'beaker-pe', :require => false - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION']) - gem 'beaker-puppet_install_helper', :require => false - gem 'beaker-module_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) - gem 'beaker-abs', *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') + gem "puppet-module-posix-system-r#{minor_version}", :require => false, :platforms => "ruby" + gem "puppet-module-win-system-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] + gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '>= 3') + gem "beaker-pe", :require => false + gem "beaker-rspec", *location_for(ENV['BEAKER_RSPEC_VERSION']) + gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) + gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) diff --git a/locales/config.yaml b/locales/config.yaml index b29e15251f..4d2b70b77a 100644 --- a/locales/config.yaml +++ b/locales/config.yaml @@ -22,5 +22,4 @@ gettext: # Patterns for +Dir.glob+ used to find all files that might contain # translatable content, relative to the project root directory source_files: - - 'metadata.json' - \ No newline at end of file + From f385d2cfca5a6e1c8a141665fa8c14dac237a533 Mon Sep 17 00:00:00 2001 From: Wilson McCoubrey Date: Wed, 29 Mar 2017 15:03:49 +0100 Subject: [PATCH 0180/1000] [maint] Fix puppet-lint warnings introduced with 2.2.0 puppet-lint release --- manifests/repo/apt_postgresql_org.pp | 4 ++-- manifests/server.pp | 14 +++++++------- manifests/server/config_entry.pp | 8 ++++---- manifests/server/contrib.pp | 8 ++++---- manifests/server/database.pp | 12 ++++++------ manifests/server/plperl.pp | 8 ++++---- manifests/server/plpython.pp | 10 +++++----- manifests/server/postgis.pp | 14 +++++++------- 8 files changed, 39 insertions(+), 39 deletions(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 8815811dad..3e671f3eef 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -13,8 +13,8 @@ apt::pin { 'apt_postgresql_org': originator => 'apt.postgresql.org', priority => 500, - }-> - apt::source { 'apt.postgresql.org': + } + -> apt::source { 'apt.postgresql.org': location => $_baseurl, release => "${::lsbdistcodename}-pgdg", repos => "main ${postgresql::repo::version}", diff --git a/manifests/server.pp b/manifests/server.pp index 2e90178197..306410eb18 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -73,11 +73,11 @@ # Reload has its own ordering, specified by other defines class { "${pg}::reload": require => Class["${pg}::install"] } - anchor { "${pg}::start": }-> - class { "${pg}::install": }-> - class { "${pg}::initdb": }-> - class { "${pg}::config": }-> - class { "${pg}::service": }-> - class { "${pg}::passwd": }-> - anchor { "${pg}::end": } + anchor { "${pg}::start": } + -> class { "${pg}::install": } + -> class { "${pg}::initdb": } + -> class { "${pg}::config": } + -> class { "${pg}::service": } + -> class { "${pg}::passwd": } + -> anchor { "${pg}::end": } } diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 7c34737de8..e10d7c40ea 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -76,8 +76,8 @@ unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], - } -> - augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': + } + -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', incl => '/etc/sysconfig/pgsql/*', context => '/files/etc/sysconfig/pgsql/postgresql', @@ -95,8 +95,8 @@ unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], - } -> - augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': + } + -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', incl => '/etc/sysconfig/pgsql/*', context => '/files/etc/sysconfig/pgsql/postgresql', diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 4c6cdc14b1..a896ffdc8e 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -15,9 +15,9 @@ tag => 'postgresql', } - anchor { 'postgresql::server::contrib::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-contrib']-> - Class['postgresql::server::service']-> + anchor { 'postgresql::server::contrib::start': } + -> Class['postgresql::server::install'] + -> Package['postgresql-contrib'] + -> Class['postgresql::server::service'] anchor { 'postgresql::server::contrib::end': } } diff --git a/manifests/server/database.pp b/manifests/server/database.pp index b03729c917..057bc46be6 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -77,16 +77,16 @@ command => "CREATE DATABASE \"${dbname}\" WITH ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", require => Class['postgresql::server::service'] - }~> + } # This will prevent users from connecting to the database unless they've been # granted privileges. - postgresql_psql { "REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": + ~> postgresql_psql { "REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": refreshonly => true, } - Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> - postgresql_psql { "UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": + Postgresql_psql["CREATE DATABASE \"${dbname}\""] + -> postgresql_psql { "UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", } @@ -96,8 +96,8 @@ '8.1' => 'obj_description', default => 'shobj_description', } - Postgresql_psql["CREATE DATABASE \"${dbname}\""]-> - postgresql_psql { "COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": + Postgresql_psql["CREATE DATABASE \"${dbname}\""] + -> postgresql_psql { "COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, } diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index 6ad5cf9b2a..53145dab9c 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -10,10 +10,10 @@ tag => 'postgresql', } - anchor { 'postgresql::server::plperl::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-plperl']-> - Class['postgresql::server::service']-> + anchor { 'postgresql::server::plperl::start': } + -> Class['postgresql::server::install'] + -> Package['postgresql-plperl'] + -> Class['postgresql::server::service'] anchor { 'postgresql::server::plperl::end': } } diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 962dbad621..892a95cc20 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -10,10 +10,10 @@ tag => 'postgresql', } - anchor { 'postgresql::server::plpython::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-plpython']-> - Class['postgresql::server::service']-> - anchor { 'postgresql::server::plpython::end': } + anchor { 'postgresql::server::plpython::start': } + -> Class['postgresql::server::install'] + -> Package['postgresql-plpython'] + -> Class['postgresql::server::service'] + -> anchor { 'postgresql::server::plpython::end': } } diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index ac4c641054..a43e4c19f1 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -11,14 +11,14 @@ tag => 'postgresql', } - anchor { 'postgresql::server::postgis::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-postgis']-> - Class['postgresql::server::service']-> - anchor { 'postgresql::server::postgis::end': } + anchor { 'postgresql::server::postgis::start': } + -> Class['postgresql::server::install'] + -> Package['postgresql-postgis'] + -> Class['postgresql::server::service'] + -> anchor { 'postgresql::server::postgis::end': } if $postgresql::globals::manage_package_repo { - Class['postgresql::repo'] -> - Package['postgresql-postgis'] + Class['postgresql::repo'] + -> Package['postgresql-postgis'] } } From c8c97308d4a0ed893928e0fceab411aa95b515f4 Mon Sep 17 00:00:00 2001 From: Michael Moll Date: Thu, 13 Apr 2017 15:37:56 +0200 Subject: [PATCH 0181/1000] [MODULES-4598] Revert "Revert "fix default params for SUSE family OSes"" This reverts commit 63ad3437f291c378c6ae95ea30ac4be5de0c7734, which reverted commit b6fbbb3600f8bab904cdb980aa429b56b731443e. --- manifests/globals.pp | 4 ++-- manifests/params.pp | 9 +++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index d7b37650de..298439d8c9 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -111,10 +111,10 @@ 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', - default => '93', + default => '94', }, 'OpenSuSE' => $::operatingsystemrelease ? { - '13.2' => '93', + default => '94', }, default => undef, }, diff --git a/manifests/params.pp b/manifests/params.pp index b07f8f2930..8b30728bda 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -278,8 +278,13 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - $service_status = pick($service_status, "/etc/init.d/${service_name} status") - $service_reload = "/etc/init.d/${service_name} reload" + if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, '11.4') <= 0 { + $service_status = pick($service_status, "/etc/init.d/${service_name} status") + $service_reload = "/etc/init.d/${service_name} reload" + } else { + $service_status = pick($service_status, "systemctl status ${service_name}") + $service_reload = "systemctl reload ${service_name}" + } $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) From 2a5cbfa70a7620873606d7d223a63db63cf227e6 Mon Sep 17 00:00:00 2001 From: Michael Moll Date: Fri, 14 Apr 2017 21:03:48 +0200 Subject: [PATCH 0182/1000] add exception for SLES 12 without SP --- manifests/globals.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 298439d8c9..5fa248fd30 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -111,7 +111,8 @@ 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', - default => '94', + /12\.0/ => '93', + default => '94', }, 'OpenSuSE' => $::operatingsystemrelease ? { default => '94', From d7205097adcb61483438b2de37c5fa01fbbaa5b0 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Tue, 18 Apr 2017 12:00:40 +0100 Subject: [PATCH 0183/1000] MODULES-4324 - README Updates for Translation. This includes updates to the README to prepare for being sent away for Translation. --- README.md | 685 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 519 insertions(+), 166 deletions(-) diff --git a/README.md b/README.md index 1128623fd9..7825aefc6a 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ class { 'postgresql::server': After configuration, test your settings from the command line: -``` +```shell psql -h localhost -U postgres psql -h my.postgres.server -U ``` @@ -355,15 +355,24 @@ Installs PostgreSQL client software. Set the following parameters if you have a ##### `package_ensure` -Whether the PostgreSQL client package resource should be present. Valid values: 'present', 'absent'. Default: 'present'. +Whether the PostgreSQL client package resource should be present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. ##### `package_name` -Sets the name of the PostgreSQL client package. Default: 'file'. +Sets the name of the PostgreSQL client package. + +Default value: 'file'. ##### `validcon_script_path` -Specifies the path to validate the connection script. Default: '/usr/local/bin/validate_postgresql_connection.sh'. +Specifies the path to validate the connection script. + + +Default value: '/usr/local/bin/validate_postgresql_connection.sh'. #### postgresql::lib::docs @@ -377,7 +386,11 @@ Specifies the name of the PostgreSQL docs package. ##### `package_ensure` -Whether the PostgreSQL docs package resource should be present. Valid values: 'present', 'absent'. Default: 'present'. +Whether the PostgreSQL docs package resource should be present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. #### postgresql::globals @@ -385,27 +398,39 @@ Whether the PostgreSQL docs package resource should be present. Valid values: 'p ##### `bindir` -Overrides the default PostgreSQL binaries directory for the target platform. Default: OS dependent. +Overrides the default PostgreSQL binaries directory for the target platform. + +Default value: OS dependent. ##### `client_package_name` -Overrides the default PostgreSQL client package name. Default: OS dependent. +Overrides the default PostgreSQL client package name. + +Default value: OS dependent. ##### `confdir` -Overrides the default PostgreSQL configuration directory for the target platform. Default: OS dependent. +Overrides the default PostgreSQL configuration directory for the target platform. + +Default value: OS dependent. ##### `contrib_package_name` -Overrides the default PostgreSQL contrib package name. Default: OS dependent. +Overrides the default PostgreSQL contrib package name. + +Default value: OS dependent. ##### `createdb_path` -**Deprecated.** Path to the `createdb` command. Default: "${bindir}/createdb". +**Deprecated.** Path to the `createdb` command. + +Default value: '${bindir}/createdb'. ##### `datadir` -Overrides the default PostgreSQL data directory for the target platform. Default: OS dependent. +Overrides the default PostgreSQL data directory for the target platform. + +Default value: OS dependent. **Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). @@ -413,23 +438,35 @@ Overrides the default PostgreSQL data directory for the target platform. Default ##### `default_database` -Specifies the name of the default database to connect with. On most systems, this is 'postgres'. +Specifies the name of the default database to connect with. + +Default value: 'postgres' (for most systems). ##### `devel_package_name` -Overrides the default PostgreSQL devel package name. Default: OS dependent. +Overrides the default PostgreSQL devel package name. + +Default value: OS dependent. ##### `docs_package_name` -Overrides the default PostgreSQL docs package name. If not specified, the module uses the default for your OS distro. +Optional. + +Overrides the default PostgreSQL docs package name. + +Default value: OS dependent. ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Defaults to the operating system's default encoding. +Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. + +Default value: Dependent on the operating system's default encoding. ##### `group` -Overrides the default postgres user group to be used for related files in the file system. Default: 'postgres'. +Overrides the default postgres user group to be used for related files in the file system. + +Default value: 'postgres'. ##### `initdb_path` @@ -437,11 +474,17 @@ Path to the `initdb` command. ##### `java_package_name` -Overrides the default PostgreSQL java package name. Default: OS dependent. +Overrides the default PostgreSQL java package name. + +Default value: OS dependent. ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef, which is effectively `C`. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. + +Default value: `undef`, which is effectively 'C'. + +**On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `timezone` @@ -449,55 +492,81 @@ Sets the default timezone of the postgresql server. The postgresql built-in defa ##### `logdir` -Overrides the default PostgreSQL log directory. Default: initdb's default path. +Overrides the default PostgreSQL log directory. + +Default value: initdb's default path. ##### `log_line_prefix` -Set a prefix for the server logs. Default: `'%t '` +Set a prefix for the server logs. + +Default value: '%t '. ##### `manage_package_repo` -Sets up official PostgreSQL repositories on your host if set to true. Default: false. +Sets up official PostgreSQL repositories on your host if set to `true`. + +Default value: `false`. ##### `module_workdir` -Specifies working directory under which the psql command should be executed. May need to specify if /tmp is on volume mounted with noexec option. Default: /tmp +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: '/tmp'. ##### `needs_initdb` -Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. Default: OS dependent. +Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. + +Default value: OS dependent. ##### `perl_package_name` -Overrides the default PostgreSQL Perl package name. Default: OS dependent. +Overrides the default PostgreSQL Perl package name. + +Default value: OS dependent. ##### `pg_hba_conf_defaults` -Disables the defaults supplied with the module for `pg_hba.conf` if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. Default: true. +Disables the defaults supplied with the module for `pg_hba.conf` if set to `false`. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. + +Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`. ##### `pg_hba_conf_path` -Specifies the path to your `pg_hba.conf` file. Default: '${confdir}/pg_hba.conf'. +Specifies the path to your `pg_hba.conf` file. + +Default value: '${confdir}/pg_hba.conf'. ##### `pg_ident_conf_path` -Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". +Specifies the path to your `pg_ident.conf` file. + +Default value: '${confdir}/pg_ident.conf'. ##### `plperl_package_name` -Overrides the default PostgreSQL PL/Perl package name. Default: OS dependent. +Overrides the default PostgreSQL PL/Perl package name. + +Default value: OS dependent. ##### `plpython_package_name` -Overrides the default PostgreSQL PL/Python package name. Default: OS dependent. +Overrides the default PostgreSQL PL/Python package name. + +Default value: OS dependent. ##### `postgis_version` -Defines the version of PostGIS to install, if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. +Defines the version of PostGIS to install, if you install PostGIS. + +Default value: The lowest available with the version of PostgreSQL to be installed. ##### `postgresql_conf_path` -Sets the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". +Sets the path to your `postgresql.conf` file. + +Default value: '${confdir}/postgresql.conf'. ##### `psql_path` @@ -505,7 +574,9 @@ Sets the path to the `psql` command. ##### `python_package_name` -Overrides the default PostgreSQL Python package name. Default: OS dependent. +Overrides the default PostgreSQL Python package name. + +Default value: OS dependent. ##### `recovery_conf_path` @@ -513,39 +584,57 @@ Path to your `recovery.conf` file. ##### `repo_proxy` -Sets the proxy option for the official PostgreSQL yum-repositories only. Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. +Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. + +Debian is currently not supported. ##### `repo_baseurl` -Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. Defaults to the official PostgreSQL repository. +Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. + +Default value: The official PostgreSQL repository. ##### `server_package_name` -Overrides the default PostgreSQL server package name. Default: OS dependent. +Overrides the default PostgreSQL server package name. + +Default value: OS dependent. ##### `service_name` -Overrides the default PostgreSQL service name. Default: OS dependent. +Overrides the default PostgreSQL service name. + +Default value: OS dependent. ##### `service_provider` -Overrides the default PostgreSQL service provider. Default: OS dependent. +Overrides the default PostgreSQL service provider. + +Default value: OS dependent. ##### `service_status` -Overrides the default status check command for your PostgreSQL service. Default: OS dependent. +Overrides the default status check command for your PostgreSQL service. + +Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: 'postgres'. ##### `version` -The version of PostgreSQL to install and manage. Default: OS system default. +The version of PostgreSQL to install and manage. + +Default value: OS system default. ##### `xlogdir` -Overrides the default PostgreSQL xlog directory. Default: initdb's default path. +Overrides the default PostgreSQL xlog directory. + +Default value: initdb's default path. ####postgresql::lib::devel @@ -553,15 +642,23 @@ Installs the packages containing the development libraries for PostgreSQL and sy ##### `link_pg_config` -If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to false to disable this behavior. Valid values: true, false. Default: true. +If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. + +Valid values: `true`, `false`. + +Default value: `true`. ##### `package_ensure` -Overrides the `ensure` parameter during package installation. Defaults to `present`. +Overrides the 'ensure' parameter during package installation. + +Default value: 'present'. ##### `package_name` -Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. +Overrides the default package name for the distribution you are installing to. + +Default value: 'postgresql-devel' or 'postgresql-devel' depending on your distro. #### postgresql::lib::java @@ -571,7 +668,11 @@ Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if yo ##### `package_ensure` -Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. +Specifies whether the package is present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. ##### `package_name` @@ -583,7 +684,11 @@ Installs the PostgreSQL Perl libraries. ##### `package_ensure` -Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. +Specifies whether the package is present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. ##### `package_name` @@ -599,7 +704,11 @@ Specifies the name of the postgresql PL/Python package. ##### `package_ensure` -Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. +Specifies whether the package is present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. #### postgresql::lib::python @@ -607,7 +716,11 @@ Installs PostgreSQL Python libraries. ##### `package_ensure` -Specifies whether the package is present. Valid values: 'present', 'absent'. Default: 'present'. +Specifies whether the package is present. + +Valid values: 'present', 'absent'. + +Default value: 'present'. ##### `package_name` @@ -617,11 +730,13 @@ The name of the PostgreSQL Python package. ##### `createdb_path` -**Deprecated.** Specifies the path to the `createdb` command. Default: "${bindir}/createdb". +**Deprecated.** Specifies the path to the `createdb` command. + +Default value: '${bindir}/createdb'. ##### `default_database` -Specifies the name of the default database to connect with. On most systems this is "postgres". +Specifies the name of the default database to connect with. On most systems this is 'postgres'. ##### `default_connect_settings` @@ -629,33 +744,47 @@ Specifies a hash of environment variables used when connecting to a remote serve ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default: undef. +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. + +Default value: `undef`. ##### `group` -Overrides the default postgres user group to be used for related files in the file system. Default: OS dependent default. +Overrides the default postgres user group to be used for related files in the file system. + +Default value: OS dependent default. ##### `initdb_path` -Specifies the path to the `initdb` command. Default: "${bindir}/initdb". +Specifies the path to the `initdb` command. + +Default value: '${bindir}/initdb'. ##### `ipv4acls` -Lists strings for access control for connection method, users, databases, IPv4 addresses; see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. +Lists strings for access control for connection method, users, databases, IPv4 addresses; + +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ipv6acls` -Lists strings for access control for connection method, users, databases, IPv6 addresses; see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. +Lists strings for access control for connection method, users, databases, IPv6 addresses. + +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ip_mask_allow_all_users` Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. Default: `127.0.0.1/32`. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. + +Default value: '127.0.0.1/32'. ##### `ip_mask_deny_postgres_user` -Specifies the IP mask from which remote connections should be denied for the postgres superuser. Defaults to `0.0.0.0/0`, which denies any remote connection. +Specifies the IP mask from which remote connections should be denied for the postgres superuser. + +Default value: '0.0.0.0/0', which denies any remote connection. ##### `listen_addresses` @@ -666,39 +795,73 @@ Specifies the addresses the server accepts connections to. Valid values: ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. Default: undef, which is effectively `C`. **On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. + +Default value: `undef`, which is effectively 'C'. + +**On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `log_line_prefix` -Set a prefix for the server logs. Default: `'%t '` +Set a prefix for the server logs. + +Default value: '%t' ##### `manage_pg_hba_conf` -Whether to manage the pg_hba.conf. If set to true, Puppet overwrites this file. If set to false, Puppet does not modify the file. Valid values: true, false. Default +Whether to manage the `pg_hba.conf`. + +If set to `true`, Puppet overwrites this file. + +If set to `false`, Puppet does not modify the file. + +Valid values: `true`, `false`. + +Default value: `true` ##### `manage_pg_ident_conf` -Overwrites the pg_ident.conf file. If set to true, Puppet overwrites the file. If set to false, Puppet does not modify the file. Valid values: true, false. Default: true. +Overwrites the pg_ident.conf file. + +If set to `true`, Puppet overwrites the file. + +If set to `false`, Puppet does not modify the file. + +Valid values: `true`, `false`. + +Default value: `true`. ##### `manage_recovery_conf` -Specifies whether or not manage the recovery.conf. If set to true, Puppet overwrites this file. Valid values: true, false. Default: false. +Specifies whether or not manage the `recovery.conf`. + +If set to `true`, Puppet overwrites this file. + +Valid values: `true`, `false`. + +Default value: `false`. ##### `needs_initdb` -Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. Default: OS dependent. +Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. + +Default value: OS dependent. ##### `package_ensure` -Passes a value through to the `package` resource when creating the server instance. Default: undef. +Passes a value through to the `package` resource when creating the server instance. + +Default value: `undef`. ##### `package_name` -Specifies the name of the package to use for installing the server software. Default: OS dependent. +Specifies the name of the package to use for installing the server software. + +Default value: OS dependent. ##### `pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. +If `false`, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ##### `pg_hba_conf_path` @@ -706,60 +869,87 @@ Specifies the path to your `pg_hba.conf` file. ##### `pg_ident_conf_path` -Specifies the path to your `pg_ident.conf` file. Default: "${confdir}/pg_ident.conf". +Specifies the path to your `pg_ident.conf` file. + +Default value: '${confdir}/pg_ident.conf'. ##### `plperl_package_name` -Sets the default package name for the PL/Perl extension. Default: OS dependent. +Sets the default package name for the PL/Perl extension. + +Default value: OS dependent. ##### `plpython_package_name` -Sets the default package name for the PL/Python extension. Default: OS dependent. +Sets the default package name for the PL/Python extension. + +Default value: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default: `5432`, meaning the Postgres server listens on TCP port 5432. +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. + +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. ##### `postgres_password` -Sets the password for the `postgres` user to your specified value. Default: undef, meaning the superuser account in the Postgres database is a user called `postgres` and this account does not have a password. +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called `postgres` and no password. + +Default value: `undef`. ##### `postgresql_conf_path` -Specifies the path to your `postgresql.conf` file. Default: "${confdir}/postgresql.conf". +Specifies the path to your `postgresql.conf` file. + +Default value: '${confdir}/postgresql.conf'. ##### `psql_path` -Specifies the path to the `psql` command. Default: OS dependent. +Specifies the path to the `psql` command. + +Default value: OS dependent. ##### `service_manage` -Defines whether or not Puppet should manage the service. Default: true. +Defines whether or not Puppet should manage the service. + +Default value: `true`. ##### `service_name` -Overrides the default PostgreSQL service name. Default: OS dependent. +Overrides the default PostgreSQL service name. + +Default value: OS dependent. ##### `service_provider` -Overrides the default PostgreSQL service provider. Default: undef. +Overrides the default PostgreSQL service provider. + +Default value: `undef`. ##### `service_reload` -Overrides the default reload command for your PostgreSQL service. Default: OS dependent. +Overrides the default reload command for your PostgreSQL service. + +Default value: OS dependent. ##### `service_restart_on_change` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default: true. +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. + +Default value: `true`. ##### `service_status` -Overrides the default status check command for your PostgreSQL service. Default: OS dependent. +Overrides the default status check command for your PostgreSQL service. + +Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default: 'postgres'. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +Default value: 'postgres'. #### postgresql::server::contrib @@ -785,7 +975,6 @@ The ensure parameter passed on to PostgreSQL PL/Perl package resource. The name of the PostgreSQL PL/Perl package. - #### postgresql::server::postgis Installs the PostgreSQL postgis packages. @@ -806,7 +995,11 @@ postgresql::server::config_entry { 'check_function_bodies': ##### `ensure` -Removes an entry if set to 'absent'. Valid values: 'present', 'absent'. +Removes an entry if set to 'absent'. + +Valid values: 'present', 'absent'. + +Default value: 'present'. ##### `value` @@ -822,31 +1015,45 @@ Defines a comment to be stored about the database using the PostgreSQL COMMENT c ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `dbname` -Sets the name of the database to be created. Defaults to the namevar. +Sets the name of the database to be created. + +Default value: the namevar. ##### `encoding` -Overrides the character set during creation of the database. Defaults to the default defined during installation. +Overrides the character set during creation of the database. + +Default value: The default defined during installation. ##### `grant` -Specifies the permissions to grant during creation. Default: `ALL`. +Specifies the permissions to grant during creation. + +Default value: 'ALL'. ##### `istemplate` -Specifies that the database is a template, if set to true. Default: false. +Specifies that the database is a template, if set to `true`. + +Default value: `false`. ##### `locale` -Overrides the locale during creation of the database. Defaults to the default defined during installation. +Overrides the locale during creation of the database. + +Default value: The default defined during installation. ##### `owner` -Sets a user as the owner of the database. Default: $user variable set in `postgresql::server` or `postgresql::globals`. +Sets a user as the owner of the database. + +Default value: '$user' variable set in `postgresql::server` or `postgresql::globals`. ##### `password` @@ -854,11 +1061,15 @@ Sets a user as the owner of the database. Default: $user variable set in `postgr ##### `tablespace` -Defines the name of the tablespace to allocate the created database to. Default: PostgreSQL default. +Defines the name of the tablespace to allocate the created database to. + +Default value: PostgreSQL default. ##### `template` -Specifies the name of the template database from which to build this database. Defaults to `template0`. +Specifies the name of the template database from which to build this database. + +Defaults value: `template0`. ##### `user` @@ -870,31 +1081,45 @@ Creates a database with no users and no permissions. ##### `dbname` -Sets the name of the database. Defaults to the namevar. +Sets the name of the database. + +Defaults value: The namevar. ##### `encoding` -Overrides the character set during creation of the database. Default: The default defined during installation. +Overrides the character set during creation of the database. + +Default value: The default defined during installation. ##### `istemplate` -Defines the database as a template if set to true. Default: false. +Defines the database as a template if set to `true`. + +Default value: `false`. ##### `locale` -Overrides the locale during creation of the database. The default defined during installation. +Overrides the locale during creation of the database. + +Default value: The default defined during installation. ##### `owner` -Sets name of the database owner. Default: The $user variable set in `postgresql::server` or `postgresql::globals`. +Sets name of the database owner. + +Default value: The '$user' variable set in `postgresql::server` or `postgresql::globals`. ##### `tablespace` -Sets tablespace for where to create this database. Default: The defaults defined during PostgreSQL installation. +Sets tablespace for where to create this database. + +Default value: The default defined during installation. ##### `template` -Specifies the name of the template database from which to build this database. Default: `template0`. +Specifies the name of the template database from which to build this database. + +Default value: 'template0'. #### postgresql::server::database_grant @@ -902,7 +1127,9 @@ Manages grant-based access privileges for users, wrapping the `postgresql::serve #### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `db` @@ -910,15 +1137,23 @@ Specifies the database to which you are granting access. ##### `privilege` -Specifies comma-separated list of privileges to grant. Valid options: `ALL`, `CREATE`, `CONNECT`, `TEMPORARY`, `TEMP`. +Specifies comma-separated list of privileges to grant. + +Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. ##### `psql_db` -Defines the database to execute the grant against. **This should not ordinarily be changed from the default**, which is `postgres`. +Defines the database to execute the grant against. + +**This should not ordinarily be changed from the default** + +Default value: 'postgres'. ##### `psql_user` -Specifies the OS user for running `psql`. Default: The default user for the module, usually `postgres`. +Specifies the OS user for running `psql`. + +Default value: The default user for the module, usually 'postgres'. ##### `role` @@ -934,7 +1169,9 @@ Specifies the database on which to activate the extension. ##### `ensure` -Specifies whether to activate ('present') or deactivate (absent') the extension. +Specifies whether to activate or deactivate the extension. + +Valid options: 'present' or 'absent'. #### `extension` @@ -946,7 +1183,9 @@ Specifies a package to install prior to activating the extension. ##### `package_ensure` -Overrides default package deletion behavior. By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. +Overrides default package deletion behavior. + +By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. #### postgresql::server::grant @@ -958,7 +1197,9 @@ Specifies the database to which you are granting access. ##### `object_type` -Specifies the type of object to which you are granting privileges. Valid options: `DATABASE`, `SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL TABLES IN SCHEMA`. +Specifies the type of object to which you are granting privileges. + +Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. ##### `object_name` @@ -966,19 +1207,29 @@ Specifies name of `object_type` to which to grant access. ##### `port` -Port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Port to use when connecting. + +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `privilege` -Specifies the privilege to grant. Valid options: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. +Specifies the privilege to grant. + +Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. ##### `psql_db` -Specifies the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. +Specifies the database to execute the grant against. + +**This should not ordinarily be changed from the default** + +Default value: 'postgres'. ##### `psql_user` -Sets the OS user to run `psql`. Default: the default user for the module, usually `postgres`. +Sets the OS user to run `psql`. + +Default value: the default user for the module, usually 'postgres'. ##### `role` @@ -998,23 +1249,37 @@ Specifies the role you want to assign to a group. If left blank, uses the name ##### `ensure` -Specifies whether to grant ('present') or revoke ('absent') the membership. Default: 'present'. +Specifies whether to grant or revoke the membership. + +Valid options: 'present' or 'absent'. + +Default value: 'present'. ##### `port` -Port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Port to use when connecting. + +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `psql_db` -Specifies the database to execute the grant against. _This should not ordinarily be changed from the default_, which is `postgres`. +Specifies the database to execute the grant against. + +**This should not ordinarily be changed from the default** + +Default value: 'postgres'. ##### `psql_user` -Sets the OS user to run `psql`. Default: the default user for the module, usually `postgres`. +Sets the OS user to run `psql`. + +Default value: the default user for the module, usually `postgres`. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. #### postgresql::server::pg_hba_rule @@ -1038,23 +1303,35 @@ Sets a comma-separated list of databases that this rule matches. ##### `description` -Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. Defaults: `none`. +Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. + +Default value: 'none'. + Specifies a way to uniquely identify this resource, but functionally does nothing. + ##### `order` -Sets an order for placing the rule in `pg_hba.conf`. Default: `150`. +Sets an order for placing the rule in `pg_hba.conf`. + +Default value: 150. #### `postgresql_version` -Manages `pg_hba.conf` without managing the entire PostgreSQL instance. Default: the version set in `postgresql::server`. +Manages `pg_hba.conf` without managing the entire PostgreSQL instance. + +Default value: the version set in `postgresql::server`. ##### `target` -Provides the target for the rule, and is generally an internal only property. **Use with caution.** +Provides the target for the rule, and is generally an internal only property. + +**Use with caution.** ##### `type` -Sets the type of rule. Valid options: `local`, `host`, `hostssl` or `hostnossl`. +Sets the type of rule. + +Valid options: 'local', 'host', 'hostssl' or 'hostnossl'. ##### `user` @@ -1071,7 +1348,9 @@ Specifies the user name of the database user. The `system_username` is mapped to ##### `description` -Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. Default: `none`. +Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. + +Default value: 'none'. ##### `map_name` @@ -1079,7 +1358,9 @@ Sets the name of the user map that is used to refer to this mapping in `pg_hba.c ##### `order` -Defines an order for placing the mapping in `pg_ident.conf`. Default: 150. +Defines an order for placing the mapping in `pg_ident.conf`. + +Default value: 150. ##### `system_username` @@ -1087,7 +1368,9 @@ Specifies the operating system user name (the user name used to connect to the d ##### `target` -Provides the target for the rule and is generally an internal only property. **Use with caution.** +Provides the target for the rule and is generally an internal only property. + +**Use with caution.** #### postgresql::server::recovery @@ -1115,35 +1398,49 @@ The parameters are grouped into these three sections: * `pause_at_recovery_target` ##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) -* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). +* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (`true`/`false`). * `primary_conninfo` * `primary_slot_name` * `trigger_file` * `recovery_min_apply_delay` ##### `target` -Provides the target for the rule, and is generally an internal only property. **Use with caution.** +Provides the target for the rule, and is generally an internal only property. + +**Use with caution.** #### postgresql::server::role Creates a role or user in PostgreSQL. ##### `connection_limit` -Specifies how many concurrent connections the role can make. Default: `-1`, meaning no limit. +Specifies how many concurrent connections the role can make. + +Default value: '-1', meaning no limit. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `createdb` -Specifies whether to grant the ability to create new databases with this role. Default: false. +Specifies whether to grant the ability to create new databases with this role. + +Default value: `false`. ##### `createrole` -Specifies whether to grant the ability to create new roles with this role. Default: false. +Specifies whether to grant the ability to create new roles with this role. + +Default value: `false`. ##### `inherit` -Specifies whether to grant inherit capability for the new role. Default: true. +Specifies whether to grant inherit capability for the new role. + +Default value: `true`. ##### `login` -Specifies whether to grant login capability for the new role. Default: true. +Specifies whether to grant login capability for the new role. + +Default value: `true`. ##### `password_hash` Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: @@ -1156,15 +1453,21 @@ password_hash => postgresql_password('myusername', 'mypassword'), ##### `replication` -Provides provides replication capabilities for this role if set to true. Default: false. +Provides provides replication capabilities for this role if set to `true`. + +Default value: `false`. ##### `superuser` -Specifies whether to grant super user capability for the new role. Default: false. +Specifies whether to grant super user capability for the new role. + +Default value: `false`. ##### `username` -Defines the username of the role to create. Defaults to the namevar. +Defines the username of the role to create. + +Default value: the namevar. #### postgresql::server::schema @@ -1172,11 +1475,15 @@ Creates a schema. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `db` -**Required**. Sets the name of the database in which to create this schema. +Required. + +Sets the name of the database in which to create this schema. ##### `owner` @@ -1184,7 +1491,9 @@ Sets the default owner of the schema. ##### `schema` -Sets the name of the schema. Defaults to the namevar. +Sets the name of the schema. + +Default value: the namevar. #### postgresql::server::table_grant @@ -1192,7 +1501,9 @@ Manages grant-based access privileges for users. Consult the PostgreSQL document ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `db` @@ -1200,15 +1511,21 @@ Specifies which database the table is in. ##### `privilege` -Specifies comma-separated list of privileges to grant. Valid options: `ALL`, `SELECT`, `INSERT`, `UPDATE`, `DELETE`, `TRUNCATE`, `REFERENCES`, `TRIGGER`. +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. ##### `psql_db` -Specifies the database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. +Specifies the database to execute the grant against. + +This should not ordinarily be changed from the default. + +Default value: 'postgres'. ##### `psql_user` -Specifies the OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. +Specifies the OS user for running `psql`. + +Default value: The default user for the module, usually 'postgres'. ##### `role` @@ -1218,14 +1535,15 @@ Specifies the role or user to whom you are granting access. Specifies the table to which you are granting access. - #### postgresql::server::tablespace Creates a tablespace. If necessary, also creates the location and assigns the same permissions as the PostgreSQL server. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Default: Connects to the local Postgres instance. +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. ##### `location` @@ -1237,7 +1555,9 @@ Specifies the default owner of the tablespace. ##### `spcname` -Specifies the name of the tablespace. Defaults to the namevar. +Specifies the name of the tablespace. + +Default value: the namevar. #### postgresql::validate_db_connection @@ -1245,23 +1565,31 @@ Validates client connection with a remote PostgreSQL database. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (database_host, etc.). If provided, the individual parameters take precedence. +Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`database_host`, etc). If provided, the individual parameters take precedence. ##### `create_db_first` -Ensures that the database is created before running the test. This only works if your test is local. Default: true. +Ensures that the database is created before running the test. This only works if your test is local. + +Default value: `true`. ##### `database_host` -Sets the hostname of the database you wish to test. Default: undef, which generally uses the designated local Unix socket. +Sets the hostname of the database you wish to test. + +Default value: `undef`, which generally uses the designated local Unix socket. ##### `database_name` -Specifies the name of the database you wish to test. Default: 'postgres'. +Specifies the name of the database you wish to test. + +Default value: 'postgres'. ##### `database_port` -Defines the port to use when connecting. Default: undef, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Defines the port to use when connecting. + +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `database_password` @@ -1269,7 +1597,13 @@ Specifies the password to connect with. Can be left blank, not recommended. ##### `database_username` -Specifies the username to connect with. Default: undef. When using a Unix socket and ident auth, this is the user you are running as. **If the host is remote you must provide a username.** +Specifies the username to connect with. + +Default value: `undef`. + +When using a Unix socket and ident auth, this is the user you are running as. + +**If the host is remote you must provide a username.** ##### `run_as` @@ -1291,11 +1625,15 @@ Enables Puppet to run psql statements. ##### `command` -**Required.** Specifies the SQL command to execute via psql. +Required. + +Specifies the SQL command to execute via psql. ##### `cwd` -Specifies the working directory under which the psql command should be executed. Default: '/tmp'. +Specifies the working directory under which the psql command should be executed. + +Default value: '/tmp'. ##### `db` @@ -1307,8 +1645,7 @@ Specifies any additional environment variables you want to set for a SQL command ##### `name` -Sets an arbitrary tag for your own reference; the name of the message. This is the -namevar. +Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. ##### `onlyif` @@ -1320,19 +1657,29 @@ Specifies the port of the database server to execute the SQL command against. ##### `psql_group` -Specifies the system user group account under which the psql command should be executed. Default: 'postgres'. +Specifies the system user group account under which the psql command should be executed. + +Default value: 'postgres'. ##### `psql_path` -Specifies the path to psql executable. Default: 'psql'. +Specifies the path to psql executable. + +Default value: 'psql'. ##### `psql_user` -Specifies the system user account under which the psql command should be executed. Default: 'postgres'. +Specifies the system user account under which the psql command should be executed. + +Default value: 'postgres'. ##### `refreshonly` -Specifies whether to execute the SQL only if there is a notify or subscribe event. Valid values: true, false. Default: false. +Specifies whether to execute the SQL only if there is a notify or subscribe event. + +Valid values: `true`, `false`. + +Default value: `false`. ##### `search_path` @@ -1348,11 +1695,15 @@ Allows Puppet to manage `postgresql.conf` parameters. ##### `name` -Specifies the PostgreSQL parameter name to manage. This is the namevar. +Specifies the PostgreSQL parameter name to manage. + +This is the namevar. ##### `target` -Specifies the path to `postgresql.conf`. Default: '/etc/postgresql.conf'. +Specifies the path to `postgresql.conf`. + +Default value: '/etc/postgresql.conf'. ##### `value` @@ -1364,7 +1715,9 @@ Allows you to create and destroy replication slots to register warm standby repl ##### `name` -Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. +Specifies the name of the slot to create. Must be a valid replication slot name. + +This is the namevar. ### Functions @@ -1398,7 +1751,7 @@ Other systems might be compatible, but are not being actively tested. ### Apt module support -While this module supports both 1.x and 2.x versions of the puppetlabs-apt module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. +While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. ### PostGIS support @@ -1408,7 +1761,7 @@ PostGIS is currently considered an unsupported feature, as it doesn't work on al If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: -``` +```shell semanage port -a -t postgresql_port_t -p tcp $customport ``` @@ -1427,13 +1780,13 @@ For unit testing, make sure you have: Install the necessary gems: -``` +```shell bundle install --path=vendor ``` And then run the unit tests: -``` +```shell bundle exec rake spec ``` @@ -1446,13 +1799,13 @@ To run the system tests, make sure you also have: Then run the tests using: -``` +```shell bundle exec rspec spec/acceptance ``` To run the tests on different operating systems, see the sets available in `.nodeset.yml` and run the specific set with the following syntax: -``` +```shell RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ``` From c696f5132a2ced986c808cd539d937728c419e0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20H=C3=A4user?= Date: Tue, 21 Feb 2017 08:56:09 +0100 Subject: [PATCH 0184/1000] Allowo to disable managing passwords for users --- README.md | 5 ++++- manifests/server/role.pp | 3 ++- spec/unit/defines/server/role_spec.rb | 31 +++++++++++++++++++++------ 3 files changed, 30 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 7825aefc6a..03735df34d 100644 --- a/README.md +++ b/README.md @@ -1445,6 +1445,9 @@ Default value: `true`. ##### `password_hash` Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: +##### `refresh_password` +If set to true, refreshes the password on changes. Set this to false if your user is not allowed to view current passwords of user. + ```puppet postgresql::server::role { "myusername": password_hash => postgresql_password('myusername', 'mypassword'), @@ -1811,4 +1814,4 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### Contributors -View the full list of contributors on [https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors](GitHub). +View the full list of contributors on [Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). diff --git a/manifests/server/role.pp b/manifests/server/role.pp index c4a8f104d8..94f180bd1a 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -1,5 +1,6 @@ # Define for creating a database role. See README.md for more information define postgresql::server::role( + $refresh_password = true, $password_hash = false, $createdb = false, $createrole = false, @@ -108,7 +109,7 @@ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } - if $password_hash { + if $password_hash and $refresh_password { if($password_hash =~ /^md5.+/) { $pwd_hash_sql = $password_hash } else { diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 5c608cfee2..f550c5a144 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -50,9 +50,9 @@ { :password_hash => 'new-pa$s', :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, } end @@ -94,10 +94,10 @@ { :password_hash => 'new-pa$s', :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, } end @@ -132,4 +132,21 @@ end end + context 'with refresh_password set to false' do + let :params do + { + :password_hash => 'new-pa$s', + :refresh_password => false, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it 'should not have alter role for "test" user with password as **** if refresh_password is false' do + is_expected.not_to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + end + end + end From 1170f519fc71e4b85db75ce6b4459487dba59bea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20H=C3=A4user?= Date: Sat, 6 May 2017 15:38:48 +0200 Subject: [PATCH 0185/1000] s/refresh_password/update_password/g --- README.md | 4 ++-- manifests/server/role.pp | 4 ++-- spec/unit/defines/server/role_spec.rb | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 03735df34d..49100c2be2 100644 --- a/README.md +++ b/README.md @@ -1445,8 +1445,8 @@ Default value: `true`. ##### `password_hash` Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: -##### `refresh_password` -If set to true, refreshes the password on changes. Set this to false if your user is not allowed to view current passwords of user. +##### `update_password` +If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. ```puppet postgresql::server::role { "myusername": diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 94f180bd1a..a0bc7ef461 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -1,6 +1,6 @@ # Define for creating a database role. See README.md for more information define postgresql::server::role( - $refresh_password = true, + $update_password = true, $password_hash = false, $createdb = false, $createrole = false, @@ -109,7 +109,7 @@ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } - if $password_hash and $refresh_password { + if $password_hash and $update_password { if($password_hash =~ /^md5.+/) { $pwd_hash_sql = $password_hash } else { diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index f550c5a144..1b061d0733 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -132,11 +132,11 @@ end end - context 'with refresh_password set to false' do + context 'with update_password set to false' do let :params do { :password_hash => 'new-pa$s', - :refresh_password => false, + :update_password => false, } end @@ -144,7 +144,7 @@ "class {'postgresql::server':}" end - it 'should not have alter role for "test" user with password as **** if refresh_password is false' do + it 'should not have alter role for "test" user with password as **** if update_password is false' do is_expected.not_to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') end end From d7a07712b3f2348ad3532a5ce19e6eeddd54649b Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Thu, 11 May 2017 11:12:25 +0200 Subject: [PATCH 0186/1000] Let listen_addresses be defined independently --- manifests/params.pp | 2 +- manifests/server/config.pp | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 8b30728bda..a31d31fd0f 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -2,7 +2,7 @@ class postgresql::params inherits postgresql::globals { $version = $postgresql::globals::globals_version $postgis_version = $postgresql::globals::globals_postgis_version - $listen_addresses = 'localhost' + $listen_addresses = undef $port = 5432 $log_line_prefix = '%t ' $ip_mask_deny_postgres_user = '0.0.0.0/0' diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 1e2347e174..0272bc6bef 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -100,11 +100,12 @@ create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources) } - # We must set a "listen_addresses" line in the postgresql.conf if we - # want to allow any connections from remote hosts. - postgresql::server::config_entry { 'listen_addresses': - value => $listen_addresses, + if $listen_addresses { + postgresql::server::config_entry { 'listen_addresses': + value => $listen_addresses, + } } + postgresql::server::config_entry { 'port': value => $port, } From e1c6adfa1d8a07ad83b5a2a4b7a95a3739b50c32 Mon Sep 17 00:00:00 2001 From: David Hollinger Date: Thu, 11 May 2017 15:15:25 -0500 Subject: [PATCH 0187/1000] (MODULES-4906) Add support for concat 3.0.0 and 4.0.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 6e39584eb8..7af78f21ee 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, {"name":"puppetlabs/apt","version_requirement":">=2.0.0 <3.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <3.0.0"} + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <5.0.0"} ], "data_provider": null, "operatingsystem_support": [ From 93caf7dd089d031de5985bc67311543ff4cc46cf Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Sun, 21 May 2017 11:25:53 +0200 Subject: [PATCH 0188/1000] (MODULES-4947) bump apt dependency in metadata + fixtures 4.0.0 and 3.0.0 got released a few days ago. We need to bump it, otherwise PMT is unable to resolve dependencies in certain situations. --- .fixtures.yml | 4 +--- metadata.json | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 1c3e753af3..5dbd5d048d 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,8 +1,6 @@ fixtures: repositories: - apt: - repo: "https://github.com/puppetlabs/puppetlabs-apt.git" - branch: "2.0.0" + apt: "https://github.com/puppetlabs/puppetlabs-apt.git" stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" diff --git a/metadata.json b/metadata.json index 7af78f21ee..0b27f8aaa1 100644 --- a/metadata.json +++ b/metadata.json @@ -9,8 +9,8 @@ "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, - {"name":"puppetlabs/apt","version_requirement":">=2.0.0 <3.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <5.0.0"} + {"name":"puppetlabs/apt","version_requirement":">= 2.0.0 < 5.0.0"}, + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 < 5.0.0"} ], "data_provider": null, "operatingsystem_support": [ From f46ecf6dd28e1cfbdc1536c1add83a17fc979849 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Mon, 22 May 2017 11:56:24 +0200 Subject: [PATCH 0189/1000] Unset default log_line_prefix --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index b07f8f2930..1a9fd460ad 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -4,7 +4,7 @@ $postgis_version = $postgresql::globals::globals_postgis_version $listen_addresses = 'localhost' $port = 5432 - $log_line_prefix = '%t ' + $log_line_prefix = undef $ip_mask_deny_postgres_user = '0.0.0.0/0' $ip_mask_allow_all_users = '127.0.0.1/32' $ipv4acls = [] From 7576286b654c06b8aaf15ba093dfb07b007e5bf4 Mon Sep 17 00:00:00 2001 From: Florian Maier Date: Tue, 23 May 2017 17:59:03 +0200 Subject: [PATCH 0190/1000] MODULES-4826 puppetlabs-postgresql: Update the version compatibility to >= 4.7.0 < 5.0.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 7af78f21ee..3a73707d26 100644 --- a/metadata.json +++ b/metadata.json @@ -67,7 +67,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" + "version_requirement": ">= 4.7.0 < 5.0.0" } ] } From 6466a412fbcae392badf6be439079dc8ee3a8b8f Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 25 May 2017 10:23:31 -0700 Subject: [PATCH 0191/1000] (maint) Fix docs for #870 --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 49100c2be2..fa80ca4a59 100644 --- a/README.md +++ b/README.md @@ -500,7 +500,7 @@ Default value: initdb's default path. Set a prefix for the server logs. -Default value: '%t '. +Default value: `undef`. ##### `manage_package_repo` @@ -805,7 +805,7 @@ Default value: `undef`, which is effectively 'C'. Set a prefix for the server logs. -Default value: '%t' +Default value: '$log_line_prefix' variable set in `postgresql::server` or `postgresql::globals`. ##### `manage_pg_hba_conf` From 31570b052af285bc955352150e7b5f3d731d8508 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 12:48:12 +0100 Subject: [PATCH 0192/1000] pin stdlib to at least 4.13.1 this version is needed to get the datatypes --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 756bfa2457..b062f61c92 100644 --- a/metadata.json +++ b/metadata.json @@ -8,7 +8,7 @@ "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, + {"name":"puppetlabs/stdlib","version_requirement":">= 4.13.1 < 5.0.0"}, {"name":"puppetlabs/apt","version_requirement":">= 2.0.0 < 5.0.0"}, {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 < 5.0.0"} ], From 141640ef94038fc43418d92da771e8dd4c3bee0f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:04:30 +0100 Subject: [PATCH 0193/1000] replace validate_* with datatypes in client.pp --- manifests/client.pp | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index b805749721..fd854f1a81 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,12 +1,10 @@ # Install client cli tool. See README.md for more details. class postgresql::client ( - $file_ensure = 'file', - $validcon_script_path = $postgresql::params::validcon_script_path, - $package_name = $postgresql::params::client_package_name, - $package_ensure = 'present' + $file_ensure = 'file', + Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, + String $package_name = $postgresql::params::client_package_name, + $package_ensure = 'present' ) inherits postgresql::params { - validate_absolute_path($validcon_script_path) - validate_string($package_name) if $package_name != 'UNSET' { package { 'postgresql-client': From 49c56013ea8d50f70b355404db1cd716824d8943 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:05:48 +0100 Subject: [PATCH 0194/1000] add datatypes to all params in client.pp --- manifests/client.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index fd854f1a81..000d406239 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,9 +1,9 @@ # Install client cli tool. See README.md for more details. class postgresql::client ( - $file_ensure = 'file', - Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, - String $package_name = $postgresql::params::client_package_name, - $package_ensure = 'present' + Enum['file', 'absent'] $file_ensure = 'file', + Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, + String[1] $package_name = $postgresql::params::client_package_name, + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { if $package_name != 'UNSET' { From f492bd837b687a6ec30f60e299e1f450b421fd16 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:06:20 +0100 Subject: [PATCH 0195/1000] replace validate_* calls with datatypes in java.pp --- manifests/lib/java.pp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index 0a2d45f795..cc831f159a 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -1,12 +1,10 @@ # This class installs the postgresql jdbc connector. See README.md for more # details. class postgresql::lib::java ( - $package_name = $postgresql::params::java_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::java_package_name, + $package_ensure = 'present' ) inherits postgresql::params { - validate_string($package_name) - package { 'postgresql-jdbc': ensure => $package_ensure, name => $package_name, From 18b72b670baccaa96c4c3902343dbfc51d56f6f5 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:07:34 +0100 Subject: [PATCH 0196/1000] add datatypes to all params in java.pp --- manifests/lib/java.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index cc831f159a..fe43dd74b1 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -1,8 +1,8 @@ # This class installs the postgresql jdbc connector. See README.md for more # details. class postgresql::lib::java ( - String $package_name = $postgresql::params::java_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::java_package_name, + Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-jdbc': From 3b943bc0c18f01a75b861f93999c3480369bad5a Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:08:37 +0100 Subject: [PATCH 0197/1000] replace validate_* calls with datatypes in docs.pp --- manifests/lib/docs.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 55825d1570..78ea448541 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,12 +1,10 @@ # This class installs the postgresql-docs See README.md for more # details. class postgresql::lib::docs ( - $package_name = $postgresql::params::docs_package_name, + String $package_name = $postgresql::params::docs_package_name, $package_ensure = 'present', ) inherits postgresql::params { - validate_string($package_name) - package { 'postgresql-docs': ensure => $package_ensure, name => $package_name, From 8c0c85f708786e97c947aa579ddfa17fb8d549b8 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:09:14 +0100 Subject: [PATCH 0198/1000] add datatypes to all params in docs.pp --- manifests/lib/docs.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 78ea448541..4b92b7718a 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,8 +1,8 @@ # This class installs the postgresql-docs See README.md for more # details. class postgresql::lib::docs ( - String $package_name = $postgresql::params::docs_package_name, - $package_ensure = 'present', + String $package_name = $postgresql::params::docs_package_name, + Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-docs': From 580ad582a096ebfebcf09ec046e2063eda91779e Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:10:20 +0100 Subject: [PATCH 0199/1000] replace validate_* calls with datatypes in devel.pp --- manifests/lib/devel.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index bbc5272da2..05fc14c43c 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,13 +1,11 @@ # This class installs postgresql development libraries. See README.md for more # details. class postgresql::lib::devel( - $package_name = $postgresql::params::devel_package_name, + String $package_name = $postgresql::params::devel_package_name, $package_ensure = 'present', $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { - validate_string($package_name) - if $::osfamily == 'Gentoo' { fail('osfamily Gentoo does not have a separate "devel" package, postgresql::lib::devel is not supported') } From 33f62eb21a4ce02cc00b6d15030dd260be962276 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:11:15 +0100 Subject: [PATCH 0200/1000] add datatypes to all params in devel.pp --- manifests/lib/devel.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 05fc14c43c..9c83c7e748 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,9 +1,9 @@ # This class installs postgresql development libraries. See README.md for more # details. class postgresql::lib::devel( - String $package_name = $postgresql::params::devel_package_name, - $package_ensure = 'present', - $link_pg_config = $postgresql::params::link_pg_config + String $package_name = $postgresql::params::devel_package_name, + Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present', + Boolean $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { if $::osfamily == 'Gentoo' { From d622176345e4c7700ddff9392bcfae98f754c723 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:11:43 +0100 Subject: [PATCH 0201/1000] replace validate_* calls with datatypes in postgis.pp --- manifests/server/postgis.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index a43e4c19f1..715207a63a 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -1,9 +1,8 @@ # Install the postgis postgresql packaging. See README.md for more details. class postgresql::server::postgis ( - $package_name = $postgresql::params::postgis_package_name, + String $package_name = $postgresql::params::postgis_package_name, $package_ensure = 'present' ) inherits postgresql::params { - validate_string($package_name) package { 'postgresql-postgis': ensure => $package_ensure, From d5b95fd4f3d056c5ed3ac6c298ad7cc15185bf23 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:12:16 +0100 Subject: [PATCH 0202/1000] add datatypes to all params in postgis.pp --- manifests/server/postgis.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 715207a63a..86a6927c4e 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -1,7 +1,7 @@ # Install the postgis postgresql packaging. See README.md for more details. class postgresql::server::postgis ( - String $package_name = $postgresql::params::postgis_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::postgis_package_name, + Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-postgis': From 33b20589d7b96011eb4db317a82adfc0c1916c29 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:13:22 +0100 Subject: [PATCH 0203/1000] replace validate_* call with datatype in grant.pp --- manifests/server/grant.pp | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 2836f17fe0..fb48d4ab27 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -2,17 +2,17 @@ define postgresql::server::grant ( $role, $db, - $privilege = undef, - $object_type = 'database', - $object_name = undef, - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port, - $onlyif_exists = false, - $connect_settings = $postgresql::server::default_connect_settings, + $privilege = undef, + $object_type = 'database', + $object_name = undef, + $psql_db = $postgresql::server::default_database, + $psql_user = $postgresql::server::user, + $port = $postgresql::server::port, + Boolean $onlyif_exists = false, + $connect_settings = $postgresql::server::default_connect_settings, ) { - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path if ! $object_name { $_object_name = $db @@ -20,7 +20,6 @@ $_object_name = $object_name } - validate_bool($onlyif_exists) # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # From 2c23681a15a8de57d6e0821042bf2dc089934405 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:18:36 +0100 Subject: [PATCH 0204/1000] add datatypes to all params in grant.pp --- manifests/server/grant.pp | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index fb48d4ab27..f030019b79 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -1,18 +1,19 @@ # Define for granting permissions to roles. See README.md for more details. define postgresql::server::grant ( - $role, - $db, - $privilege = undef, - $object_type = 'database', - $object_name = undef, - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port, - Boolean $onlyif_exists = false, - $connect_settings = $postgresql::server::default_connect_settings, + String $role, + String $db, + Optional[String] $privilege = undef, + String $object_type = 'database', + Optional[String[1]] $object_name = undef, + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Integer $port = $postgresql::server::port, + Boolean $onlyif_exists = false, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path if ! $object_name { $_object_name = $db From b6fbdff341ed595075d7b13bf19f09df6bf00135 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:19:11 +0100 Subject: [PATCH 0205/1000] replace validate_* calls with datatypes in contrib.pp --- manifests/server/contrib.pp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index a896ffdc8e..1d623ec4d5 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,9 +1,8 @@ # Install the contrib postgresql packaging. See README.md for more details. class postgresql::server::contrib ( - $package_name = $postgresql::params::contrib_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::contrib_package_name, + $package_ensure = 'present' ) inherits postgresql::params { - validate_string($package_name) if $::osfamily == 'Gentoo' { fail('osfamily Gentoo does not have a separate "contrib" package, postgresql::server::contrib is not supported.') From 0d208aaefd12e4c8688ca3795cebe5e90f509a42 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:19:52 +0100 Subject: [PATCH 0206/1000] add datatypes to all params in contrib.pp --- manifests/server/contrib.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 1d623ec4d5..46121e6ce5 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,7 +1,7 @@ # Install the contrib postgresql packaging. See README.md for more details. class postgresql::server::contrib ( - String $package_name = $postgresql::params::contrib_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::contrib_package_name, + Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' ) inherits postgresql::params { if $::osfamily == 'Gentoo' { From e172bbc5d769d8df7be436ad17c9305a861551af Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:22:35 +0100 Subject: [PATCH 0207/1000] replace validate_* call with datatype in pg_hba_rule.pp --- manifests/server/pg_hba_rule.pp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 0eecdc5725..ce6501432f 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,7 +1,8 @@ # This resource manages an individual rule that applies to the file defined in # $target. See README.md for more details. define postgresql::server::pg_hba_rule( - $type, + + Enum['local', 'host', 'hostssl', 'hostnossl'] $type, $database, $user, $auth_method, @@ -27,8 +28,6 @@ if $manage_pg_hba_conf == false { fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { - validate_re($type, '^(local|host|hostssl|hostnossl)$', - "The type you specified [${type}] must be one of: local, host, hostssl, hostnossl") if($type =~ /^host/ and $address == undef) { fail('You must specify an address property when type is host based') From 0e3c7754c6ae69aa344151afe778fb293bf9fa2d Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:23:24 +0100 Subject: [PATCH 0208/1000] change $order from string to int --- manifests/server/config.pp | 12 ++++++------ manifests/server/pg_hba_rule.pp | 8 ++++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 0272bc6bef..4deb788282 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -49,40 +49,40 @@ user => $user, auth_method => 'ident', auth_option => $local_auth_option, - order => '001', + order => 001, } postgresql::server::pg_hba_rule { 'local access to database with same name': type => 'local', auth_method => 'ident', auth_option => $local_auth_option, - order => '002', + order => 002, } postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user': type => 'host', user => $user, address => '127.0.0.1/32', auth_method => 'md5', - order => '003', + order => 003, } postgresql::server::pg_hba_rule { 'deny access to postgresql user': type => 'host', user => $user, address => $ip_mask_deny_postgres_user, auth_method => 'reject', - order => '004', + order => 004, } postgresql::server::pg_hba_rule { 'allow access to all users': type => 'host', address => $ip_mask_allow_all_users, auth_method => 'md5', - order => '100', + order => 100, } postgresql::server::pg_hba_rule { 'allow access to ipv6 localhost': type => 'host', address => '::1/128', auth_method => 'md5', - order => '101', + order => 101, } } diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index ce6501432f..9866160f07 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -6,10 +6,10 @@ $database, $user, $auth_method, - $address = undef, - $description = 'none', - $auth_option = undef, - $order = '150', + $address = undef, + $description = 'none', + $auth_option = undef, + Integer $order = 150, # Needed for testing primarily, support for multiple files is not really # working. From f3db1d4738b12e8fe2ec6f39048f77bad2c54dd9 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:25:45 +0100 Subject: [PATCH 0209/1000] add datatypes to all params in pg_hba_rule.pp --- manifests/server/pg_hba_rule.pp | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 9866160f07..acbaccff81 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,20 +1,19 @@ # This resource manages an individual rule that applies to the file defined in # $target. See README.md for more details. define postgresql::server::pg_hba_rule( - Enum['local', 'host', 'hostssl', 'hostnossl'] $type, - $database, - $user, - $auth_method, - $address = undef, - $description = 'none', - $auth_option = undef, - Integer $order = 150, + String $database, + String $user, + String $auth_method, + Optional[String] $address = undef, + String $description = 'none', + Optional[String] $auth_option = undef, + Integer $order = 150, # Needed for testing primarily, support for multiple files is not really # working. - $target = $postgresql::server::pg_hba_conf_path, - $postgresql_version = $postgresql::server::_version + Stdlib::Absolutepath $target = $postgresql::server::pg_hba_conf_path, + String $postgresql_version = $postgresql::server::_version ) { #Allow users to manage pg_hba.conf even if they are not managing the whole PostgreSQL instance From dce32778fd66fbd4ccff8c6a1be252088de07317 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:27:07 +0100 Subject: [PATCH 0210/1000] replace validate_* calls with datatypes in grant_role.pp --- manifests/server/grant_role.pp | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 04729d4c84..6b9a606550 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -1,21 +1,13 @@ # Define for granting membership to a role. See README.md for more information define postgresql::server::grant_role ( - $group, - $role = $name, + String $group, + String $role = $name, $ensure = 'present', $psql_db = $postgresql::server::default_database, $psql_user = $postgresql::server::user, $port = $postgresql::server::port, $connect_settings = $postgresql::server::default_connect_settings, ) { - validate_string($group) - validate_string($role) - if empty($group) { - fail('$group must be set') - } - if empty($role) { - fail('$role must be set') - } case $ensure { 'present': { $command = "GRANT \"${group}\" TO \"${role}\"" From 8351aa19496b710f8aeaef7ee686cf2c056f82b2 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:28:18 +0100 Subject: [PATCH 0211/1000] add datatypes to params in grant_role.pp --- manifests/server/grant_role.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 6b9a606550..e31f7d0b28 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -2,7 +2,7 @@ define postgresql::server::grant_role ( String $group, String $role = $name, - $ensure = 'present', + Enum['present', 'absent'] $ensure = 'present', $psql_db = $postgresql::server::default_database, $psql_user = $postgresql::server::user, $port = $postgresql::server::port, From 094af4f714a8481bec2513e03ec761fea7c9979e Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:36:04 +0100 Subject: [PATCH 0212/1000] remove hardcoded tabs --- spec/unit/defines/server/pg_hba_rule_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index f36d27ddad..dbaee37bab 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -190,7 +190,7 @@ class { 'postgresql::server': } it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ - }) + }) end end From 06d44bca6694b57894d248ae17c072c03a6251ae Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 17 Mar 2017 13:47:40 +0100 Subject: [PATCH 0213/1000] drop obsolete tests --- spec/unit/defines/server/grant_role_spec.rb | 56 ------------- spec/unit/defines/server/grant_spec.rb | 2 +- spec/unit/defines/server/pg_hba_rule_spec.rb | 82 ++------------------ 3 files changed, 6 insertions(+), 134 deletions(-) diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index d93b1e4ce5..12a41e2bfc 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -31,52 +31,6 @@ } end - context "validation" do - context "group invalid type" do - let (:params) { { - :group => ['a', 'b'], - :role => 'r', - } } - - it { - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - } - end - - context "role invalid type" do - let (:params) { { - :group => 'g', - :role => true, - } } - - it { - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - } - end - - context "group empty" do - let (:params) { { - :group => '', - :role => 'r', - } } - - it { - expect { catalogue }.to raise_error(/\$group must be set/) - } - end - - context "role empty" do - let (:params) { { - :group => 'g', - :role => '', - } } - - it { - expect { catalogue }.to raise_error(/\$role must be set/) - } - end - end - context "with db arguments" do let (:params) { super().merge({ :psql_db => 'postgres', @@ -108,16 +62,6 @@ } end - context "with ensure => invalid" do - let (:params) { super().merge({ - :ensure => 'invalid', - }) } - - it { - expect { catalogue }.to raise_error(Puppet::Error, /Unknown value for ensure/) - } - end - context "with user defined" do let :pre_condition do "class { 'postgresql::server': } diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index fe7963622b..79d569d849 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -124,7 +124,7 @@ :connect_settings => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', }, - :port => '5678', + :port => 5678, } end diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index dbaee37bab..f657589c7a 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -92,80 +92,6 @@ class { 'postgresql::server': } end context 'validation' do - context 'validate type test 1' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'invalid', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'ldap', - :target => target, - } - end - it 'should fail parsing when type is not valid' do - expect { catalogue }.to raise_error(Puppet::Error, - /The type you specified \[invalid\] must be one of/) - end - end - - context 'validate auth_method' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'invalid', - :target => target, - } - end - - it 'should fail parsing when auth_method is not valid' do - expect { catalogue }.to raise_error(Puppet::Error, - /The auth_method you specified \[invalid\] must be one of/) - end - end - - context 'validate unsupported auth_method' do - let :pre_condition do - <<-EOS - class { 'postgresql::globals': - version => '9.0', - } - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'peer', - :target => target, - } - end - - it 'should fail parsing when auth_method is not valid' do - expect { catalogue }.to raise_error(Puppet::Error, - /The auth_method you specified \[peer\] must be one of: trust, reject, md5, password, gss, sspi, krb5, ident, ldap, radius, cert, pam/) - end - end - context 'validate supported auth_method' do let :pre_condition do <<-EOS @@ -188,9 +114,11 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ - :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ - }) + is_expected.to contain_concat__fragment('pg_hba_rule_test').with( + { + :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ + } + ) end end From 79f029e5ef692bc9863a8a29f9d58e04a150f1de Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 21 Mar 2017 21:25:06 +0100 Subject: [PATCH 0214/1000] migrate octal numbers to real decimal integers --- manifests/server/config.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 4deb788282..a2f2434485 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -49,27 +49,27 @@ user => $user, auth_method => 'ident', auth_option => $local_auth_option, - order => 001, + order => 1, } postgresql::server::pg_hba_rule { 'local access to database with same name': type => 'local', auth_method => 'ident', auth_option => $local_auth_option, - order => 002, + order => 2, } postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user': type => 'host', user => $user, address => '127.0.0.1/32', auth_method => 'md5', - order => 003, + order => 3, } postgresql::server::pg_hba_rule { 'deny access to postgresql user': type => 'host', user => $user, address => $ip_mask_deny_postgres_user, auth_method => 'reject', - order => 004, + order => 4, } postgresql::server::pg_hba_rule { 'allow access to all users': From bf0c5cf96ea274815fcb2624f2d169419d9b3c63 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 25 May 2017 20:22:46 +0200 Subject: [PATCH 0215/1000] valide package_ensure less strict we only allowed present/absent/latest on the first attempt. But people can also pass their own version strings so we've to accept any not empty string. --- manifests/client.pp | 8 ++++---- manifests/lib/devel.pp | 6 +++--- manifests/lib/docs.pp | 4 ++-- manifests/lib/java.pp | 4 ++-- manifests/lib/perl.pp | 4 ++-- manifests/lib/python.pp | 4 ++-- manifests/server/contrib.pp | 4 ++-- manifests/server/extension.pp | 14 +++++++------- manifests/server/postgis.pp | 4 ++-- 9 files changed, 26 insertions(+), 26 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index 000d406239..7e6da1c47b 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,9 +1,9 @@ # Install client cli tool. See README.md for more details. class postgresql::client ( - Enum['file', 'absent'] $file_ensure = 'file', - Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, - String[1] $package_name = $postgresql::params::client_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + Enum['file', 'absent'] $file_ensure = 'file', + Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, + String[1] $package_name = $postgresql::params::client_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { if $package_name != 'UNSET' { diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 9c83c7e748..e6ff183a23 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,9 +1,9 @@ # This class installs postgresql development libraries. See README.md for more # details. class postgresql::lib::devel( - String $package_name = $postgresql::params::devel_package_name, - Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present', - Boolean $link_pg_config = $postgresql::params::link_pg_config + String $package_name = $postgresql::params::devel_package_name, + String[1] $package_ensure = 'present', + Boolean $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { if $::osfamily == 'Gentoo' { diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 4b92b7718a..f3c31ff647 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,8 +1,8 @@ # This class installs the postgresql-docs See README.md for more # details. class postgresql::lib::docs ( - String $package_name = $postgresql::params::docs_package_name, - Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present', + String $package_name = $postgresql::params::docs_package_name, + String[1] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-docs': diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index fe43dd74b1..dc131d50fb 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -1,8 +1,8 @@ # This class installs the postgresql jdbc connector. See README.md for more # details. class postgresql::lib::java ( - String $package_name = $postgresql::params::java_package_name, - Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' + String $package_name = $postgresql::params::java_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-jdbc': diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 6ed2853121..67fd4a28fe 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -1,8 +1,8 @@ # This class installs the perl libs for postgresql. See README.md for more # details. class postgresql::lib::perl( - $package_name = $postgresql::params::perl_package_name, - $package_ensure = 'present' + String $package_name = $postgresql::params::perl_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { package { 'perl-DBD-Pg': diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index bfe0585487..590727dc82 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -1,8 +1,8 @@ # This class installs the python libs for postgresql. See README.md for more # details. class postgresql::lib::python( - $package_name = $postgresql::params::python_package_name, - $package_ensure = 'present' + String[1] $package_name = $postgresql::params::python_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { package { 'python-psycopg2': diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 46121e6ce5..7e3426bc30 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,7 +1,7 @@ # Install the contrib postgresql packaging. See README.md for more details. class postgresql::server::contrib ( - String $package_name = $postgresql::params::contrib_package_name, - Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' + String $package_name = $postgresql::params::contrib_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { if $::osfamily == 'Gentoo' { diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 1c9b684ade..6d2878377f 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -1,15 +1,15 @@ # Activate an extension on a postgresql database define postgresql::server::extension ( $database, - $extension = $name, - $ensure = 'present', - $package_name = undef, - $package_ensure = undef, + $extension = $name, + String[1] $ensure = 'present', + $package_name = undef, + $package_ensure = undef, $connect_settings = $postgresql::server::default_connect_settings, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + $user = $postgresql::server::user + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path case $ensure { 'present': { diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 86a6927c4e..a4e4321de5 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -1,7 +1,7 @@ # Install the postgis postgresql packaging. See README.md for more details. class postgresql::server::postgis ( - String $package_name = $postgresql::params::postgis_package_name, - Enum['present', 'absent', 'latest', 'installed'] $package_ensure = 'present' + String $package_name = $postgresql::params::postgis_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-postgis': From f9e8e93c1d3d24972949d862d8f65fe7fad96f40 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 25 May 2017 20:29:40 +0200 Subject: [PATCH 0216/1000] change concat resources to numeric ordering --- manifests/server/config.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index a2f2434485..616fc341de 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -30,6 +30,7 @@ group => $group, mode => '0640', warn => true, + order => 'numeric', notify => Class['postgresql::server::reload'], } @@ -157,6 +158,7 @@ group => $group, mode => '0640', warn => true, + order => 'numeric', notify => Class['postgresql::server::reload'], } } @@ -167,6 +169,7 @@ group => $group, mode => '0640', warn => true, + order => 'numeric', notify => Class['postgresql::server::reload'], } } From 212066e5e43d97192f9fde42b60cf9f79b5ad2bc Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 25 May 2017 20:35:04 +0200 Subject: [PATCH 0217/1000] enforce string length in grant_role --- manifests/server/grant_role.pp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index e31f7d0b28..601fd69c5a 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -1,12 +1,12 @@ # Define for granting membership to a role. See README.md for more information define postgresql::server::grant_role ( - String $group, - String $role = $name, - Enum['present', 'absent'] $ensure = 'present', - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port, - $connect_settings = $postgresql::server::default_connect_settings, + String[1] $group, + String[1] $role = $name, + Enum['present', 'absent'] $ensure = 'present', + $psql_db = $postgresql::server::default_database, + $psql_user = $postgresql::server::user, + $port = $postgresql::server::port, + $connect_settings = $postgresql::server::default_connect_settings, ) { case $ensure { 'present': { From b0cafe6b2c6360915435fb506d9eb94183f32ae0 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 25 May 2017 20:36:58 +0200 Subject: [PATCH 0218/1000] replace regex with assert_type in pg_hba_rule --- manifests/server/pg_hba_rule.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index acbaccff81..97a7aaae72 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -47,9 +47,7 @@ default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] } - $auth_method_regex = join(['^(', join($allowed_auth_methods, '|'), ')$'],'') - validate_re($auth_method, $auth_method_regex, - join(["The auth_method you specified [${auth_method}] must be one of: ", join($allowed_auth_methods, ', ')],'')) + assert_type(Enum[$allowed_auth_methods], $auth_method) # Create a rule fragment $fragname = "pg_hba_rule_${name}" From e2734e5aab976e792b5832d517104f8b792a61a6 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 26 May 2017 09:39:01 -0700 Subject: [PATCH 0219/1000] (maint) mock structured facts we recently switched apt back to the params pattern and it now uses structured facts. since postgres includes apt, some postgres tests needed to have structured facts mocked out because most of the tests still use legacy facts. the mocking gets redundant and we should make an effor to go in at some point and switch postgres to structured facts completely but this works for now. --- spec/unit/classes/globals_spec.rb | 7 +++++++ spec/unit/classes/repo_spec.rb | 7 +++++++ spec/unit/classes/server_spec.rb | 7 +++++++ 3 files changed, 21 insertions(+) diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index ea3ff9d9fc..d4bceda47c 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -4,6 +4,13 @@ context 'on a debian 6' do let (:facts) do { + :os => { + :family => 'Debian', + :name => 'Debian', + :release => { + :full => '6.0' + } + }, :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index a9be84e7cd..edfeda3735 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -3,6 +3,13 @@ describe 'postgresql::repo', :type => :class do let :facts do { + :os => { + :name => 'Debian', + :family => 'Debian', + :release => { + :full => '6.0' + } + }, :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 852b7e497a..8c5637bf08 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -3,6 +3,13 @@ describe 'postgresql::server', :type => :class do let :facts do { + :os => { + :family => 'Debian', + :name => 'Debian', + :release => { + :full => '6.0' + } + }, :osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistid => 'Debian', From 23517967a749c6090c37c746d5295ef05cb3d48e Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 26 May 2017 15:37:47 -0400 Subject: [PATCH 0220/1000] Remove listen_addresses from README --- README.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/README.md b/README.md index fa80ca4a59..8a3f9cb7f9 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,6 @@ For default settings, declare the `postgresql::server` class as above. To custom class { 'postgresql::server': ip_mask_deny_postgres_user => '0.0.0.0/32', ip_mask_allow_all_users => '0.0.0.0/0', - listen_addresses => '*', ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], postgres_password => 'TPSrep0rt!', } @@ -786,13 +785,6 @@ Specifies the IP mask from which remote connections should be denied for the pos Default value: '0.0.0.0/0', which denies any remote connection. -##### `listen_addresses` - -Specifies the addresses the server accepts connections to. Valid values: - * 'localhost': Accept connections from local host only. - * '*': Accept connections from any remote machine. - * Specified comma-separated list of hostnames or IP addresses. - ##### `locale` Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. From f279ad9533b7b4ad9cbfdab99451fda4f915e13b Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 26 May 2017 15:38:20 -0400 Subject: [PATCH 0221/1000] Remove log_line_prefix from README --- README.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/README.md b/README.md index 8a3f9cb7f9..d414f32a2f 100644 --- a/README.md +++ b/README.md @@ -495,12 +495,6 @@ Overrides the default PostgreSQL log directory. Default value: initdb's default path. -##### `log_line_prefix` - -Set a prefix for the server logs. - -Default value: `undef`. - ##### `manage_package_repo` Sets up official PostgreSQL repositories on your host if set to `true`. @@ -793,12 +787,6 @@ Default value: `undef`, which is effectively 'C'. **On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** -##### `log_line_prefix` - -Set a prefix for the server logs. - -Default value: '$log_line_prefix' variable set in `postgresql::server` or `postgresql::globals`. - ##### `manage_pg_hba_conf` Whether to manage the `pg_hba.conf`. From 7066e9216258fdfa36728a61b0b26564e30d35a5 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 26 May 2017 15:41:00 -0400 Subject: [PATCH 0222/1000] Fix misleading chaining arrows on README --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d414f32a2f..0a7f7d3937 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,8 @@ For example, to overwrite the default `locale` and `encoding` for all classes, u class { 'postgresql::globals': encoding => 'UTF-8', locale => 'en_US.UTF-8', -}-> +} + class { 'postgresql::server': } ``` @@ -134,7 +135,8 @@ To use a specific version of the PostgreSQL package: class { 'postgresql::globals': manage_package_repo => true, version => '9.2', -}-> +} + class { 'postgresql::server': } ``` From b8a2627f7a06523dbe483ed70350426582d50937 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 26 May 2017 16:06:33 -0400 Subject: [PATCH 0223/1000] Fix misleading require on README --- README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README.md b/README.md index 0a7f7d3937..c7853d44d3 100644 --- a/README.md +++ b/README.md @@ -167,10 +167,6 @@ postgresql::server::role{'super2': superuser => true, connect_settings => {}, - require => [ - Class['postgresql::globals'], - Class['postgresql::server::service'], - ], } # Now using this new user connect via TCP From 63008689b22a7b063391728edf492a16f37558d4 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Fri, 26 May 2017 16:10:05 -0400 Subject: [PATCH 0224/1000] Improve Puppet code style on README --- README.md | 89 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 46 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index c7853d44d3..74a7d37cf7 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,8 @@ PostgreSQL is a high-performance, free, open-source relational database server. To configure a basic default PostgreSQL server, declare the `postgresql::server` class. ```puppet -class { 'postgresql::server': } +class { 'postgresql::server': +} ``` ## Usage @@ -78,7 +79,8 @@ For more details about server configuration parameters, consult the [PostgreSQL You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: ```puppet -class { 'postgresql::server': } +class { 'postgresql::server': +} postgresql::server::db { 'mydatabasename': user => 'mydatabaseuser', @@ -91,10 +93,11 @@ postgresql::server::db { 'mydatabasename': To manage users, roles, and permissions: ```puppet -class { 'postgresql::server': } +class { 'postgresql::server': +} postgresql::server::role { 'marmot': -password_hash => postgresql_password('marmot', 'mypasswd'), + password_hash => postgresql_password('marmot', 'mypasswd'), } postgresql::server::database_grant { 'test1': @@ -137,7 +140,8 @@ class { 'postgresql::globals': version => '9.2', } -class { 'postgresql::server': } +class { 'postgresql::server': +} ``` ### Manage remote users, roles, and permissions @@ -152,19 +156,19 @@ You can provide a `connect_settings` hash for each of the Puppet resources, or y ```puppet $connection_settings_super2 = { - 'PGUSER' => "super2", - 'PGPASSWORD' => "foobar2", - 'PGHOST' => "127.0.0.1", - 'PGPORT' => "5432", - 'PGDATABASE' => "postgres", - } + 'PGUSER' => 'super2', + 'PGPASSWORD' => 'foobar2', + 'PGHOST' => '127.0.0.1', + 'PGPORT' => '5432', + 'PGDATABASE' => 'postgres', +} include postgresql::server # Connect with no special settings, i.e domain sockets, user postgres -postgresql::server::role{'super2': - password_hash => "foobar2", - superuser => true, +postgresql::server::role { 'super2': + password_hash => 'foobar2', + superuser => true, connect_settings => {}, } @@ -172,8 +176,7 @@ postgresql::server::role{'super2': # Now using this new user connect via TCP postgresql::server::database { 'db1': connect_settings => $connection_settings_super2, - -require => Postgresql::Server::Role['super2'], + require => Postgresql::Server::Role['super2'], } ``` @@ -183,7 +186,7 @@ To create an access rule for `pg_hba.conf`: ```puppet postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up PostgreSQL for access from 200.1.2.0/24", + description => 'Open up PostgreSQL for access from 200.1.2.0/24', type => 'host', database => 'app', user => 'app', @@ -205,7 +208,7 @@ By default, `pg_hba_rule` requires that you include `postgresql::server`. Howeve ```puppet postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up postgresql for access from 200.1.2.0/24", + description => 'Open up postgresql for access from 200.1.2.0/24', type => 'host', database => 'app', user => 'app', @@ -221,7 +224,7 @@ postgresql::server::pg_hba_rule { 'allow application network to access app datab To create a user name map for the pg_ident.conf: ```puppet -postgresql::server::pg_ident_rule{ 'Map the SSL certificate of the backup server as a replication user': +postgresql::server::pg_ident_rule { 'Map the SSL certificate of the backup server as a replication user': map_name => 'sslrepli', system_username => 'repli1.example.com', database_username => 'replication', @@ -242,22 +245,22 @@ sslrepli repli1.example.com replication To create the recovery configuration file (`recovery.conf`): ```puppet -postgresql::server::recovery{ 'Create a recovery.conf file with the following defined parameters': - restore_command => 'cp /mnt/server/archivedir/%f %p', - archive_cleanup_command => undef, - recovery_end_command => undef, - recovery_target_name => 'daily backup 2015-01-26', - recovery_target_time => '2015-02-08 22:39:00 EST', - recovery_target_xid => undef, - recovery_target_inclusive => true, - recovery_target => 'immediate', - recovery_target_timeline => 'latest', - pause_at_recovery_target => true, - standby_mode => 'on', - primary_conninfo => 'host=localhost port=5432', - primary_slot_name => undef, - trigger_file => undef, - recovery_min_apply_delay => 0, +postgresql::server::recovery { 'Create a recovery.conf file with the following defined parameters': + restore_command => 'cp /mnt/server/archivedir/%f %p', + archive_cleanup_command => undef, + recovery_end_command => undef, + recovery_target_name => 'daily backup 2015-01-26', + recovery_target_time => '2015-02-08 22:39:00 EST', + recovery_target_xid => undef, + recovery_target_inclusive => true, + recovery_target => 'immediate', + recovery_target_timeline => 'latest', + pause_at_recovery_target => true, + standby_mode => 'on', + primary_conninfo => 'host=localhost port=5432', + primary_slot_name => undef, + trigger_file => undef, + recovery_min_apply_delay => 0, } ``` @@ -286,10 +289,10 @@ Example usage: ```puppet postgresql::validate_db_connection { 'validate my postgres connection': - database_host => 'my.postgres.host', - database_username => 'mydbuser', - database_password => 'mydbpassword', - database_name => 'mydbname', + database_host => 'my.postgres.host', + database_username => 'mydbuser', + database_password => 'mydbpassword', + database_name => 'mydbname', }-> exec { 'rake db:migrate': cwd => '/opt/myrubyapp', @@ -1427,8 +1430,8 @@ Sets the hash to use during password creation. If the password is not already pr If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. ```puppet -postgresql::server::role { "myusername": -password_hash => postgresql_password('myusername', 'mypassword'), +postgresql::server::role { 'myusername': + password_hash => postgresql_password('myusername', 'mypassword'), } ``` @@ -1706,8 +1709,8 @@ This is the namevar. Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it from the command line and then copy and paste the encrypted password into your manifest: -```puppet -puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' +```shell +puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' ``` Alternatively, you can call this from your production manifests, but the manifests will then contain a clear text version of your passwords. From f4276d65efd8b8a56386bdbf35171a6c2900a9cd Mon Sep 17 00:00:00 2001 From: Sander Hoentjen Date: Thu, 1 Jun 2017 10:50:05 +0200 Subject: [PATCH 0225/1000] add data_checksums option to initdb --- README.md | 6 ++++++ manifests/globals.pp | 1 + manifests/params.pp | 1 + manifests/server.pp | 1 + manifests/server/initdb.pp | 9 ++++++++- 5 files changed, 17 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fa80ca4a59..f6bcf057cc 100644 --- a/README.md +++ b/README.md @@ -486,6 +486,12 @@ Default value: `undef`, which is effectively 'C'. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +##### `data_checksums` + +Optional boolean to turn on data checksums during `initdb`. + +Default value: `undef`, which is the same as `false`. + ##### `timezone` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. diff --git a/manifests/globals.pp b/manifests/globals.pp index 5fa248fd30..36e61af489 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -50,6 +50,7 @@ $encoding = undef, $locale = undef, + $data_checksums = undef, $timezone = undef, $manage_pg_hba_conf = undef, diff --git a/manifests/params.pp b/manifests/params.pp index cf3abe85f4..51c45ef3d6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -11,6 +11,7 @@ $ipv6acls = [] $encoding = $postgresql::globals::encoding $locale = $postgresql::globals::locale + $data_checksums = $postgresql::globals::data_checksums $timezone = $postgresql::globals::timezone $service_ensure = 'running' $service_enable = true diff --git a/manifests/server.pp b/manifests/server.pp index 306410eb18..7509ec97e1 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -48,6 +48,7 @@ $encoding = $postgresql::params::encoding, $locale = $postgresql::params::locale, + $data_checksums = $postgresql::params::data_checksums, $timezone = $postgresql::params::timezone, $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 2252a198f1..7eb0652c89 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -7,6 +7,7 @@ $logdir = $postgresql::server::logdir $encoding = $postgresql::server::encoding $locale = $postgresql::server::locale + $data_checksums = $postgresql::server::data_checksums $group = $postgresql::server::group $user = $postgresql::server::user $psql_path = $postgresql::server::psql_path @@ -82,11 +83,17 @@ $require_before_initdb = [$datadir] } - $initdb_command = $locale ? { + $ic_locale = $locale ? { undef => $ic_xlog, default => "${ic_xlog} --locale '${locale}'" } + $initdb_command = $data_checksums ? { + undef => $ic_locale, + false => $ic_locale, + default => "${ic_locale} --data-checksums" + } + # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. exec { 'postgresql_initdb': From c37b50c5d500c6fd6f684c50f936aa84195c970d Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Tue, 28 Feb 2017 15:01:55 -0800 Subject: [PATCH 0226/1000] (MODULES-1394) replace validate_db_connection type with custom type This replaces the defined type `validate_db_connection` with a new custom type called `postgresql_conn_validator`. It's functionality is nearly a copy of its predecessor with the exception of the `create_db_first` parameter which is taken care of with a collector in service.pp. The old type is still intact but all docs have been removed and a warning has been attached to it announcing its deprecation. --- README.md | 135 ++++++++---------- .../postgresql_conn_validator/ruby.rb | 43 ++++++ lib/puppet/type/postgresql_conn_validator.rb | 82 +++++++++++ lib/puppet/util/postgresql_validator.rb | 64 +++++++++ manifests/server/db.pp | 2 +- manifests/server/service.pp | 20 +-- manifests/validate_db_connection.pp | 5 + ruby.rb | 58 ++++++++ spec/acceptance/db_spec.rb | 3 +- .../postgresql_conn_validator_spec.rb | 76 ++++++++++ spec/unit/classes/server_spec.rb | 14 +- .../postgresql_conn_validator/ruby_spec.rb | 66 +++++++++ .../puppet/type/postgresql_conn_validator.rb | 42 ++++++ 13 files changed, 520 insertions(+), 90 deletions(-) create mode 100644 lib/puppet/provider/postgresql_conn_validator/ruby.rb create mode 100644 lib/puppet/type/postgresql_conn_validator.rb create mode 100644 lib/puppet/util/postgresql_validator.rb create mode 100644 ruby.rb create mode 100644 spec/acceptance/postgresql_conn_validator_spec.rb create mode 100644 spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb create mode 100644 spec/unit/puppet/type/postgresql_conn_validator.rb diff --git a/README.md b/README.md index 74a7d37cf7..b894ff3269 100644 --- a/README.md +++ b/README.md @@ -283,16 +283,16 @@ Only the specified parameters are recognized in the template. The `recovery.conf ### Validate connectivity -To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql::validate_db_connection` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. +To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql_conn_validator` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. Example usage: ```puppet -postgresql::validate_db_connection { 'validate my postgres connection': - database_host => 'my.postgres.host', - database_username => 'mydbuser', - database_password => 'mydbpassword', - database_name => 'mydbname', +postgresql_conn_validator { 'validate my postgres connection': + host => 'my.postgres.host', + db_username => 'mydbuser', + db_password => 'mydbpassword', + db_name => 'mydbname', }-> exec { 'rake db:migrate': cwd => '/opt/myrubyapp', @@ -332,13 +332,13 @@ The postgresql module comes with many options for configuring the server. While * [postgresql::server::schema](#postgresqlserverschema) * [postgresql::server::table_grant](#postgresqlservertable_grant) * [postgresql::server::tablespace](#postgresqlservertablespace) -* [postgresql::validate_db_connection](#postgresqlvalidate_db_connection) **Types:** * [postgresql_psql](#custom-resource-postgresql_psql) * [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) * [postgresql_conf](#custom-resource-postgresql_conf) +* [postgresql_conn_validator](#custom-resource-postgresql_conn_validator) **Functions:** @@ -367,13 +367,6 @@ Sets the name of the PostgreSQL client package. Default value: 'file'. -##### `validcon_script_path` - -Specifies the path to validate the connection script. - - -Default value: '/usr/local/bin/validate_postgresql_connection.sh'. - #### postgresql::lib::docs Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -1543,64 +1536,6 @@ Specifies the name of the tablespace. Default value: the namevar. -#### postgresql::validate_db_connection - -Validates client connection with a remote PostgreSQL database. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`database_host`, etc). If provided, the individual parameters take precedence. - -##### `create_db_first` - -Ensures that the database is created before running the test. This only works if your test is local. - -Default value: `true`. - -##### `database_host` - -Sets the hostname of the database you wish to test. - -Default value: `undef`, which generally uses the designated local Unix socket. - -##### `database_name` - -Specifies the name of the database you wish to test. - -Default value: 'postgres'. - -##### `database_port` - -Defines the port to use when connecting. - -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. - -##### `database_password` - -Specifies the password to connect with. Can be left blank, not recommended. - -##### `database_username` - -Specifies the username to connect with. - -Default value: `undef`. - -When using a Unix socket and ident auth, this is the user you are running as. - -**If the host is remote you must provide a username.** - -##### `run_as` - -Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. - -##### `sleep` - -Sets the number of seconds to sleep for before trying again after a failure. - -##### `tries` - -Sets the number of attempts after failure before giving up and failing the resource. - ### Types #### postgresql_psql @@ -1703,6 +1638,62 @@ Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. +#### postgresql_conn_validator + +Validate the connection to a local or remote PostgreSQL database using this type. + +##### `connect_settings` + +Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`host`, etc). If provided, the individual parameters take precedence. + +Default value: {} + +##### `db_name` + +Specifies the name of the database you wish to test. + +Default value: '' + +##### `db_password` + +Specifies the password to connect with. Can be left blank if `.pgpass` is being used, otherwise not recommended. + +Default value: '' + +##### `db_username` + +Specifies the username to connect with. + +Default value: '' + +When using a Unix socket and ident auth, this is the user you are running as. + +##### `host` + +Sets the hostname of the database you wish to test. + +Default value: '', which generally uses the designated local Unix socket. + +**If the host is remote you must provide a username.** + +##### `port` + +Defines the port to use when connecting. + +Default value: '' + +##### `run_as` + +Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. + +##### `sleep` + +Sets the number of seconds to sleep for before trying again after a failure. + +##### `tries` + +Sets the number of attempts after failure before giving up and failing the resource. + ### Functions #### postgresql_password diff --git a/lib/puppet/provider/postgresql_conn_validator/ruby.rb b/lib/puppet/provider/postgresql_conn_validator/ruby.rb new file mode 100644 index 0000000000..f31b8b9181 --- /dev/null +++ b/lib/puppet/provider/postgresql_conn_validator/ruby.rb @@ -0,0 +1,43 @@ +$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..","..")) +require 'puppet/util/postgresql_validator' + +# This file contains a provider for the resource type `postgresql_conn_validator`, +# which validates the puppetdb connection by attempting an https connection. + +Puppet::Type.type(:postgresql_conn_validator).provide(:ruby) do + desc "A provider for the resource type `postgresql_conn_validator`, + which validates the PostgreSQL connection by attempting a query + to the target PostgreSQL server." + + # Test to see if the resource exists, returns true if it does, false if it + # does not. + # + # Here we simply monopolize the resource API, to execute a test to see if the + # database is connectable. When we return a state of `false` it triggers the + # create method where we can return an error message. + # + # @return [bool] did the test succeed? + def exists? + validator.attempt_connection(resource[:sleep], resource[:tries]) + end + + # This method is called when the exists? method returns false. + # + # @return [void] + def create + # If `#create` is called, that means that `#exists?` returned false, which + # means that the connection could not be established... so we need to + # cause a failure here. + raise Puppet::Error, "Unable to connect to PostgreSQL server! (#{resource[:host]}:#{resource[:port]})" + end + + # Returns the existing validator, if one exists otherwise creates a new object + # from the class. + # + # @api private + def validator + @validator ||= Puppet::Util::PostgresqlValidator.new(resource) + end + +end + diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb new file mode 100644 index 0000000000..e56b01cc06 --- /dev/null +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -0,0 +1,82 @@ +Puppet::Type.newtype(:postgresql_conn_validator) do + + @doc = "Verify that a connection can be successfully established between a node + and the PostgreSQL server. Its primary use is as a precondition to + prevent configuration changes from being applied if the PostgreSQL + server cannot be reached, but it could potentially be used for other + purposes such as monitoring." + + ensurable do + defaultvalues + defaultto :present + end + + newparam(:name, :namevar => true) do + desc 'An arbitrary name used as the identity of the resource.' + end + + newparam(:db_name) do + desc "The name of the database you are trying to validate a connection with." + end + + newparam(:db_username) do + desc "A user that has access to the target PostgreSQL database." + end + + newparam(:db_password) do + desc "The password required to access the target PostgreSQL database." + end + + newparam(:host) do + desc 'The DNS name or IP address of the server where PostgreSQL should be running.' + end + + newparam(:port) do + desc 'The port that the PostgreSQL server should be listening on.' + + validate do |value| + if value + value =~ /[0-9]+/ + end + end + end + + newparam(:connect_settings) do + desc 'Hash of environment variables for connection to a db.' + + end + + newparam(:sleep) do + desc "The length of sleep time between connection tries." + + validate do |value| + Integer(value) + end + munge do |value| + Integer(value) + end + + defaultto 2 + end + + newparam(:tries) do + desc "The number of tries to validate the connection to the target PostgreSQL database." + + validate do |value| + Integer(value) + end + munge do |value| + Integer(value) + end + + defaultto 10 + end + + newparam(:psql_path) do + desc "Path to the psql command." + end + + newparam(:run_as) do + desc "System user that will run the psql command." + end +end diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb new file mode 100644 index 0000000000..c6b5799e90 --- /dev/null +++ b/lib/puppet/util/postgresql_validator.rb @@ -0,0 +1,64 @@ +module Puppet + module Util + class PostgresqlValidator + attr_reader :resource + + def initialize(resource) + @resource = resource + end + + def build_psql_cmd + final_cmd = [] + + cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet " + + final_cmd.push cmd_init + + cmd_parts = { + :host => "-h #{@resource[:host]}", + :port => "-p #{@resource[:port]}", + :db_username => "-U #{@resource[:db_username]}", + :db_name => "--dbname #{@resource[:db_name]}" + } + + cmd_parts[:db_password] = "-w " if @resource[:db_password] + + cmd_parts.each do |k,v| + final_cmd.push v if @resource[k] + end + + final_cmd.join ' ' + end + + def parse_connect_settings + c_settings = @resource[:connect_settings] || {} + c_settings.merge! ({ 'PGPASSWORD' => @resource[:db_password] }) if @resource[:db_password] + return c_settings.map { |k,v| "#{k}=#{v}" } + end + + def attempt_connection(sleep_length, tries) + (0..tries-1).each do |try| + Puppet.debug "PostgresqlValidator.attempt_connection: Attempting connection to #{@resource[:db_name]}" + if execute_command =~ /1/ + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name]} successful!" + return true + else + Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" + sleep sleep_length + end + end + false + end + + private + + def execute_command + Execution.execute(build_validate_cmd, :uid => @resource[:run_as]) + end + + def build_validate_cmd + "/bin/echo 'SELECT 1' | #{parse_connect_settings.join(' ')} #{build_psql_cmd} " + end + end + end +end diff --git a/manifests/server/db.pp b/manifests/server/db.pp index b4c1232cfa..9b20928e36 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -38,7 +38,7 @@ privilege => $grant, db => $dbname, role => $user, - } -> Postgresql::Validate_db_connection<| database_name == $dbname |> + } -> Postgresql_conn_validator<| db_name == $dbname |> } if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { diff --git a/manifests/server/service.pp b/manifests/server/service.pp index de06818be9..ba69fb2423 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -9,6 +9,7 @@ $user = $postgresql::server::user $port = $postgresql::server::port $default_database = $postgresql::server::default_database + $psql_path = $postgresql::params::psql_path anchor { 'postgresql::server::service::begin': } @@ -29,16 +30,17 @@ # # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. - postgresql::validate_db_connection { 'validate_service_is_running': - run_as => $user, - database_name => $default_database, - database_port => $port, - sleep => 1, - tries => 60, - create_db_first => false, - require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'] + postgresql_conn_validator{ 'validate_service_is_running': + run_as => $user, + db_name => $default_database, + port => $port, + sleep => 1, + tries => 60, + psql_path => $psql_path, + require => Service['postgresqld'], + before => Anchor['postgresql::server::service::end'] } + Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] } } diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 9c17419bfd..c67819725b 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -18,6 +18,8 @@ include postgresql::client include postgresql::params + warning("postgresql::validate_db_connection is deprecated, please use postgresql_conn_validator.") + $psql_path = $postgresql::params::psql_path $module_workdir = $postgresql::params::module_workdir $validcon_script_path = $postgresql::client::validcon_script_path @@ -63,6 +65,9 @@ $env = $pass_env } + warning($validate_cmd) + warning($env) + $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" exec { $exec_name: diff --git a/ruby.rb b/ruby.rb new file mode 100644 index 0000000000..5c7a5d1da8 --- /dev/null +++ b/ruby.rb @@ -0,0 +1,58 @@ +Puppet::Type.type(:validate_db_connection).provide(:ruby) do + + commands :psql => 'psql' + + def psql_cmd + final_cmd = [] + + cmd_init = "#{resource[:psql_path]} --tuples-only --quiet " + + final_cmd.push cmd_init + + cmd_parts = { + :database_host => "-h #{resource[:database_host]}", + :database_port => "-p #{resource[:database_port]}", + :database_username => "-U #{resource[:database_username]}", + :database_password =>"PGPASSWORD=#{resource[:database_password]}" + } + + cmd_parts.each do |k,v| + final_cmd.push v if resource[k] + end + + final_cmd.join ' ' + end + + def get_validate_cmd psql_cmd + "/bin/echo 'SELECT 1' | #{psql_cmd}" + end + + def sleep_and_try cmd + sleep_length = resource[:sleep] + tries = resource[:tries] + + state = 1 + count = 1 + + (count..tries).each do |try| + Puppet.debug "Count #{count}" + + if try > 1 + Puppet.debug "Sleeping for #{sleep_length}" + sleep sleep_length + end + + begin + state = `#{cmd}` + rescue Puppet::Error => error + Puppet::Error.new("There was a problem running the psql command: #{error}") + end + + exit 0 if state == 0 + end + + raise Puppet::Error.new("Unable to connect to postgresql database #{resource[:database_name]}") + end + + sleep_and_try(get_validate_cmd psql_cmd) +end diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 449c4b0fe2..0279d30199 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -22,8 +22,9 @@ class { 'postgresql::server': apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) + # Verify that the postgres password works - shell("echo 'localhost:*:*:postgres:space password' > /root/.pgpass") + shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") shell("chmod 600 /root/.pgpass") shell("psql -U postgres -h localhost --command='\\l'") diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb new file mode 100644 index 0000000000..329abc84a5 --- /dev/null +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -0,0 +1,76 @@ +require 'spec_helper_acceptance' + +describe 'postgresql_conn_validator', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + let(:install_pp) { <<-EOS + class { 'postgresql::server': + postgres_password => 'space password', + }-> + postgresql::server::role { 'testuser': + password_hash => postgresql_password('testuser','test1'), + }-> + postgresql::server::database { 'testdb': + owner => 'testuser', + require => Postgresql::Server::Role['testuser'] + }-> + postgresql::server::database_grant { 'allow connect for testuser': + privilege => 'CONNECT', + db => 'testdb', + role => 'testuser', + } + + EOS + + } + + context 'local connection' do + it 'validates successfully with defaults' do + pp = <<-EOS + #{install_pp}-> + postgresql_conn_validator { 'validate this': + db_name => 'testdb', + db_username => 'testuser', + db_password => 'test1', + host => 'localhost', + psql_path => '/usr/bin/psql', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'works with connect settings hash' do + pp = <<-EOS + #{install_pp}-> + postgresql_conn_validator { 'validate this': + connect_settings => { + 'PGDATABASE' => 'testdb', + 'PGPORT' => '5432', + 'PGUSER' => 'testuser', + 'PGPASSWORD' => 'test1', + 'PGHOST' => 'localhost' + }, + psql_path => '/usr/bin/psql' + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + end + + it 'fails gracefully' do + pp = <<-EOS + #{install_pp}-> + postgresql_conn_validator { 'validate this': + psql_path => '/usr/bin/psql', + tries => 3 + } + EOS + + result = apply_manifest(pp) + expect(result.stderr).to match /Unable to connect to PostgreSQL server/ + end + end +end diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 8c5637bf08..c78e60e7e7 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -30,7 +30,7 @@ }) } it 'should validate connection' do - is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -45,7 +45,7 @@ it { is_expected.to contain_class("postgresql::server") } it { is_expected.to contain_class("postgresql::server::passwd") } it 'should validate connection' do - is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end it 'should set postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with({ @@ -66,7 +66,7 @@ it { is_expected.to contain_class("postgresql::params") } it { is_expected.to contain_class("postgresql::server") } it 'shouldnt validate connection' do - is_expected.not_to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -77,7 +77,7 @@ it { is_expected.to_not contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } it 'should validate connection' do - is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -88,7 +88,7 @@ it { is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } it 'should validate connection' do - is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -101,7 +101,7 @@ }) } it 'should validate connection' do - is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -114,7 +114,7 @@ let(:params) {{ :service_manage => false }} it { is_expected.not_to contain_service('postgresqld') } it 'shouldnt validate connection' do - is_expected.not_to contain_postgresql__validate_db_connection('validate_service_is_running') + is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') end end diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb new file mode 100644 index 0000000000..9b1fa96e75 --- /dev/null +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -0,0 +1,66 @@ +require 'spec_helper' + +describe Puppet::Type.type(:postgresql_conn_validator).provider(:ruby) do + + let(:resource) { Puppet::Type.type(:postgresql_conn_validator).new({ + :name => "testname" + }.merge attributes) } + let(:provider) { resource.provider } + + let(:attributes) do + { + :psql_path => '/usr/bin/psql', + :host => 'db.test.com', + :port => '4444', + :db_username => 'testuser', + :db_password => 'testpass' + } + end + + describe '#build_psql_cmd' do + it 'contains expected commandline options' do + expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*-h.*-p.*-U.*/ + end + end + + describe '#parse_connect_settings' do + it 'returns array if password is present' do + expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass']) + end + + it 'returns an empty array if password is nil' do + attributes.delete(:db_password) + expect(provider.validator.parse_connect_settings).to eq([]) + end + + let(:connect_settings) do + { + :connect_settings => { + :PGPASSWORD => 'testpass', + :PGHOST => 'db.test.com', + :PGPORT => '1234' + } + } + end + it 'returns an array of settings' do + attributes.delete(:db_password) + attributes.merge! connect_settings + expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass','PGHOST=db.test.com','PGPORT=1234']) + end + end + + describe '#attempt_connection' do + let(:sleep_length) {1} + let(:tries) {3} + let(:exec) { + provider.validator.stub(:execute_command).and_return(true) + } + + it 'tries the correct number of times' do + expect(provider.validator).to receive(:execute_command).exactly(3).times + + provider.validator.attempt_connection(sleep_length,tries) + + end + end +end diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb new file mode 100644 index 0000000000..844eafe628 --- /dev/null +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -0,0 +1,42 @@ +#! /usr/bin/env ruby +require 'spec_helper' + +describe Puppet::Type.type(:postgresql_conn_validator) do + before do + @provider_class = described_class.provide(:simple) { mk_resource_methods } + @provider_class.stub(:suitable?).and_return true + described_class.stub(:defaultprovider).and_return @provider_class + end + + describe "when validating attributes" do + [:name, :db_name, :db_username, :host, :port, :connect_settings, :sleep, :tries, :psql_path].each do |param| + it "should have a #{param} parameter" do + expect(described_class.attrtype(param)).to eq(:param) + end + end + end + + describe "when validating values" do + describe "tries and sleep" do + [:tries, :sleep].each do |param| + it "#{param} should be able to cast value as integer" do + expect { described_class.new(:name => 'test', param => '1') }.to_not raise_error + expect { described_class.new(:name => 'test', param => 1) }.to_not raise_error + end + it "#{param} should not accept non-numeric string" do + expect { described_class.new(:name => 'test', param => 'test') }.to raise_error Puppet::ResourceError + end + end + end + describe "connect_settings" do + it "should accept a hash" do + expect { described_class.new(:name => 'test', :connect_settings => { "PGPASSWORD" => "test1" }) }.to_not raise_error + end + end + describe "port" do + it "does not accept a word" do + expect { described_class.new(:name => 'test', :port => 'test')}.to raise_error Puppet::Error + end + end + end +end From ac21c60782e0725e9b145aa6710228caab3b8c5c Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 8 Jun 2017 14:34:05 -0700 Subject: [PATCH 0227/1000] (maint) addresses lint issues --- manifests/server/service.pp | 16 ++++++++-------- manifests/validate_db_connection.pp | 2 +- spec/acceptance/db_spec.rb | 1 - .../acceptance/postgresql_conn_validator_spec.rb | 14 +++++++------- .../postgresql_conn_validator/ruby_spec.rb | 10 +++++----- 5 files changed, 21 insertions(+), 22 deletions(-) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index ba69fb2423..2a4f5001a6 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -31,14 +31,14 @@ # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. postgresql_conn_validator{ 'validate_service_is_running': - run_as => $user, - db_name => $default_database, - port => $port, - sleep => 1, - tries => 60, - psql_path => $psql_path, - require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'] + run_as => $user, + db_name => $default_database, + port => $port, + sleep => 1, + tries => 60, + psql_path => $psql_path, + require => Service['postgresqld'], + before => Anchor['postgresql::server::service::end'] } Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] } diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index c67819725b..37fea72984 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -18,7 +18,7 @@ include postgresql::client include postgresql::params - warning("postgresql::validate_db_connection is deprecated, please use postgresql_conn_validator.") + warning('postgresql::validate_db_connection is deprecated, please use postgresql_conn_validator.') $psql_path = $postgresql::params::psql_path $module_workdir = $postgresql::params::module_workdir diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 0279d30199..0285c3fce0 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -22,7 +22,6 @@ class { 'postgresql::server': apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) - # Verify that the postgres password works shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") shell("chmod 600 /root/.pgpass") diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 329abc84a5..d21d431bf1 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -10,13 +10,13 @@ class { 'postgresql::server': password_hash => postgresql_password('testuser','test1'), }-> postgresql::server::database { 'testdb': - owner => 'testuser', + owner => 'testuser', require => Postgresql::Server::Role['testuser'] }-> postgresql::server::database_grant { 'allow connect for testuser': privilege => 'CONNECT', - db => 'testdb', - role => 'testuser', + db => 'testdb', + role => 'testuser', } EOS @@ -28,11 +28,11 @@ class { 'postgresql::server': pp = <<-EOS #{install_pp}-> postgresql_conn_validator { 'validate this': - db_name => 'testdb', + db_name => 'testdb', db_username => 'testuser', db_password => 'test1', - host => 'localhost', - psql_path => '/usr/bin/psql', + host => 'localhost', + psql_path => '/usr/bin/psql', } EOS @@ -65,7 +65,7 @@ class { 'postgresql::server': #{install_pp}-> postgresql_conn_validator { 'validate this': psql_path => '/usr/bin/psql', - tries => 3 + tries => 3 } EOS diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 9b1fa96e75..99369707ae 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -9,9 +9,9 @@ let(:attributes) do { - :psql_path => '/usr/bin/psql', - :host => 'db.test.com', - :port => '4444', + :psql_path => '/usr/bin/psql', + :host => 'db.test.com', + :port => '4444', :db_username => 'testuser', :db_password => 'testpass' } @@ -37,8 +37,8 @@ { :connect_settings => { :PGPASSWORD => 'testpass', - :PGHOST => 'db.test.com', - :PGPORT => '1234' + :PGHOST => 'db.test.com', + :PGPORT => '1234' } } end From 61ad33d71e70dddca30918173e49ab74228f0faf Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 9 Jun 2017 08:51:48 -0700 Subject: [PATCH 0228/1000] (maint) address comments Addresses a few of @hasegeli\'s comments. Adds a `command` parameter for more customizability. --- README.md | 6 ++ lib/puppet/type/postgresql_conn_validator.rb | 14 +++-- lib/puppet/util/postgresql_validator.rb | 15 ++--- manifests/validate_db_connection.pp | 3 - ruby.rb | 58 ------------------- .../postgresql_conn_validator/ruby_spec.rb | 4 +- .../puppet/type/postgresql_conn_validator.rb | 4 +- 7 files changed, 28 insertions(+), 76 deletions(-) delete mode 100644 ruby.rb diff --git a/README.md b/README.md index b894ff3269..de99b2ccc6 100644 --- a/README.md +++ b/README.md @@ -1668,6 +1668,12 @@ Default value: '' When using a Unix socket and ident auth, this is the user you are running as. +##### `command` + +This is the command run against the target database to verify connectivity. + +Default value: 'SELECT 1' + ##### `host` Sets the hostname of the database you wish to test. diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb index e56b01cc06..b9dc64e219 100644 --- a/lib/puppet/type/postgresql_conn_validator.rb +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -35,15 +35,15 @@ desc 'The port that the PostgreSQL server should be listening on.' validate do |value| - if value - value =~ /[0-9]+/ - end + Integer(value) + end + munge do |value| + Integer(value) end end newparam(:connect_settings) do desc 'Hash of environment variables for connection to a db.' - end newparam(:sleep) do @@ -79,4 +79,10 @@ newparam(:run_as) do desc "System user that will run the psql command." end + + newparam(:command) do + desc "Command to run against target database." + + defaultto "SELECT 1" + end end diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index c6b5799e90..dccef3189b 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -10,18 +10,19 @@ def initialize(resource) def build_psql_cmd final_cmd = [] - cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet " + cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet --no-psqlrc" final_cmd.push cmd_init cmd_parts = { - :host => "-h #{@resource[:host]}", - :port => "-p #{@resource[:port]}", - :db_username => "-U #{@resource[:db_username]}", - :db_name => "--dbname #{@resource[:db_name]}" + :host => "--host=#{@resource[:host]}", + :port => "--port=#{@resource[:port]}", + :db_username => "--username=#{@resource[:db_username]}", + :db_name => "--dbname=#{@resource[:db_name]}", + :command => "--command='#{@resource[:command]}'" } - cmd_parts[:db_password] = "-w " if @resource[:db_password] + cmd_parts[:db_password] = "--no-password " if @resource[:db_password] cmd_parts.each do |k,v| final_cmd.push v if @resource[k] @@ -57,7 +58,7 @@ def execute_command end def build_validate_cmd - "/bin/echo 'SELECT 1' | #{parse_connect_settings.join(' ')} #{build_psql_cmd} " + "#{parse_connect_settings.join(' ')} #{build_psql_cmd} " end end end diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 37fea72984..10e5ecccdd 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -65,9 +65,6 @@ $env = $pass_env } - warning($validate_cmd) - warning($env) - $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" exec { $exec_name: diff --git a/ruby.rb b/ruby.rb deleted file mode 100644 index 5c7a5d1da8..0000000000 --- a/ruby.rb +++ /dev/null @@ -1,58 +0,0 @@ -Puppet::Type.type(:validate_db_connection).provide(:ruby) do - - commands :psql => 'psql' - - def psql_cmd - final_cmd = [] - - cmd_init = "#{resource[:psql_path]} --tuples-only --quiet " - - final_cmd.push cmd_init - - cmd_parts = { - :database_host => "-h #{resource[:database_host]}", - :database_port => "-p #{resource[:database_port]}", - :database_username => "-U #{resource[:database_username]}", - :database_password =>"PGPASSWORD=#{resource[:database_password]}" - } - - cmd_parts.each do |k,v| - final_cmd.push v if resource[k] - end - - final_cmd.join ' ' - end - - def get_validate_cmd psql_cmd - "/bin/echo 'SELECT 1' | #{psql_cmd}" - end - - def sleep_and_try cmd - sleep_length = resource[:sleep] - tries = resource[:tries] - - state = 1 - count = 1 - - (count..tries).each do |try| - Puppet.debug "Count #{count}" - - if try > 1 - Puppet.debug "Sleeping for #{sleep_length}" - sleep sleep_length - end - - begin - state = `#{cmd}` - rescue Puppet::Error => error - Puppet::Error.new("There was a problem running the psql command: #{error}") - end - - exit 0 if state == 0 - end - - raise Puppet::Error.new("Unable to connect to postgresql database #{resource[:database_name]}") - end - - sleep_and_try(get_validate_cmd psql_cmd) -end diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 99369707ae..6c3708eab8 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -11,7 +11,7 @@ { :psql_path => '/usr/bin/psql', :host => 'db.test.com', - :port => '4444', + :port => 4444, :db_username => 'testuser', :db_password => 'testpass' } @@ -19,7 +19,7 @@ describe '#build_psql_cmd' do it 'contains expected commandline options' do - expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*-h.*-p.*-U.*/ + expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*--host=.*--port=.*--username=.*/ end end diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 844eafe628..ef3a1edde5 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -9,7 +9,7 @@ end describe "when validating attributes" do - [:name, :db_name, :db_username, :host, :port, :connect_settings, :sleep, :tries, :psql_path].each do |param| + [:name, :db_name, :db_username, :command, :host, :port, :connect_settings, :sleep, :tries, :psql_path].each do |param| it "should have a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) end @@ -18,7 +18,7 @@ describe "when validating values" do describe "tries and sleep" do - [:tries, :sleep].each do |param| + [:tries, :sleep, :port].each do |param| it "#{param} should be able to cast value as integer" do expect { described_class.new(:name => 'test', param => '1') }.to_not raise_error expect { described_class.new(:name => 'test', param => 1) }.to_not raise_error From e81e6fc32ef67607048eea1099c41e7f4b764a16 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 9 Jun 2017 15:40:42 -0700 Subject: [PATCH 0229/1000] (MODULES-5050) pass auth_option in grant_role_spec What appeared to be a breakage because of puppet 4 types ended up being an issue where auth_option needs to be passed to pg_hba_rule on postgres 8.1. This fixes the problem and should kick the ci clog --- spec/acceptance/server/grant_role_spec.rb | 37 ++++++++++++++++++++--- 1 file changed, 33 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index e802a412c7..552c2f51b6 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -2,10 +2,15 @@ describe 'postgresql::server::grant_role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - db = 'grant_role_test' - user = 'psql_grant_role_tester' - group = 'test_group' - password = 'psql_grant_role_pw' + let(:db) { 'grant_role_test' } + let(:user) { 'psql_grant_role_tester' } + let(:group) { 'test_group' } + let(:password) { 'psql_grant_role_pw' } + let(:version) do + if fact('osfamily') == 'RedHat' and fact('operatingsystemrelease') =~ /5/ + '8.1' + end + end it 'should grant a role to a user' do begin @@ -14,6 +19,7 @@ $user = #{user} $group = #{group} $password = #{password} + $version = '#{version}' class { 'postgresql::server': } @@ -31,12 +37,19 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', + auth_option => $local_auth_option, order => 1, } @@ -72,6 +85,7 @@ class { 'postgresql::server': } $user = "#{user}" $group = "#{group}" $password = #{password} + $version = '#{version}' class { 'postgresql::server': } @@ -90,12 +104,19 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', + auth_option => $local_auth_option, order => 1, } @@ -132,6 +153,7 @@ class { 'postgresql::server': } $user = "#{user}" $group = "#{group}" $password = #{password} + $version = '#{version}' class { 'postgresql::server': } @@ -149,12 +171,19 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', + auth_option => $local_auth_option, order => 1, } From 627a46b8243aa02f7d031a845ffa5dd9cc24b23f Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Sat, 10 Jun 2017 15:27:59 -0700 Subject: [PATCH 0230/1000] (maint) fix for grant_schema_spec --- spec/acceptance/server/schema_spec.rb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 065ec63607..43b2c8ac3b 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -1,12 +1,20 @@ require 'spec_helper_acceptance' describe 'postgresql::server::schema:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + let(:version) do + if fact('osfamily') == 'RedHat' and fact('operatingsystemrelease') =~ /5/ + '8.1' + end + end + it 'should create a schema for a user' do begin pp = <<-EOS.unindent $db = 'schema_test' $user = 'psql_schema_tester' $password = 'psql_schema_pw' + $version = '#{version}' class { 'postgresql::server': } @@ -24,12 +32,19 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', + auth_option => $local_auth_option, order => 1, } From d59b0d74ef4b5a78c2db40a201c45c9c767aeb74 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 13:53:05 +0200 Subject: [PATCH 0231/1000] Fix extra indentation on config_entry --- manifests/server/config_entry.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index e10d7c40ea..abdf0ce249 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -24,10 +24,10 @@ } } else { Postgresql_conf { - before => [ - Class['postgresql::server::service'], - Class['postgresql::server::reload'], - ], + before => [ + Class['postgresql::server::service'], + Class['postgresql::server::reload'], + ], } } } From ee4a8631484cc687c6677cb3c80d8b061be99606 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 14:04:13 +0200 Subject: [PATCH 0232/1000] Format config entries requiring restart as an array This would let us use the list on multiple places. It was also continuous source of source code conflicts. --- manifests/server/config_entry.pp | 75 +++++++++++++++++++++++--------- 1 file changed, 55 insertions(+), 20 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index abdf0ce249..88a2511ef7 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -11,31 +11,66 @@ default => $path, } + $requires_restart = [ + 'data_directory', + 'timezone', + 'hba_file', + 'ident_file', + 'include', + 'listen_addresses', + 'port', + 'max_connections', + 'superuser_reserved_connections', + 'unix_socket_directory', + 'unix_socket_directories', + 'unix_socket_group', + 'unix_socket_permissions', + 'bonjour', + 'bonjour_name', + 'ssl', + 'ssl_ciphers', + 'shared_buffers', + 'max_prepared_transactions', + 'max_files_per_process', + 'shared_preload_libraries', + 'wal_level', + 'wal_buffers', + 'archive_mode', + 'max_wal_senders', + 'hot_standby', + 'logging_collector', + 'silent_mode', + 'track_activity_query_size', + 'autovacuum_max_workers', + 'autovacuum_freeze_max_age', + 'max_locks_per_transaction', + 'max_pred_locks_per_transaction', + 'restart_after_crash', + 'lc_messages', + 'lc_monetary', + 'lc_numeric', + 'lc_time', + ] + Exec { logoutput => 'on_failure', } - case $name { - /data_directory|timezone|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_director(y|ies)|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { - if $postgresql::server::service_restart_on_change { - Postgresql_conf { - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } else { - Postgresql_conf { - before => [ - Class['postgresql::server::service'], - Class['postgresql::server::reload'], - ], - } - } + if ! ($name in $requires_restart) { + Postgresql_conf { + notify => Class['postgresql::server::reload'], } - - default: { - Postgresql_conf { - notify => Class['postgresql::server::reload'], - } + } elsif $postgresql::server::service_restart_on_change { + Postgresql_conf { + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], + } + } else { + Postgresql_conf { + before => [ + Class['postgresql::server::service'], + Class['postgresql::server::reload'], + ], } } From bb0cbb0c3e21333bc84d414fcb708221feeb90da Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 14:15:01 +0200 Subject: [PATCH 0233/1000] Trim extra dependencies on config_entry postgresql::server::reload class requires postgresql::server::service. We don't need to repeat it in here. --- manifests/server/config_entry.pp | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 88a2511ef7..ef172be493 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -63,14 +63,10 @@ } elsif $postgresql::server::service_restart_on_change { Postgresql_conf { notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], } } else { Postgresql_conf { - before => [ - Class['postgresql::server::service'], - Class['postgresql::server::reload'], - ], + before => Class['postgresql::server::service'], } } From 6c9ccb0fc0eda0c7cb96845706a6e0fa03efc7a8 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 14:23:34 +0200 Subject: [PATCH 0234/1000] Fix config entries triggering unnecessary restart --- manifests/server/config_entry.pp | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index ef172be493..c140d5372e 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -11,12 +11,15 @@ default => $path, } + # Those are the variables that are marked as "(change requires restart)" + # on postgresql.conf. Items are ordered as on postgresql.conf. + # + # XXX: This resource supports setting other variables without knowing + # their names. Do not add them here. $requires_restart = [ 'data_directory', - 'timezone', 'hba_file', 'ident_file', - 'include', 'listen_addresses', 'port', 'max_connections', @@ -45,11 +48,6 @@ 'autovacuum_freeze_max_age', 'max_locks_per_transaction', 'max_pred_locks_per_transaction', - 'restart_after_crash', - 'lc_messages', - 'lc_monetary', - 'lc_numeric', - 'lc_time', ] Exec { From a7434c9b84d4548aa4fe1f5b5144fd333eb9ce7a Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sun, 14 May 2017 11:43:35 +0200 Subject: [PATCH 0235/1000] Add config entries requiring restart as of 9.6 --- manifests/server/config_entry.pp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index c140d5372e..0e5dcf6a6c 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -20,6 +20,7 @@ 'data_directory', 'hba_file', 'ident_file', + 'external_pid_file', 'listen_addresses', 'port', 'max_connections', @@ -32,20 +33,34 @@ 'bonjour_name', 'ssl', 'ssl_ciphers', + 'ssl_prefer_server_ciphers', # New on 9.4 + 'ssl_ecdh_curve', # New on 9.4 + 'ssl_cert_file', # New on 9.2 + 'ssl_key_file', # New on 9.2 + 'ssl_ca_file', # New on 9.2 + 'ssl_crl_file', # New on 9.2 'shared_buffers', + 'huge_pages', # New on 9.4 'max_prepared_transactions', 'max_files_per_process', 'shared_preload_libraries', + 'max_worker_processes', # New on 9.4 + 'old_snapshot_threshold', # New on 9.6 'wal_level', + 'wal_log_hints', # New on 9.4 'wal_buffers', 'archive_mode', 'max_wal_senders', + 'max_replication_slots', # New on 9.4 + 'track_commit_timestamp', # New on 9.5 'hot_standby', 'logging_collector', + 'cluster_name', # New on 9.5 'silent_mode', 'track_activity_query_size', 'autovacuum_max_workers', 'autovacuum_freeze_max_age', + 'autovacuum_multixact_freeze_max_age', # New on 9.5 'max_locks_per_transaction', 'max_pred_locks_per_transaction', ] From 0921a0d029d587d94fe3644347fd4c233b60a034 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 14:49:19 +0200 Subject: [PATCH 0236/1000] Prevent restart for config entries ssl_* They do no longer require restart on PostgreSQL 10. --- manifests/server/config_entry.pp | 101 ++++++++++++++++--------------- 1 file changed, 52 insertions(+), 49 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 0e5dcf6a6c..ca1a136935 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -16,60 +16,63 @@ # # XXX: This resource supports setting other variables without knowing # their names. Do not add them here. - $requires_restart = [ - 'data_directory', - 'hba_file', - 'ident_file', - 'external_pid_file', - 'listen_addresses', - 'port', - 'max_connections', - 'superuser_reserved_connections', - 'unix_socket_directory', - 'unix_socket_directories', - 'unix_socket_group', - 'unix_socket_permissions', - 'bonjour', - 'bonjour_name', - 'ssl', - 'ssl_ciphers', - 'ssl_prefer_server_ciphers', # New on 9.4 - 'ssl_ecdh_curve', # New on 9.4 - 'ssl_cert_file', # New on 9.2 - 'ssl_key_file', # New on 9.2 - 'ssl_ca_file', # New on 9.2 - 'ssl_crl_file', # New on 9.2 - 'shared_buffers', - 'huge_pages', # New on 9.4 - 'max_prepared_transactions', - 'max_files_per_process', - 'shared_preload_libraries', - 'max_worker_processes', # New on 9.4 - 'old_snapshot_threshold', # New on 9.6 - 'wal_level', - 'wal_log_hints', # New on 9.4 - 'wal_buffers', - 'archive_mode', - 'max_wal_senders', - 'max_replication_slots', # New on 9.4 - 'track_commit_timestamp', # New on 9.5 - 'hot_standby', - 'logging_collector', - 'cluster_name', # New on 9.5 - 'silent_mode', - 'track_activity_query_size', - 'autovacuum_max_workers', - 'autovacuum_freeze_max_age', - 'autovacuum_multixact_freeze_max_age', # New on 9.5 - 'max_locks_per_transaction', - 'max_pred_locks_per_transaction', - ] + $requires_restart_until = { + 'data_directory' => undef, + 'hba_file' => undef, + 'ident_file' => undef, + 'external_pid_file' => undef, + 'listen_addresses' => undef, + 'port' => undef, + 'max_connections' => undef, + 'superuser_reserved_connections' => undef, + 'unix_socket_directory' => undef, + 'unix_socket_directories' => undef, + 'unix_socket_group' => undef, + 'unix_socket_permissions' => undef, + 'bonjour' => undef, + 'bonjour_name' => undef, + 'ssl' => '10', + 'ssl_ciphers' => '10', + 'ssl_prefer_server_ciphers' => '10', # New on 9.4 + 'ssl_ecdh_curve' => '10', # New on 9.4 + 'ssl_cert_file' => '10', # New on 9.2 + 'ssl_key_file' => '10', # New on 9.2 + 'ssl_ca_file' => '10', # New on 9.2 + 'ssl_crl_file' => '10', # New on 9.2 + 'shared_buffers' => undef, + 'huge_pages' => undef, # New on 9.4 + 'max_prepared_transactions' => undef, + 'max_files_per_process' => undef, + 'shared_preload_libraries' => undef, + 'max_worker_processes' => undef, # New on 9.4 + 'old_snapshot_threshold' => undef, # New on 9.6 + 'wal_level' => undef, + 'wal_log_hints' => undef, # New on 9.4 + 'wal_buffers' => undef, + 'archive_mode' => undef, + 'max_wal_senders' => undef, + 'max_replication_slots' => undef, # New on 9.4 + 'track_commit_timestamp' => undef, # New on 9.5 + 'hot_standby' => undef, + 'logging_collector' => undef, + 'cluster_name' => undef, # New on 9.5 + 'silent_mode' => undef, + 'track_activity_query_size' => undef, + 'autovacuum_max_workers' => undef, + 'autovacuum_freeze_max_age' => undef, + 'autovacuum_multixact_freeze_max_age' => undef, # New on 9.5 + 'max_locks_per_transaction' => undef, + 'max_pred_locks_per_transaction' => undef, + } Exec { logoutput => 'on_failure', } - if ! ($name in $requires_restart) { + if ! ($name in $requires_restart_until and ( + ! $requires_restart_until[$name] or + versioncmp($postgresql::server::_version, $requires_restart_until[$name]) < 0 + )) { Postgresql_conf { notify => Class['postgresql::server::reload'], } From e0c2d67a90e385dd72fa394d792530361fc08673 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Sat, 13 May 2017 14:24:21 +0200 Subject: [PATCH 0237/1000] Prevent restart for removed config entries "silent_mode" has been removed by the upstream with commit f7ea6beaf4ca02b8e6dc576255e35a5b86035cb9. "unix_socket_directory" has been turned into "unix_socket_directories" with commit c9b0cbe98bd783e24a8c4d8d8ac472a494b81292. It wouldn't matter if we trigger restart for those configuration variables, as they are not valid so cannot be declared anymore, but why not do it as we have the infrastructure. PostgreSQL wouldn't start when they are on the configuration file. Preventing the restart can save people from having their database shut-down, because of not-anymore-valid entry. The change is also good for maintenance of the configuration variables. We wouldn't forget to remove them after the releases are not supported anymore. --- manifests/server/config_entry.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index ca1a136935..3e37f0066d 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -25,7 +25,7 @@ 'port' => undef, 'max_connections' => undef, 'superuser_reserved_connections' => undef, - 'unix_socket_directory' => undef, + 'unix_socket_directory' => '9.3', # Turned into "unix_socket_directories" 'unix_socket_directories' => undef, 'unix_socket_group' => undef, 'unix_socket_permissions' => undef, @@ -56,7 +56,7 @@ 'hot_standby' => undef, 'logging_collector' => undef, 'cluster_name' => undef, # New on 9.5 - 'silent_mode' => undef, + 'silent_mode' => '9.2', # Removed 'track_activity_query_size' => undef, 'autovacuum_max_workers' => undef, 'autovacuum_freeze_max_age' => undef, From d51730c69e9f76c37777f8baf4dbe90a442beed9 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Mon, 12 Jun 2017 14:51:15 -0700 Subject: [PATCH 0238/1000] (maint) fix for connection validator last fix for postgres 8 ever. postgres 8 does not support the CONNECT privilege or equals signs in the command. --no-password doesn't seem to be required. Also cleaned up conditional in the util script. --- lib/puppet/util/postgresql_validator.rb | 18 +++++++++--------- .../postgresql_conn_validator_spec.rb | 2 +- .../postgresql_conn_validator/ruby_spec.rb | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index dccef3189b..d737f12a89 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -15,15 +15,13 @@ def build_psql_cmd final_cmd.push cmd_init cmd_parts = { - :host => "--host=#{@resource[:host]}", - :port => "--port=#{@resource[:port]}", - :db_username => "--username=#{@resource[:db_username]}", - :db_name => "--dbname=#{@resource[:db_name]}", - :command => "--command='#{@resource[:command]}'" + :host => "--host #{@resource[:host]}", + :port => "--port #{@resource[:port]}", + :db_username => "--username #{@resource[:db_username]}", + :db_name => "--dbname #{@resource[:db_name]}", + :command => "--command '#{@resource[:command]}'" } - cmd_parts[:db_password] = "--no-password " if @resource[:db_password] - cmd_parts.each do |k,v| final_cmd.push v if @resource[k] end @@ -40,8 +38,10 @@ def parse_connect_settings def attempt_connection(sleep_length, tries) (0..tries-1).each do |try| Puppet.debug "PostgresqlValidator.attempt_connection: Attempting connection to #{@resource[:db_name]}" - if execute_command =~ /1/ - Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name]} successful!" + Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" + result = execute_command + if result && result.length > 0 + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match /PGDATABASE/ }} successful!" return true else Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index d21d431bf1..20d8422646 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -14,7 +14,7 @@ class { 'postgresql::server': require => Postgresql::Server::Role['testuser'] }-> postgresql::server::database_grant { 'allow connect for testuser': - privilege => 'CONNECT', + privilege => 'ALL', db => 'testdb', role => 'testuser', } diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 6c3708eab8..3d678ea03c 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -19,7 +19,7 @@ describe '#build_psql_cmd' do it 'contains expected commandline options' do - expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*--host=.*--port=.*--username=.*/ + expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*--host.*--port.*--username.*/ end end From 0325d377f26bbd1bdca92d984065195d651896bf Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 15 Jun 2017 15:11:25 -0700 Subject: [PATCH 0239/1000] (MODULES-5062) release prep 5.0.0 --- CHANGELOG.md | 22 ++++++++++++++++++++++ metadata.json | 2 +- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4946eff5e3..521ae97eac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,25 @@ +## Supported Release 5.0.0 +### Summary +This **major** release drops support for Puppet 3 and PostgreSQL 8.x, adds Puppet 4 data types, and deprecates the validate_db_connection type. + +#### Added +- `locales/` directory, .pot file, and i18n `config.yaml` +- `update_password` parameter to toggle password management per role +- **Puppet 4** type validation +- `postgresql_conn_validator` type + +#### Changed +- Updated default postgis versions in postgresql::globals +- Updated puppetlabs-concat and puppetlabs-apt dependencies +- default `log_line_prefix` has been removed +- `listen_addresses` now defaults to 'localhost' and can be set independently of a class declaration + +#### Fixed +- Fixed deprecated apt::source parameters +- Fix for default SUSE parameters +- Remove deprecated force parameter on concat resources +- Replace Puppet.version.to_f version comparison from spec_helper.rb ([MODULES-4528](https://tickets.puppetlabs.com/browse/MODULES-4528)) + ## Supported Release 4.9.0 ### Summary This release adds several types and, among other bugs, fixes an issue with the yum URL. diff --git a/metadata.json b/metadata.json index b062f61c92..e2f5cdc3b3 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "4.9.0", + "version": "5.0.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 1b13964929f7457e58a11cd7ed1eeafaba27266e Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 16 Jun 2017 10:01:33 -0700 Subject: [PATCH 0240/1000] (maint) changelog cleanup for 5.0.0 --- CHANGELOG.md | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 521ae97eac..fca86eca4a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,24 +1,26 @@ ## Supported Release 5.0.0 ### Summary -This **major** release drops support for Puppet 3 and PostgreSQL 8.x, adds Puppet 4 data types, and deprecates the validate_db_connection type. +This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. #### Added -- `locales/` directory, .pot file, and i18n `config.yaml` -- `update_password` parameter to toggle password management per role -- **Puppet 4** type validation -- `postgresql_conn_validator` type +- `locales/` directory, .pot file, and i18n `config.yaml`. ([FM-6116](https://tickets.puppet.com/browse/FM-6116)) +- `update_password` parameter to toggle password management per role. +- **Puppet 4** type validation. +- new `postgresql_conn_validator` custom type and deprecated `validate_db_connection`. ([MODULES-1394](https://tickets.puppet.com/browse/MODULES-1394)) #### Changed -- Updated default postgis versions in postgresql::globals -- Updated puppetlabs-concat and puppetlabs-apt dependencies -- default `log_line_prefix` has been removed -- `listen_addresses` now defaults to 'localhost' and can be set independently of a class declaration +- default postgis versions in postgresql::globals to use newer versions. +- puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) +- default value for `log_line_prefix` to `undef`. +- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. +- use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. +- lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) #### Fixed -- Fixed deprecated apt::source parameters -- Fix for default SUSE parameters -- Remove deprecated force parameter on concat resources -- Replace Puppet.version.to_f version comparison from spec_helper.rb ([MODULES-4528](https://tickets.puppetlabs.com/browse/MODULES-4528)) +- deprecated apt::source parameters. +- default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) +- use of force parameter on concat resources. +- Puppet.version.to_f version comparison from spec_helper.rb. ([MODULES-4528](https://tickets.puppetlabs.com/browse/MODULES-4528)) ## Supported Release 4.9.0 ### Summary From 2f6326b8db9f1c8b7c01fb2f47be7fca6f10d7af Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 16 Jun 2017 16:48:41 -0700 Subject: [PATCH 0241/1000] (maint) address more changelog cleanup --- CHANGELOG.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fca86eca4a..9e04aadf79 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,10 +17,9 @@ This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Pu - lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) #### Fixed -- deprecated apt::source parameters. +- deprecated apt::source parameters(`key`,`key_source`, & `include_src`). - default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) - use of force parameter on concat resources. -- Puppet.version.to_f version comparison from spec_helper.rb. ([MODULES-4528](https://tickets.puppetlabs.com/browse/MODULES-4528)) ## Supported Release 4.9.0 ### Summary From 5bfacb7bbb8c032bd494066247f653b17eebaa1f Mon Sep 17 00:00:00 2001 From: hex2a Date: Thu, 22 Jun 2017 13:08:41 +0200 Subject: [PATCH 0242/1000] use https for apt.postgresql.org repo --- manifests/repo/apt_postgresql_org.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 3e671f3eef..1bbf62048a 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -6,7 +6,7 @@ # # http://www.postgresql.org/download/linux/debian/ # - $default_baseurl = 'http://apt.postgresql.org/pub/repos/apt/' + $default_baseurl = 'https://apt.postgresql.org/pub/repos/apt/' $_baseurl = pick($postgresql::repo::baseurl, $default_baseurl) From 8df67a71b4b1be038446ea10616b669f41a0966b Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Mon, 26 Jun 2017 14:20:25 -0700 Subject: [PATCH 0243/1000] (MODULES-5144) Prep for puppet 5 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e2f5cdc3b3..726871a96d 100644 --- a/metadata.json +++ b/metadata.json @@ -67,7 +67,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 4.7.0 < 5.0.0" + "version_requirement": ">= 4.7.0 < 6.0.0" } ] } From 225cb49c820db03238f0e1550fc62cc551f99f73 Mon Sep 17 00:00:00 2001 From: Michael Moll Date: Wed, 28 Jun 2017 20:04:45 +0200 Subject: [PATCH 0244/1000] Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash --- .../parser/functions/postgresql_acls_to_resources_hash.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb index 7fa785486c..2508f85895 100644 --- a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb @@ -30,7 +30,7 @@ module Puppet::Parser::Functions offset = args[2].to_i raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ - unless offset.instance_of? Fixnum + unless offset.is_a? Integer resources = {} acls.each do |acl| From 9ccf2594db57edad4f842bcd94e13e37b29e6c72 Mon Sep 17 00:00:00 2001 From: MartyEwings Date: Mon, 3 Jul 2017 11:18:06 +0100 Subject: [PATCH 0245/1000] MODULES-2989 parameter ensure of custom resource postgresql_replication_slot is not documented (#884) added required string instead of must be present --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index de99b2ccc6..37c61d7ac0 100644 --- a/README.md +++ b/README.md @@ -1638,6 +1638,16 @@ Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. +##### `ensure` + +Required. + +Specifies the action to create or destroy named slot. + +Valid values: 'present', 'absent'. + +Default value: 'present'. + #### postgresql_conn_validator Validate the connection to a local or remote PostgreSQL database using this type. From b49143fcb7a9ebecd8574c821b463e82e5f5b29c Mon Sep 17 00:00:00 2001 From: George Hansper Date: Tue, 4 Jul 2017 14:32:01 +1000 Subject: [PATCH 0246/1000] add defined type postgresql::server::reassign_owned_by --- README.md | 54 +++++++ manifests/server/reassign_owned_by.pp | 61 ++++++++ .../server/reassign_owned_by_spec.rb | 135 ++++++++++++++++++ .../defines/server/reassign_owned_by_spec.rb | 44 ++++++ 4 files changed, 294 insertions(+) create mode 100644 manifests/server/reassign_owned_by.pp create mode 100644 spec/acceptance/server/reassign_owned_by_spec.rb create mode 100644 spec/unit/defines/server/reassign_owned_by_spec.rb diff --git a/README.md b/README.md index de99b2ccc6..d7df7f4a0e 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ * [Configure a server](#configure-a-server) * [Create a database](#create-a-database) * [Manage users, roles, and permissions](#manage-users-roles-and-permissions) + * [Manage ownership of DB objects](#manage-ownership-of-db-objects) * [Override defaults](#override-defaults) * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pg_hbaconf) * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pg_identconf) @@ -116,6 +117,24 @@ postgresql::server::table_grant { 'my_table of test2': This example grants **all** privileges on the test1 database and on the `my_table` table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use. +### Manage ownership of DB objects + +To change the ownership of all objects within a database using REASSIGN OWNED: + +```puppet +postgresql::server::reassign_owned_by { 'new owner is meerkat': + db => 'test_db', + old_owner => 'marmot', + new_owner => 'meerkat', +} +``` + +This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership of all tables, sequences, functions and views currently owned by the role 'marmot' to be owned by the role 'meerkat' instead. + +This applies to objects within the nominated database, 'test_db' only. + +For Postgresql >= 9.3, the ownership of the database is also updated. + ### Override defaults The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing. @@ -327,6 +346,7 @@ The postgresql module comes with many options for configuring the server. While * [postgresql::server::grant_role](#postgresqlservergrant_role) * [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) * [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) +* [postgresql::server::reassign_owned_by](#postgresqlserverreassign_owned_by) * [postgresql::server::recovery](#postgresqlserverrecovery) * [postgresql::server::role](#postgresqlserverrole) * [postgresql::server::schema](#postgresqlserverschema) @@ -1346,6 +1366,40 @@ Provides the target for the rule and is generally an internal only property. **Use with caution.** +#### postgresql::server::reassign_owned_by + +Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer the ownership of existing objects between database roles + +##### `db` + +Specifies the database to which the 'REASSIGN OWNED' will be applied + +##### `old_role` + +Specifies the role or user who is the current owner of the objects in the specified db + +##### `new_role` + +Specifies the role or user who will be the new owner of these objects + +##### `psql_user` + +Specifies the OS user for running `psql`. + +Default value: The default user for the module, usually 'postgres'. + +##### `port` + +Port to use when connecting. + +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. + +##### `connect_settings` + +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: Connects to the local Postgres instance. + #### postgresql::server::recovery Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp new file mode 100644 index 0000000000..812c7e228a --- /dev/null +++ b/manifests/server/reassign_owned_by.pp @@ -0,0 +1,61 @@ +# Define for reassigning the ownership of objects within a database. See README.md for more details. +# This enables us to force the a particular ownership for objects within a database +define postgresql::server::reassign_owned_by ( + String $old_role, + String $new_role, + String $db, + String $psql_user = $postgresql::server::user, + Integer $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, +) { + + $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" + + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path + + # + # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port + # + if $port != undef { + $port_override = $port + } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port_override = undef + } else { + $port_override = $postgresql::server::port + } + + $onlyif = "SELECT tablename FROM pg_catalog.pg_tables WHERE + schemaname NOT IN ('pg_catalog', 'information_schema') AND + tableowner = '${old_role}' + UNION ALL SELECT proname FROM pg_catalog.pg_proc WHERE + pg_get_userbyid(proowner) = '${old_role}' + UNION ALL SELECT viewname FROM pg_catalog.pg_views WHERE + pg_views.schemaname NOT IN ('pg_catalog', 'information_schema') AND + viewowner = '${old_role}' + UNION ALL SELECT relname FROM pg_catalog.pg_class WHERE + relkind='S' AND pg_get_userbyid(relowner) = '${old_role}'" + + postgresql_psql { "reassign_owned_by:${db}:${sql_command}": + command => $sql_command, + db => $db, + port => $port_override, + connect_settings => $connect_settings, + psql_user => $psql_user, + psql_group => $group, + psql_path => $psql_path, + onlyif => $onlyif, + require => Class['postgresql::server'] + } + + if($old_role != undef and defined(Postgresql::Server::Role[$old_role])) { + Postgresql::Server::Role[$old_role]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + } + if($new_role != undef and defined(Postgresql::Server::Role[$new_role])) { + Postgresql::Server::Role[$new_role]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + } + + if($db != undef and defined(Postgresql::Server::Database[$db])) { + Postgresql::Server::Database[$db]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + } +} diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb new file mode 100644 index 0000000000..b885b3837f --- /dev/null +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -0,0 +1,135 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server::reassign_owned_by:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + + let(:db) { 'reassign_test' } + let(:old_owner) { 'psql_reassign_old_owner' } + let(:new_owner) { 'psql_reassign_new_owner' } + let(:password) { 'psql_reassign_pw' } + let(:superuser) { 'postgres' } + + let(:pp_setup) { pp_setup = <<-EOS.unindent + $db = #{db} + $old_owner = #{old_owner} + $new_owner = #{new_owner} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $old_owner: + password_hash => postgresql_password($old_owner, $password), + } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $old_owner: + ensure => present, + } + + # Create a user to reassign ownership to + postgresql::server::role { $new_owner: + db => $db, + require => Postgresql::Server::Database[$db], + } + + # Make a local user for ident auth + user { $new_owner: + ensure => present, + } + + # Grant the new owner membership of the old owner (must have both for REASSIGN OWNED BY to work) + postgresql::server::grant_role { "grant_role to ${new_owner}": + role => $new_owner, + group => $old_owner, + } + + # Grant them connect to the database + postgresql::server::database_grant { "allow connect for ${old_owner}": + privilege => 'CONNECT', + db => $db, + role => $old_owner, + } + EOS + } + + let(:pp_db_old_owner) { <<-EOS.unindent + postgresql::server::database { $db: + owner => $old_owner, + require => Postgresql::Server::Role[$old_owner], + } + EOS + } + + let(:pp_db_no_owner) { <<-EOS.unindent + postgresql::server::database { $db: + } + EOS + } + + context 'reassign_owned_by' do + describe 'REASSIGN OWNED BY tests' do + let(:db) { 'reassign_test' } + let(:old_owner) { 'psql_reassign_old_owner' } + let(:new_owner) { 'psql_reassign_new_owner' } + + let(:pp_setup_objects) { <<-EOS.unindent + postgresql_psql { 'create test table': + command => 'CREATE TABLE test_tbl (col1 integer)', + db => '#{db}', + psql_user => '#{old_owner}', + unless => "SELECT tablename FROM pg_catalog.pg_tables WHERE tablename = 'test_tbl'", + require => Postgresql::Server::Database['#{db}'], + } + postgresql_psql { 'create test sequence': + command => 'CREATE SEQUENCE test_seq', + db => '#{db}', + psql_user => '#{old_owner}', + unless => "SELECT relname FROM pg_catalog.pg_class WHERE relkind='S' AND relname = 'test_seq'", + require => [ Postgresql_psql['create test table'], Postgresql::Server::Database['#{db}'] ], + } + EOS + } + let(:pp_reassign_owned_by) { <<-EOS.unindent + postgresql::server::reassign_owned_by { 'test reassign to new_owner': + db => '#{db}', + old_role => '#{old_owner}', + new_role => '#{new_owner}', + psql_user => '#{new_owner}', + } + EOS + } + + it 'should reassign all objects to new_owner' do + begin + apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + + apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_failures => true) + apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_changes => true) + + ## Check that the ownership was transferred + psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| + expect(r.stdout).to match(/test_tbl.#{new_owner}/) + expect(r.stderr).to eq('') + end + psql("-d #{db} --tuples-only --no-align --command=\"SELECT relname,pg_get_userbyid(relowner) FROM pg_catalog.pg_class c WHERE relkind='S'\"", superuser) do |r| + expect(r.stdout).to match(/test_seq.#{new_owner}/) + expect(r.stderr).to eq('') + end + if version >= '9.3' + psql("-d #{db} --tuples-only --no-align --command=\"SELECT pg_get_userbyid(datdba) FROM pg_database WHERE datname = current_database()\"", superuser) do |r| + expect(r.stdout).to match(/#{new_owner}/) + expect(r.stderr).to eq('') + end + end + end + end + end # it should reassign all objects + end + end + ##################### +end diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb new file mode 100644 index 0000000000..72f67c3b49 --- /dev/null +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper' + +describe 'postgresql::server::reassign_owned_by', :type => :define do + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6.0', + :kernel => 'Linux', + :concat_basedir => tmpfilename('reassign_owned_by'), + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :title do + 'test' + end + + let :params do + { + :db => 'test', + :old_role => 'test_old_role', + :new_role => 'test_new_role', + } + end + + let :pre_condition do + <<-EOS + class {'postgresql::server':} + postgresql::server::role{ ['test_old_role','test_new_role']: } + EOS + end + + it { is_expected.to contain_postgresql__server__reassign_owned_by('test') } + + it { + is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"').with({ + 'command' => "REASSIGN OWNED BY \"test_old_role\" TO \"test_new_role\"", + 'onlyif' => /SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*/m, + }).that_requires('Class[postgresql::server]') + } + +end From 7506f717d9ea7e66528f78933ebcfb4d83bd4176 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 6 Jul 2017 14:42:30 -0700 Subject: [PATCH 0247/1000] (MODULES-5187) mysnc puppet 5 and ruby 2.4 --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 4981b25921..0c6f904c32 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,10 +22,10 @@ matrix: script: bundle exec rake beaker services: docker sudo: required - - rvm: 2.3.1 + - rvm: 2.4.0 bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" - - rvm: 2.1.7 + env: PUPPET_GEM_VERSION="~> 5.0" + - rvm: 2.1.9 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 4.0" notifications: From 50d510c6e2f4a1b5a1482d076f2490efc17b8958 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Fri, 7 Jul 2017 13:01:27 +1000 Subject: [PATCH 0248/1000] add parameter "version" to postgresql::server::extension to update the extension version --- README.md | 15 +++++++++ manifests/server/extension.pp | 37 ++++++++++++++++++---- spec/unit/defines/server/extension_spec.rb | 30 ++++++++++++++++++ 3 files changed, 76 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index bac8a922a2..6d738dd11f 100644 --- a/README.md +++ b/README.md @@ -1177,6 +1177,21 @@ Valid options: 'present' or 'absent'. Specifies the extension to activate. If left blank, uses the name of the resource. +#### `version` + +Specifies the version of the extension which the database uses. +When an extension package is updated, this does not automatically change the effective version in each database. + +This needs be updated using the PostgreSQL-specific SQL `ALTER EXTENSION...` + +`version` may be set to `latest`, in which case the SQL `ALTER EXTENSION "extension" UPDATE` is applied to this database (only). + +`version` may be set to a specific version, in which case the extension is updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` + +eg. If extension is set to `postgis` and version is set to `2.3.3`, this will apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database only. + +`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, and the version will be left unchanged. + ##### `package_name` Specifies a package to install prior to activating the extension. diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 6d2878377f..438459f789 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -1,11 +1,12 @@ # Activate an extension on a postgresql database define postgresql::server::extension ( $database, - $extension = $name, - String[1] $ensure = 'present', - $package_name = undef, - $package_ensure = undef, - $connect_settings = $postgresql::server::default_connect_settings, + $extension = $name, + Optional[String[1]] $version = undef, + String[1] $ensure = 'present', + $package_name = undef, + $package_ensure = undef, + $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -42,7 +43,10 @@ db => $database, command => $command, unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${extension}') as t WHERE t.count ${unless_comp} 1", - require => Postgresql::Server::Database[$database], + } + + if($database != undef and defined(Postgresql::Server::Database[$database])) { + Postgresql::Server::Database[$database]->Postgresql_psql["Add ${extension} extension to ${database}"] } if $package_name { @@ -58,4 +62,25 @@ before => $package_before, }) } + if $version { + if $version == 'latest' { + $alter_extension_sql = "ALTER EXTENSION \"${extension}\" UPDATE" + $update_unless = "SELECT 1 FROM pg_available_extensions WHERE name = '${extension}' AND default_version = installed_version" + } else { + $alter_extension_sql = "ALTER EXTENSION \"${extension}\" UPDATE TO '${version}'" + $update_unless = "SELECT 1 FROM pg_extension WHERE extname='${extension}' AND extversion='${version}'" + } + postgresql_psql { "${database}: ${alter_extension_sql}": + db => $database, + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + connect_settings => $connect_settings, + command => $alter_extension_sql, + unless => $update_unless, + } + if($database != undef and defined(Postgresql::Server::Database[$database])) { + Postgresql::Server::Database[$database]->Postgresql_psql["${database}: ${alter_extension_sql}"] + } + } } diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 54386a165f..6ce5de665a 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -90,6 +90,36 @@ } end end + + context "when extension version is specified" do + let (:params) { super().merge({ + :ensure => 'absent', + :package_name => 'postgis', + :version => '99.99.99', + }) } + + it { + is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE TO \'99.99.99\'').with({ + :db => 'template_postgis', + :unless => "SELECT 1 FROM pg_extension WHERE extname='postgis' AND extversion='99.99.99'", + }).that_requires('Postgresql::Server::Database[template_postgis]') + } + end + + context "when extension version is latest" do + let (:params) { super().merge({ + :ensure => 'absent', + :package_name => 'postgis', + :version => 'latest', + }) } + + it { + is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE').with({ + :db => 'template_postgis', + :unless => "SELECT 1 FROM pg_available_extensions WHERE name = 'postgis' AND default_version = installed_version", + }).that_requires('Postgresql::Server::Database[template_postgis]') + } + end end describe 'postgresql::server::extension', :type => :define do From 37273e229cb705528490cc6b794cd82b49578016 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Fri, 7 Jul 2017 15:33:30 +1000 Subject: [PATCH 0249/1000] add ensure=>absent to postgresql::server::role --- README.md | 11 ++- manifests/server/role.pp | 123 ++++++++++++++------------ spec/unit/defines/server/role_spec.rb | 16 ++++ 3 files changed, 92 insertions(+), 58 deletions(-) diff --git a/README.md b/README.md index bac8a922a2..36ecadd8cf 100644 --- a/README.md +++ b/README.md @@ -1444,7 +1444,16 @@ Provides the target for the rule, and is generally an internal only property. **Use with caution.** #### postgresql::server::role -Creates a role or user in PostgreSQL. +Creates or drops a role or user in PostgreSQL. + +##### `ensure` + +Specify whether to create or drop the role. + +Specifying `present` will create the role. +Specifying `absent` will drop the role. + +Default value: `present`. ##### `connection_limit` Specifies how many concurrent connections the role can make. diff --git a/manifests/server/role.pp b/manifests/server/role.pp index a0bc7ef461..daef4829d5 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -13,6 +13,7 @@ $connection_limit = '-1', $username = $title, $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', ) { $psql_user = $postgresql::server::user $psql_group = $postgresql::server::group @@ -38,20 +39,6 @@ $version = $postgresql::server::_version } - $login_sql = $login ? { true => 'LOGIN', default => 'NOLOGIN' } - $inherit_sql = $inherit ? { true => 'INHERIT', default => 'NOINHERIT' } - $createrole_sql = $createrole ? { true => 'CREATEROLE', default => 'NOCREATEROLE' } - $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } - $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } - $replication_sql = $replication ? { true => 'REPLICATION', default => '' } - if ($password_hash != false) { - $environment = "NEWPGPASSWD=${password_hash}" - $password_sql = "ENCRYPTED PASSWORD '\$NEWPGPASSWD'" - } else { - $password_sql = '' - $environment = [] - } - Postgresql_psql { db => $db, port => $port_override, @@ -66,60 +53,82 @@ ], } - postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": - command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", - environment => $environment, - require => Class['Postgresql::Server'], - } + if $ensure == 'present' { + $login_sql = $login ? { true => 'LOGIN', default => 'NOLOGIN' } + $inherit_sql = $inherit ? { true => 'INHERIT', default => 'NOINHERIT' } + $createrole_sql = $createrole ? { true => 'CREATEROLE', default => 'NOCREATEROLE' } + $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } + $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } + $replication_sql = $replication ? { true => 'REPLICATION', default => '' } + if ($password_hash != false) { + $environment = "NEWPGPASSWD=${password_hash}" + $password_sql = "ENCRYPTED PASSWORD '\$NEWPGPASSWD'" + } else { + $password_sql = '' + $environment = [] + } - postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}", - } + postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": + command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", + environment => $environment, + require => Class['Postgresql::Server'], + } - postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}", - } + postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}", + } - postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}", - } + postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}", + } - postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}", - } + postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}", + } - postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}", - } + postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}", + } - if(versioncmp($version, '9.1') >= 0) { - if $replication_sql == '' { - postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", - } - } else { - postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", + postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}", + } + + if(versioncmp($version, '9.1') >= 0) { + if $replication_sql == '' { + postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", + } + } else { + postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", + } } } - } - postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", - } + postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", + } - if $password_hash and $update_password { - if($password_hash =~ /^md5.+/) { - $pwd_hash_sql = $password_hash - } else { - $pwd_md5 = md5("${password_hash}${username}") - $pwd_hash_sql = "md5${pwd_md5}" + if $password_hash and $update_password { + if($password_hash =~ /^md5.+/) { + $pwd_hash_sql = $password_hash + } else { + $pwd_md5 = md5("${password_hash}${username}") + $pwd_hash_sql = "md5${pwd_md5}" + } + postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": + command => "ALTER ROLE \"${username}\" ${password_sql}", + unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'", + environment => $environment, + } } - postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": - command => "ALTER ROLE \"${username}\" ${password_sql}", - unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'", - environment => $environment, + } else { + # ensure == absent + postgresql_psql { "DROP ROLE \"${username}\"": + onlyif => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", + require => Class['Postgresql::Server'], } } } diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 1b061d0733..6da904d7b8 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -149,4 +149,20 @@ end end + context 'with ensure set to absent' do + let :params do + { + :ensure => 'absent', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it 'should have drop role for "test" user if ensure absent' do + is_expected.to contain_postgresql_psql('DROP ROLE "test"') + end + end + end From 2fe74c1adacf14fc54ada8fa3da5c99b8facf571 Mon Sep 17 00:00:00 2001 From: tphoney Date: Mon, 10 Jul 2017 14:41:08 +0100 Subject: [PATCH 0250/1000] (FM-6240) only run test on postgresql >= 9.0 --- spec/acceptance/server/reassign_owned_by_spec.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index b885b3837f..fc6c9cdfa3 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -100,14 +100,13 @@ class { 'postgresql::server': } it 'should reassign all objects to new_owner' do begin - apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, :catch_failures => true) - #postgres version result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] - if version >= '9.0' + apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, :catch_failures => true) + apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_failures => true) apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_changes => true) From 442853d1beb63dc384391e12347d75dc52542e3d Mon Sep 17 00:00:00 2001 From: Brett Maton Date: Tue, 11 Jul 2017 09:29:41 +0100 Subject: [PATCH 0251/1000] Allow order parameter to be string value (#893) * Allow order parameter to be string value concat::fragment accepts either a string or integer as order parameter value. Numeric ordering doesn't work once converted to string filenames: 20 sequential fragments for example | Numeric (no padding) | String (0 Zero Padded) | |----------------------|------------------------| | 10_fragment | 001_fragment | | 11_fragment | 002_fragment | | ... | | | 19_fragment | 010_fragment | | 1_fragment | 011_fragment | | 20_fragment | 012_fragment | | 2_fragment | 013_fragment | | 3_fragment | 014_fragment | Order has gone to pot... * Allow order parameter to be string value concat::fragment accepts either a string or integer as order parameter value. Numeric ordering doesn't work once converted to string filenames: 20 sequential fragments for example | Numeric (no padding) | String (0 Zero Padded) | |----------------------|------------------------| | 10_fragment | 001_fragment | | 11_fragment | 002_fragment | | ... | | | 19_fragment | 010_fragment | | 1_fragment | 011_fragment | | 20_fragment | 012_fragment | | 2_fragment | 013_fragment | | 3_fragment | 014_fragment | Order has gone to pot... @derbious adding rspec tests to check manage_pg_hba_conf w/ acls removing unneeded test --- manifests/server/pg_hba_rule.pp | 8 +++--- spec/unit/classes/server/config_spec.rb | 35 +++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 4 deletions(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 97a7aaae72..3abd6c845a 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -5,10 +5,10 @@ String $database, String $user, String $auth_method, - Optional[String] $address = undef, - String $description = 'none', - Optional[String] $auth_option = undef, - Integer $order = 150, + Optional[String] $address = undef, + String $description = 'none', + Optional[String] $auth_option = undef, + Variant[String, Integer] $order = 150, # Needed for testing primarily, support for multiple files is not really # working. diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 16e1aef064..fbf5529e82 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -133,4 +133,39 @@ class { 'postgresql::server': } .with_content(/.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service/) end end + + describe 'with managed pg_hba_conf and ipv4acls' do + let (:pre_condition) do + <<-EOS + class { 'postgresql::globals': + version => '9.5', + }-> + class { 'postgresql::server': + manage_pg_hba_conf => true, + ipv4acls => [ + 'hostnossl all all 0.0.0.0/0 reject', + 'hostssl all all 0.0.0.0/0 md5' + ] + } + EOS + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7.0', + :concat_basedir => tmpfilename('server'), + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, + } + end + it 'should have hba rule default' do + is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') + end + it 'should have hba rule ipv4acls' do + is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') + end + end end From b20e4230b1a7d0ffca5e937e9e287b923fd73b6d Mon Sep 17 00:00:00 2001 From: Brett Maton Date: Wed, 12 Jul 2017 08:42:17 +0100 Subject: [PATCH 0252/1000] Deprecated tests Update spec tests to remove deprecation warnings --- spec/unit/provider/postgresql_conf/parsed_spec.rb | 2 +- spec/unit/type/postgresql_conf_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index 5055043781..24e31c180f 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -9,7 +9,7 @@ conf_class = Puppet::Type.type(:postgresql_conf) provider = conf_class.provider(:parsed) conffile = tmpfilename('postgresql.conf') - provider.any_instance.stub(:target).and_return conffile + allow_any_instance_of(provider).to receive(:target).and_return conffile provider } diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 4214facc38..a406b0c384 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -4,8 +4,8 @@ describe Puppet::Type.type(:postgresql_conf) do before do @provider_class = described_class.provide(:simple) { mk_resource_methods } - @provider_class.stub(:suitable?).and_return true - described_class.stub(:defaultprovider).and_return @provider_class + allow(@provider_class).to receive(:suitable?).and_return true + allow(described_class).to receive(:defaultprovider).and_return @provider_class end describe "namevar validation" do From 9fd5edfd28cae79e76f89e1db72a9f8646cd13dd Mon Sep 17 00:00:00 2001 From: Brett Maton Date: Wed, 12 Jul 2017 09:24:21 +0100 Subject: [PATCH 0253/1000] Default contcat order Remove numeric order override from concat --- manifests/server/config.pp | 3 --- 1 file changed, 3 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 616fc341de..a2f2434485 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -30,7 +30,6 @@ group => $group, mode => '0640', warn => true, - order => 'numeric', notify => Class['postgresql::server::reload'], } @@ -158,7 +157,6 @@ group => $group, mode => '0640', warn => true, - order => 'numeric', notify => Class['postgresql::server::reload'], } } @@ -169,7 +167,6 @@ group => $group, mode => '0640', warn => true, - order => 'numeric', notify => Class['postgresql::server::reload'], } } From 0b676ef3117d47914b82faa502dab1cf134dfe4e Mon Sep 17 00:00:00 2001 From: Brett Maton Date: Wed, 12 Jul 2017 12:46:40 +0100 Subject: [PATCH 0254/1000] Replace deprecated function calls Replace validate_re calls with puppet datatype `Pattern` Replace is_array with puppet datatype `Array` --- Bug fix object_parameter Replace String with vairant to accept undef, string or two element array. Array required to enable specific schema name to be applied to object. See manifests/server/grant.pp circa line 300 --- README.md | 5 +- manifests/server/grant.pp | 137 +++++++++++++++++-------- spec/unit/defines/server/grant_spec.rb | 106 ++++++++++++++++++- 3 files changed, 203 insertions(+), 45 deletions(-) diff --git a/README.md b/README.md index bac8a922a2..7406be9ca4 100644 --- a/README.md +++ b/README.md @@ -1203,7 +1203,10 @@ Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TAB ##### `object_name` -Specifies name of `object_type` to which to grant access. +Specifies name of `object_type` to which to grant access, can be either a string or a two element array. + +String: 'object_name' +Array: ['schema_name', 'object_name'] ##### `port` diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index f030019b79..ecc7a76f7e 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -3,8 +3,25 @@ String $role, String $db, Optional[String] $privilege = undef, - String $object_type = 'database', - Optional[String[1]] $object_name = undef, + Pattern[#/(?i:^COLUMN$)/, + /(?i:^ALL SEQUENCES IN SCHEMA$)/, + /(?i:^ALL TABLES IN SCHEMA$)/, + /(?i:^DATABASE$)/, + #/(?i:^FOREIGN DATA WRAPPER$)/, + #/(?i:^FOREIGN SERVER$)/, + #/(?i:^FUNCTION$)/, + /(?i:^LANGUAGE$)/, + #/(?i:^PROCEDURAL LANGUAGE$)/, + /(?i:^TABLE$)/, + #/(?i:^TABLESPACE$)/, + /(?i:^SCHEMA$)/, + /(?i:^SEQUENCE$)/ + #/(?i:^VIEW$)/ + ] $object_type = 'database', + Optional[Variant[ + Array[String,2,2], + String[1]] + ] $object_name = undef, String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, Integer $port = $postgresql::server::port, @@ -36,24 +53,6 @@ $_object_type = upcase($object_type) $_privilege = upcase($privilege) - ## Validate that the object type is known - validate_re($_object_type,[ - #'^COLUMN$', - '^DATABASE$', - #'^FOREIGN SERVER$', - #'^FOREIGN DATA WRAPPER$', - #'^FUNCTION$', - #'^PROCEDURAL LANGUAGE$', - '^SCHEMA$', - '^SEQUENCE$', - '^ALL SEQUENCES IN SCHEMA$', - '^TABLE$', - '^ALL TABLES IN SCHEMA$', - '^LANGUAGE$', - #'^TABLESPACE$', - #'^VIEW$', - ] - ) # You can use ALL TABLES IN SCHEMA by passing schema_name to object_name # You can use ALL SEQUENCES IN SCHEMA by passing schema_name to object_name @@ -71,10 +70,15 @@ $unless_privilege = $_privilege ? { 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', - default => $_privilege, + Pattern[ + '^$', + '^CONNECT$', + '^CREATE$', + '^TEMP$', + '^TEMPORARY$' + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), } - validate_re($unless_privilege, [ '^$', '^CREATE$','^CONNECT$','^TEMPORARY$','^TEMP$', - '^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_database_privilege' $on_db = $psql_db $onlyif_function = undef @@ -83,9 +87,13 @@ $unless_privilege = $_privilege ? { 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', - default => $_privilege, + Pattern[ + '^$', + '^CREATE$', + '^USAGE$' + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), } - validate_re($_privilege, [ '^$', '^CREATE$', '^USAGE$', '^ALL$', '^ALL PRIVILEGES$' ]) $unless_function = 'has_schema_privilege' $on_db = $db $onlyif_function = undef @@ -93,15 +101,31 @@ 'SEQUENCE': { $unless_privilege = $_privilege ? { 'ALL' => 'USAGE', - default => $_privilege, + Pattern[ + '^$', + '^ALL PRIVILEGES$', + '^SELECT$', + '^UPDATE$', + '^USAGE$' + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), } - validate_re($unless_privilege, [ '^$', '^USAGE$', '^SELECT$', '^UPDATE$', '^ALL$', '^ALL PRIVILEGES$' ]) $unless_function = 'has_sequence_privilege' $on_db = $db $onlyif_function = undef } 'ALL SEQUENCES IN SCHEMA': { - validate_re($_privilege, [ '^$', '^USAGE$', '^SELECT$', '^UPDATE$', '^ALL$', '^ALL PRIVILEGES$' ]) + case $_privilege { + Pattern[ + '^$', + '^ALL$', + '^ALL PRIVILEGES$', + '^SELECT$', + '^UPDATE$', + '^USAGE$' + ]: { } + default: { fail('Illegal value for $privilege parameter') } + } $unless_function = 'custom' $on_db = $db $onlyif_function = undef @@ -166,10 +190,19 @@ 'TABLE': { $unless_privilege = $_privilege ? { 'ALL' => 'INSERT', - default => $_privilege, + Pattern[ + '^$', + '^ALL$', + '^ALL PRIVILEGES$', + '^DELETE$', + '^REFERENCES$', + '^SELECT$', + '^TRIGGER$', + '^TRUNCATE$', + '^UPDATE$' + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), } - validate_re($unless_privilege,[ '^$', '^SELECT$','^INSERT$','^UPDATE$','^DELETE$', - '^TRUNCATE$','^REFERENCES$','^TRIGGER$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_table_privilege' $on_db = $db $onlyif_function = $onlyif_exists ? { @@ -178,8 +211,21 @@ } } 'ALL TABLES IN SCHEMA': { - validate_re($_privilege, [ '^$', '^SELECT$','^INSERT$','^UPDATE$','^DELETE$', - '^TRUNCATE$','^REFERENCES$','^TRIGGER$','^ALL$','^ALL PRIVILEGES$' ]) + case $_privilege { + Pattern[ + '^$', + '^ALL$', + '^ALL PRIVILEGES$', + '^DELETE$', + '^INSERT$', + '^REFERENCES$', + '^SELECT$', + '^TRIGGER$', + '^TRUNCATE$', + '^UPDATE$' + ]: { } + default: { fail('Illegal value for $privilege parameter') } + } $unless_function = 'custom' $on_db = $db $onlyif_function = undef @@ -223,9 +269,13 @@ $unless_privilege = $_privilege ? { 'ALL' => 'USAGE', 'ALL PRIVILEGES' => 'USAGE', - default => $_privilege, + Pattern[ + '^$', + '^CREATE$', + '^USAGE$' + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), } - validate_re($unless_privilege, [ '^$','^CREATE$','^USAGE$','^ALL$','^ALL PRIVILEGES$' ]) $unless_function = 'has_language_privilege' $on_db = $db $onlyif_function = $onlyif_exists ? { @@ -247,13 +297,16 @@ # object_type => 'TABLE', # object_name => [$schema, $table], # } - if is_array($_object_name) { - $_togrant_object = join($_object_name, '"."') - # Never put double quotes into has_*_privilege function - $_granted_object = join($_object_name, '.') - } else { - $_granted_object = $_object_name - $_togrant_object = $_object_name + case $_object_name { + Array: { + $_togrant_object = join($_object_name, '"."') + # Never put double quotes into has_*_privilege function + $_granted_object = join($_object_name, '.') + } + default: { + $_granted_object = $_object_name + $_togrant_object = $_object_name + } } $_unless = $unless_function ? { diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 79d569d849..e3dbfabe70 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -55,6 +55,29 @@ ) } end + context 'SeQuEnCe case insensitive object_type match' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'usage', + :object_type => 'SeQuEnCe', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql_psql('grant:test').with( + { + 'command' => /GRANT USAGE ON SEQUENCE "test" TO\s* "test"/m, + 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)/m, + } + ) } + end + context 'all sequences' do let :params do { @@ -136,7 +159,31 @@ it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( '5678' ) } end - context 'invalid objectype' do + context 'with specific schema name' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'all', + :object_name => ['myschema', 'mytable'], + :object_type => 'table', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql_psql('grant:test').with( + { + 'command' => /GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"/m, + 'unless' => /SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)/m, + } + ) } + end + + context 'invalid object_type' do let :params do { :db => 'test', @@ -150,6 +197,61 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/"INVALID" does not match/) } + it { is_expected.to compile.and_raise_error(/parameter 'object_type' expects a match for Pattern/) } + end + + context 'invalid object_name - wrong type' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'all', + :object_name => 1, + :object_type => 'table', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type Undef, Array, or String, got Integer/) } end + + context 'invalid object_name - insufficent array elements' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'all', + :object_name => ['oops'], + :object_type => 'table', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 1/) } + end + + context 'invalid object_name - too many array elements' do + let :params do + { + :db => 'test', + :role => 'test', + :privilege => 'all', + :object_name => ['myschema', 'mytable', 'oops'], + :object_type => 'table', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 3/) } + end + end From 538e2e071a3952c71e2406655fc82f0fac51166b Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Fri, 14 Jul 2017 11:30:20 -0700 Subject: [PATCH 0255/1000] Updating translations for locales/ja/puppetlabs-postgresql.po --- locales/ja/puppetlabs-postgresql.po | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 locales/ja/puppetlabs-postgresql.po diff --git a/locales/ja/puppetlabs-postgresql.po b/locales/ja/puppetlabs-postgresql.po new file mode 100644 index 0000000000..bb4d7317fe --- /dev/null +++ b/locales/ja/puppetlabs-postgresql.po @@ -0,0 +1,21 @@ +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2017-03-21 14:19+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: Eriko Kashiwagi , 2017\n" +"Language-Team: Japanese (Japan) (https://www.transifex.com/puppet/teams/29089/ja_JP/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: ja_JP\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: Translate Toolkit 2.0.0\n" + +#. metadata.json +#: .summary +msgid "Offers support for basic management of PostgreSQL databases." +msgstr "PostgreSQLデータベースの基本的な管理を支援します。" From 1054424b3506d1a0177180573c25500813d0a140 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Fri, 14 Jul 2017 13:25:05 -0700 Subject: [PATCH 0256/1000] Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 1795 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 1795 insertions(+) create mode 100644 readmes/README_ja_JP.md diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md new file mode 100644 index 0000000000..dacdeeee84 --- /dev/null +++ b/readmes/README_ja_JP.md @@ -0,0 +1,1795 @@ +# postgresql + +#### 目次 + +1. [モジュールの概要 - モジュールの機能](#module-description) +2. [セットアップ - postgresqlモジュール導入の基本](#setup) + * [postgresqlの影響](#what-postgresql-affects) + * [postgresqlの導入](#getting-started-with-postgresql) +3. [使用方法 - 設定オプションと追加機能](#usage) + * [サーバーの設定](#configure-a-server) + * [データベースの作成](#create-a-database) + * [ユーザ、ロール、パーミッションの管理](#manage-users-roles-and-permissions) + * [デフォルトのオーバーライド](#override-defaults) + * [pg_hba.confのアクセスルールの作成](#create-an-access-rule-for-pg_hbaconf) + * [pg_ident.confのユーザ名マップの作成](#create-user-name-maps-for-pg_identconf) + * [接続の検証](#validate-connectivity) +4. [参考 - モジュールの機能と動作について](#reference) + * [クラス](#classes) + * [定義できるタイプ](#defined-types) + * [タイプ](#types) + * [関数](#functions) +5. [制約事項 - OSの互換性など](#limitations) +6. [開発 - モジュール貢献についてのガイド](#development) + * [コントリビュータ - モジュール貢献者の一覧](#contributors) +7. [テスト](#tests) +8. [コントリビュータ - モジュール貢献者のリスト](#contributors) + +## モジュールの概要 + +postgresqlモジュールを使用すると、PuppetでPostgreSQLを管理できます。 + +PostgreSQLは、高性能な無償のオープンソースリレーショナルデータベースサーバーです。postgresqlモジュールを使用すると、PostgreSQLのパッケージ、サービス、データベース、ユーザ、一般的なセキュリティ設定を管理できるようになります。 + +## セットアップ + +### postgresqlの影響 + +* PostgreSQLのパッケージ、サービス、設定ファイル +* リッスンするポート +* IPおよびマスク(オプション) + +### postgresqlの導入 + +基本的なデフォルトのPostgreSQLサーバーを設定するには、`postgresql::server`クラスを宣言します。 + +```puppet +class { 'postgresql::server': +} +``` + +## 使用方法 + +### サーバーの設定 + +デフォルト設定を使用する場合は、上記のように`postgresql::server`クラスを宣言します。PostgreSQLサーバーの設定をカスタマイズするには、次のように、変更する[パラメータ](#postgresqlserver)を指定します。 + +```puppet +class { 'postgresql::server': + ip_mask_deny_postgres_user => '0.0.0.0/32', + ip_mask_allow_all_users => '0.0.0.0/0', + ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], + postgres_password => 'TPSrep0rt!', +} +``` + +設定後、コマンドラインで設定をテストします。 + +```shell +psql -h localhost -U postgres +psql -h my.postgres.server -U +``` + +上記のコマンドでエラーメッセージが返ってくる場合は、パーミッションの設定によって現在の接続元からのアクセスが制限されています。その場所からの接続を許可するかどうかに応じて、パーミッション設定の変更が必要な場合があります。 + +サーバー設定パラメータの詳細については、[PostgreSQLランタイム設定マニュアル](http://www.postgresql.org/docs/current/static/runtime-config.html)を参照してください。 + +### データベースの作成 + +さまざまなPostgreSQLデータベースを定義タイプ`postgresql::server::db`を使用してセットアップできます。例えば、PuppetDBのデータベースをセットアップするには、次のように記述します。 + +```puppet +class { 'postgresql::server': +} + +postgresql::server::db { 'mydatabasename': + user => 'mydatabaseuser', + password => postgresql_password('mydatabaseuser', 'mypassword'), +} +``` + +### ユーザ、ロール、パーミッションの管理 + +ユーザ、ロール、パーミッションを管理するには、次のようにします。 + +```puppet +class { 'postgresql::server': +} + +postgresql::server::role { 'marmot': + password_hash => postgresql_password('marmot', 'mypasswd'), +} + +postgresql::server::database_grant { 'test1': + privilege => 'ALL', + db => 'test1', + role => 'marmot', +} + +postgresql::server::table_grant { 'my_table of test2': + privilege => 'ALL', + table => 'my_table', + db => 'test2', + role => 'marmot', +} +``` + +この例では、test1データベース上とtest2データベースの`my_table`テーブル上の**すべての**権限を、指定したユーザまたはグループに付与します。値がPuppetDB設定ファイルに追加されると、このデータベースは使用可能になります。 + +### デフォルトのオーバーライド + +`postgresql::globals`クラスを使用すると、このモジュールの主な設定をグローバルに構成できます。この設定は、他のクラスや定義済みリソースから使用できます。単独では機能しません。 + +例えば、すべてのクラスのデフォルトの`locale`と`encoding`をオーバーライドするには、次のように記述します。 + +```puppet +class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', +} + +class { 'postgresql::server': +} +``` + +特定のバージョンのPostgreSQLパッケージを使用するには、次のように記述します。 + +```puppet +class { 'postgresql::globals': + manage_package_repo => true, + version => '9.2', +} + +class { 'postgresql::server': +} +``` + +### リモートのユーザ、ロール、パーミッションの管理 + +リモートのSQLオブジェクトは、ローカルのSQLオブジェクトと同じPuppetリソースと、[`connect_settings`](#connect_settings)ハッシュを使用して管理します。これは、PuppetがリモートのPostgresインスタンスに接続する方法と、SQLコマンドの生成に使用されるバージョンを制御します。 + +`connect_settings`ハッシュには、'PGHOST'、'PGPORT'、'PGPASSWORD'、'PGSSLKEY'など、Postgresクライアント接続を制御する環境変数を含めることができます。変数の全リストについては、[PostgreSQL環境変数](http://www.postgresql.org/docs/9.4/static/libpq-envars.html)マニュアルを参照してください。 + +さらに、特殊値の'DBVERSION'により、ターゲットデータベースのバージョンを指定できます。`connect_settings`ハッシュが省略されているか空の場合、PuppetはローカルのPostgreSQLインスタンスに接続します。 + +Puppetリソースごとに`connect_settings`ハッシュを設定するか、`postgresql::globals`にデフォルトの`connect_settings`ハッシュを設定できます。リソースごとに`connect_settings`を設定すると、SQLオブジェクトが複数のユーザによって複数のデータベース上に作成できるようになります。 + +```puppet +$connection_settings_super2 = { + 'PGUSER' => 'super2', + 'PGPASSWORD' => 'foobar2', + 'PGHOST' => '127.0.0.1', + 'PGPORT' => '5432', + 'PGDATABASE' => 'postgres', +} + +include postgresql::server + +# Connect with no special settings, i.e domain sockets, user postgres +postgresql::server::role { 'super2': + password_hash => 'foobar2', + superuser => true, + + connect_settings => {}, +} + +# Now using this new user connect via TCP +postgresql::server::database { 'db1': + connect_settings => $connection_settings_super2, + require => Postgresql::Server::Role['super2'], +} +``` + +### pg_hba.confのアクセスルールの作成 + +`pg_hba.conf`のアクセスルールを作成するには、次のように記述します。 + +```puppet +postgresql::server::pg_hba_rule { 'allow application network to access app database': + description => 'Open up PostgreSQL for access from 200.1.2.0/24', + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', +} +``` + +これにより、以下のようなルールセットが`pg_hba.conf`内に作成されます。 + +``` +# Rule Name: allow application network to access app database +# Description: Open up PostgreSQL for access from 200.1.2.0/24 +# Order: 150 +host app app 200.1.2.0/24 md5 +``` + +デフォルトでは、`pg_hba_rule`に`postgresql::server`を含める必要がありますが、ルールを宣言する際にtargetおよびpostgresql_versionを設定することで、その動作をオーバーライドできます。例えば次のようになります。 + +```puppet +postgresql::server::pg_hba_rule { 'allow application network to access app database': + description => 'Open up postgresql for access from 200.1.2.0/24', + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', + target => '/path/to/pg_hba.conf', + postgresql_version => '9.4', +} +``` + +### pg_ident.confのユーザ名マップの作成 + +pg_ident.confのユーザ名マップを作成するには、次のように記述します。 + +```puppet +postgresql::server::pg_ident_rule { 'Map the SSL certificate of the backup server as a replication user': + map_name => 'sslrepli', + system_username => 'repli1.example.com', + database_username => 'replication', +} +``` + +これにより、次のようなユーザ名マップが`pg_ident.conf`に作成されます。 + +``` +#Rule Name: Map the SSL certificate of the backup server as a replication user +#Description: none +#Order: 150 +sslrepli repli1.example.com replication +``` + +### リカバリ設定の作成 + +リカバリ設定ファイル(`recovery.conf`)を作成するには、次のように記述します。 + +```puppet +postgresql::server::recovery { 'Create a recovery.conf file with the following defined parameters': + restore_command => 'cp /mnt/server/archivedir/%f %p', + archive_cleanup_command => undef, + recovery_end_command => undef, + recovery_target_name => 'daily backup 2015-01-26', + recovery_target_time => '2015-02-08 22:39:00 EST', + recovery_target_xid => undef, + recovery_target_inclusive => true, + recovery_target => 'immediate', + recovery_target_timeline => 'latest', + pause_at_recovery_target => true, + standby_mode => 'on', + primary_conninfo => 'host=localhost port=5432', + primary_slot_name => undef, + trigger_file => undef, + recovery_min_apply_delay => 0, +} +``` + +これにより、次の`recovery.conf`設定ファイルが作成されます。 + +``` +restore_command = 'cp /mnt/server/archivedir/%f %p' +recovery_target_name = 'daily backup 2015-01-26' +recovery_target_time = '2015-02-08 22:39:00 EST' +recovery_target_inclusive = true +recovery_target = 'immediate' +recovery_target_timeline = 'latest' +pause_at_recovery_target = true +standby_mode = 'on' +primary_conninfo = 'host=localhost port=5432' +recovery_min_apply_delay = 0 +``` + +テンプレートでは、指定されたパラメータのみが認識されます。`recovery.conf`は、少なくとも1つのパラメータが設定済みで、**かつ**、[manage_recovery_conf](#manage_recovery_conf)がtrueの場合のみ作成されます。 + +### 接続の検証 + +従属タスクを開始する前に、リモートのPostgreSQLデータベースへのクライアント接続を検証するには、`postgresql_conn_validator`リソースを使用します。このリソースは、PostgreSQLクライアントソフトウェアがインストールされている任意のノード上で使用できます。アプリケーションサーバーの起動や、データベース移行の実行など、他のタスクと結合されることがよくあります。 + +使用例: + +```puppet +postgresql_conn_validator { 'validate my postgres connection': + host => 'my.postgres.host', + db_username => 'mydbuser', + db_password => 'mydbpassword', + db_name => 'mydbname', +}-> +exec { 'rake db:migrate': + cwd => '/opt/myrubyapp', +} +``` + +## 参考 + +postgresqlモジュールには、サーバー設定用に多数のオプションがあります。以下の設定をすべて使うことはないかもしれませんが、これらを使用することで、セキュリティ設定をかなり制御することができます。 + +**クラス:** + +* [postgresql::client](#postgresqlclient) +* [postgresql::globals](#postgresqlglobals) +* [postgresql::lib::devel](#postgresqllibdevel) +* [postgresql::lib::java](#postgresqllibjava) +* [postgresql::lib::perl](#postgresqllibperl) +* [postgresql::lib::python](#postgresqllibpython) +* [postgresql::server](#postgresqlserver) +* [postgresql::server::plperl](#postgresqlserverplperl) +* [postgresql::server::contrib](#postgresqlservercontrib) +* [postgresql::server::postgis](#postgresqlserverpostgis) + +**定義できるタイプ:** + +* [postgresql::server::config_entry](#postgresqlserverconfig_entry) +* [postgresql::server::database](#postgresqlserverdatabase) +* [postgresql::server::database_grant](#postgresqlserverdatabase_grant) +* [postgresql::server::db](#postgresqlserverdb) +* [postgresql::server::extension](#postgresqlserverextension) +* [postgresql::server::grant](#postgresqlservergrant) +* [postgresql::server::grant_role](#postgresqlservergrant_role) +* [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) +* [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) +* [postgresql::server::recovery](#postgresqlserverrecovery) +* [postgresql::server::role](#postgresqlserverrole) +* [postgresql::server::schema](#postgresqlserverschema) +* [postgresql::server::table_grant](#postgresqlservertable_grant) +* [postgresql::server::tablespace](#postgresqlservertablespace) + +**タイプ:** + +* [postgresql_psql](#custom-resource-postgresql_psql) +* [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) +* [postgresql_conf](#custom-resource-postgresql_conf) +* [postgresql_conn_validator](#custom-resource-postgresql_conn_validator) + +**関数:** + +* [postgresql_password](#function-postgresql_password) +* [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) + +### クラス + +#### postgresql::client + +PostgreSQLクライアントソフトウェアをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 + +>**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 + +##### `package_ensure` + +PostgreSQLクライアントパッケージリソースが存在する必要があるかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +##### `package_name` + +PostgreSQLクライアントパッケージの名前を設定します。 + +デフォルト値: 'file'。 + +#### postgresql::lib::docs + +Postgres-Docs向けのPostgreSQLバインディングをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 + +**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 + +##### `package_name` + +PostgreSQL docsパッケージの名前を指定します。 + +##### `package_ensure` + +PostgreSQL docsパッケージリソースが存在する必要があるかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +#### postgresql::globals + +**注意:** ほとんどのサーバー固有のデフォルト値は、`postgresql::server`クラスでオーバーライドする必要があります。このクラスは、標準以外のOSを使用している場合か、ここでしか変更できない要素(`version`や`manage_package_repo`)を変更する場合のみ使用します。 + +##### `bindir` + +ターゲットプラットフォームのデフォルトのPostgreSQLバイナリディレクトリをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `client_package_name` + +デフォルトのPostgreSQLクライアントパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `confdir` + +ターゲットプラットフォームのデフォルトのPostgreSQL設定ディレクトリをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `contrib_package_name` + +デフォルトのPostgreSQL contribパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `createdb_path` + +**非推奨** `createdb`コマンドへのパス。 + +デフォルト値: '${bindir}/createdb'。 + +##### `datadir` + +ターゲットプラットフォームのデフォルトのPostgreSQLデータディレクトリをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +**注意:** インストール後にdatadirを変更すると、変更が実行される前にサーバーが完全に停止します。Red Hatシステムでは、データディレクトリはSELinuxに適切にラベル付けする必要があります。Ubuntuでは、明示的に`needs_initdb = true`に設定して、Puppetが新しいdatadir内のデータベースを初期化できるようにする必要があります(他のシステムでは、`needs_initdb`はデフォルトでtrueになっています)。 + +**警告:** datadirがデフォルトから変更された場合、Puppetは元のデータディレクトリのパージを管理しません。そのため、データディレクトリが元のディレクトリに戻ったときにエラーが発生します。 + +##### `default_database` + +接続するデフォルトのデータベースの名前を指定します。 + +デフォルト値: (ほとんどのシステムにおいて) 'postgres'。 + +##### `devel_package_name` + +デフォルトのPostgreSQL develパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `docs_package_name` + +オプションです。 + +デフォルトのPostgreSQL docsパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `encoding` + +このモジュールで作成されるすべてのデータベースのデフォルトエンコーディングを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 + +デフォルト値: オペレーティングシステムのデフォルトエンコーディングによって決まります。 + +##### `group` + +ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーザグループをオーバーライドします。 + +デフォルト値: 'postgres'。 + +##### `initdb_path` + +`initdb`コマンドへのパス。 + +##### `java_package_name` + +デフォルトのPostgreSQL javaパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `locale` + +このモジュールで作成されるすべてのデータベースのデフォルトのデータベースロケールを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 + +デフォルト値: `undef`、実質的には'C'。 + +**Debianでは、PostgreSQLのフル機能が使用できるように'locales-all'パッケージがインストールされていることを確認する必要があります。** + +##### `timezone` + +postgresqlサーバーのデフォルトタイムゾーンを設定します。postgresqlのビルトインのデフォルト値は、システムのタイムゾーン情報を取得しています。 + +##### `logdir` + +デフォルトのPostgreSQL logディレクトリをオーバーライドします。 + +デフォルト値: initdbのデフォルトパス。 + +##### `manage_package_repo` + +`true`に設定されている場合、お使いのホスト上に公式なPostgreSQLリポジトリをセットアップします。 + +デフォルト値: `false`。 + +##### `module_workdir` + +psqlコマンドを実行する作業ディレクトリを指定します。'/tmp'がnoexecオプションでマウントされたボリューム上にあるときに、指定が必要になる場合があります。 + +デフォルト値: '/tmp'。 + +##### `needs_initdb` + +サーバーパッケージをインストール後、PostgreSQLサービスを開始する前に、initdb動作を明示的に呼び出します。 + +デフォルト値: OSによって異なります。 + +##### `perl_package_name` + +デフォルトのPostgreSQL Perlパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `pg_hba_conf_defaults` + +`false`に設定すると、`pg_hba.conf`についてモジュールに設定されたデフォルト値を無効にします。デフォルト値をオーバーライドするときに役立ちます。ただし、基本的な`psql`動作など、一定の動作を行うためには一定のアクセスが要求されるので、ここでの変更内容がその他のモジュールと矛盾しないように注意してください。 + +デフォルト値: `postgresql::globals::manage_pg_hba_conf`に設定されたグローバル値。デフォルトは`true`。 + +##### `pg_hba_conf_path` + +`pg_hba.conf`ファイルへのパスを指定します。 + +デフォルト値: '${confdir}/pg_hba.conf'。 + +##### `pg_ident_conf_path` + +`pg_ident.conf`ファイルへのパスを指定します。 + +デフォルト値: '${confdir}/pg_ident.conf'。 + +##### `plperl_package_name` + +デフォルトのPostgreSQL PL/Perlパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `plpython_package_name` + +デフォルトのPostgreSQL PL/Pythonパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `postgis_version` + +PostGISをインストールする場合に、インストールするPostGISのバージョンを定義します。 + +デフォルト値: インストールするPostgreSQLで利用可能な最下位のバージョン。 + +##### `postgresql_conf_path` + +`postgresql.conf`ファイルへのパスを設定します。 + +デフォルト値: '${confdir}/postgresql.conf'。 + +##### `psql_path` + +`psql`コマンドへのパスを設定します。 + +##### `python_package_name` + +デフォルトのPostgreSQL Pythonパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `recovery_conf_path` + +`recovery.conf`ファイルへのパス。 + +##### `repo_proxy` + +公式のPostgreSQL yumリポジトリのみのプロキシオプションを設定します。これは、サーバーが企業のファイアウォール内にあり、外部への接続にプロキシを使用する必要がある場合に役立ちます。 + +Debianは現在サポートされていません。 + +##### `repo_baseurl` + +PostgreSQLリポジトリのbaseurlを設定します。リポジトリのミラーを所有している場合に便利です。 + +デフォルト値: 公式なPostgreSQLリポジトリ。 + +##### `server_package_name` + +デフォルトのPostgreSQLサーバーパッケージ名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `service_name` + +デフォルトのPostgreSQLサービス名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `service_provider` + +デフォルトのPostgreSQLサービスプロバイダをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `service_status` + +PostgreSQLサービスのデフォルトのステータスチェックコマンドをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `user` + +ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよび所有者をオーバーライドします。 + +デフォルト値: 'postgres'。 + +##### `version` + +インストールおよび管理するPostgreSQLのバージョン。 + +デフォルト値: OSシステムのデフォルト値。 + +##### `xlogdir` + +デフォルトのPostgreSQL xlogディレクトリをオーバーライドします。 + +デフォルト値: initdbのデフォルトパス。 + +####postgresql::lib::devel + +PostgreSQLの開発ライブラリとシンボリックリンク`pg_config`を含むパッケージを`/usr/bin`にインストールします(`/usr/bin`または`/usr/local/bin`に存在しない場合)。 + +##### `link_pg_config` + +PostgreSQLページが使用するbinディレクトリが`/usr/bin`でも`/usr/local/bin`でもない場合、パッケージのbinディレクトリから`usr/bin`に`pg_config`をシンボリックリンクします(Debianシステムには適用されません)。この動作を無効にするには、`false`に設定します。 + +有効な値: `true`、`false`。 + +デフォルト値: `true`。 + +##### `package_ensure` + +パッケージのインストール中に'ensure'パラメータをオーバーライドします。 + +デフォルト値: 'present'。 + +##### `package_name` + +インストール先のディストリビューションのデフォルトパッケージ名をオーバーライドします。 + +デフォルト値: ディストリビューションに応じて、'postgresql-devel'または'postgresql-devel'。 + +#### postgresql::lib::java + +Java (JDBC)向けのPostgreSQLバインディングをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 + +**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 + +##### `package_ensure` + +パッケージが存在するかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +##### `package_name` + +PostgreSQL javaパッケージの名前を指定します。 + +#### postgresql::lib::perl + +PostgreSQL Perlライブラリをインストールします。 + +##### `package_ensure` + +パッケージが存在するかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +##### `package_name` + +インストールするPostgreSQL perlパッケージの名前を指定します。 + +#### postgresql::server::plpython + +PostgreSQLのPL/Python手続き型言語をインストールします。 + +##### `package_name` + +postgresql PL/Pythonパッケージの名前を指定します。 + +##### `package_ensure` + +パッケージが存在するかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +#### postgresql::lib::python + +PostgreSQL Pythonライブラリをインストールします。 + +##### `package_ensure` + +パッケージが存在するかどうかを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +##### `package_name` + +PostgreSQL Pythonパッケージの名前。 + +#### postgresql::server + +##### `createdb_path` + +**非推奨** `createdb`コマンドへのパスを指定します。 + +デフォルト値: '${bindir}/createdb'。 + +##### `default_database` + +接続するデフォルトのデータベースの名前を指定します。ほとんどのシステムで、'postgres'になります。 + +##### `default_connect_settings` + +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。他の定義タイプのデフォルトとして使用されます(`postgresql::server::role`など)。 + +##### `encoding` + +このモジュールで作成されるすべてのデータベースのデフォルトエンコーディングを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 + +デフォルト値: `undef`。 + +##### `group` + +ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーグループをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `initdb_path` + +`initdb`コマンドへのパスを指定します。 + +デフォルト値: '${bindir}/initdb'。 + +##### `ipv4acls` + +接続方法、ユーザ、データベース、IPv4アドレスのアクセス制御のための文字列を一覧表示します。 + +詳細については、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)の`pg_hba.conf`の項を参照してください。 + +##### `ipv6acls` + +接続方法、ユーザ、データベース、IPv6アドレスのアクセス制御のための文字列を一覧表示します。 + +詳細については、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)の`pg_hba.conf`の項を参照してください。 + +##### `ip_mask_allow_all_users` + +リモート接続に関するPostgreSQLのデフォルト動作をオーバーライドします。デフォルトでは、PostgreSQLは、データベースユーザアカウントがリモートマシンからTCP経由で接続することを許可しません。許可するには、この設定をオーバーライドします。 + +データベースユーザによる任意のリモートマシンからの接続を許可するには、'0.0.0.0/0'に設定します。ローカルの'192.168'サブネット内の任意のマシンからの接続を許可するには、'192.168.0.0/1'に設定します。 + +デフォルト値: '127.0.0.1/32'。 + +##### `ip_mask_deny_postgres_user` + +postgresスーパーユーザについて、リモート接続を拒否するためのIPマスクを指定します。 + +デフォルト値: '0.0.0.0/0'。デフォルト値ではリモート接続はすべて拒否されます。 + +##### `locale` + +このモジュールで作成されるすべてのデータベースのデフォルトのデータベースロケールを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトになります。 + +デフォルト値: `undef`、実質的には'C'。 + +**Debianでは、PostgreSQLの全機能を使用できるよう、'locales-all'パッケージがインストールされていることを確認してください。** + +##### `manage_pg_hba_conf` + +`pg_hba.conf`を管理するかどうかを指定します。 + +`true`に設定すると、Puppetはこのファイルを上書きします。 + +`false`に設定すると、Puppetはこのファイルに変更を加えません。 + +有効な値: `true`、`false`。 + +デフォルト値: `true` + +##### `manage_pg_ident_conf` + +pg_ident.confファイルを上書きします。 + +`true`に設定すると、Puppetはこのファイルを上書きします。 + +`false`に設定すると、Puppetはこのファイルに変更を加えません。 + +有効な値: `true`、`false`。 + +デフォルト値: `true`。 + +##### `manage_recovery_conf` + +`recovery.conf`を管理するかどうかを指定します。 + +`true`に設定すると、Puppetはこのファイルを上書きします。 + +有効な値: `true`、`false`。 + +デフォルト値: `false`。 + +##### `needs_initdb` + +サーバーパッケージをインストール後、PostgreSQLサービスを開始する前に、`initdb`動作を明示的に呼び出します。 + +デフォルト値: OSによって異なります。 + +##### `package_ensure` + +サーバーインスタンスを作成するときに、`package`リソースに値を受け渡します。 + +デフォルト値: `undef`。 + +##### `package_name` + +サーバーソフトウェアをインストールするときに使用するパッケージの名前を指定します。 + +デフォルト値: OSによって異なります。 + +##### `pg_hba_conf_defaults` + +`false`に設定すると、`pg_hba.conf`についてモジュールに設定されたデフォルト値を無効にします。これは、デフォルト値を使用せずにオーバーライドするときに役立ちます。だし、基本的な`psql`動作などを実行するには一定のアクセスが要求されるので、ここでの変更内容がその他のモジュールと矛盾しないように注意してください。 + +##### `pg_hba_conf_path` + +`pg_hba.conf`ファイルへのパスを指定します。 + +##### `pg_ident_conf_path` + +`pg_ident.conf`ファイルへのパスを指定します。 + +デフォルト値: '${confdir}/pg_ident.conf'。 + +##### `plperl_package_name` + +PL/Perl拡張のデフォルトパッケージ名を設定します。 + +デフォルト値: OSによって異なります。 + +##### `plpython_package_name` + +PL/Python拡張のデフォルトパッケージ名を設定します。 + +デフォルト値: OSによって異なります。 + +##### `port` + +PostgreSQLサーバーがリッスンするポートを指定します。**注意:** サーバーがリッスンする全IPアドレスで、同一のポート番号が使用されます。また、Red Hatシステムと初期のDebianシステムでは、ポート番号を変更するとき、変更実行前にサーバーが完全停止します。 + +デフォルト値: 5432。これは、PostgresサーバーがTCPポート5432をリッスンすることを意味します。 + +##### `postgres_password` + +postgresユーザのパスワードを特定の値に設定します。デフォルトでは、この設定はPostgresデータベース内のスーパーユーザアカウント(ユーザ名`postgres`、パスワードなし)を使用します。 + +デフォルト値: `undef`。 + +##### `postgresql_conf_path` + +`postgresql.conf`ファイルへのパスを指定します。 + +デフォルト値: '${confdir}/postgresql.conf'。 + +##### `psql_path` + +`psql`コマンドへのパスを指定します。 + +デフォルト値: OSによって異なります。 + +##### `service_manage` + +Puppetがサービスを管理するかどうかを定義します。 + +デフォルト値: `true`。 + +##### `service_name` + +デフォルトのPostgreSQLサービス名をオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `service_provider` + +デフォルトのPostgreSQLサービスプロバイダをオーバーライドします。 + +デフォルト値: `undef`。 + +##### `service_reload` + +PostgreSQLサービスのデフォルトのリロードコマンドをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `service_restart_on_change` + +設定変更をアクティブにするにはサービスの再起動が必要な設定エントリが変更された場合に、PostgreSQLサービスを再起動する際のデフォルト動作をオーバーライドします。 + +デフォルト値: `true`。 + +##### `service_status` + +PostgreSQLサービスのデフォルトのステータスチェックコマンドをオーバーライドします。 + +デフォルト値: OSによって異なります。 + +##### `user` + +ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよびオーナーをオーバーライドします。 + +デフォルト値: 'postgres'。 + +#### postgresql::server::contrib + +PostgreSQL contribパッケージをインストールします。 + +##### `package_ensure` + +PostgreSQL contribパッケージリソースに受け渡されたensureパラメータを設定します。 + +##### `package_name` + +PostgreSQL contribパッケージの名前。 + +#### postgresql::server::plperl + +postgresqlのPL/Perl手続き型言語をインストールします。 + +##### `package_ensure` + +PostgreSQL PL/Perlパッケージリソースに受け渡されたensureパラメータ。 + +##### `package_name` + +PostgreSQL PL/Perlパッケージの名前。 + +#### postgresql::server::postgis + +PostgreSQL postgisパッケージをインストールします。 + +### 定義できるタイプ + +#### postgresql::server::config_entry + +`postgresql.conf`設定ファイルを変更します。 + +各リソースは、次の例のようにファイル内の各行にマッピングされています。 + +```puppet +postgresql::server::config_entry { 'check_function_bodies': + value => 'off', +} +``` + +##### `ensure` + +'absent'に設定した場合、エントリを削除します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + +##### `value` + +設定の値を定義します。 + +#### postgresql::server::db + +ローカルのデータベース、ユーザを作成し、必要なパーミッションを割り当てます。 + +##### `comment` + +PostgreSQLのCOMMENTコマンドを使用して、データベースについて保存するコメントを定義します。 + +##### `connect_settings` + +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `dbname` + +作成するデータベースの名前を設定します。 + +デフォルト値: namevar。 + +##### `encoding` + +データベースの作成中の文字セットをオーバーライドします。 + +デフォルト値: インストール時に定義されたデフォルト値。 + +##### `grant` + +作成中に付与するパーミッションを指定します。 + +デフォルト値: 'ALL'。 + +##### `istemplate` + +`true`に設定すると、そのデータベースをテンプレートとして指定します。 + +デフォルト値: `false`。 + +##### `locale` + +データベース作成中にロケールをオーバーライドします。 + +デフォルト値: インストール時に定義されたデフォルト値。 + +##### `owner` + +ユーザをデータベースの所有者として設定します。 + +デフォルト値: `postgresql::server`または`postgresql::globals`で設定された'$user'変数。 + +##### `password` + +**必須** 作成されたユーザのパスワードを設定します。 + +##### `tablespace` + +作成したデータベースを割り当てるテーブル空間の名前を定義します。 + +デフォルト値: PostgreSQLのデフォルト値。 + +##### `template` + +このデータベースを構築する際にテンプレートとして使用するデータベースの名前を指定します。 + +デフォルト値: `template0`。 + +##### `user` + +データベースを作成し、作成後にデータベースへのアクセスを割り当てるユーザ。必須指定です。 + +#### postgresql::server::database + +ユーザなし、パーミッションなしのデータベースを作成します。 + +##### `dbname` + +データベースの名前を設定します。 + +デフォルト値: namevar。 + +##### `encoding` + +データベースの作成中の文字セットをオーバーライドします。 + +デフォルト値: インストール時に定義されたデフォルト値。 + +##### `istemplate` + +`true`に設定すると、そのデータベースをテンプレートとして定義します。 + +デフォルト値: `false`。 + +##### `locale` + +データベース作成中にロケールをオーバーライドします。 + +デフォルト値: インストール時に定義されたデフォルト値。 + +##### `owner` + +データベース所有者の名前を設定します。 + +デフォルト値: `postgresql::server`または`postgresql::globals`で設定された'$user'変数。 + +##### `tablespace` + +このデータベースを作成するテーブル空間を設定します。 + +デフォルト値: インストール時に定義されたデフォルト値。 + +##### `template` + +このデータベースを構築する際にテンプレートとして使用するデータベースの名前を指定します。 + +デフォルト値: 'template0'。 + +#### postgresql::server::database_grant + +データベース固有のパーミッションについて`postgresql::server::database_grant`をラッピングして、grantベースのユーザアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 + +#### `connect_settings` + +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `db` + +アクセス権を付与するデータベースを指定します。 + +##### `privilege` + +付与する権限のコンマ区切りリストを指定します。 + +有効なオプション: 'ALL'、'CREATE'、'CONNECT'、'TEMPORARY'、'TEMP'。 + +##### `psql_db` + +権限付与を実行するデータベースを定義します。 + +**通常、デフォルトを変更しないでください。** + +デフォルト値: 'postgres'。 + +##### `psql_user` + +`psql`を実行するOSユーザを指定します。 + +デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 + +##### `role` + +アクセスを付与するロールまたはユーザを指定します。 + +#### postgresql::server::extension + +PostgreSQL拡張を管理します。 + +##### `database` + +拡張を有効化するデータベースを指定します。 + +##### `ensure` + +拡張を有効化するか無効化するかを指定します。 + +有効なオプション: 'present'または'absent'。 + +#### `extension` + +有効化する拡張を指定します。空欄にした場合、リソースの名前が使用されます。 + +##### `package_name` + +拡張を有効化する前にインストールするパッケージを指定します。 + +##### `package_ensure` + +デフォルトのパッケージ削除動作をオーバーライドします。 + +デフォルトでは、`package_name`で指定されたパッケージが、拡張が有効のときインストールされ、拡張が無効のとき削除されます。この動作をオーバーライドするには、そのパッケージに`ensure`の値を設定してください。 + +#### postgresql::server::grant + +ロールのgrantベースのアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 + +##### `db` + +アクセス権を付与するデータベースを指定します。 + +##### `object_type` + +権限を付与するオブジェクトのタイプを指定します。 + +有効なオプション: 'DATABASE'、'SCHEMA'、'SEQUENCE'、'ALL SEQUENCES IN SCHEMA'、'TABLE'、または'ALL TABLES IN SCHEMA'。 + +##### `object_name` + +アクセス権を付与する`object_type`の名前を指定します。 + +##### `port` + +接続に使用するポート。 + +デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 + +##### `privilege` + +付与する権限を指定します。 + +有効なオプション: 'ALL'、'ALL PRIVILEGES'、または'object_type'依存の文字列。 + +##### `psql_db` + +権限付与を実行するデータベースを指定します。 + +**通常、デフォルトを変更しないでください。** + +デフォルト値: 'postgres'。 + +##### `psql_user` + +`psql`を実行するOSユーザを設定します。 + +デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 + +##### `role` + +アクセスを付与するロールまたはユーザを指定します。 + +#### postgresql::server::grant_role + +ロールを(グループ)ロールに割り当てられるようにします。詳細については、[PostgreSQLマニュアルの`Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html)を参照してください。 + +##### `group` + +ロールを割り当てるグループロールを指定します。 + +##### `role` + +グループに割り当てるロールを指定します。空欄にした場合、リソースの名前が使用されます。 + +##### `ensure` + +メンバーシップを付与するか、無効化するかを指定します。 + +有効なオプション: 'present'または'absent'。 + +デフォルト値: 'present'。 + +##### `port` + +接続に使用するポート。 + +デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 + +##### `psql_db` + +権限付与を実行するデータベースを指定します。 + +**通常、デフォルトを変更しないでください。** + +デフォルト値: 'postgres'。 + +##### `psql_user` + +`psql`を実行するOSユーザを設定します。 + +デフォルト値: モジュールのデフォルトユーザ。通常、`postgres`。 + +##### `connect_settings` + +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +#### postgresql::server::pg_hba_rule + +`pg_hba.conf`のアクセスルールを作成できるようにします。詳細については、[使用例](#create-an-access-rule-for-pghba.conf)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)を参照してください。 + +##### `address` + +タイプが'local'ではないとき、このルール一致に対するCIDRベースのアドレスを設定します。 + +##### `auth_method` + +このルールが一致する接続の認証に使用される方法を提供します。詳細な説明は、PostgreSQL `pg_hba.conf`のマニュアルに記載されています。 + +##### `auth_option` + +特定の`auth_method`設定については、受け渡し可能な追加オプションがあります。詳細については、PostgreSQL `pg_hba.conf`マニュアルを参照してください。 + +##### `database` + +このルールが一致するデータベースのコンマ区切りリストを設定します。 + +##### `description` + +必要に応じて、このルールの長めの説明を定義します。この説明は、`pg_hba.conf`のルール上部のコメント内に挿入されます。 + +デフォルト値: 'none'。 + +そのリソースを一意に識別するための方法を指定しますが、機能的には何も実行しません。 + +##### `order` + +`pg_hba.conf`にルールを配置する順序を設定します。 + +デフォルト値: 150。 + +#### `postgresql_version` + +PostgreSQLインスタンス全体を管理することなく、`pg_hba.conf`を管理します。 + +デフォルト値: `postgresql::server`に設定されたバージョン。 + +##### `target` + +ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 + +**注意して使用してください。** + +##### `type` + +ルールのタイプを設定します。 + +有効なオプション: 'local'、'host'、'hostssl'、または'hostnossl'。 + +##### `user` + +このルールが一致するユーザのコンマ区切りリストを設定します。 + + +#### postgresql::server::pg_ident_rule + +`pg_ident.conf`のユーザ名マップを作成可能にします。詳細については、上述の[使用例](#create-user-name-maps-for-pgidentconf)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-username-maps.html)を参照してください。 + +##### `database_username` + +データベースユーザのユーザ名を指定します。このユーザ名には`system_username`がマッピングされています。 + +##### `description` + +必要に応じて、このルールの長めの説明を設定します。この説明は、`pg_ident.conf`のルール上部のコメント内に挿入されます。 + +デフォルト値: 'none'。 + +##### `map_name` + +`pg_hba.conf`でこのマッピングを参照するために使用されるユーザマップの名前を設定します。 + +##### `order` + +`pg_ident.conf`にマッピングを配置する際の順序を定義します。 + +デフォルト値: 150。 + +##### `system_username` + +オペレーティングシステムのユーザ名(データベースへの接続に使用するユーザ名)を指定します。 + +##### `target` + +ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 + +**注意して使用してください。** + +#### postgresql::server::recovery + +`recovery.conf`の内容を作成可能にします。詳細については、[使用例](#create-recovery-configuration)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)を参照してください。 + +`recovery_target_inclusive`、 `pause_at_recovery_target`、`standby_mode`、`recovery_min_apply_delay`を除くすべてのパラメータ値は、テンプレートに含まれる文字列セットです。 + +全パラメータリストの詳細な説明は、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)にあります。 + +パラメータは、次の3つのセクションにグループ分けされています。 + +##### [アーカイブリカバリパラメータ](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) + +* `restore_command` +* `archive_cleanup_command` +* `recovery_end_command` + +##### [リカバリターゲット設定](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) +* `recovery_target_name` +* `recovery_target_time` +* `recovery_target_xid` +* `recovery_target_inclusive` +* `recovery_target` +* `recovery_target_timeline` +* `pause_at_recovery_target` + +##### [スタンバイサーバー設定](http://www.postgresql.org/docs/current/static/standby-settings.html) +* `standby_mode`: 文字列('on'/'off')またはブール値(`true`/`false`)で指定できます。 +* `primary_conninfo` +* `primary_slot_name` +* `trigger_file` +* `recovery_min_apply_delay` + +##### `target` +ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 + +**注意して使用してください。** + +#### postgresql::server::role +PostgreSQLのロールまたはユーザを作成します。 + +##### `connection_limit` +ロールが同時に接続可能な数を指定します。 + +デフォルト値: '-1'。これは、無制限を意味します。 + +##### `connect_settings` +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `createdb` +このロールに新しいデータベースを作成する能力を付与するかどうかを指定します。 + +デフォルト値: `false`。 + +##### `createrole` +このロールに新しいロールを作成する権限を付与するかどうかを指定します。 + +デフォルト値: `false`。 + +##### `inherit` +新しいロールに継承権限を付与するかどうかを指定します。 + +デフォルト値: `true`。 + +##### `login` +新しいロールにログイン権限を付与するかどうかを指定します。 + +デフォルト値: `true`。 + +##### `password_hash` +パスワード作成中に使用するハッシュを設定します。PostgreSQLがサポートする形式でパスワードが暗号化されていない場合、ここで、`postgresql_password`関数を使用して、MD5ハッシュを提供します。例は次のとおりです。 + +##### `update_password` +trueに設定すると、変更時にパスワードが更新されます。作成後にロールのパスワードを変更しない場合は、falseに設定してください。 + +```puppet +postgresql::server::role { 'myusername': + password_hash => postgresql_password('myusername', 'mypassword'), +} +``` + +##### `replication` + +`true`に設定すると、このロールにレプリケーション機能が提供されます。 + +デフォルト値: `false`。 + +##### `superuser` + +新しいロールにスーパーユーザ権限を付与するかどうかを指定します。 + +デフォルト値: `false`。 + +##### `username` + +作成するロールのユーザ名を定義します。 + +デフォルト値: namevar。 + +#### postgresql::server::schema + +スキーマを作成します。 + +##### `connect_settings` + +リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `db` + +必須。 + +このスキーマを作成するデータベースの名前を設定します。 + +##### `owner` + +スキーマのデフォルト所有者を設定します。 + +##### `schema` + +スキーマの名前を設定します。 + +デフォルト値: namevar。 + +#### postgresql::server::table_grant + +ユーザのgrantベースのアクセス権を管理します。詳細については、PostgreSQLマニュアルの`grant`の項を参照してください。 + +##### `connect_settings` + +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `db` + +そのテーブルが存在するデータベースを指定します。 + +##### `privilege` + +付与する権限のコンマ区切りリストを指定します。有効なオプション: 'ALL'、'SELECT'、'INSERT'、'UPDATE'、'DELETE'、'TRUNCATE'、'REFERENCES'、'TRIGGER'。 + +##### `psql_db` + +権限付与を実行するデータベースを指定します。 + +通常、デフォルトを変更しないでください。 + +デフォルト値: 'postgres'。 + +##### `psql_user` + +`psql`を実行するOSユーザを指定します。 + +デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 + +##### `role` + +アクセスを付与するロールまたはユーザを指定します。 + +##### `table` + +アクセス権を付与するテーブルを指定します。 + +#### postgresql::server::tablespace + +テーブル空間を作成します。必要な場合、場所も作成し、PostgreSQLサーバーと同じパーミッションを割り当てます。 + +##### `connect_settings` + +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + +##### `location` + +このテーブル空間へのパスを指定します。 + +##### `owner` + +そのテーブル空間のデフォルト所有者を指定します。 + +##### `spcname` + +テーブル空間の名前を指定します。 + +デフォルト値: namevar。 + +### タイプ + +#### postgresql_psql + +Puppetがpsqlステートメントを実行できるようにします。 + +##### `command` + +必須。 + +psqlを介して実行するSQLコマンドを指定します。 + +##### `cwd` + +psqlコマンドが実行される作業ディレクトリを指定します。 + +デフォルト値: '/tmp'。 + +##### `db` + +SQLコマンドを実行するデータベースの名前を指定します。 + +##### `environment` + +SQLコマンドに対して追加の環境変数を設定する場合に指定します。複数の環境変数を使用する場合は、配列として指定します。 + +##### `name` + +自身の参考用の任意のタグ、すなわちメッセージの名前を設定します。これはnamevarです。 + +##### `onlyif` + +メインのコマンドの前に実行するオプションのSQLコマンドを設定します。通常、これはべき等性に基づいて、データベース内のオブジェクトの存在を確認し、メインのSQLコマンドを実行する必要があるかどうかを判断するため使用されます。 + +##### `port` + +SQLコマンドを実行するデータベースサーバーのポートを指定します。 + +##### `psql_group` + +psqlコマンドを実行するシステムユーザグループアカウントを指定します。 + +デフォルト値: 'postgres'。 + +##### `psql_path` + +psql実行ファイルへのパスを指定します。 + +デフォルト値: 'psql'。 + +##### `psql_user` + +psqlコマンドを実行するシステムユーザアカウントを指定します。 + +デフォルト値: 'postgres'。 + +##### `refreshonly` + +notifyイベントまたはsubscribeイベントが発生したときのみSQLを実行するかどうかを指定します。 + +有効な値: `true`、`false`。 + +デフォルト値: `false`。 + +##### `search_path` + +SQLコマンドを実行するときに使用するスキーマ検索パスを定義します。 + +##### `unless` + +`onlyif`の逆です。 + +#### postgresql_conf + +Puppetが`postgresql.conf`パラメータを管理できるようにします。 + +##### `name` + +管理するPostgreSQLパラメータ名を指定します。 + +これはnamevarです。 + +##### `target` + +`postgresql.conf`へのパスを指定します。 + +デフォルト値: '/etc/postgresql.conf'。 + +##### `value` + +このパラメータに設定する値を指定します。 + +#### postgresql_replication_slot + +PostgreSQLマスターサーバー上でウォームスタンバイレプリケーションを登録するためのレプリケーションスロットを作成および消去できるようにします。 + +##### `name` + +作成するスロットの名前を指定します。有効なレプリケーションスロット名である必要があります。 + +これはnamevarです。 + +#### postgresql_conn_validator + +このタイプを使用するローカルまたはリモートのPostgreSQLデータベースへの接続を検証します。 + +##### `connect_settings` + +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。個々のパラメータ(`host`など)を設定する代わりに使用されますが、個々のパラメータが設定されている場合は個々のパラメータが優先されます。 + +デフォルト値: {} + +##### `db_name` + +テストするデータベースの名前を指定します。Specifies the name of the database you wish to test. + +デフォルト値: '' + +##### `db_password` + +接続するパスワードを指定します。`.pgpass`が使用されている場合は空欄にできます。それ以外の場合、空欄にすることは推奨されません。 + +デフォルト値: '' + +##### `db_username` + +接続するユーザ名を指定します。 + +デフォルト値: '' + +Unixソケットとident認証を使用するとき、このユーザとして実行されます。 + +##### `command` + +接続性を検証するためにターゲットデータベースで実行されるコマンドです。 + +デフォルト値: 'SELECT 1' + +##### `host` + +テストするデータベースのホスト名を設定します。 + +デフォルト値: ''。これは、通常指定されたローカルUnixソケットを使用します。 + +**ホストがリモートの場合、ユーザ名を指定する必要があります。** + +##### `port` + +接続するときに使用するポートを定義します。 + +デフォルト値: '' + +##### `run_as` + +`psql`コマンドの実行ユーザを指定します。これは、Unixソケットと`ident`認証を使用してローカルにデータベースに接続するときに重要です。リモートテストには必要ありません。 + +##### `sleep` + +失敗した後、再試行する前にスリープする時間を秒単位で設定します。 + +##### `tries` + +失敗した後、リソースを失敗とみなすまで再試行する回数を設定します。 + +### 関数 + +#### postgresql_password + +PostgreSQL暗号化パスワードを生成します。次のように、`postgresql_password`をコマンドラインから呼び出し、暗号化されたパスワードをマニフェストにコピーペーストします。 + +```shell +puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' +``` + +本番マニフェストからこの関数を呼び出すことも可能ですが、その場合、マニフェストには暗号化していない平文のパスワードを含める必要があります。 + +#### postgresql_acls_to_resources_hash(acl_array, id, order_offset) + +この内部関数は、`pg_hba.conf`ベースのACLのリスト(文字列の配列として受け渡されたもの)を`postgresql::pg_hba_rule`リソースと互換性のある形式に変換します。 + +**この関数は、モジュールによる内部的な使用のみ可能です。** + +## 制約事項 + +PostgreSQLのバージョン8.1~9.5で動作します。 + +現在、postgresqlモジュールは次のオペレーティングシステムでテスト済みです。 + +* Debian 6.x、7.x、8.x。 +* CentOS 5.x、6.x、7.x。 +* Ubuntu 10.04および12.04、14.04。 + +その他のシステムとも互換性がある可能性がありますが、積極的なテストは行っておりません。 + +### Aptモジュールのサポート + +このモジュールは1.xと2.x両方のバージョンの'puppetlabs-apt'モジュールをサポートしていますが、'puppetlabs-apt'の2.0.0と2.0.1はサポートしていません。 + +### PostGISのサポート + +PostGISは、現時点ではすべてのプラットフォームで正常に動作するわけではないため、サポート対象外の機能とみなします。 + +### すべてのバージョンのRHEL/CentOS + +SELinuxが有効化されている場合、次の方法で`postgresql_port_t`コンテキストに使用中のカスタムポートを追加する必要があります。 + +```shell +semanage port -a -t postgresql_port_t -p tcp $customport +``` + +## 開発 + +Puppet Forgeに公開されているPuppet Labsモジュールはオープンプロジェクトのため、維持するにはコミュニティの貢献が不可欠です。Puppetは、現在私たちがアクセスできない無数のプラットフォームやハードウェア、ソフトウェア、デプロイ構成にも利用されることを目的としています。私たちの目標は、できる限り簡単に変更に貢献し、みなさまの環境で私たちのモジュールが機能できるようにすることです。最高の状態を維持するため、コントリビュータにはいくつかのガイドラインを守っていただく必要があります。詳細については、[モジュールコントリビューションガイド](https://docs.puppetlabs.com/forge/contributing.html)を参照してください。 + +### テスト + +このモジュールには、2種類のテストが配布されています。`rspec-puppet`のユニットテストと、`rspec-system`を使用したシステムテストです。 + +ユニットテストを実行するには、以下がインストールされていることを確認してください。 + +* rake +* bundler + +次のように、必要なgemをインストールします。 + +```shell +bundle install --path=vendor +``` + +そして、次のように記述して、ユニットテストを実行します。 + +```shell +bundle exec rake spec +``` + +ユニットテストは、Travis-CIでも実行されます。自身のテスト結果を確認するには、このプロジェクトのご自身のGitHubクローンのアカウントセクションから、Travis-CIを介してサービスフックを登録してください。 + +システムテストを実行するには、以下のツールもインストールされていることを確認してください。 + +* Vagrant > 1.2.x +* VirtualBox > 4.2.10 + +次の記述を使用してテストを実行します。 + +```shell +bundle exec rspec spec/acceptance +``` + +異なるオペレーティングシステムでテストを実行するには、`.nodeset.yml`で利用可能なセットを確認して、次の構文で特定のセットを実行します。 + +```shell +RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance +``` + +### コントリビュータ + +貢献してくださった方々の一覧を[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 From 6003baad1a3ed77f1304f23aed1c131a2a046cf9 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Fri, 14 Jul 2017 19:09:43 -0700 Subject: [PATCH 0257/1000] Updating translations for readmes/README_ja_JP.md From 874fae957f61667f863eae6a5193f76000d3a5a2 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 17 Jul 2017 08:16:28 +0100 Subject: [PATCH 0258/1000] Adding a space for header formatting The formatting is displaying incorrectly due to a space missing. --- README.md | 2 +- readmes/README_ja_JP.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bac8a922a2..3d0e1a5a6d 100644 --- a/README.md +++ b/README.md @@ -649,7 +649,7 @@ Overrides the default PostgreSQL xlog directory. Default value: initdb's default path. -####postgresql::lib::devel +#### postgresql::lib::devel Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index dacdeeee84..7982919188 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -623,7 +623,7 @@ PostgreSQLサービスのデフォルトのステータスチェックコマン デフォルト値: initdbのデフォルトパス。 -####postgresql::lib::devel +#### postgresql::lib::devel PostgreSQLの開発ライブラリとシンボリックリンク`pg_config`を含むパッケージを`/usr/bin`にインストールします(`/usr/bin`または`/usr/local/bin`に存在しない場合)。 From d9e4153e4fd0fa52bbf433e84d8890d2defe0bf8 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 17 Jul 2017 15:22:56 +0100 Subject: [PATCH 0259/1000] (MODULES-4711) - 5.1.0 Release Prep (#903) --- CHANGELOG.md | 21 ++++++++++++++++++++- metadata.json | 2 +- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e04aadf79..0a74da5317 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,22 @@ +## Supported Release 5.1.0 +### Summary +This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. + +#### Features +- Updating translations for readmes/README_ja_JP.md +- add defined type postgresql::server::reassign_owned_by +- Allow order parameter to be string value +- prep for puppet 5 ([MODULES-5144](https://tickets.puppetlabs.com/browse/MODULES-5144)) +- add data_checksums option to initdb +- parameter ensure of custom resource postgresql_replication_slot is not documented ([MODULES-2989](https://tickets.puppetlabs.com/browse/MODULES-2989)) + +#### Bug Fixes +- Adding a space for header formatting +- use https for apt.postgresql.org repo +- msync puppet 5 and ruby 2.4 ([MODULES-5197](https://tickets.puppetlabs.com/browse/MODULES-5187)) +- Only run test on postgresql >= 9.0 ([FM-6240](https://tickets.puppetlabs.com/browse/FM-6240)) +- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash + ## Supported Release 5.0.0 ### Summary This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. @@ -12,7 +31,7 @@ This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Pu - default postgis versions in postgresql::globals to use newer versions. - puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) - default value for `log_line_prefix` to `undef`. -- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. +- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. - use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. - lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) diff --git a/metadata.json b/metadata.json index 726871a96d..b2da84a805 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.0.0", + "version": "5.1.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From b0d13e7a0b384ead0272e140f849d94e692d812f Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 17 Jul 2017 20:28:56 +0100 Subject: [PATCH 0260/1000] (MODULES-5232) - Updating docs formatting. Minor reformat of the README. --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d0e1a5a6d..dde76dc412 100644 --- a/README.md +++ b/README.md @@ -501,7 +501,11 @@ Default value: `undef`, which is effectively 'C'. ##### `data_checksums` -Optional boolean to turn on data checksums during `initdb`. +Optional. + +Data type: Boolean. + +Turns on data checksums during `initdb`. Default value: `undef`, which is the same as `false`. From aa15af39cab219c58db8b4b3186264de83bc8f24 Mon Sep 17 00:00:00 2001 From: Thomas Mueller Date: Mon, 10 Apr 2017 14:00:24 +0200 Subject: [PATCH 0261/1000] (MODULES-4682) Pass default_connect_settings to validate service If using CentOS or RedHat Enterprise Linux with PostgreSQL from SoftwareCollections the validation of the service fails because it needs the `LD_LIBRARY_PATH` environment variable to work properly. To pass the env for example for postgresql_psql one can only set ``` class {'postgresql::globals': default_connect_settings => { 'LD_LIBRARY_PATH' => '/opt/rh/rh-postgresql95/root/usr/lib64', } ``` This patch passes the default_connect_settings to the `validate_db_connection` resource in `postgresql::service` --- manifests/server/service.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 2a4f5001a6..a6858d154c 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -10,6 +10,7 @@ $port = $postgresql::server::port $default_database = $postgresql::server::default_database $psql_path = $postgresql::params::psql_path + $connect_settings = $postgresql::server::default_connect_settings anchor { 'postgresql::server::service::begin': } @@ -34,6 +35,7 @@ run_as => $user, db_name => $default_database, port => $port, + connect_settings => $connect_settings, sleep => 1, tries => 60, psql_path => $psql_path, From ffbc565d40958d8f3163ea92a3e0c376e0a2b355 Mon Sep 17 00:00:00 2001 From: Thomas Mueller Date: Thu, 27 Jul 2017 09:18:11 +0200 Subject: [PATCH 0262/1000] (maint) Align rockets for lint --- manifests/server/service.pp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index a6858d154c..9342b076cc 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -32,15 +32,15 @@ # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. postgresql_conn_validator{ 'validate_service_is_running': - run_as => $user, - db_name => $default_database, - port => $port, + run_as => $user, + db_name => $default_database, + port => $port, connect_settings => $connect_settings, - sleep => 1, - tries => 60, - psql_path => $psql_path, - require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'] + sleep => 1, + tries => 60, + psql_path => $psql_path, + require => Service['postgresqld'], + before => Anchor['postgresql::server::service::end'] } Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] } From 33b0e185aceafb471b54caf20f7070b9d66f7d00 Mon Sep 17 00:00:00 2001 From: Glenn Sarti Date: Thu, 27 Jul 2017 15:13:48 -0700 Subject: [PATCH 0263/1000] (maint) modulesync 915cde70e20 --- Gemfile | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/Gemfile b/Gemfile index 46cb2eacec..a9f0161c79 100644 --- a/Gemfile +++ b/Gemfile @@ -33,13 +33,13 @@ ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = "#{ruby_version_segments[0]}.#{ruby_version_segments[1]}" group :development do - gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" - gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] - gem "puppet-module-posix-dev-r#{minor_version}", :require => false, :platforms => "ruby" - gem "puppet-module-win-dev-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] - gem "json_pure", '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "fast_gettext", '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" + gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] + gem "puppet-module-posix-dev-r#{minor_version}", :require => false, :platforms => "ruby" + gem "puppet-module-win-dev-r#{minor_version}", '0.0.7', :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] + gem "json_pure", '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem "fast_gettext", '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem "fast_gettext", :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') end group :system_tests do @@ -50,6 +50,7 @@ group :system_tests do gem "beaker-rspec", *location_for(ENV['BEAKER_RSPEC_VERSION']) gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') + gem "puppet-blacksmith", '~> 3.4', :require => false end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) From 8de6a7cedfac7988f64f7103822dfebd8f708437 Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 1 Aug 2017 15:54:39 +0100 Subject: [PATCH 0264/1000] MODULES-5378 fix error message checking in test --- spec/unit/defines/server/grant_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index e3dbfabe70..da5892d86b 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -215,7 +215,7 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type Undef, Array, or String, got Integer/) } + it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type (Undef, )?Array, or String, got Integer/) } end context 'invalid object_name - insufficent array elements' do From 6c360816be7c44f0eefccea9766334188aa9ac63 Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 1 Aug 2017 16:44:44 +0100 Subject: [PATCH 0265/1000] MODULES-5378 fix the change in error message --- spec/unit/defines/server/grant_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index da5892d86b..b3028e405a 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -215,7 +215,7 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type (Undef, )?Array, or String, got Integer/) } + it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type (Array|Undef, Array,) or String, got Integer/) } end context 'invalid object_name - insufficent array elements' do From 7b779b409ad9f29aeedcd7d8ba6bcaa890de0074 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Wed, 2 Aug 2017 19:52:23 +1000 Subject: [PATCH 0266/1000] Updating translations for locales/ja/puppetlabs-postgresql.po From b6b6b1a16a5ee162ae8a7ac6c4ea52ae3374d989 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 2 Aug 2017 15:57:32 -0700 Subject: [PATCH 0267/1000] (MODULES-4854) remove allow_deprecations This module has been released to drop puppet 3 so we will no longer allow deprecated functions via unit testing. --- .sync.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.sync.yml b/.sync.yml index 5850feded2..d3575e177d 100644 --- a/.sync.yml +++ b/.sync.yml @@ -3,5 +3,3 @@ NOTICE: unmanaged: true appveyor.yml: delete: true -spec/spec_helper.rb: - allow_deprecations: true From 6cf5c17a69d2219bf35d8b034dd62cff362de8a1 Mon Sep 17 00:00:00 2001 From: Olli-Pekka Wallin Date: Sat, 12 Aug 2017 22:20:40 +0300 Subject: [PATCH 0268/1000] Added default postgresql version of Ubuntu 17.4 version to the globals.pp file --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 36e61af489..069262227e 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -94,6 +94,7 @@ /^(14.04)$/ => '9.3', /^(14.10|15.04|15.10)$/ => '9.4', /^(16.04|16.10)$/ => '9.5', + /^(17.04)$/ => '9.6', default => undef, }, default => undef, From 06285a13ed3d098b702f87d37d695416f726297e Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 17 Aug 2017 14:13:38 +0100 Subject: [PATCH 0269/1000] (MODULES-5501) - Remove unsupported Ubuntu Removing older version of Ubuntu that are not supported by the module. --- metadata.json | 2 -- 1 file changed, 2 deletions(-) diff --git a/metadata.json b/metadata.json index b2da84a805..715f1e73b4 100644 --- a/metadata.json +++ b/metadata.json @@ -57,8 +57,6 @@ { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "10.04", - "12.04", "14.04", "16.04" ] From 44ecaee01ac1f6eab771ffa3fc3fbb22c7918be4 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 21 Aug 2017 08:28:23 -0400 Subject: [PATCH 0270/1000] Change - Add support for Fedora 26 Fedora 26 provides postgresql-server version 9.6 by default. Added support to avoid puppet failures on Fedora 26 nodes. --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 85ef0965da..d2e4dfe2ab 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -64,6 +64,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(26)$/ => '9.6', /^(24|25)$/ => '9.5', /^(22|23)$/ => '9.4', /^(21)$/ => '9.3', From cf0a445f3d266e25531aa67d0cae9abb176fc16e Mon Sep 17 00:00:00 2001 From: Theo Chatzimichos Date: Sun, 27 Aug 2017 13:27:51 +0200 Subject: [PATCH 0271/1000] use postgresql 9.6 for the newest SLES and openSUSE releases --- manifests/globals.pp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 069262227e..c99567161f 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -114,10 +114,12 @@ 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', /12\.0/ => '93', - default => '94', + /12\.[1-2]/ => '94', + default => '96', }, 'OpenSuSE' => $::operatingsystemrelease ? { - default => '94', + /42\.[1-2]/ => '94', + default => '96', }, default => undef, }, From ae38fa6f83e3009c0d98d5c1d6fce2017e926087 Mon Sep 17 00:00:00 2001 From: Adrian Dvergsdal Date: Tue, 21 Mar 2017 14:34:07 +0100 Subject: [PATCH 0272/1000] enhance --data-checksums on initdb --- README.md | 30 ++++++++++++++++++++---------- manifests/params.pp | 4 ++++ 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 57ca9ca1ff..5dfe275468 100644 --- a/README.md +++ b/README.md @@ -449,6 +449,16 @@ Default value: OS dependent. **Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. +##### `data_checksums` + +Optional. + +Data type: Boolean. + +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: 'true' or 'false'. Default: initdb's default ('false'). + +**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. + ##### `default_database` Specifies the name of the default database to connect with. @@ -499,16 +509,6 @@ Default value: `undef`, which is effectively 'C'. **On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** -##### `data_checksums` - -Optional. - -Data type: Boolean. - -Turns on data checksums during `initdb`. - -Default value: `undef`, which is the same as `false`. - ##### `timezone` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. @@ -751,6 +751,16 @@ The name of the PostgreSQL Python package. Default value: '${bindir}/createdb'. +##### `data_checksums` + +Optional. + +Data type: Boolean. + +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: 'true' or 'false'. Default: initdb's default ('false'). + +**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. + ##### `default_database` Specifies the name of the default database to connect with. On most systems this is 'postgres'. diff --git a/manifests/params.pp b/manifests/params.pp index 51c45ef3d6..44ff66458d 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -309,6 +309,10 @@ } } + if($data_checksums and versioncmp($version, '9.3') < 0) { + fail('data_checksums require version 9.3 or greater') + } + $validcon_script_path = pick($validcon_script_path, '/usr/local/bin/validate_postgresql_connection.sh') $initdb_path = pick($initdb_path, "${bindir}/initdb") $pg_hba_conf_path = pick($pg_hba_conf_path, "${confdir}/pg_hba.conf") From 8423d78de19df8eae66acddba154ef67bcc80be2 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Thu, 14 Sep 2017 14:57:22 +1000 Subject: [PATCH 0273/1000] postgresql::server::grant with ensure => absent uses REVOKE instead of GRANT --- README.md | 30 ++++ manifests/server/database_grant.pp | 2 + manifests/server/grant.pp | 219 +++++++++++++++-------- manifests/server/table_grant.pp | 4 +- spec/acceptance/server/grant_spec.rb | 231 ++++++++++++++++++++++++- spec/unit/defines/server/grant_spec.rb | 4 +- 6 files changed, 409 insertions(+), 81 deletions(-) diff --git a/README.md b/README.md index 5dfe275468..412beec5af 100644 --- a/README.md +++ b/README.md @@ -1139,6 +1139,16 @@ Default value: 'template0'. Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. +##### `ensure` + +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. + +Valid values: 'present', 'absent'. +* 'present' to grant the privilege +* 'absent' to revoke the privilege + +Default value: 'present'. + #### `connect_settings` Specifies a hash of environment variables used when connecting to a remote server. @@ -1205,6 +1215,16 @@ By default, the package specified with `package_name` is installed when the exte Manages grant-based access privileges for roles. See [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. +##### `ensure` + +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. + +Valid values: 'present', 'absent'. +* 'present' to grant the privilege +* 'absent' to revoke the privilege + +Default value: 'present'. + ##### `db` Specifies the database to which you are granting access. @@ -1553,6 +1573,16 @@ Default value: the namevar. Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. +##### `ensure` + +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. + +Valid values: 'present', 'absent'. +* 'present' to grant the privilege +* 'absent' to revoke the privilege + +Default value: 'present'. + ##### `connect_settings` Specifies a hash of environment variables used when connecting to a remote server. diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 6c29b57176..34a69533e5 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -3,11 +3,13 @@ $privilege, $db, $role, + $ensure = undef, $psql_db = undef, $psql_user = undef, $connect_settings = undef, ) { postgresql::server::grant { "database:${name}": + ensure => $ensure, role => $role, db => $db, privilege => $privilege, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index ecc7a76f7e..579acab4ef 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -27,8 +27,23 @@ Integer $port = $postgresql::server::port, Boolean $onlyif_exists = false, Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', + 'absent' + ] $ensure = 'present', ) { + case $ensure { + default: { + # default is 'present' + $sql_command = 'GRANT %s ON %s "%s" TO "%s"' + $unless_is = true + } + 'absent': { + $sql_command = 'REVOKE %s ON %s "%s" FROM "%s"' + $unless_is = false + } + } + $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path @@ -81,7 +96,10 @@ } $unless_function = 'has_database_privilege' $on_db = $psql_db - $onlyif_function = undef + $onlyif_function = $ensure ? { + default => undef, + 'absent' => 'role_exists', + } } 'SCHEMA': { $unless_privilege = $_privilege ? { @@ -149,43 +167,78 @@ # If this number is not zero then there is at least one sequence for which # the role does not have the specified privilege, making it necessary to # execute the GRANT statement. - $custom_unless = "SELECT 1 FROM ( - SELECT sequence_name - FROM information_schema.sequences - WHERE sequence_schema='${schema}' - EXCEPT DISTINCT - SELECT object_name as sequence_name - FROM ( - SELECT object_schema, - object_name, - grantee, - CASE privs_split - WHEN 'r' THEN 'SELECT' - WHEN 'w' THEN 'UPDATE' - WHEN 'U' THEN 'USAGE' - END AS privilege_type - FROM ( - SELECT DISTINCT - object_schema, - object_name, - (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, - regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split - FROM ( - SELECT n.nspname as object_schema, - c.relname as object_name, - regexp_split_to_table(array_to_string(c.relacl,','),',') AS privs - FROM pg_catalog.pg_class c - LEFT JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid - WHERE c.relkind = 'S' - AND n.nspname NOT IN ( 'pg_catalog', 'information_schema' ) - ) P1 - ) P2 - ) P3 - WHERE grantee='${role}' - AND object_schema='${schema}' - AND privilege_type='${custom_privilege}' - ) P - HAVING count(P.sequence_name) = 0" + if $ensure == 'present' { + $custom_unless = "SELECT 1 WHERE NOT EXISTS ( + SELECT sequence_name + FROM information_schema.sequences + WHERE sequence_schema='${schema}' + EXCEPT DISTINCT + SELECT object_name as sequence_name + FROM ( + SELECT object_schema, + object_name, + grantee, + CASE privs_split + WHEN 'r' THEN 'SELECT' + WHEN 'w' THEN 'UPDATE' + WHEN 'U' THEN 'USAGE' + END AS privilege_type + FROM ( + SELECT DISTINCT + object_schema, + object_name, + (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, + regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split + FROM ( + SELECT n.nspname as object_schema, + c.relname as object_name, + regexp_split_to_table(array_to_string(c.relacl,','),',') AS privs + FROM pg_catalog.pg_class c + LEFT JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid + WHERE c.relkind = 'S' + AND n.nspname NOT IN ( 'pg_catalog', 'information_schema' ) + ) P1 + ) P2 + ) P3 + WHERE grantee='${role}' + AND object_schema='${schema}' + AND privilege_type='${custom_privilege}' + )" + } else { + # ensure == absent + $custom_unless = "SELECT 1 WHERE NOT EXISTS ( + SELECT object_name as sequence_name + FROM ( + SELECT object_schema, + object_name, + grantee, + CASE privs_split + WHEN 'r' THEN 'SELECT' + WHEN 'w' THEN 'UPDATE' + WHEN 'U' THEN 'USAGE' + END AS privilege_type + FROM ( + SELECT DISTINCT + object_schema, + object_name, + (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, + regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split + FROM ( + SELECT n.nspname as object_schema, + c.relname as object_name, + regexp_split_to_table(array_to_string(c.relacl,','),',') AS privs + FROM pg_catalog.pg_class c + LEFT JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid + WHERE c.relkind = 'S' + AND n.nspname NOT IN ( 'pg_catalog', 'information_schema' ) + ) P1 + ) P2 + ) P3 + WHERE grantee='${role}' + AND object_schema='${schema}' + AND privilege_type='${custom_privilege}' + )" + } } 'TABLE': { $unless_privilege = $_privilege ? { @@ -233,37 +286,62 @@ $schema = $object_name # Again there seems to be no easy way in plain SQL to check if ALL - # PRIVILEGES are granted on a table. By convention we use INSERT - # here to represent ALL PRIVILEGES (truly terrible). - $custom_privilege = $_privilege ? { - 'ALL' => 'INSERT', - 'ALL PRIVILEGES' => 'INSERT', - default => $_privilege, + # PRIVILEGES are granted on a table. + # There are currently 7 possible priviliges: + # ('SELECT','UPDATE','INSERT','DELETE','TRIGGER','REFERENCES','TRUNCATE') + # This list is consistant from Postgresql 8.0 + # + # There are 4 cases to cover, each with it's own distinct unless clause: + # grant ALL + # grant SELECT (or INSERT or DELETE ...) + # revoke ALL + # revoke SELECT (or INSERT or DELETE ...) + + if $ensure == 'present' { + if $_privilege == 'ALL' or $_privilege == 'ALL PRIVILEGES' { + # GRANT ALL + $custom_unless = "SELECT 1 WHERE NOT EXISTS + ( SELECT 1 FROM pg_catalog.pg_tables AS t, + (VALUES ('SELECT'), ('UPDATE'), ('INSERT'), ('DELETE'), ('TRIGGER'), ('REFERENCES'), ('TRUNCATE')) AS p(privilege_type) + WHERE t.schemaname = '${schema}' + AND NOT EXISTS ( + SELECT 1 FROM information_schema.role_table_grants AS g + WHERE g.grantee = '${role}' + AND g.table_schema = '${schema}' + AND g.privilege_type = p.privilege_type + ) + )" + + } else { + # GRANT $_privilege + $custom_unless = "SELECT 1 WHERE NOT EXISTS + ( SELECT 1 FROM pg_catalog.pg_tables AS t + WHERE t.schemaname = '${schema}' + AND NOT EXISTS ( + SELECT 1 FROM information_schema.role_table_grants AS g + WHERE g.grantee = '${role}' + AND g.table_schema = '${schema}' + AND g.privilege_type = '${_privilege}' + ) + )" + } + } else { + if $_privilege == 'ALL' or $_privilege == 'ALL PRIVILEGES' { + # REVOKE ALL + $custom_unless = "SELECT 1 WHERE NOT EXISTS + ( SELECT table_name FROM information_schema.role_table_grants + WHERE grantee = '${role}' AND table_schema ='${schema}' + )" + } else { + # REVOKE $_privilege + $custom_unless = "SELECT 1 WHERE NOT EXISTS + ( SELECT table_name FROM information_schema.role_table_grants + WHERE grantee = '${role}' AND table_schema ='${schema}' + AND privilege_type = '${_privilege}' + )" + } } - # This checks if there is a difference between the tables in the - # specified schema and the tables for which the role has the specified - # privilege. It uses the EXCEPT clause which computes the set of rows - # that are in the result of the first SELECT statement but not in the - # result of the second one. It then counts the number of rows from this - # operation. If this number is zero then the role has the specified - # privilege for all tables in the schema and the whole query returns a - # single row, which satisfies the `unless` parameter of Postgresql_psql. - # If this number is not zero then there is at least one table for which - # the role does not have the specified privilege, making it necessary to - # execute the GRANT statement. - $custom_unless = "SELECT 1 FROM ( - SELECT table_name - FROM information_schema.tables - WHERE table_schema='${schema}' - EXCEPT DISTINCT - SELECT table_name - FROM information_schema.role_table_grants - WHERE grantee='${role}' - AND table_schema='${schema}' - AND privilege_type='${custom_privilege}' - ) P - HAVING count(P.table_name) = 0" } 'LANGUAGE': { $unless_privilege = $_privilege ? { @@ -313,17 +391,18 @@ false => undef, 'custom' => $custom_unless, default => "SELECT 1 WHERE ${unless_function}('${role}', - '${_granted_object}', '${unless_privilege}')", + '${_granted_object}', '${unless_privilege}') = ${unless_is}", } $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", + 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}'", default => undef, } - $grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${_togrant_object}\" TO - \"${role}\"" + $grant_cmd = sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $role) + postgresql_psql { "grant:${name}": command => $grant_cmd, db => $on_db, diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 452f13d9de..dd70aeb8f4 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -5,6 +5,7 @@ $table, $db, $role, + $ensure = undef, $port = undef, $psql_db = undef, $psql_user = undef, @@ -12,6 +13,7 @@ $onlyif_exists = false, ) { postgresql::server::grant { "table:${name}": + ensure => $ensure, role => $role, db => $db, port => $port, @@ -23,4 +25,4 @@ onlyif_exists => $onlyif_exists, connect_settings => $connect_settings, } -} \ No newline at end of file +} diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 63f2d7e47d..5266a11bb6 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -132,6 +132,7 @@ class { 'postgresql::server': } end end + ### SEQUENCE grants context 'sequence' do it 'should grant usage on a sequence to a user' do begin @@ -167,8 +168,8 @@ class { 'postgresql::server': } apply_manifest(pp, :catch_changes => true) ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/t/) expect(r.stderr).to eq('') end end @@ -209,8 +210,8 @@ class { 'postgresql::server': } apply_manifest(pp, :catch_changes => true) ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/t/) expect(r.stderr).to eq('') end end @@ -253,8 +254,8 @@ class { 'postgresql::server': } apply_manifest(pp, :catch_changes => true) ## Check that the privileges were granted to the user, this check is not available on version < 9.0 - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + psql("-d #{db} --tuples-only --command=\"SELECT has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(/t/) expect(r.stderr).to eq('') end end @@ -295,12 +296,226 @@ class { 'postgresql::server': } apply_manifest(pp, :catch_changes => true) ## Check that the privileges were granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + psql("-d #{db} --tuples-only --command=\"SELECT has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(/t/) expect(r.stderr).to eq('') end end end end end + ### TABLE grants + context 'table' do + describe 'GRANT ... ON TABLE' do + let(:pp_create_table) { pp_setup + <<-EOS.unindent + postgresql_psql { 'create test table': + command => 'CREATE TABLE test_tbl (col1 integer)', + db => $db, + psql_user => $owner, + unless => "SELECT table_name FROM information_schema.tables WHERE table_name = 'test_tbl'", + require => Postgresql::Server::Database[$db], + } + EOS + } + + it 'should grant select on a table to a user' do + begin + pp = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'grant select on test_tbl': + privilege => 'SELECT', + object_type => 'TABLE', + object_name => 'test_tbl', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + pp_revoke = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'revoke select on test_tbl': + ensure => absent, + privilege => 'SELECT', + object_type => 'TABLE', + object_name => 'test_tbl', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp_install, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that the privilege was granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| + expect(r.stdout).to match(/t/) + expect(r.stderr).to eq('') + end + + apply_manifest(pp_revoke, :catch_failures => true) + apply_manifest(pp_revoke, :catch_changes => true) + + ## Check that the privilege was revoked from the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| + expect(r.stdout).to match(/f/) + expect(r.stderr).to eq('') + end + end + end + end + + it 'should grant update on all tables to a user' do + begin + pp = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'grant update on all tables': + privilege => 'UPDATE', + object_type => 'ALL TABLES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + pp_revoke = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'revoke update on all tables': + ensure => absent, + privilege => 'UPDATE', + object_type => 'ALL TABLES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp_install, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that all privileges were granted to the user + psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants + WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| + expect(r.stdout).to match(/test_tbl[ |]*UPDATE\s*\(1 row\)/) + expect(r.stderr).to eq('') + end + + apply_manifest(pp_revoke, :catch_failures => true) + apply_manifest(pp_revoke, :catch_changes => true) + + ## Check that all privileges were revoked from the user + psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants + WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| + expect(r.stdout).to match(/\(0 rows\)/) + expect(r.stderr).to eq('') + end + end + end + end + + it 'should grant all on all tables to a user' do + begin + pp = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'grant all on all tables': + privilege => 'ALL', + object_type => 'ALL TABLES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + pp_revoke = pp_create_table + <<-EOS.unindent + + postgresql::server::grant { 'revoke all on all tables': + ensure => absent, + privilege => 'ALL', + object_type => 'ALL TABLES IN SCHEMA', + object_name => 'public', + db => $db, + role => $user, + require => [ Postgresql_psql['create test table'], + Postgresql::Server::Role[$user], ] + } + EOS + + apply_manifest(pp_install, :catch_failures => true) + + #postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + + ## Check that all privileges were granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants + WHERE grantee = '#{user}' AND table_schema = 'public' + AND privilege_type IN ('SELECT','UPDATE','INSERT','DELETE','TRIGGER','REFERENCES','TRUNCATE') + GROUP BY table_name\"", user) do |r| + expect(r.stdout).to match(/test_tbl[ |]*7$/) + expect(r.stderr).to eq('') + end + + apply_manifest(pp_revoke, :catch_failures => true) + apply_manifest(pp_revoke, :catch_changes => true) + + ## Check that all privileges were revoked from the user + psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants + WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| + expect(r.stdout).to match(/\(0 rows\)/) + expect(r.stderr).to eq('') + end + end + end + end + end + end + context 'database' do + describe 'REVOKE ... ON DATABASE...' do + it 'should not fail on revoke connect from non-existant user' do + begin + apply_manifest(pp_setup, :catch_failures => true) + pp = pp_setup + <<-EOS.unindent + postgresql::server::grant { 'revoke connect on db from norole': + ensure => absent, + privilege => 'CONNECT', + object_type => 'DATABASE', + db => '#{db}', + role => '#{user}_does_not_exist', + } + EOS + apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, :catch_failures => true) + + end + end + end + end + ##################### end diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index b3028e405a..87c020a870 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -50,7 +50,7 @@ it { is_expected.to contain_postgresql_psql('grant:test').with( { 'command' => /GRANT USAGE ON SEQUENCE "test" TO\s* "test"/m, - 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)/m, + 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\) = true/m, } ) } end @@ -97,7 +97,7 @@ it { is_expected.to contain_postgresql_psql('grant:test').with( { 'command' => /GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"/m, - 'unless' => /SELECT 1 FROM \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\) P\s* HAVING count\(P\.sequence_name\) = 0/m, + 'unless' => /SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)/m, } ) } end From f5043d35e23951960bbe99e416097d77ed1f1aa4 Mon Sep 17 00:00:00 2001 From: Hailee Kenney Date: Mon, 18 Sep 2017 14:56:51 -0700 Subject: [PATCH 0274/1000] (maint) modulesync 892c4cf --- CONTRIBUTING.md | 222 +++++++++++++++++++++++++++----------------- locales/config.yaml | 1 + spec/spec_helper.rb | 8 ++ 3 files changed, 147 insertions(+), 84 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 990edba7e7..1a9fb3a5cd 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,63 +1,75 @@ -Checklist (and a short version for the impatient) -================================================= +# Contributing to Puppet modules - * Commits: +So you want to contribute to a Puppet module: Great! Below are some instructions to get you started doing +that very thing while setting expectations around code quality as well as a few tips for making the +process as easy as possible. - - Make commits of logical units. +### Table of Contents - - Check for unnecessary whitespace with "git diff --check" before - committing. +1. [Getting Started](#getting-started) +1. [Commit Checklist](#commit-checklist) +1. [Submission](#submission) +1. [More about commits](#more-about-commits) +1. [Testing](#testing) + - [Running Tests](#running-tests) + - [Writing Tests](#writing-tests) +1. [Get Help](#get-help) - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). +## Getting Started - - Do not check in commented out code or unneeded files. +- Fork the module repository on GitHub and clone to your workspace - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. +- Make your changes! - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". +## Commit Checklist - - The body should provide a meaningful commit message, which: +### The Basics - - uses the imperative, present tense: "change", not "changed" or - "changes". +- [x] my commit is a single logical unit of work - - includes motivation for the change, and contrasts its - implementation with the previous behavior. +- [x] I have checked for unnecessary whitespace with "git diff --check" - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. +- [x] my commit does not include commented out code or unneeded files - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below +### The Content - - When introducing a new feature, make sure it is properly - documented in the README.md +- [x] my commit includes tests for the bug I fixed or feature I added - * Submission: +- [x] my commit includes appropriate documentation changes if it is introducing a new feature or changing existing functionality + +- [x] my code passes existing test suites - * Pre-requisites: +### The Commit Message - - Make sure you have a [GitHub account](https://github.com/join) +- [x] the first line of my commit message includes: - - [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. + - [x] an issue number (if applicable), e.g. "(MODULES-xxxx) This is the first line" + + - [x] a short description (50 characters is the soft limit, excluding ticket number(s)) - * Preferred method: +- [x] the body of my commit message: - - Fork the repository on GitHub. + - [x] is meaningful - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). + - [x] uses the imperative, present tense: "change", not "changed" or "changes" - - Submit a pull request to the repository in the puppetlabs - organization. + - [x] includes motivation for the change, and contrasts its implementation with the previous behavior -The long version -================ +## Submission + +### Pre-requisites + +- Make sure you have a [GitHub account](https://github.com/join) + +- [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. + +### Push and PR + +- Push your changes to your fork + +- [Open a Pull Request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) against the repository in the puppetlabs organization + +## More about commits 1. Make separate commits for logically separate changes. @@ -104,37 +116,32 @@ The long version GitHub has some pretty good [general documentation](http://help.github.com/) on using their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). + [creating pull requests](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). In general, after pushing your topic branch up to your repository on GitHub, you can switch to the branch in the GitHub UI and click "Pull Request" towards the top of the page in order to open a pull request. + 3. Update the related JIRA issue. - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you + If there is a JIRA issue associated with the change you submitted, then you should update the ticket to include the location of your branch, along with any other commentary you may wish to make. -Testing -======= +# Testing -Getting Started ---------------- +## Getting Started -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, +Our Puppet modules provide [`Gemfile`](./Gemfile)s, which can tell a Ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, or Gems, are required to build, develop, and test this software. -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running +Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, and then use it to +install all dependencies needed for this project in the project root by running ```shell -% bundle install +% bundle install --path .bundle/gems Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/.. Using rake (10.1.0) @@ -148,7 +155,7 @@ Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. ``` -NOTE some systems may require you to run this command with sudo. +NOTE: some systems may require you to run this command with sudo. If you already have those gems installed, make sure they are up-to-date: @@ -156,26 +163,27 @@ If you already have those gems installed, make sure they are up-to-date: % bundle update ``` -With all dependencies in place and up-to-date we can now run the tests: +## Running Tests + +With all dependencies in place and up-to-date, run the tests: + +### Unit Tests ```shell % bundle exec rake spec ``` -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), +This executes all the [rspec tests](http://rspec-puppet.com/) in the directories defined [here](https://github.com/puppetlabs/puppetlabs_spec_helper/blob/699d9fbca1d2489bff1736bb254bb7b7edb32c74/lib/puppetlabs_spec_helper/rake_tasks.rb#L17) and so on. +rspec tests may have the same kind of dependencies as the module they are testing. Although the module defines these dependencies in its [metadata.json](./metadata.json), rspec tests define them in [.fixtures.yml](./fixtures.yml). -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. +### Acceptance Tests + +Some Puppet modules also come with acceptance tests, which use [beaker][]. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/), controlled with [Vagrant](http://www.vagrantup.com/), to simulate scripted test +scenarios. In order to run these, you need both Virtualbox and Vagrant installed on your system. -You can run them by issuing the following command +Run the tests by issuing the following command ```shell % bundle exec rake spec_clean @@ -183,35 +191,81 @@ You can run them by issuing the following command ``` This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +install Puppet, copy this module, and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) and then run all the tests under [spec/acceptance](./spec/acceptance). -Writing Tests -------------- +## Writing Tests + +### Unit Tests -XXX getting started writing tests. +When writing unit tests for Puppet, [rspec-puppet][] is your best friend. It provides tons of helper methods for testing your manifests against a +catalog (e.g. contain_file, contain_package, with_params, etc). It would be ridiculous to try and top rspec-puppet's [documentation][rspec-puppet_docs] +but here's a tiny sample: -If you have commit access to the repository -=========================================== +Sample manifest: -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. +```puppet +file { "a test file": + ensure => present, + path => "/etc/sample", +} +``` + +Sample test: -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. +```ruby +it 'does a thing' do + expect(subject).to contain_file("a test file").with({:path => "/etc/sample"}) +end +``` +### Acceptance Tests + +Writing acceptance tests for Puppet involves [beaker][] and its cousin [beaker-rspec][]. A common pattern for acceptance tests is to create a test manifest, apply it +twice to check for idempotency or errors, then run expectations. + +```ruby +it 'does an end-to-end thing' do + pp = <<-EOF + file { 'a test file': + ensure => present, + path => "/etc/sample", + content => "test string", + } + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + +end + +describe file("/etc/sample") do + it { is_expected.to contain "test string" } +end -Additional Resources -==================== +``` -* [Getting additional help](http://puppet.com/community/get-help) +# If you have commit access to the repository -* [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) +Even if you have commit access to the repository, you still need to go through the process above, and have someone else review and merge +in your changes. The rule is that **all changes must be reviewed by a project developer that did not write the code to ensure that +all changes go through a code review process.** -* [General GitHub documentation](http://help.github.com/) +The record of someone performing the merge is the record that they performed the code review. Again, this should be someone other than the author of the topic branch. +# Get Help + +### On the web +* [Puppet help messageboard](http://puppet.com/community/get-help) +* [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) +* [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + +### On chat +* Slack (slack.puppet.com) #forge-modules, #puppet-dev, #windows, #voxpupuli +* IRC (freenode) #puppet-dev, #voxpupuli + + +[rspec-puppet]: http://rspec-puppet.com/ +[rspec-puppet_docs]: http://rspec-puppet.com/documentation/ +[beaker]: https://github.com/puppetlabs/beaker +[beaker-rspec]: https://github.com/puppetlabs/beaker-rspec diff --git a/locales/config.yaml b/locales/config.yaml index 4d2b70b77a..cf3c4832ef 100644 --- a/locales/config.yaml +++ b/locales/config.yaml @@ -22,4 +22,5 @@ gettext: # Patterns for +Dir.glob+ used to find all files that might contain # translatable content, relative to the project root directory source_files: + - './lib/**/*.rb' diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 22d5d689f4..05732d4f24 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,6 +1,14 @@ #This file is generated by ModuleSync, do not edit. require 'puppetlabs_spec_helper/module_spec_helper' +if Puppet::Util::Package.versioncmp(Puppet.version, '4.5.0') >= 0 + RSpec.configure do |c| + c.before :each do + Puppet.settings[:strict] = :error + end + end +end + # put local configuration and setup into spec_helper_local begin require 'spec_helper_local' From 8727c1e2d8a29918257b471ade6bfe68b9309610 Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Thu, 21 Sep 2017 11:40:21 +0100 Subject: [PATCH 0275/1000] Updates test to reflect new error message --- spec/unit/defines/server/grant_spec.rb | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index b3028e405a..2244146e8f 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -233,7 +233,11 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 1/) } + if Puppet::Util::Package.versioncmp(Puppet.version, '5.2.0') >= 0 + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 1 expects size to be 2, got 1/) } + else + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 1/) } + end end context 'invalid object_name - too many array elements' do @@ -251,7 +255,10 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 3/) } + if Puppet::Util::Package.versioncmp(Puppet.version, '5.2.0') >= 0 + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 1 expects size to be 2, got 3/) } + else + it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 3/) } + end end - end From 836a7bfec3bbb8d788ae7ec6896d9309e16a7de6 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Thu, 21 Sep 2017 13:23:48 -0700 Subject: [PATCH 0276/1000] (maint) allow deprecations in spec_helper --- .sync.yml | 2 ++ spec/spec_helper.rb | 8 -------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/.sync.yml b/.sync.yml index d3575e177d..5850feded2 100644 --- a/.sync.yml +++ b/.sync.yml @@ -3,3 +3,5 @@ NOTICE: unmanaged: true appveyor.yml: delete: true +spec/spec_helper.rb: + allow_deprecations: true diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 05732d4f24..22d5d689f4 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,14 +1,6 @@ #This file is generated by ModuleSync, do not edit. require 'puppetlabs_spec_helper/module_spec_helper' -if Puppet::Util::Package.versioncmp(Puppet.version, '4.5.0') >= 0 - RSpec.configure do |c| - c.before :each do - Puppet.settings[:strict] = :error - end - end -end - # put local configuration and setup into spec_helper_local begin require 'spec_helper_local' From 3d1e1e31d15408203c2813af6d828ba40cdc3f0a Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Fri, 22 Sep 2017 12:27:50 +0100 Subject: [PATCH 0277/1000] 5.2.0 Release Prep --- CHANGELOG.md | 24 ++++++++++++++++++++++++ metadata.json | 3 +-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a74da5317..01bed91356 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,27 @@ +## Supported Release 5.2.0 +### Summary +Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. + +#### Added +- Added default postgresql version of Ubuntu 17.4 version to the globals.pp file. +- Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. +- Use postgresql 9.6 for the newest SLES and openSUSE releases. +- Enhanced --data-checksums on initdb. + +#### Changed +- Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. + +#### Fixed +- Updated spec tests to remove deprecation warnings. +- Docs formatting. +- Pass default_connect_settings to validate service ([MODULES-4682](https://tickets.puppetlabs.com/browse/MODULES-4682)) +- Rocket Alignment for Lint. +- Fixed changes in error messages in tests ([MODULES-5378](https://tickets.puppetlabs.com/browse/MODULES-5378)) + +#### Removed +- Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) +- Removed unsupported Debian version 6. + ## Supported Release 5.1.0 ### Summary This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. diff --git a/metadata.json b/metadata.json index 715f1e73b4..51b276a241 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.1.0", + "version": "5.2.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -49,7 +49,6 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "6", "7", "8" ] From f14f78c0968f1c15f73372b06ccf37a158a8c8ab Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Fri, 29 Sep 2017 19:46:09 +0100 Subject: [PATCH 0278/1000] Removing Debian 6 and adding Debian 9 Updates to supported installations. --- metadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 715f1e73b4..72dd8a80ea 100644 --- a/metadata.json +++ b/metadata.json @@ -49,9 +49,9 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "6", "7", - "8" + "8", + "9" ] }, { From f041584ee8325223be78aa354cfc86c33c512913 Mon Sep 17 00:00:00 2001 From: Hailee Kenney Date: Wed, 4 Oct 2017 11:01:11 -0700 Subject: [PATCH 0279/1000] (FM-6386) Minor docs fixup for 5.2.0 release --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5dfe275468..83b4510d82 100644 --- a/README.md +++ b/README.md @@ -757,7 +757,7 @@ Optional. Data type: Boolean. -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: 'true' or 'false'. Default: initdb's default ('false'). +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. Default: initdb's default (`false`). **Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. From 839be6ba1e998f5434bd912ddf1b11b22279d80f Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Sat, 7 Oct 2017 07:28:59 +1100 Subject: [PATCH 0280/1000] Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 101 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 94 insertions(+), 7 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 7982919188..496df2b3b1 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -10,6 +10,7 @@ * [サーバーの設定](#configure-a-server) * [データベースの作成](#create-a-database) * [ユーザ、ロール、パーミッションの管理](#manage-users-roles-and-permissions) + * [DBオブジェクトの所有権の管理](#manage-ownership-of-db-objects) * [デフォルトのオーバーライド](#override-defaults) * [pg_hba.confのアクセスルールの作成](#create-an-access-rule-for-pg_hbaconf) * [pg_ident.confのユーザ名マップの作成](#create-user-name-maps-for-pg_identconf) @@ -23,7 +24,7 @@ 6. [開発 - モジュール貢献についてのガイド](#development) * [コントリビュータ - モジュール貢献者の一覧](#contributors) 7. [テスト](#tests) -8. [コントリビュータ - モジュール貢献者のリスト](#contributors) +8. [コントリビュータ - モジュール貢献者の一覧](#contributors) ## モジュールの概要 @@ -116,6 +117,24 @@ postgresql::server::table_grant { 'my_table of test2': この例では、test1データベース上とtest2データベースの`my_table`テーブル上の**すべての**権限を、指定したユーザまたはグループに付与します。値がPuppetDB設定ファイルに追加されると、このデータベースは使用可能になります。 +### DBオブジェクトの所有権の管理 + +REASSIGN OWNEDを使用して、データベース内にあるすべてのオブジェクトの所有権を変更するには、次のようにします。 + +```puppet +postgresql::server::reassign_owned_by { 'new owner is meerkat': + db => 'test_db', + old_owner => 'marmot', + new_owner => 'meerkat', +} +``` + +この例では、PostgreSQLの'REASSIGN OWNED'ステートメントを実行して所有権を更新し、現在、ロール'marmot'が所有しているすべてのテーブル、シーケンス、関数、ビューが、ロール'meerkat'に所有されるようにします。 + +これは、指定された'test_db'内のオブジェクトに対してのみ適用されます。 + +バージョン9.3以上のPostgresqlでは、データベースの所有権も更新されます。 + ### デフォルトのオーバーライド `postgresql::globals`クラスを使用すると、このモジュールの主な設定をグローバルに構成できます。この設定は、他のクラスや定義済みリソースから使用できます。単独では機能しません。 @@ -327,6 +346,7 @@ postgresqlモジュールには、サーバー設定用に多数のオプショ * [postgresql::server::grant_role](#postgresqlservergrant_role) * [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) * [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) +* [postgresql::server::reassign_owned_by](#postgresqlserverreassign_owned_by) * [postgresql::server::recovery](#postgresqlserverrecovery) * [postgresql::server::role](#postgresqlserverrole) * [postgresql::server::schema](#postgresqlserverschema) @@ -429,6 +449,16 @@ PostgreSQL docsパッケージリソースが存在する必要があるかど **警告:** datadirがデフォルトから変更された場合、Puppetは元のデータディレクトリのパージを管理しません。そのため、データディレクトリが元のディレクトリに戻ったときにエラーが発生します。 +##### `data_checksums` + +オプションです。 + +データタイプ: 真偽値(boolean) + +データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。有効な値: `true`、`false`。デフォルト値: initdbのデフォルト値('false')。 + +**警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 + ##### `default_database` 接続するデフォルトのデータベースの名前を指定します。 @@ -721,6 +751,16 @@ PostgreSQL Pythonパッケージの名前。 デフォルト値: '${bindir}/createdb'。 +##### `data_checksums` + +オプションです。 + +データタイプ: 真偽値(boolean) + +データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。有効な値: `true`、`false`。デフォルト値: initdbのデフォルト値('false')。 + +**警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 + ##### `default_database` 接続するデフォルトのデータベースの名前を指定します。ほとんどのシステムで、'postgres'になります。 @@ -737,7 +777,7 @@ PostgreSQL Pythonパッケージの名前。 ##### `group` -ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーグループをオーバーライドします。 +ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーザグループをオーバーライドします。 デフォルト値: OSによって異なります。 @@ -1177,7 +1217,10 @@ PostgreSQL拡張を管理します。 ##### `object_name` -アクセス権を付与する`object_type`の名前を指定します。 +アクセス権を付与する`object_type`の名前を、文字列または2要素の配列で指定します。 + +String: 'object_name' +Array: ['schema_name', 'object_name'] ##### `port` @@ -1251,7 +1294,7 @@ PostgreSQL拡張を管理します。 ##### `connect_settings` -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 デフォルト値: ローカルのPostgresインスタンスに接続します。 @@ -1346,6 +1389,40 @@ PostgreSQLインスタンス全体を管理することなく、`pg_hba.conf`を **注意して使用してください。** +#### postgresql::server::reassign_owned_by + +PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し、既存オブジェクトの所有権を別のデータベースロールに移します。 + +##### `db` + + 'REASSIGN OWNED'コマンドを適用するデータベースを指定します。 + +##### `old_role` + +指定したデータベース内のオブジェクトを現在所有しているロールまたはユーザを指定します。 + +##### `new_role` + +対象オブジェクトの新しい所有者となるロールまたはユーザを指定します。 + +##### `psql_user` + +`psql`を実行するOSユーザを指定します。 + +デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 + +##### `port` + +接続に使用するポート。 + +デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 + +##### `connect_settings` + +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 + +デフォルト値: ローカルのPostgresインスタンスに接続します。 + #### postgresql::server::recovery `recovery.conf`の内容を作成可能にします。詳細については、[使用例](#create-recovery-configuration)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)を参照してください。 @@ -1380,7 +1457,7 @@ PostgreSQLインスタンス全体を管理することなく、`pg_hba.conf`を ##### `target` ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 - + **注意して使用してください。** #### postgresql::server::role @@ -1392,7 +1469,7 @@ PostgreSQLのロールまたはユーザを作成します。 デフォルト値: '-1'。これは、無制限を意味します。 ##### `connect_settings` -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 デフォルト値: ローカルのPostgresインスタンスに接続します。 @@ -1452,7 +1529,7 @@ postgresql::server::role { 'myusername': ##### `connect_settings` -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 デフォルト値: ローカルのPostgresインスタンスに接続します。 @@ -1638,6 +1715,16 @@ PostgreSQLマスターサーバー上でウォームスタンバイレプリケ これはnamevarです。 +##### `ensure` + +必須。 + +指定されたスロットに対して、作成または消去のいずれかのアクションを指定します。 + +有効な値: 'present'、'absent'。 + +デフォルト値: 'present'。 + #### postgresql_conn_validator このタイプを使用するローカルまたはリモートのPostgreSQLデータベースへの接続を検証します。 From 2d3d7c831c49dd5e87bd658551c6a7c2182940b4 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 6 Oct 2017 14:29:52 -0700 Subject: [PATCH 0281/1000] (PUP-8008) monkey patch spec_helper_acceptance Calls to the forge to get the latest version of the apt module (postgres depends on apt) are failing because of a problem we cannot fix quickly enough (PUP-8008) so this monkey patch will have to do for now. This overloads a method in the module_install_helper to knock apt out of the dependencies list and then install v4.1.0 'manually' --- spec/spec_helper_acceptance.rb | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 050660d4c7..e1b08d4a53 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -5,11 +5,40 @@ run_puppet_install_helper install_ca_certs unless ENV['PUPPET_INSTALL_TYPE'] =~ /pe/i -install_module_on(hosts) -install_module_dependencies_on(hosts) UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] +# monkey patch to get around apt/forge issue (PUP-8008) +module Beaker::ModuleInstallHelper + include Beaker::DSL + + def module_dependencies_from_metadata + metadata = module_metadata + return [] unless metadata.key?('dependencies') + + dependencies = [] + + # get it outta here! + metadata['dependencies'].delete_if {|d| d['name'] == 'puppetlabs/apt' } + + metadata['dependencies'].each do |d| + tmp = { module_name: d['name'].sub('/', '-') } + + if d.key?('version_requirement') + tmp[:version] = module_version_from_requirement(tmp[:module_name], + d['version_requirement']) + end + dependencies.push(tmp) + end + + dependencies + end +end + +install_module_on(hosts) +install_module_dependencies_on(hosts) +install_module_from_forge_on(hosts,'puppetlabs/apt','< 4.2.0') + class String # Provide ability to remove indentation from strings, for the purpose of # left justifying heredoc blocks. From 8752a2455f406376a8386f943f3bcee277b6f022 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Fri, 6 Oct 2017 14:29:52 -0700 Subject: [PATCH 0282/1000] (PUP-8008) monkey patch spec_helper_acceptance Calls to the forge to get the latest version of the apt module (postgres depends on apt) are failing because of a problem we cannot fix quickly enough (PUP-8008) so this monkey patch will have to do for now. This overloads a method in the module_install_helper to knock apt out of the dependencies list and then install v4.1.0 'manually' --- spec/spec_helper_acceptance.rb | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 050660d4c7..e1b08d4a53 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -5,11 +5,40 @@ run_puppet_install_helper install_ca_certs unless ENV['PUPPET_INSTALL_TYPE'] =~ /pe/i -install_module_on(hosts) -install_module_dependencies_on(hosts) UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] +# monkey patch to get around apt/forge issue (PUP-8008) +module Beaker::ModuleInstallHelper + include Beaker::DSL + + def module_dependencies_from_metadata + metadata = module_metadata + return [] unless metadata.key?('dependencies') + + dependencies = [] + + # get it outta here! + metadata['dependencies'].delete_if {|d| d['name'] == 'puppetlabs/apt' } + + metadata['dependencies'].each do |d| + tmp = { module_name: d['name'].sub('/', '-') } + + if d.key?('version_requirement') + tmp[:version] = module_version_from_requirement(tmp[:module_name], + d['version_requirement']) + end + dependencies.push(tmp) + end + + dependencies + end +end + +install_module_on(hosts) +install_module_dependencies_on(hosts) +install_module_from_forge_on(hosts,'puppetlabs/apt','< 4.2.0') + class String # Provide ability to remove indentation from strings, for the purpose of # left justifying heredoc blocks. From 74d0375fdce3f17e35373ad45cf1df73ddb3b280 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 9 Oct 2017 11:15:11 +0100 Subject: [PATCH 0283/1000] Updates to Changelog for release prep --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 01bed91356..b717c0d8ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,9 +7,12 @@ Adds several new features including some work around OS support. Also includes a - Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. - Use postgresql 9.6 for the newest SLES and openSUSE releases. - Enhanced --data-checksums on initdb. +- Added support for Debian version 9. +- Added a `version` parameter. #### Changed - Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. +- Installation method for apt in the spec_helper_acceptance, this is a temporary workaround due to issues with module installation. #### Fixed - Updated spec tests to remove deprecation warnings. @@ -21,6 +24,7 @@ Adds several new features including some work around OS support. Also includes a #### Removed - Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) - Removed unsupported Debian version 6. +- Removed numeric order override. ## Supported Release 5.1.0 ### Summary From cac3ddc1ba2aaa19541187a6d4d1749c282c395a Mon Sep 17 00:00:00 2001 From: George Hansper Date: Fri, 27 Oct 2017 10:57:50 +1000 Subject: [PATCH 0284/1000] add parameter "version" to postgresql::server::extension - fix dependency on database --- manifests/server/extension.pp | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 438459f789..86f2f9df11 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -32,6 +32,12 @@ } } + if( $database != 'postgres' ) { + # The database postgres cannot managed by this module, so it is exempt from this dependency + Postgresql_psql { + require => Postgresql::Server::Database[$database], + } + } postgresql_psql {"Add ${extension} extension to ${database}": @@ -45,10 +51,6 @@ unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${extension}') as t WHERE t.count ${unless_comp} 1", } - if($database != undef and defined(Postgresql::Server::Database[$database])) { - Postgresql::Server::Database[$database]->Postgresql_psql["Add ${extension} extension to ${database}"] - } - if $package_name { $_package_ensure = $package_ensure ? { undef => $ensure, @@ -79,8 +81,5 @@ command => $alter_extension_sql, unless => $update_unless, } - if($database != undef and defined(Postgresql::Server::Database[$database])) { - Postgresql::Server::Database[$database]->Postgresql_psql["${database}: ${alter_extension_sql}"] - } } } From bccc11aba915a8399a665b795b9779e5c9f623a2 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 8 Nov 2017 10:56:20 -0800 Subject: [PATCH 0285/1000] (SERVER-2003) stub major versions Recent changes in the apt module are looking for structured facts that arent currently stubbed in postgresql unit tests. This adds those facts so that unit tests pass --- spec/unit/classes/globals_spec.rb | 3 ++- spec/unit/classes/repo_spec.rb | 3 ++- spec/unit/classes/server_spec.rb | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index d4bceda47c..67890905bf 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -8,7 +8,8 @@ :family => 'Debian', :name => 'Debian', :release => { - :full => '6.0' + :full => '6.0', + :major => '6' } }, :osfamily => 'Debian', diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index edfeda3735..3942d65d20 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -7,7 +7,8 @@ :name => 'Debian', :family => 'Debian', :release => { - :full => '6.0' + :full => '6.0', + :major => '6' } }, :osfamily => 'Debian', diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index c78e60e7e7..18013d8ff4 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -7,7 +7,8 @@ :family => 'Debian', :name => 'Debian', :release => { - :full => '6.0' + :full => '6.0', + :major => '6' } }, :osfamily => 'Debian', From c0858aef239d7c40fb7c1ecbec5151454d666df7 Mon Sep 17 00:00:00 2001 From: Eric Putnam Date: Wed, 8 Nov 2017 11:49:29 -0800 Subject: [PATCH 0286/1000] (MODULES-5955) release prep for 5.2.1 [ci skip] --- CHANGELOG.md | 12 ++++++++++++ metadata.json | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b717c0d8ac..c1cc5ca675 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +# Change log + +All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) +and this project adheres to [Semantic Versioning](http://semver.org). + +## Supported Release 5.2.1 +### Summary +Bug fix for issue introduced in 5.2.0 + +#### Fixed +- issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) + ## Supported Release 5.2.0 ### Summary Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. diff --git a/metadata.json b/metadata.json index 7d7513d986..fc5dc60156 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.2.0", + "version": "5.2.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 424fcb288c23e2f815d53a00daa9962b8afd94be Mon Sep 17 00:00:00 2001 From: jbondpdx Date: Wed, 8 Nov 2017 13:22:55 -0800 Subject: [PATCH 0287/1000] (MODULES-5956) fixes for postgresql release --- README.md | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 6561ed0099..f41c83434d 100644 --- a/README.md +++ b/README.md @@ -455,7 +455,11 @@ Optional. Data type: Boolean. -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: 'true' or 'false'. Default: initdb's default ('false'). +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. + +Valid values: `true` or `false`. + +Default: initdb's default (`false`). **Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. @@ -757,7 +761,11 @@ Optional. Data type: Boolean. -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. Default: initdb's default (`false`). +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. + +Valid values: `true` or `false`. + +Default value: initdb's default (`false`). **Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. @@ -767,7 +775,7 @@ Specifies the name of the default database to connect with. On most systems this ##### `default_connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined-types. i.e. `postgresql::server::role` +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as `postgresql::server::role`. ##### `encoding` From 4932e5c6fe8c34e7d0f7a2c2ec48e384cd2fb1f7 Mon Sep 17 00:00:00 2001 From: Iakov Gan Date: Thu, 9 Nov 2017 14:07:27 +0100 Subject: [PATCH 0288/1000] Avoid useless loading of all files by augeas If there are files other than bash style config in /etc/sysconfig/pgsql/postgresql, augeas will throw exception ``` Warning: Augeas[override PGDATA in /etc/sysconfig/pgsql/postgresql](provider=augeas): Loading failed for one or more files, see debug for /augeas//error output ``` This commit fixes the issue. --- manifests/server/config_entry.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 3e37f0066d..5a4f83ab57 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -126,7 +126,7 @@ } -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/*', + incl => '/etc/sysconfig/pgsql/postgresql', context => '/files/etc/sysconfig/pgsql/postgresql', changes => "set PGPORT ${value}", require => File['/etc/sysconfig/pgsql/postgresql'], @@ -145,7 +145,7 @@ } -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/*', + incl => '/etc/sysconfig/pgsql/postgresql', context => '/files/etc/sysconfig/pgsql/postgresql', changes => "set PGDATA ${value}", require => File['/etc/sysconfig/pgsql/postgresql'], From a99ae3724b2fa12a64075f62310bc24d152774a6 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 13 Nov 2017 15:29:38 +0000 Subject: [PATCH 0289/1000] (maint) - Removing Debian 9 This will be readded when work is carried out to make Debian 9 compatible with the code base. --- metadata.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 7d7513d986..51b276a241 100644 --- a/metadata.json +++ b/metadata.json @@ -50,8 +50,7 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "7", - "8", - "9" + "8" ] }, { From 0df1f725661fb9ec7a58309994c8a502576abadd Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 13 Nov 2017 16:39:11 -0500 Subject: [PATCH 0290/1000] (MODULES-6014) Add support for Fedora 27 to puppetlabs-postgresql Fedora 27 provides postgresql-server version 9.6 in the default repositories. --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 1e192f91d9..8fad0c524d 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -65,7 +65,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { - /^(26)$/ => '9.6', + /^(26|27)$/ => '9.6', /^(24|25)$/ => '9.5', /^(22|23)$/ => '9.4', /^(21)$/ => '9.3', From eb04c05f768b67d7d655ff4d1d5da36bb391d5df Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Wed, 15 Nov 2017 08:18:19 +1100 Subject: [PATCH 0291/1000] Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 496df2b3b1..de69428dc9 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -455,7 +455,11 @@ PostgreSQL docsパッケージリソースが存在する必要があるかど データタイプ: 真偽値(boolean) -データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。有効な値: `true`、`false`。デフォルト値: initdbのデフォルト値('false')。 +データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。 + +有効な値: `true`、`false`。 + +デフォルト値: initdbのデフォルト値(`false`)。 **警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 @@ -757,7 +761,11 @@ PostgreSQL Pythonパッケージの名前。 データタイプ: 真偽値(boolean) -データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。有効な値: `true`、`false`。デフォルト値: initdbのデフォルト値('false')。 +データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。 + +有効な値: `true`、`false`。 + +デフォルト値: initdbのデフォルト値(`false`)。 **警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 @@ -1191,6 +1199,21 @@ PostgreSQL拡張を管理します。 有効化する拡張を指定します。空欄にした場合、リソースの名前が使用されます。 +#### `version` + +データベースが使用するエクステンションのバージョンを指定します。 +拡張パッケージが更新された場合、各データベースで有効なバージョンを自動的に変更することはありません。 + +そのためには、PostgreSQLに固有のSQL `ALTER EXTENSION...`を使用して更新する必要があります + +`version`は`latest`に設定できます。この場合、SQL `ALTER EXTENSION "extension" UPDATE`がこのデータベースのみに適用されます。 + +`version`は特定のバージョンに設定できます。この場合、拡張は`ALTER EXTENSION "extension" UPDATE TO 'version'`を使用して更新されます + +例えば、拡張を`postgis`、バージョンを`2.3.3`に設定した場合、SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'`がこのデータベースのみに適用されます。 + +`version`は省略される場合もあります。この場合、SQL `ALTER EXTENSION...`は適用されません。バージョンは変更されず、そのままになります。 + ##### `package_name` 拡張を有効化する前にインストールするパッケージを指定します。 @@ -1439,7 +1462,7 @@ PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し * `archive_cleanup_command` * `recovery_end_command` -##### [リカバリターゲット設定](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) +##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) * `recovery_target_name` * `recovery_target_time` * `recovery_target_xid` @@ -1448,7 +1471,7 @@ PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し * `recovery_target_timeline` * `pause_at_recovery_target` -##### [スタンバイサーバー設定](http://www.postgresql.org/docs/current/static/standby-settings.html) +##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) * `standby_mode`: 文字列('on'/'off')またはブール値(`true`/`false`)で指定できます。 * `primary_conninfo` * `primary_slot_name` @@ -1811,7 +1834,7 @@ PostgreSQLのバージョン8.1~9.5で動作します。 現在、postgresqlモジュールは次のオペレーティングシステムでテスト済みです。 -* Debian 6.x、7.x、8.x。 +* Debian 6.x, 7.x, 8.x. * CentOS 5.x、6.x、7.x。 * Ubuntu 10.04および12.04、14.04。 From 10850238827e853767293864124d83a5223f1138 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Fri, 17 Nov 2017 12:17:41 +0000 Subject: [PATCH 0292/1000] Module sync 1d81b6a --- .travis.yml | 2 +- spec/spec_helper.rb | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0c6f904c32..38d226395a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,7 +22,7 @@ matrix: script: bundle exec rake beaker services: docker sudo: required - - rvm: 2.4.0 + - rvm: 2.4.1 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 5.0" - rvm: 2.1.9 diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 22d5d689f4..01912b60c4 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,8 +1,9 @@ -#This file is generated by ModuleSync, do not edit. +# This file is generated by ModuleSync, do not edit. require 'puppetlabs_spec_helper/module_spec_helper' # put local configuration and setup into spec_helper_local begin require 'spec_helper_local' -rescue LoadError +rescue LoadError => loaderror + puts "Could not require spec_helper_local: #{loaderror.message}" end From ca873fc177fbc5b4c83e69270187f8eeb9f85109 Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 3 Oct 2017 18:08:25 +0100 Subject: [PATCH 0293/1000] FM-6445 add a task --- Gemfile | 1 + README.md | 7 +++++++ spec/acceptance/sql_task_spec.rb | 24 +++++++++++++++++++++++ spec/spec_helper_acceptance.rb | 13 +++++++++++-- tasks/sql.json | 30 +++++++++++++++++++++++++++++ tasks/sql.rb | 33 ++++++++++++++++++++++++++++++++ 6 files changed, 106 insertions(+), 2 deletions(-) create mode 100644 spec/acceptance/sql_task_spec.rb create mode 100644 tasks/sql.json create mode 100755 tasks/sql.rb diff --git a/Gemfile b/Gemfile index a9f0161c79..8bd07c79b0 100644 --- a/Gemfile +++ b/Gemfile @@ -51,6 +51,7 @@ group :system_tests do gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') gem "puppet-blacksmith", '~> 3.4', :require => false + gem "beaker-task_helper" end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) diff --git a/README.md b/README.md index f41c83434d..47345c619d 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ * [Defined Types](#defined-types) * [Types](#types) * [Functions](#functions) + * [Tasks](#tasks) 5. [Limitations - OS compatibility, etc.](#limitations) 6. [Development - Guide for contributing to the module](#development) * [Contributors - List of module contributors](#contributors) @@ -365,6 +366,8 @@ The postgresql module comes with many options for configuring the server. While * [postgresql_password](#function-postgresql_password) * [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) +**Tasks:** + ### Classes #### postgresql::client @@ -1828,6 +1831,10 @@ This internal function converts a list of `pg_hba.conf` based ACLs (passed in as **This function should only be used internally by the module**. +### Tasks + +The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. + ## Limitations Works with versions of PostgreSQL from 8.1 through 9.5. diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb new file mode 100644 index 0000000000..3b323c6131 --- /dev/null +++ b/spec/acceptance/sql_task_spec.rb @@ -0,0 +1,24 @@ +# run a test task +require 'spec_helper_acceptance' + +describe 'postgresql task', if: puppet_version =~ %r{(5\.\d\.\d)} && !pe_install? do + describe 'sql task' do + pp = <<-EOS + class { 'postgresql::server': } -> + postgresql::server::db { 'spec1': + user => 'root1', + password => postgresql_password('root1', 'password'), + } + EOS + + it 'sets up a postgres db' do + apply_manifest(pp, :catch_failures => true) + end + + it 'execute some sql' do + # equates to 'psql -c "SELECT table_name FROM information_schema.tables WHERE table_schema = 'information_schema';" --password --host localhost --dbname=spec1 --username root1' + result = run_task(task_name: 'postgresql::sql', params: 'sql="SELECT count(table_name) FROM information_schema.tables;" host=localhost user=root1 password=password user=root1 database=spec1') + expect_multiple_regexes(result: result, regexes: [%r{count}, %r{1 row}, %r{Job completed. 1/1 nodes succeeded|Ran on 1 node}]) + end + end +end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index e1b08d4a53..77a3992062 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -2,9 +2,10 @@ require 'beaker-rspec/helpers/serverspec' require 'beaker/puppet_install_helper' require 'beaker/module_install_helper' +require 'beaker/task_helper' run_puppet_install_helper -install_ca_certs unless ENV['PUPPET_INSTALL_TYPE'] =~ /pe/i +install_ca_certs unless pe_install? UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] @@ -35,10 +36,18 @@ def module_dependencies_from_metadata end end + +install_bolt_on(hosts) unless pe_install? install_module_on(hosts) install_module_dependencies_on(hosts) install_module_from_forge_on(hosts,'puppetlabs/apt','< 4.2.0') +DEFAULT_PASSWORD = if default[:hypervisor] == 'vagrant' + 'vagrant' + elsif default[:hypervisor] == 'vcloud' + 'Qu@lity!' + end + class String # Provide ability to remove indentation from strings, for the purpose of # left justifying heredoc blocks. @@ -78,6 +87,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) # Configure all nodes in nodeset c.before :suite do + run_puppet_access_login(user: 'admin') if pe_install? # Set up selinux if appropriate. if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' pp = <<-EOS @@ -109,7 +119,6 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) end hosts.each do |host| - on host, "/bin/touch #{host['puppetpath']}/hiera.yaml" on host, 'chmod 755 /root' if fact_on(host, 'osfamily') == 'Debian' on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" diff --git a/tasks/sql.json b/tasks/sql.json new file mode 100644 index 0000000000..1cd8a04a7b --- /dev/null +++ b/tasks/sql.json @@ -0,0 +1,30 @@ +{ + "description": "Allows you to execute arbitary SQL", + "input_method": "stdin", + "parameters": { + "database": { + "description": "Database to connect to", + "type": "Optional[String[1]]" + }, + "host": { + "description": "Hostname to connect to", + "type": "Optional[String[1]]" + }, + "password": { + "description": "The password", + "type": "Optional[String[1]]" + }, + "port": { + "description": "The port", + "type": "Optional[String[1]]" + }, + "sql": { + "description": "The SQL you want to execute", + "type": "String[1]" + }, + "user": { + "description": "The user", + "type": "Optional[String[1]]" + } + } +} diff --git a/tasks/sql.rb b/tasks/sql.rb new file mode 100755 index 0000000000..c706016318 --- /dev/null +++ b/tasks/sql.rb @@ -0,0 +1,33 @@ +#!/opt/puppetlabs/puppet/bin/ruby +require 'json' +require 'open3' +require 'puppet' + +def get(sql, database, user, port, password, host) + env_hash = {'PGPASSWORD' => password} unless password.nil? + cmd_string = "psql -c \"#{sql}\"" + cmd_string << " --dbname=#{database}" unless database.nil? + cmd_string << " --username=#{user}" unless user.nil? + cmd_string << " --port=#{port}" unless port.nil? + cmd_string << " --host=#{host}" unless host.nil? + stdout, stderr, status = Open3.capture3(env_hash, cmd_string) + raise Puppet::Error, stderr if status != 0 + { status: stdout.strip } +end + +params = JSON.parse(STDIN.read) +database = params['database'] +host = params['host'] +password = params['password'] +port = params['port'] +sql = params['sql'] +user = params['user'] + +begin + result = get(sql, database, user, port, password, host) + puts result.to_json + exit 0 +rescue Puppet::Error => e + puts({ status: 'failure', error: e.message }.to_json) + exit 1 +end From 9ca61e1ffa8a16ef50126cd8dd0c3f400ec71145 Mon Sep 17 00:00:00 2001 From: Paul Henry Date: Thu, 30 Nov 2017 13:48:44 -0800 Subject: [PATCH 0294/1000] MODULES-6194 - Add scram-sha-256 as a valid pg_hba_rule auth method With Postgres 10, scram-sha-256 is a new type of password hashing, improving over md5 hashing. --- manifests/server/pg_hba_rule.pp | 3 +- spec/unit/defines/server/pg_hba_rule_spec.rb | 30 ++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 3abd6c845a..dce58a0ffb 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -33,6 +33,7 @@ } $allowed_auth_methods = $postgresql_version ? { + '10' => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], '9.6' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], '9.5' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], @@ -44,7 +45,7 @@ '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], - default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] + default => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] } assert_type(Enum[$allowed_auth_methods], $auth_method) diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index f657589c7a..24ead07d1b 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -122,5 +122,35 @@ class { 'postgresql::server': } end end + context 'allows scram-sha-256 on postgres 10' do + let :pre_condition do + <<-EOS + class { 'postgresql::globals': + version => '10', + } + class { 'postgresql::server': } + EOS + end + + let :params do + { + :type => 'local', + :database => 'all', + :user => 'all', + :address => '0.0.0.0/0', + :auth_method => 'scram-sha-256', + :target => target, + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with( + { + :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+scram-sha-256/ + } + ) + end + end + end end From 9e568140fa1bf49cf856932e106ca67360e1e3de Mon Sep 17 00:00:00 2001 From: Pierre Radermecker Date: Wed, 6 Dec 2017 22:14:25 +0100 Subject: [PATCH 0295/1000] According to the puppet doc, Pattern should be a list of regex. Link to the doc: https://puppet.com/docs/puppet/5.3/lang_data_abstract.html#pattern --- manifests/server/grant.pp | 82 +++++++++++++++++++-------------------- 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index ecc7a76f7e..5f9c081678 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -71,11 +71,11 @@ 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', Pattern[ - '^$', - '^CONNECT$', - '^CREATE$', - '^TEMP$', - '^TEMPORARY$' + /^$/, + /^CONNECT$/, + /^CREATE$/, + /^TEMP$/, + /^TEMPORARY$/ ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -88,9 +88,9 @@ 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', Pattern[ - '^$', - '^CREATE$', - '^USAGE$' + /^$/, + /^CREATE$/, + /^USAGE$/ ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -102,11 +102,11 @@ $unless_privilege = $_privilege ? { 'ALL' => 'USAGE', Pattern[ - '^$', - '^ALL PRIVILEGES$', - '^SELECT$', - '^UPDATE$', - '^USAGE$' + /^$/, + /^ALL PRIVILEGES$/, + /^SELECT$/, + /^UPDATE$/, + /^USAGE$/ ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -117,12 +117,12 @@ 'ALL SEQUENCES IN SCHEMA': { case $_privilege { Pattern[ - '^$', - '^ALL$', - '^ALL PRIVILEGES$', - '^SELECT$', - '^UPDATE$', - '^USAGE$' + /^$/, + /^ALL$/, + /^ALL PRIVILEGES$/, + /^SELECT$/, + /^UPDATE$/, + /^USAGE$/ ]: { } default: { fail('Illegal value for $privilege parameter') } } @@ -191,15 +191,15 @@ $unless_privilege = $_privilege ? { 'ALL' => 'INSERT', Pattern[ - '^$', - '^ALL$', - '^ALL PRIVILEGES$', - '^DELETE$', - '^REFERENCES$', - '^SELECT$', - '^TRIGGER$', - '^TRUNCATE$', - '^UPDATE$' + /^$/, + /^ALL$/, + /^ALL PRIVILEGES$/, + /^DELETE$/, + /^REFERENCES$/, + /^SELECT$/, + /^TRIGGER$/, + /^TRUNCATE$/, + /^UPDATE$/ ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -213,16 +213,16 @@ 'ALL TABLES IN SCHEMA': { case $_privilege { Pattern[ - '^$', - '^ALL$', - '^ALL PRIVILEGES$', - '^DELETE$', - '^INSERT$', - '^REFERENCES$', - '^SELECT$', - '^TRIGGER$', - '^TRUNCATE$', - '^UPDATE$' + /^$/, + /^ALL$/, + /^ALL PRIVILEGES$/, + /^DELETE$/, + /^INSERT$/, + /^REFERENCES$/, + /^SELECT$/, + /^TRIGGER$/, + /^TRUNCATE$/, + /^UPDATE$/ ]: { } default: { fail('Illegal value for $privilege parameter') } } @@ -270,9 +270,9 @@ 'ALL' => 'USAGE', 'ALL PRIVILEGES' => 'USAGE', Pattern[ - '^$', - '^CREATE$', - '^USAGE$' + /^$/, + /^CREATE$/, + /^USAGE$/ ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } From 0652bb00a49430b3dc389b4a1996b2b168018c84 Mon Sep 17 00:00:00 2001 From: tphoney Date: Wed, 13 Dec 2017 10:45:30 +0000 Subject: [PATCH 0296/1000] (maint) - modulesync 384f4c1 --- .gitignore | 31 ++- .rubocop.yml | 586 +++++++--------------------------------------- .rubocop_todo.yml | 0 Gemfile | 13 +- 4 files changed, 113 insertions(+), 517 deletions(-) create mode 100644 .rubocop_todo.yml diff --git a/.gitignore b/.gitignore index f6e8b46c29..e5e6f9e8af 100644 --- a/.gitignore +++ b/.gitignore @@ -1,24 +1,23 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -Gemfile.local -vendor/ -spec/fixtures/manifests/ -spec/fixtures/modules/ -log/ -junit/ -.vagrant/ +#This file is generated by ModuleSync, do not edit.Z +*.iml +.*.sw[op] +.DS_Store .bundle/ -coverage/ -log/ .idea/ .metadata -*.iml -.*.sw[op] +.vagrant/ .yardoc .yardwarns -.DS_Store +Gemfile.local +Gemfile.lock +bin/ +coverage/ +doc/ +junit/ +log/ +pkg/ +spec/fixtures/manifests/ +spec/fixtures/modules/ tmp/ vendor/ -doc/ diff --git a/.rubocop.yml b/.rubocop.yml index 5aadd1b64f..515ef6314c 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,508 +1,98 @@ -require: rubocop-rspec +--- +require: + - rubocop-rspec AllCops: - TargetRubyVersion: 1.9 + TargetRubyVersion: '2.1' Include: - - ./**/*.rb + - "./**/*.rb" Exclude: - - vendor/**/* - - .vendor/**/* - - pkg/**/* - - spec/fixtures/**/* -Lint/ConditionPosition: - Enabled: True - -Lint/ElseLayout: - Enabled: True - -Lint/UnreachableCode: - Enabled: True - -Lint/UselessComparison: - Enabled: True - -Lint/EnsureReturn: - Enabled: True - -Lint/HandleExceptions: - Enabled: True - -Lint/LiteralInCondition: - Enabled: True - -Lint/ShadowingOuterLocalVariable: - Enabled: True - -Lint/LiteralInInterpolation: - Enabled: True - -Style/HashSyntax: - Enabled: True - -Style/RedundantReturn: - Enabled: True - -Lint/AmbiguousOperator: - Enabled: True - -Lint/AssignmentInCondition: - Enabled: True - -Style/SpaceBeforeComment: - Enabled: True - -Style/AndOr: - Enabled: True - -Style/RedundantSelf: - Enabled: True - -# Method length is not necessarily an indicator of code quality -Metrics/MethodLength: - Enabled: False - -# Module length is not necessarily an indicator of code quality -Metrics/ModuleLength: - Enabled: False - -Style/WhileUntilModifier: - Enabled: True - -Lint/AmbiguousRegexpLiteral: - Enabled: True - -Lint/Eval: - Enabled: True - -Lint/BlockAlignment: - Enabled: True - -Lint/DefEndAlignment: - Enabled: True - -Lint/EndAlignment: - Enabled: True - -Lint/DeprecatedClassMethods: - Enabled: True - -Lint/Loop: - Enabled: True - -Lint/ParenthesesAsGroupedExpression: - Enabled: True - -Lint/RescueException: - Enabled: True - -Lint/StringConversionInInterpolation: - Enabled: True - -Lint/UnusedBlockArgument: - Enabled: True - -Lint/UnusedMethodArgument: - Enabled: True - -Lint/UselessAccessModifier: - Enabled: True - -Lint/UselessAssignment: - Enabled: True - -Lint/Void: - Enabled: True - -Style/AccessModifierIndentation: - Enabled: True - -Style/AccessorMethodName: - Enabled: True - -Style/Alias: - Enabled: True - -Style/AlignArray: - Enabled: True - -Style/AlignHash: - Enabled: True - -Style/AlignParameters: - Enabled: True - -Metrics/BlockNesting: - Enabled: True - -Style/AsciiComments: - Enabled: True - -Style/Attr: - Enabled: True - -Style/BracesAroundHashParameters: - Enabled: True - -Style/CaseEquality: - Enabled: True - -Style/CaseIndentation: - Enabled: True - -Style/CharacterLiteral: - Enabled: True - -Style/ClassAndModuleCamelCase: - Enabled: True - -Style/ClassAndModuleChildren: - Enabled: False - -Style/ClassCheck: - Enabled: True - -# Class length is not necessarily an indicator of code quality -Metrics/ClassLength: - Enabled: False - -Style/ClassMethods: - Enabled: True - -Style/ClassVars: - Enabled: True - -Style/WhenThen: - Enabled: True - -Style/WordArray: - Enabled: True - -Style/UnneededPercentQ: - Enabled: True - -Style/Tab: - Enabled: True - -Style/SpaceBeforeSemicolon: - Enabled: True - -Style/TrailingBlankLines: - Enabled: True - -Style/SpaceInsideBlockBraces: - Enabled: True - -Style/SpaceInsideBrackets: - Enabled: True - -Style/SpaceInsideHashLiteralBraces: - Enabled: True - -Style/SpaceInsideParens: - Enabled: True - -Style/LeadingCommentSpace: - Enabled: True - -Style/SpaceBeforeFirstArg: - Enabled: True - -Style/SpaceAfterColon: - Enabled: True - -Style/SpaceAfterComma: - Enabled: True - -Style/SpaceAfterMethodName: - Enabled: True - -Style/SpaceAfterNot: - Enabled: True - -Style/SpaceAfterSemicolon: - Enabled: True - -Style/SpaceAroundEqualsInParameterDefault: - Enabled: True - -Style/SpaceAroundOperators: - Enabled: True - -Style/SpaceBeforeBlockBraces: - Enabled: True - -Style/SpaceBeforeComma: - Enabled: True - -Style/CollectionMethods: - Enabled: True - -Style/CommentIndentation: - Enabled: True - -Style/ColonMethodCall: - Enabled: True - -Style/CommentAnnotation: - Enabled: True - -# 'Complexity' is very relative -Metrics/CyclomaticComplexity: - Enabled: False - -Style/ConstantName: - Enabled: True - -Style/Documentation: - Enabled: False - -Style/DefWithParentheses: - Enabled: True - -Style/PreferredHashMethods: - Enabled: True - -Style/DotPosition: - EnforcedStyle: trailing - -Style/DoubleNegation: - Enabled: True - -Style/EachWithObject: - Enabled: True - -Style/EmptyLineBetweenDefs: - Enabled: True - -Style/IndentArray: - Enabled: True - -Style/IndentHash: - Enabled: True - -Style/IndentationConsistency: - Enabled: True - -Style/IndentationWidth: - Enabled: True - -Style/EmptyLines: - Enabled: True - -Style/EmptyLinesAroundAccessModifier: - Enabled: True - -Style/EmptyLiteral: - Enabled: True - -# Configuration parameters: AllowURI, URISchemes. + - bin/* + - ".vendor/**/*" + - Gemfile + - Rakefile + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* +inherit_from: .rubocop_todo.yml Metrics/LineLength: - Enabled: False - -Style/MethodCallParentheses: - Enabled: True - -Style/MethodDefParentheses: - Enabled: True - -Style/LineEndConcatenation: - Enabled: True - -Style/TrailingWhitespace: - Enabled: True - -Style/StringLiterals: - Enabled: True - -Style/TrailingCommaInArguments: - Enabled: True - -Style/TrailingCommaInLiteral: - Enabled: True - -Style/GlobalVars: - Enabled: True - -Style/GuardClause: - Enabled: True - -Style/IfUnlessModifier: - Enabled: True - -Style/MultilineIfThen: - Enabled: True - -Style/NegatedIf: - Enabled: True - -Style/NegatedWhile: - Enabled: True - -Style/Next: - Enabled: True - -Style/SingleLineBlockParams: - Enabled: True - -Style/SingleLineMethods: - Enabled: True - -Style/SpecialGlobalVars: - Enabled: True - -Style/TrivialAccessors: - Enabled: True - -Style/UnlessElse: - Enabled: True - -Style/VariableInterpolation: - Enabled: True - -Style/VariableName: - Enabled: True - -Style/WhileUntilDo: - Enabled: True - -Style/EvenOdd: - Enabled: True - -Style/FileName: - Enabled: True - -Style/For: - Enabled: True - -Style/Lambda: - Enabled: True - -Style/MethodName: - Enabled: True - -Style/MultilineTernaryOperator: - Enabled: True - -Style/NestedTernaryOperator: - Enabled: True - -Style/NilComparison: - Enabled: True - + Description: People have wide screens, use them. + Max: 200 +RSpec/BeforeAfterAll: + Description: Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +Style/BlockDelimiters: + Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty Style/FormatString: - Enabled: True - -Style/MultilineBlockChain: - Enabled: True - -Style/Semicolon: - Enabled: True - -Style/SignalException: - Enabled: True - -Style/NonNilCheck: - Enabled: True - -Style/Not: - Enabled: True - -Style/NumericLiterals: - Enabled: True - -Style/OneLineConditional: - Enabled: True - -Style/OpMethod: - Enabled: True - -Style/ParenthesesAroundCondition: - Enabled: True - -Style/PercentLiteralDelimiters: - Enabled: True - -Style/PerlBackrefs: - Enabled: True - -Style/PredicateName: - Enabled: True - -Style/RedundantException: - Enabled: True - -Style/SelfAssignment: - Enabled: True - -Style/Proc: - Enabled: True - -Style/RaiseArgs: - Enabled: True - -Style/RedundantBegin: - Enabled: True - -Style/RescueModifier: - Enabled: True - -# based on https://github.com/voxpupuli/modulesync_config/issues/168 + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 EnforcedStyle: percent_r - Enabled: True - -Lint/UnderscorePrefixedVariableName: - Enabled: True - -Metrics/ParameterLists: - Enabled: False - -Lint/RequireParentheses: - Enabled: True - -Style/SpaceBeforeFirstArg: - Enabled: True - -Style/ModuleFunction: - Enabled: True - -Lint/Debugger: - Enabled: True - -Style/IfWithSemicolon: - Enabled: True - -Style/Encoding: - Enabled: True - -Style/BlockDelimiters: - Enabled: True - -Style/MultilineBlockLayout: - Enabled: True - -# 'Complexity' is very relative +Style/TernaryParentheses: + Description: Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInLiteral: + Description: Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true Metrics/AbcSize: - Enabled: False - -# 'Complexity' is very relative + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false Metrics/PerceivedComplexity: - Enabled: False - -Lint/UselessAssignment: - Enabled: True - -Style/ClosingParenthesisIndentation: - Enabled: False - -# RSpec - -# We don't use rspec in this way + Enabled: false RSpec/DescribeClass: - Enabled: False - -# Example length is not necessarily an indicator of code quality -RSpec/ExampleLength: - Enabled: False - -RSpec/NamedSubject: - Enabled: False + Enabled: false +RSpec/MessageExpectation: + Enabled: false +Style/AsciiComments: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/SymbolProc: + Enabled: false diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/Gemfile b/Gemfile index 8bd07c79b0..84b23f2b4e 100644 --- a/Gemfile +++ b/Gemfile @@ -28,10 +28,19 @@ def location_for(place_or_version, fake_version = nil) end # Used for gem conditionals -supports_windows = false ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = "#{ruby_version_segments[0]}.#{ruby_version_segments[1]}" +# The following gems are not included by default as they require DevKit on Windows. +# You should probably include them in a Gemfile.local or a ~/.gemfile +#gem 'pry' #this may already be included in the gemfile +#gem 'pry-stack_explorer', :require => false +#if RUBY_VERSION =~ /^2/ +# gem 'pry-byebug' +#else +# gem 'pry-debugger' +#end + group :development do gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] @@ -51,7 +60,6 @@ group :system_tests do gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') gem "puppet-blacksmith", '~> 3.4', :require => false - gem "beaker-task_helper" end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) @@ -63,7 +71,6 @@ gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) if ENV['FACTER_GEM_VERSION'] gem 'hiera', *location_for(ENV['HIERA_GEM_VERSION']) if ENV['HIERA_GEM_VERSION'] - # Evaluate Gemfile.local if it exists if File.exists? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) From 558df266b929f1f1d6c96aa585f7ad882f0cb9d8 Mon Sep 17 00:00:00 2001 From: olevole Date: Mon, 25 Dec 2017 15:31:33 +0300 Subject: [PATCH 0297/1000] Inherit 9.6 settings for later PgSQL version on FreeBSD Since version 96, we have other default settings. Inherit them for later versions --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 44ff66458d..4f6d285c4c 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -205,7 +205,7 @@ 'FreeBSD': { case $version { - '96': { + '96', '10': { $user = pick($user, 'postgres') $group = pick($group, 'postgres') $datadir = pick($datadir, "/var/db/postgres/data${version}") From a26bc41747e3f5e62b98c82825ac1c8dbf81fc4e Mon Sep 17 00:00:00 2001 From: Michael T Lombardi Date: Wed, 3 Jan 2018 16:13:37 -0600 Subject: [PATCH 0298/1000] (maint) modulesync 65530a4 Update Travis Related: https://github.com/puppetlabs/modulesync_configs/pull/177 --- .gitignore | 31 ++- .rubocop.yml | 586 +++++++--------------------------------------- .rubocop_todo.yml | 0 .travis.yml | 3 - Gemfile | 13 +- 5 files changed, 113 insertions(+), 520 deletions(-) create mode 100644 .rubocop_todo.yml diff --git a/.gitignore b/.gitignore index f6e8b46c29..a1022772e0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,24 +1,23 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -Gemfile.local -vendor/ -spec/fixtures/manifests/ -spec/fixtures/modules/ -log/ -junit/ -.vagrant/ +# This file is generated by ModuleSync, do not edit. +*.iml +.*.sw[op] +.DS_Store .bundle/ -coverage/ -log/ .idea/ .metadata -*.iml -.*.sw[op] +.vagrant/ .yardoc .yardwarns -.DS_Store +Gemfile.local +Gemfile.lock +bin/ +coverage/ +doc/ +junit/ +log/ +pkg/ +spec/fixtures/manifests/ +spec/fixtures/modules/ tmp/ vendor/ -doc/ diff --git a/.rubocop.yml b/.rubocop.yml index 5aadd1b64f..515ef6314c 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,508 +1,98 @@ -require: rubocop-rspec +--- +require: + - rubocop-rspec AllCops: - TargetRubyVersion: 1.9 + TargetRubyVersion: '2.1' Include: - - ./**/*.rb + - "./**/*.rb" Exclude: - - vendor/**/* - - .vendor/**/* - - pkg/**/* - - spec/fixtures/**/* -Lint/ConditionPosition: - Enabled: True - -Lint/ElseLayout: - Enabled: True - -Lint/UnreachableCode: - Enabled: True - -Lint/UselessComparison: - Enabled: True - -Lint/EnsureReturn: - Enabled: True - -Lint/HandleExceptions: - Enabled: True - -Lint/LiteralInCondition: - Enabled: True - -Lint/ShadowingOuterLocalVariable: - Enabled: True - -Lint/LiteralInInterpolation: - Enabled: True - -Style/HashSyntax: - Enabled: True - -Style/RedundantReturn: - Enabled: True - -Lint/AmbiguousOperator: - Enabled: True - -Lint/AssignmentInCondition: - Enabled: True - -Style/SpaceBeforeComment: - Enabled: True - -Style/AndOr: - Enabled: True - -Style/RedundantSelf: - Enabled: True - -# Method length is not necessarily an indicator of code quality -Metrics/MethodLength: - Enabled: False - -# Module length is not necessarily an indicator of code quality -Metrics/ModuleLength: - Enabled: False - -Style/WhileUntilModifier: - Enabled: True - -Lint/AmbiguousRegexpLiteral: - Enabled: True - -Lint/Eval: - Enabled: True - -Lint/BlockAlignment: - Enabled: True - -Lint/DefEndAlignment: - Enabled: True - -Lint/EndAlignment: - Enabled: True - -Lint/DeprecatedClassMethods: - Enabled: True - -Lint/Loop: - Enabled: True - -Lint/ParenthesesAsGroupedExpression: - Enabled: True - -Lint/RescueException: - Enabled: True - -Lint/StringConversionInInterpolation: - Enabled: True - -Lint/UnusedBlockArgument: - Enabled: True - -Lint/UnusedMethodArgument: - Enabled: True - -Lint/UselessAccessModifier: - Enabled: True - -Lint/UselessAssignment: - Enabled: True - -Lint/Void: - Enabled: True - -Style/AccessModifierIndentation: - Enabled: True - -Style/AccessorMethodName: - Enabled: True - -Style/Alias: - Enabled: True - -Style/AlignArray: - Enabled: True - -Style/AlignHash: - Enabled: True - -Style/AlignParameters: - Enabled: True - -Metrics/BlockNesting: - Enabled: True - -Style/AsciiComments: - Enabled: True - -Style/Attr: - Enabled: True - -Style/BracesAroundHashParameters: - Enabled: True - -Style/CaseEquality: - Enabled: True - -Style/CaseIndentation: - Enabled: True - -Style/CharacterLiteral: - Enabled: True - -Style/ClassAndModuleCamelCase: - Enabled: True - -Style/ClassAndModuleChildren: - Enabled: False - -Style/ClassCheck: - Enabled: True - -# Class length is not necessarily an indicator of code quality -Metrics/ClassLength: - Enabled: False - -Style/ClassMethods: - Enabled: True - -Style/ClassVars: - Enabled: True - -Style/WhenThen: - Enabled: True - -Style/WordArray: - Enabled: True - -Style/UnneededPercentQ: - Enabled: True - -Style/Tab: - Enabled: True - -Style/SpaceBeforeSemicolon: - Enabled: True - -Style/TrailingBlankLines: - Enabled: True - -Style/SpaceInsideBlockBraces: - Enabled: True - -Style/SpaceInsideBrackets: - Enabled: True - -Style/SpaceInsideHashLiteralBraces: - Enabled: True - -Style/SpaceInsideParens: - Enabled: True - -Style/LeadingCommentSpace: - Enabled: True - -Style/SpaceBeforeFirstArg: - Enabled: True - -Style/SpaceAfterColon: - Enabled: True - -Style/SpaceAfterComma: - Enabled: True - -Style/SpaceAfterMethodName: - Enabled: True - -Style/SpaceAfterNot: - Enabled: True - -Style/SpaceAfterSemicolon: - Enabled: True - -Style/SpaceAroundEqualsInParameterDefault: - Enabled: True - -Style/SpaceAroundOperators: - Enabled: True - -Style/SpaceBeforeBlockBraces: - Enabled: True - -Style/SpaceBeforeComma: - Enabled: True - -Style/CollectionMethods: - Enabled: True - -Style/CommentIndentation: - Enabled: True - -Style/ColonMethodCall: - Enabled: True - -Style/CommentAnnotation: - Enabled: True - -# 'Complexity' is very relative -Metrics/CyclomaticComplexity: - Enabled: False - -Style/ConstantName: - Enabled: True - -Style/Documentation: - Enabled: False - -Style/DefWithParentheses: - Enabled: True - -Style/PreferredHashMethods: - Enabled: True - -Style/DotPosition: - EnforcedStyle: trailing - -Style/DoubleNegation: - Enabled: True - -Style/EachWithObject: - Enabled: True - -Style/EmptyLineBetweenDefs: - Enabled: True - -Style/IndentArray: - Enabled: True - -Style/IndentHash: - Enabled: True - -Style/IndentationConsistency: - Enabled: True - -Style/IndentationWidth: - Enabled: True - -Style/EmptyLines: - Enabled: True - -Style/EmptyLinesAroundAccessModifier: - Enabled: True - -Style/EmptyLiteral: - Enabled: True - -# Configuration parameters: AllowURI, URISchemes. + - bin/* + - ".vendor/**/*" + - Gemfile + - Rakefile + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* +inherit_from: .rubocop_todo.yml Metrics/LineLength: - Enabled: False - -Style/MethodCallParentheses: - Enabled: True - -Style/MethodDefParentheses: - Enabled: True - -Style/LineEndConcatenation: - Enabled: True - -Style/TrailingWhitespace: - Enabled: True - -Style/StringLiterals: - Enabled: True - -Style/TrailingCommaInArguments: - Enabled: True - -Style/TrailingCommaInLiteral: - Enabled: True - -Style/GlobalVars: - Enabled: True - -Style/GuardClause: - Enabled: True - -Style/IfUnlessModifier: - Enabled: True - -Style/MultilineIfThen: - Enabled: True - -Style/NegatedIf: - Enabled: True - -Style/NegatedWhile: - Enabled: True - -Style/Next: - Enabled: True - -Style/SingleLineBlockParams: - Enabled: True - -Style/SingleLineMethods: - Enabled: True - -Style/SpecialGlobalVars: - Enabled: True - -Style/TrivialAccessors: - Enabled: True - -Style/UnlessElse: - Enabled: True - -Style/VariableInterpolation: - Enabled: True - -Style/VariableName: - Enabled: True - -Style/WhileUntilDo: - Enabled: True - -Style/EvenOdd: - Enabled: True - -Style/FileName: - Enabled: True - -Style/For: - Enabled: True - -Style/Lambda: - Enabled: True - -Style/MethodName: - Enabled: True - -Style/MultilineTernaryOperator: - Enabled: True - -Style/NestedTernaryOperator: - Enabled: True - -Style/NilComparison: - Enabled: True - + Description: People have wide screens, use them. + Max: 200 +RSpec/BeforeAfterAll: + Description: Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +Style/BlockDelimiters: + Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty Style/FormatString: - Enabled: True - -Style/MultilineBlockChain: - Enabled: True - -Style/Semicolon: - Enabled: True - -Style/SignalException: - Enabled: True - -Style/NonNilCheck: - Enabled: True - -Style/Not: - Enabled: True - -Style/NumericLiterals: - Enabled: True - -Style/OneLineConditional: - Enabled: True - -Style/OpMethod: - Enabled: True - -Style/ParenthesesAroundCondition: - Enabled: True - -Style/PercentLiteralDelimiters: - Enabled: True - -Style/PerlBackrefs: - Enabled: True - -Style/PredicateName: - Enabled: True - -Style/RedundantException: - Enabled: True - -Style/SelfAssignment: - Enabled: True - -Style/Proc: - Enabled: True - -Style/RaiseArgs: - Enabled: True - -Style/RedundantBegin: - Enabled: True - -Style/RescueModifier: - Enabled: True - -# based on https://github.com/voxpupuli/modulesync_config/issues/168 + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 EnforcedStyle: percent_r - Enabled: True - -Lint/UnderscorePrefixedVariableName: - Enabled: True - -Metrics/ParameterLists: - Enabled: False - -Lint/RequireParentheses: - Enabled: True - -Style/SpaceBeforeFirstArg: - Enabled: True - -Style/ModuleFunction: - Enabled: True - -Lint/Debugger: - Enabled: True - -Style/IfWithSemicolon: - Enabled: True - -Style/Encoding: - Enabled: True - -Style/BlockDelimiters: - Enabled: True - -Style/MultilineBlockLayout: - Enabled: True - -# 'Complexity' is very relative +Style/TernaryParentheses: + Description: Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInLiteral: + Description: Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true Metrics/AbcSize: - Enabled: False - -# 'Complexity' is very relative + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false Metrics/PerceivedComplexity: - Enabled: False - -Lint/UselessAssignment: - Enabled: True - -Style/ClosingParenthesisIndentation: - Enabled: False - -# RSpec - -# We don't use rspec in this way + Enabled: false RSpec/DescribeClass: - Enabled: False - -# Example length is not necessarily an indicator of code quality -RSpec/ExampleLength: - Enabled: False - -RSpec/NamedSubject: - Enabled: False + Enabled: false +RSpec/MessageExpectation: + Enabled: false +Style/AsciiComments: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/SymbolProc: + Enabled: false diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/.travis.yml b/.travis.yml index 38d226395a..b5d31807d0 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,9 +4,6 @@ sudo: false language: ruby cache: bundler script: "bundle exec rake release_checks" -#Inserting below due to the following issue: https://github.com/travis-ci/travis-ci/issues/3531#issuecomment-88311203 -before_install: - - gem update bundler matrix: fast_finish: true include: diff --git a/Gemfile b/Gemfile index 8bd07c79b0..84b23f2b4e 100644 --- a/Gemfile +++ b/Gemfile @@ -28,10 +28,19 @@ def location_for(place_or_version, fake_version = nil) end # Used for gem conditionals -supports_windows = false ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = "#{ruby_version_segments[0]}.#{ruby_version_segments[1]}" +# The following gems are not included by default as they require DevKit on Windows. +# You should probably include them in a Gemfile.local or a ~/.gemfile +#gem 'pry' #this may already be included in the gemfile +#gem 'pry-stack_explorer', :require => false +#if RUBY_VERSION =~ /^2/ +# gem 'pry-byebug' +#else +# gem 'pry-debugger' +#end + group :development do gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] @@ -51,7 +60,6 @@ group :system_tests do gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') gem "puppet-blacksmith", '~> 3.4', :require => false - gem "beaker-task_helper" end gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) @@ -63,7 +71,6 @@ gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) if ENV['FACTER_GEM_VERSION'] gem 'hiera', *location_for(ENV['HIERA_GEM_VERSION']) if ENV['HIERA_GEM_VERSION'] - # Evaluate Gemfile.local if it exists if File.exists? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) From 29e64f2fdca566588a582b42188a1cc1cc393fda Mon Sep 17 00:00:00 2001 From: Craig Dunn Date: Wed, 10 Jan 2018 12:42:26 +0100 Subject: [PATCH 0299/1000] defaulted psql_path to postgresql::server::psql_path --- manifests/server/service.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 9342b076cc..b421325fe5 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -9,7 +9,7 @@ $user = $postgresql::server::user $port = $postgresql::server::port $default_database = $postgresql::server::default_database - $psql_path = $postgresql::params::psql_path + $psql_path = $postgresql::server::psql_path $connect_settings = $postgresql::server::default_connect_settings anchor { 'postgresql::server::service::begin': } From 4b291070398b305cd4acda2fd625075b9b450c12 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 10 Jan 2018 15:55:46 +0100 Subject: [PATCH 0300/1000] Simplify extension unless SQL --- manifests/server/extension.pp | 6 +++--- spec/unit/defines/server/extension_spec.rb | 4 ---- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 86f2f9df11..634b5c29a0 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -15,14 +15,14 @@ case $ensure { 'present': { $command = "CREATE EXTENSION \"${extension}\"" - $unless_comp = '=' + $unless_mod = '' $package_require = [] $package_before = Postgresql_psql["Add ${extension} extension to ${database}"] } 'absent': { $command = "DROP EXTENSION \"${extension}\"" - $unless_comp = '!=' + $unless_mod = 'NOT ' $package_require = Postgresql_psql["Add ${extension} extension to ${database}"] $package_before = [] } @@ -48,7 +48,7 @@ db => $database, command => $command, - unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${extension}') as t WHERE t.count ${unless_comp} 1", + unless => "SELECT 1 WHERE ${unless_mod}EXISTS (SELECT 1 FROM pg_extension WHERE extname = '${extension}')", } if $package_name { diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 6ce5de665a..6652496f55 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -30,7 +30,6 @@ is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'CREATE EXTENSION "postgis"', - :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count = 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } end @@ -58,7 +57,6 @@ is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', - :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count != 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } @@ -78,7 +76,6 @@ is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', - :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count != 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } @@ -153,7 +150,6 @@ is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis2').with({ :db => 'template_postgis2', :command => 'CREATE EXTENSION "postgis"', - :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count = 1", }).that_requires('Postgresql::Server::Database[template_postgis2]') } end From 01d021178e2e9262d1d11f6f5859fa202a43eb36 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 10 Jan 2018 16:02:03 +0100 Subject: [PATCH 0301/1000] Standardize extension command title --- manifests/server/extension.pp | 6 +++--- spec/unit/defines/server/extension_spec.rb | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 634b5c29a0..773530ce27 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -17,13 +17,13 @@ $command = "CREATE EXTENSION \"${extension}\"" $unless_mod = '' $package_require = [] - $package_before = Postgresql_psql["Add ${extension} extension to ${database}"] + $package_before = Postgresql_psql["${database}: ${command}"] } 'absent': { $command = "DROP EXTENSION \"${extension}\"" $unless_mod = 'NOT ' - $package_require = Postgresql_psql["Add ${extension} extension to ${database}"] + $package_require = Postgresql_psql["${database}: ${command}"] $package_before = [] } @@ -39,7 +39,7 @@ } } - postgresql_psql {"Add ${extension} extension to ${database}": + postgresql_psql { "${database}: ${command}": psql_user => $user, psql_group => $group, diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 6652496f55..548005768b 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -27,7 +27,7 @@ context "with mandatory arguments only" do it { - is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ + is_expected.to contain_postgresql_psql('template_postgis: CREATE EXTENSION "postgis"').with({ :db => 'template_postgis', :command => 'CREATE EXTENSION "postgis"', }).that_requires('Postgresql::Server::Database[template_postgis]') @@ -43,7 +43,7 @@ is_expected.to contain_package('postgis').with({ :ensure => 'present', :name => 'postgis', - }).that_comes_before('Postgresql_psql[Add postgis extension to template_postgis]') + }).that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') } end @@ -54,7 +54,7 @@ }) } it { - is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ + is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', }).that_requires('Postgresql::Server::Database[template_postgis]') @@ -73,7 +73,7 @@ }) } it { - is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ + is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', }).that_requires('Postgresql::Server::Database[template_postgis]') @@ -83,7 +83,7 @@ is_expected.to contain_package('postgis').with({ :ensure => 'present', :name => 'postgis', - }).that_requires('Postgresql_psql[Add postgis extension to template_postgis]') + }).that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') } end end @@ -147,7 +147,7 @@ context "with mandatory arguments only" do it { - is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis2').with({ + is_expected.to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"').with({ :db => 'template_postgis2', :command => 'CREATE EXTENSION "postgis"', }).that_requires('Postgresql::Server::Database[template_postgis2]') From e51d0709004101583f9648b024d183bcd479b7c8 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 10 Jan 2018 16:10:41 +0100 Subject: [PATCH 0302/1000] Trim trailing whitespaces on README --- README.md | 66 +++++++++++++++++++++++++++---------------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 47345c619d..6d38ac483d 100644 --- a/README.md +++ b/README.md @@ -666,7 +666,7 @@ Installs the packages containing the development libraries for PostgreSQL and sy ##### `link_pg_config` -If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. +If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. Valid values: `true`, `false`. @@ -912,7 +912,7 @@ Default value: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. @@ -924,55 +924,55 @@ Default value: `undef`. ##### `postgresql_conf_path` -Specifies the path to your `postgresql.conf` file. +Specifies the path to your `postgresql.conf` file. Default value: '${confdir}/postgresql.conf'. ##### `psql_path` -Specifies the path to the `psql` command. +Specifies the path to the `psql` command. Default value: OS dependent. ##### `service_manage` -Defines whether or not Puppet should manage the service. +Defines whether or not Puppet should manage the service. Default value: `true`. ##### `service_name` -Overrides the default PostgreSQL service name. +Overrides the default PostgreSQL service name. Default value: OS dependent. ##### `service_provider` -Overrides the default PostgreSQL service provider. +Overrides the default PostgreSQL service provider. Default value: `undef`. ##### `service_reload` -Overrides the default reload command for your PostgreSQL service. +Overrides the default reload command for your PostgreSQL service. Default value: OS dependent. ##### `service_restart_on_change` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default value: `true`. ##### `service_status` -Overrides the default status check command for your PostgreSQL service. +Overrides the default status check command for your PostgreSQL service. Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default value: 'postgres'. @@ -1020,7 +1020,7 @@ postgresql::server::config_entry { 'check_function_bodies': ##### `ensure` -Removes an entry if set to 'absent'. +Removes an entry if set to 'absent'. Valid values: 'present', 'absent'. @@ -1040,43 +1040,43 @@ Defines a comment to be stored about the database using the PostgreSQL COMMENT c ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote server. Default value: Connects to the local Postgres instance. ##### `dbname` -Sets the name of the database to be created. +Sets the name of the database to be created. Default value: the namevar. ##### `encoding` -Overrides the character set during creation of the database. +Overrides the character set during creation of the database. Default value: The default defined during installation. ##### `grant` -Specifies the permissions to grant during creation. +Specifies the permissions to grant during creation. Default value: 'ALL'. ##### `istemplate` -Specifies that the database is a template, if set to `true`. +Specifies that the database is a template, if set to `true`. Default value: `false`. ##### `locale` -Overrides the locale during creation of the database. +Overrides the locale during creation of the database. Default value: The default defined during installation. ##### `owner` -Sets a user as the owner of the database. +Sets a user as the owner of the database. Default value: '$user' variable set in `postgresql::server` or `postgresql::globals`. @@ -1086,13 +1086,13 @@ Default value: '$user' variable set in `postgresql::server` or `postgresql::glob ##### `tablespace` -Defines the name of the tablespace to allocate the created database to. +Defines the name of the tablespace to allocate the created database to. Default value: PostgreSQL default. ##### `template` -Specifies the name of the template database from which to build this database. +Specifies the name of the template database from which to build this database. Defaults value: `template0`. @@ -1106,13 +1106,13 @@ Creates a database with no users and no permissions. ##### `dbname` -Sets the name of the database. +Sets the name of the database. Defaults value: The namevar. ##### `encoding` -Overrides the character set during creation of the database. +Overrides the character set during creation of the database. Default value: The default defined during installation. @@ -1136,13 +1136,13 @@ Default value: The '$user' variable set in `postgresql::server` or `postgresql:: ##### `tablespace` -Sets tablespace for where to create this database. +Sets tablespace for where to create this database. Default value: The default defined during installation. ##### `template` -Specifies the name of the template database from which to build this database. +Specifies the name of the template database from which to build this database. Default value: 'template0'. @@ -1152,7 +1152,7 @@ Manages grant-based access privileges for users, wrapping the `postgresql::serve #### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote server. Default value: Connects to the local Postgres instance. @@ -1162,13 +1162,13 @@ Specifies the database to which you are granting access. ##### `privilege` -Specifies comma-separated list of privileges to grant. +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. ##### `psql_db` -Defines the database to execute the grant against. +Defines the database to execute the grant against. **This should not ordinarily be changed from the default** @@ -1176,7 +1176,7 @@ Default value: 'postgres'. ##### `psql_user` -Specifies the OS user for running `psql`. +Specifies the OS user for running `psql`. Default value: The default user for the module, usually 'postgres'. @@ -1483,7 +1483,7 @@ The parameters are grouped into these three sections: ##### `target` Provides the target for the rule, and is generally an internal only property. - + **Use with caution.** #### postgresql::server::role @@ -1745,7 +1745,7 @@ This is the namevar. Required. -Specifies the action to create or destroy named slot. +Specifies the action to create or destroy named slot. Valid values: 'present', 'absent'. @@ -1799,7 +1799,7 @@ Default value: '', which generally uses the designated local Unix socket. Defines the port to use when connecting. -Default value: '' +Default value: '' ##### `run_as` @@ -1833,7 +1833,7 @@ This internal function converts a list of `pg_hba.conf` based ACLs (passed in as ### Tasks -The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. +The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. ## Limitations From 04c850fdec578d07e2266a5b0cd3cc53f7a10d8c Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 10 Jan 2018 16:14:31 +0100 Subject: [PATCH 0303/1000] Support extension schemas --- README.md | 4 ++++ manifests/server/extension.pp | 28 ++++++++++++++++++++++ spec/unit/defines/server/extension_spec.rb | 10 ++++++++ 3 files changed, 42 insertions(+) diff --git a/README.md b/README.md index 6d38ac483d..52b4fd5e4b 100644 --- a/README.md +++ b/README.md @@ -1192,6 +1192,10 @@ Manages a PostgreSQL extension. Specifies the database on which to activate the extension. +##### `schema` + +Specifies the schema on which to activate the extension. + ##### `ensure` Specifies whether to activate or deactivate the extension. diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 773530ce27..9fb100c246 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -2,6 +2,7 @@ define postgresql::server::extension ( $database, $extension = $name, + Optional[String[1]] $schema = undef, Optional[String[1]] $version = undef, String[1] $ensure = 'present', $package_name = undef, @@ -51,6 +52,33 @@ unless => "SELECT 1 WHERE ${unless_mod}EXISTS (SELECT 1 FROM pg_extension WHERE extname = '${extension}')", } + if $ensure == 'present' and $schema { + $set_schema_command = "ALTER EXTENSION \"${extension}\" SET SCHEMA \"${schema}\"" + + postgresql_psql { "${database}: ${set_schema_command}": + command => $set_schema_command, + unless => @("END") + SELECT 1 + WHERE EXISTS ( + SELECT 1 + FROM pg_extension e + JOIN pg_namespace n ON e.extnamespace = n.oid + WHERE e.extname = '${extension}' AND + n.nspname = '${schema}' + ) + |-END + , + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + connect_settings => $connect_settings, + db => $database, + require => Postgresql_psql["${database}: ${command}"], + } + + Postgresql::Server::Schema <| db == $database and schema == $schema |> -> Postgresql_psql["${database}: ${set_schema_command}"] + } + if $package_name { $_package_ensure = $package_ensure ? { undef => $ensure, diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 548005768b..efb4b8b59b 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -34,6 +34,16 @@ } end + context "when schema is specified" do + let (:params) { super().merge({ + :schema => 'pg_catalog', + }) } + + it { + is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" SET SCHEMA "pg_catalog"') + } + end + context "when setting package name" do let (:params) { super().merge({ :package_name => 'postgis', From 25ffdb6321af19777db30a129748a9825e1a4564 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 31 Jan 2018 13:13:40 +0100 Subject: [PATCH 0304/1000] Trim trailing whitespaces on README_ja_JP --- readmes/README_ja_JP.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index de69428dc9..d1a0d75be6 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1061,7 +1061,7 @@ PostgreSQLのCOMMENTコマンドを使用して、データベースについて ##### `istemplate` -`true`に設定すると、そのデータベースをテンプレートとして指定します。 +`true`に設定すると、そのデータベースをテンプレートとして指定します。 デフォルト値: `false`。 @@ -1796,7 +1796,7 @@ Unixソケットとident認証を使用するとき、このユーザとして 接続するときに使用するポートを定義します。 -デフォルト値: '' +デフォルト値: '' ##### `run_as` From 6b8b773e3e559e2e21eaaadbb4a7ae80bd48aacd Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 31 Jan 2018 14:20:20 +0100 Subject: [PATCH 0305/1000] Add newlines to the README --- README.md | 516 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 373 insertions(+), 143 deletions(-) diff --git a/README.md b/README.md index ff041947de..2e3249d5e2 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,9 @@ The postgresql module allows you to manage PostgreSQL databases with Puppet. -PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL. +PostgreSQL is a high-performance, free, open-source relational database server. +The postgresql module allows you to manage packages, services, databases, +users, and common security settings in PostgreSQL. ## Setup @@ -43,7 +45,8 @@ PostgreSQL is a high-performance, free, open-source relational database server. ### Getting started with postgresql -To configure a basic default PostgreSQL server, declare the `postgresql::server` class. +To configure a basic default PostgreSQL server, declare +the `postgresql::server` class. ```puppet class { 'postgresql::server': @@ -54,7 +57,9 @@ class { 'postgresql::server': ### Configure a server -For default settings, declare the `postgresql::server` class as above. To customize PostgreSQL server settings, specify the [parameters](#postgresqlserver) you want to change: +For default settings, declare the `postgresql::server` class as above. +To customize PostgreSQL server settings, specify +the [parameters](#postgresqlserver) you want to change: ```puppet class { 'postgresql::server': @@ -72,13 +77,19 @@ psql -h localhost -U postgres psql -h my.postgres.server -U ``` -If you get an error message from these commands, your permission settings restrict access from the location you're trying to connect from. Depending on whether you want to allow connections from that location, you might need to adjust your permissions. +If you get an error message from these commands, your permission settings +restrict access from the location you're trying to connect from. Depending +on whether you want to allow connections from that location, you might need +to adjust your permissions. -For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). +For more details about server configuration parameters, consult +the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). ### Create a database -You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: +You can set up a variety of PostgreSQL databases with +the `postgresql::server::db` defined type. For instance, to set up a database +for PuppetDB: ```puppet class { 'postgresql::server': @@ -116,7 +127,10 @@ postgresql::server::table_grant { 'my_table of test2': } ``` -This example grants **all** privileges on the test1 database and on the `my_table` table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use. +This example grants **all** privileges on the test1 database and on +the `my_table` table of the test2 database to the specified user or group. +After the values are added into the PuppetDB config file, this database would +be ready for use. ### Manage ownership of DB objects @@ -130,7 +144,9 @@ postgresql::server::reassign_owned_by { 'new owner is meerkat': } ``` -This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership of all tables, sequences, functions and views currently owned by the role 'marmot' to be owned by the role 'meerkat' instead. +This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership +of all tables, sequences, functions and views currently owned by +the role 'marmot' to be owned by the role 'meerkat' instead. This applies to objects within the nominated database, 'test_db' only. @@ -138,9 +154,12 @@ For Postgresql >= 9.3, the ownership of the database is also updated. ### Override defaults -The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing. +The `postgresql::globals` class allows you to configure the main settings +for this module globally, so that other classes and defined resources can use +them. By itself, it does nothing. -For example, to overwrite the default `locale` and `encoding` for all classes, use the following: +For example, to overwrite the default `locale` and `encoding` for all classes, +use the following: ```puppet class { 'postgresql::globals': @@ -166,13 +185,25 @@ class { 'postgresql::server': ### Manage remote users, roles, and permissions -Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. +Remote SQL objects are managed using the same Puppet resources as local +SQL objects, along with a [`connect_settings`](#connect_settings) hash. +This provides control over how Puppet connects to the remote Postgres instances +and which version is used for generating SQL commands. -The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) documentation for a complete list of variables. +The `connect_settings` hash can contain environment variables to control +Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', +and 'PGSSLKEY'. See +the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) +documentation for a complete list of variables. -Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. +Additionally, you can specify the target database version with the special +value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, +then Puppet connects to the local PostgreSQL instance. -You can provide a `connect_settings` hash for each of the Puppet resources, or you can set a default `connect_settings` hash in `postgresql::globals`. Configuring `connect_settings` per resource allows SQL objects to be created on multiple databases by multiple users. +You can provide a `connect_settings` hash for each of the Puppet resources, +or you can set a default `connect_settings` hash in `postgresql::globals`. +Configuring `connect_settings` per resource allows SQL objects to be created +on multiple databases by multiple users. ```puppet $connection_settings_super2 = { @@ -224,7 +255,10 @@ This would create a ruleset in `pg_hba.conf` similar to: host app app 200.1.2.0/24 md5 ``` -By default, `pg_hba_rule` requires that you include `postgresql::server`. However, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following: +By default, `pg_hba_rule` requires that you include `postgresql::server`. +However, you can override that behavior by setting target and +postgresql_version when declaring your rule. That might look like +the following: ```puppet postgresql::server::pg_hba_rule { 'allow application network to access app database': @@ -299,11 +333,17 @@ primary_conninfo = 'host=localhost port=5432' recovery_min_apply_delay = 0 ``` -Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. +Only the specified parameters are recognized in the template. +The `recovery.conf` is only be created if at least one parameter is set +**and** [manage_recovery_conf](#manage_recovery_conf) is set to true. ### Validate connectivity -To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql_conn_validator` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. +To validate client connections to a remote PostgreSQL database before starting +dependent tasks, use the `postgresql_conn_validator` resource. You can use +this on any node where the PostgreSQL client software is installed. It is +often chained to other tasks such as starting an application server or +performing a database migration. Example usage: @@ -321,7 +361,9 @@ exec { 'rake db:migrate': ## Reference -The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. +The postgresql module comes with many options for configuring the server. +While you are unlikely to use all of the settings below, they provide a decent +amount of control over your security settings. **Classes:** @@ -372,7 +414,8 @@ The postgresql module comes with many options for configuring the server. While #### postgresql::client -Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. +Installs PostgreSQL client software. Set the following parameters if you have +a custom version you would like to install. >**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. @@ -392,9 +435,11 @@ Default value: 'file'. #### postgresql::lib::docs -Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters +if you have a custom version you would like to install. -**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying +a custom version. ##### `package_name` @@ -410,7 +455,10 @@ Default value: 'present'. #### postgresql::globals -**Note:** Most server-specific defaults should be overridden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. +**Note:** Most server-specific defaults should be overridden in +the `postgresql::server` class. This class should be used only if you are +using a non-standard OS, or if you are changing elements that can only be +changed here, such as `version` or `manage_package_repo`. ##### `bindir` @@ -426,7 +474,8 @@ Default value: OS dependent. ##### `confdir` -Overrides the default PostgreSQL configuration directory for the target platform. +Overrides the default PostgreSQL configuration directory for the target +platform. Default value: OS dependent. @@ -448,9 +497,15 @@ Overrides the default PostgreSQL data directory for the target platform. Default value: OS dependent. -**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). +**Note:** Changing the datadir after installation causes the server to come +to a full stop before making the change. For Red Hat systems, the data +directory must be labeled appropriately for SELinux. On Ubuntu, you must +explicitly set `needs_initdb = true` to allow Puppet to initialize the database +in the new datadir (`needs_initdb` defaults to true on other systems). -**Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. +**Warning:** If datadir is changed from the default, Puppet does not manage +purging of the original data directory, which causes it to fail if the data +directory is changed back to the original. ##### `data_checksums` @@ -458,13 +513,16 @@ Optional. Data type: Boolean. -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Use checksums on data pages to help detect corruption by the I/O system that +would otherwise be silent. Valid values: `true` or `false`. Default: initdb's default (`false`). -**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +**Warning:** This option is used during initialization by initdb, and cannot +be changed later. If set, checksums are calculated for all objects, in all +databases. ##### `default_database` @@ -488,13 +546,16 @@ Default value: OS dependent. ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. +On certain operating systems, this is also used during the `template1` +initialization, so it becomes a default outside of the module as well. Default value: Dependent on the operating system's default encoding. ##### `group` -Overrides the default postgres user group to be used for related files in the file system. +Overrides the default postgres user group to be used for related files in +the file system. Default value: 'postgres'. @@ -510,15 +571,19 @@ Default value: OS dependent. ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. +Sets the default database locale for all databases created with this module. +On certain operating systems, this is also used during the `template1` +initialization, so it becomes a default outside of the module as well. Default value: `undef`, which is effectively 'C'. -**On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +**On Debian, you'll need to ensure that the 'locales-all' package is installed +for full functionality of PostgreSQL.** ##### `timezone` -Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. +Sets the default timezone of the postgresql server. The postgresql built-in +default is taking the systems timezone information. ##### `logdir` @@ -534,13 +599,15 @@ Default value: `false`. ##### `module_workdir` -Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +Specifies working directory under which the psql command should be executed. +May need to specify if '/tmp' is on volume mounted with noexec option. Default value: '/tmp'. ##### `needs_initdb` -Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. +Explicitly calls the initdb operation after the server package is installed +and before the PostgreSQL service is started. Default value: OS dependent. @@ -552,9 +619,13 @@ Default value: OS dependent. ##### `pg_hba_conf_defaults` -Disables the defaults supplied with the module for `pg_hba.conf` if set to `false`. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. +Disables the defaults supplied with the module for `pg_hba.conf` if set to +`false`. This is useful if you want to override the defaults. Be sure that +your changes align with the rest of the module, as some access is required +to perform some operations, such as basic `psql` operations. -Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`. +Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` +which defaults to `true`. ##### `pg_hba_conf_path` @@ -584,7 +655,8 @@ Default value: OS dependent. Defines the version of PostGIS to install, if you install PostGIS. -Default value: The lowest available with the version of PostgreSQL to be installed. +Default value: The lowest available with the version of PostgreSQL to be +installed. ##### `postgresql_conf_path` @@ -608,13 +680,16 @@ Path to your `recovery.conf` file. ##### `repo_proxy` -Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. +Sets the proxy option for the official PostgreSQL yum-repositories only. +This is useful if your server is behind a corporate firewall and needs to use +proxy servers for outside connectivity. Debian is currently not supported. ##### `repo_baseurl` -Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. +Sets the baseurl for the PostgreSQL repository. Useful if you host your own +mirror of the repository. Default value: The official PostgreSQL repository. @@ -644,7 +719,8 @@ Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +Overrides the default PostgreSQL super user and owner of PostgreSQL related +files in the file system. Default value: 'postgres'. @@ -662,11 +738,15 @@ Default value: initdb's default path. #### postgresql::lib::devel -Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). +Installs the packages containing the development libraries for PostgreSQL and +symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). ##### `link_pg_config` -If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. +If the bin directory used by the PostgreSQL page is not `/usr/bin` or +`/usr/local/bin`, symlinks `pg_config` from the package's bin dir into +`usr/bin` (not applicable to Debian systems). Set to `false` to disable +this behavior. Valid values: `true`, `false`. @@ -682,13 +762,16 @@ Default value: 'present'. Overrides the default package name for the distribution you are installing to. -Default value: 'postgresql-devel' or 'postgresql-devel' depending on your distro. +Default value: 'postgresql-devel' or 'postgresql-devel' depending on +your distro. #### postgresql::lib::java -Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install. +Installs PostgreSQL bindings for Java (JDBC). Set the following parameters +if you have a custom version you would like to install. -**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying +a custom version. ##### `package_ensure` @@ -764,31 +847,40 @@ Optional. Data type: Boolean. -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Use checksums on data pages to help detect corruption by the I/O system that +would otherwise be silent. Valid values: `true` or `false`. Default value: initdb's default (`false`). -**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +**Warning:** This option is used during initialization by initdb, and cannot be +changed later. If set, checksums are calculated for all objects, in all +databases. ##### `default_database` -Specifies the name of the default database to connect with. On most systems this is 'postgres'. +Specifies the name of the default database to connect with. On most systems +this is 'postgres'. ##### `default_connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as `postgresql::server::role`. +Specifies a hash of environment variables used when connecting to a remote +server. Becomes the default for other defined types, such as +`postgresql::server::role`. ##### `encoding` -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. On +certain operating systems this is also used during the `template1` +initialization, so it becomes a default outside of the module as well. Default value: `undef`. ##### `group` -Overrides the default postgres user group to be used for related files in the file system. +Overrides the default postgres user group to be used for related files in +the file system. Default value: OS dependent default. @@ -800,37 +892,49 @@ Default value: '${bindir}/initdb'. ##### `ipv4acls` -Lists strings for access control for connection method, users, databases, IPv4 addresses; +Lists strings for access control for connection method, users, databases, IPv4 +addresses; -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) +on `pg_hba.conf` for information. ##### `ipv6acls` -Lists strings for access control for connection method, users, databases, IPv6 addresses. +Lists strings for access control for connection method, users, databases, IPv6 +addresses. -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) +on `pg_hba.conf` for information. ##### `ip_mask_allow_all_users` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL +does not allow database user accounts to connect via TCP from remote machines. +If you'd like to allow this, you can override this setting. -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, +or '192.168.0.0/1' to allow connections from any machine on your local +'192.168' subnet. Default value: '127.0.0.1/32'. ##### `ip_mask_deny_postgres_user` -Specifies the IP mask from which remote connections should be denied for the postgres superuser. +Specifies the IP mask from which remote connections should be denied for +the postgres superuser. Default value: '0.0.0.0/0', which denies any remote connection. ##### `locale` -Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. +Sets the default database locale for all databases created with this module. +On certain operating systems this is used during the `template1` initialization +as well, so it becomes a default outside of the module. Default value: `undef`, which is effectively 'C'. -**On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** +**On Debian, you must ensure that the 'locales-all' package is installed for +full functionality of PostgreSQL.** ##### `manage_pg_hba_conf` @@ -868,13 +972,15 @@ Default value: `false`. ##### `needs_initdb` -Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. +Explicitly calls the `initdb` operation after server package is installed, and +before the PostgreSQL service is started. Default value: OS dependent. ##### `package_ensure` -Passes a value through to the `package` resource when creating the server instance. +Passes a value through to the `package` resource when creating the server +instance. Default value: `undef`. @@ -886,7 +992,11 @@ Default value: OS dependent. ##### `pg_hba_conf_defaults` -If `false`, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. +If `false`, disables the defaults supplied with the module for `pg_hba.conf`. +This is useful if you disagree with the defaults and wish to override them +yourself. Be sure that your changes of course align with the rest of +the module, as some access is required to perform basic `psql` operations +for example. ##### `pg_hba_conf_path` @@ -912,13 +1022,18 @@ Default value: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. **Note:** The same +port number is used for all IP addresses the server listens on. Also, +for Red Hat systems and early Debian systems, changing the port causes +the server to come to a full stop before being able to make the change. -Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. ##### `postgres_password` -Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called `postgres` and no password. +Sets the password for the postgres user to your specified value. By default, +this setting uses the superuser account in the Postgres database, with a user +called `postgres` and no password. Default value: `undef`. @@ -960,7 +1075,8 @@ Default value: OS dependent. ##### `service_restart_on_change` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. +Overrides the default behavior to restart your PostgreSQL service when a config +entry has been changed that requires a service restart to become active. Default value: `true`. @@ -972,7 +1088,8 @@ Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +Overrides the default PostgreSQL super user and owner of PostgreSQL related +files in the file system. Default value: 'postgres'. @@ -1036,11 +1153,13 @@ Creates a local database, user, and assigns necessary permissions. ##### `comment` -Defines a comment to be stored about the database using the PostgreSQL COMMENT command. +Defines a comment to be stored about the database using the PostgreSQL COMMENT +command. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. @@ -1078,7 +1197,8 @@ Default value: The default defined during installation. Sets a user as the owner of the database. -Default value: '$user' variable set in `postgresql::server` or `postgresql::globals`. +Default value: '$user' variable set in `postgresql::server` or +`postgresql::globals`. ##### `password` @@ -1098,7 +1218,7 @@ Defaults value: `template0`. ##### `user` -User to create and assign access to the database upon creation. Mandatory. +User to create and assign access to the database upon creation. Mandatory. #### postgresql::server::database @@ -1132,7 +1252,8 @@ Default value: The default defined during installation. Sets name of the database owner. -Default value: The '$user' variable set in `postgresql::server` or `postgresql::globals`. +Default value: The '$user' variable set in `postgresql::server` or +`postgresql::globals`. ##### `tablespace` @@ -1148,11 +1269,16 @@ Default value: 'template0'. #### postgresql::server::database_grant -Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. +Manages grant-based access privileges for users, wrapping +the `postgresql::server::database_grant` for database specific permissions. +Consult +the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) +for more information. #### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. @@ -1204,22 +1330,29 @@ Valid options: 'present' or 'absent'. #### `extension` -Specifies the extension to activate. If left blank, uses the name of the resource. +Specifies the extension to activate. If left blank, uses the name of +the resource. #### `version` Specifies the version of the extension which the database uses. -When an extension package is updated, this does not automatically change the effective version in each database. +When an extension package is updated, this does not automatically change +the effective version in each database. This needs be updated using the PostgreSQL-specific SQL `ALTER EXTENSION...` -`version` may be set to `latest`, in which case the SQL `ALTER EXTENSION "extension" UPDATE` is applied to this database (only). +`version` may be set to `latest`, in which case the SQL +`ALTER EXTENSION "extension" UPDATE` is applied to this database (only). -`version` may be set to a specific version, in which case the extension is updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` +`version` may be set to a specific version, in which case the extension is +updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` -eg. If extension is set to `postgis` and version is set to `2.3.3`, this will apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database only. +eg. If extension is set to `postgis` and version is set to `2.3.3`, this will +apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database +only. -`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, and the version will be left unchanged. +`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, +and the version will be left unchanged. ##### `package_name` @@ -1229,11 +1362,15 @@ Specifies a package to install prior to activating the extension. Overrides default package deletion behavior. -By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. +By default, the package specified with `package_name` is installed when +the extension is activated and removed when the extension is deactivated. +To override this behavior, set the `ensure` value for the package. #### postgresql::server::grant -Manages grant-based access privileges for roles. See [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. +Manages grant-based access privileges for roles. See +[PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) +for more information. ##### `db` @@ -1243,11 +1380,13 @@ Specifies the database to which you are granting access. Specifies the type of object to which you are granting privileges. -Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. +Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', +'TABLE' or 'ALL TABLES IN SCHEMA'. ##### `object_name` -Specifies name of `object_type` to which to grant access, can be either a string or a two element array. +Specifies name of `object_type` to which to grant access, can be either +a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] @@ -1256,7 +1395,8 @@ Array: ['schema_name', 'object_name'] Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on your +PostgreSQL packaging. ##### `privilege` @@ -1284,7 +1424,9 @@ Specifies the role or user whom you are granting access to. #### postgresql::server::grant_role -Allows you to assign a role to a (group) role. See [PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) for more information. +Allows you to assign a role to a (group) role. See +[PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) +for more information. ##### `group` @@ -1292,7 +1434,8 @@ Specifies the group role to which you are assigning a role. ##### `role` -Specifies the role you want to assign to a group. If left blank, uses the name of the resource. +Specifies the role you want to assign to a group. If left blank, uses the name +of the resource. ##### `ensure` @@ -1306,7 +1449,8 @@ Default value: 'present'. Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on your +PostgreSQL packaging. ##### `psql_db` @@ -1324,13 +1468,16 @@ Default value: the default user for the module, usually `postgres`. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. #### postgresql::server::pg_hba_rule -Allows you to create an access rule for `pg_hba.conf`. For more details see the [usage example](#create-an-access-rule-for-pghba.conf) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). +Allows you to create an access rule for `pg_hba.conf`. For more details see +the [usage example](#create-an-access-rule-for-pghba.conf) and +the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). ##### `address` @@ -1338,11 +1485,14 @@ Sets a CIDR based address for this rule matching when the type is not 'local'. ##### `auth_method` -Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL `pg_hba.conf` documentation. +Provides the method that is used for authentication for the connection that +this rule matches. Described further in the PostgreSQL `pg_hba.conf` +documentation. ##### `auth_option` -For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. +For certain `auth_method` settings there are extra options that can be passed. +Consult the PostgreSQL `pg_hba.conf` documentation for further details. ##### `database` @@ -1350,11 +1500,13 @@ Sets a comma-separated list of databases that this rule matches. ##### `description` -Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. +Defines a longer description for this rule, if required. This description is +placed in the comments above the rule in `pg_hba.conf`. Default value: 'none'. -Specifies a way to uniquely identify this resource, but functionally does nothing. +Specifies a way to uniquely identify this resource, but functionally does +nothing. ##### `order` @@ -1384,24 +1536,28 @@ Valid options: 'local', 'host', 'hostssl' or 'hostnossl'. Sets a comma-separated list of users that this rule matches. - #### postgresql::server::pg_ident_rule -Allows you to create user name maps for `pg_ident.conf`. For more details see the [usage example](#create-user-name-maps-for-pgidentconf) above and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). +Allows you to create user name maps for `pg_ident.conf`. For more details see +the [usage example](#create-user-name-maps-for-pgidentconf) above and +the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). ##### `database_username` -Specifies the user name of the database user. The `system_username` is mapped to this user name. +Specifies the user name of the database user. The `system_username` is mapped +to this user name. ##### `description` -Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. +Sets a longer description for this rule if required. This description is +placed in the comments above the rule in `pg_ident.conf`. Default value: 'none'. ##### `map_name` -Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. +Sets the name of the user map that is used to refer to this mapping +in `pg_hba.conf`. ##### `order` @@ -1411,7 +1567,8 @@ Default value: 150. ##### `system_username` -Specifies the operating system user name (the user name used to connect to the database). +Specifies the operating system user name (the user name used to connect to +the database). ##### `target` @@ -1421,7 +1578,8 @@ Provides the target for the rule and is generally an internal only property. #### postgresql::server::reassign_owned_by -Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer the ownership of existing objects between database roles +Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer +the ownership of existing objects between database roles ##### `db` @@ -1429,7 +1587,8 @@ Specifies the database to which the 'REASSIGN OWNED' will be applied ##### `old_role` -Specifies the role or user who is the current owner of the objects in the specified db +Specifies the role or user who is the current owner of the objects in +the specified db ##### `new_role` @@ -1445,21 +1604,28 @@ Default value: The default user for the module, usually 'postgres'. Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on +your PostgreSQL packaging. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. #### postgresql::server::recovery -Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +Allows you to create the content for `recovery.conf`. For more details see +the [usage example](#create-recovery-configuration) and +the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). -Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. +Every parameter value is a string set in the template except +`recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and +`recovery_min_apply_delay`. -A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +A detailed description of all listed parameters can be found in +the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). The parameters are grouped into these three sections: @@ -1470,6 +1636,7 @@ The parameters are grouped into these three sections: * `recovery_end_command` ##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) + * `recovery_target_name` * `recovery_target_time` * `recovery_target_xid` @@ -1479,6 +1646,7 @@ The parameters are grouped into these three sections: * `pause_at_recovery_target` ##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) + * `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (`true`/`false`). * `primary_conninfo` * `primary_slot_name` @@ -1486,11 +1654,13 @@ The parameters are grouped into these three sections: * `recovery_min_apply_delay` ##### `target` + Provides the target for the rule, and is generally an internal only property. **Use with caution.** #### postgresql::server::role + Creates or drops a role or user in PostgreSQL. ##### `ensure` @@ -1503,40 +1673,52 @@ Specifying `absent` will drop the role. Default value: `present`. ##### `connection_limit` + Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. + +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. ##### `createdb` + Specifies whether to grant the ability to create new databases with this role. Default value: `false`. ##### `createrole` + Specifies whether to grant the ability to create new roles with this role. Default value: `false`. ##### `inherit` + Specifies whether to grant inherit capability for the new role. Default value: `true`. ##### `login` + Specifies whether to grant login capability for the new role. Default value: `true`. ##### `password_hash` -Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: + +Sets the hash to use during password creation. If the password is not already +pre-encrypted in a format that PostgreSQL supports, use +the `postgresql_password` function to provide an MD5 hash here, for example: ##### `update_password` -If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. + +If set to true, updates the password on changes. Set this to false to not +modify the role's password after creation. ```puppet postgresql::server::role { 'myusername': @@ -1568,7 +1750,8 @@ Creates a schema. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. @@ -1590,11 +1773,13 @@ Default value: the namevar. #### postgresql::server::table_grant -Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. +Manages grant-based access privileges for users. Consult the PostgreSQL +documentation for `grant` for more information. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. @@ -1604,7 +1789,8 @@ Specifies which database the table is in. ##### `privilege` -Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', +'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. ##### `psql_db` @@ -1630,11 +1816,13 @@ Specifies the table to which you are granting access. #### postgresql::server::tablespace -Creates a tablespace. If necessary, also creates the location and assigns the same permissions as the PostgreSQL server. +Creates a tablespace. If necessary, also creates the location and assigns +the same permissions as the PostgreSQL server. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote +server. Default value: Connects to the local Postgres instance. @@ -1666,7 +1854,8 @@ Specifies the SQL command to execute via psql. ##### `cwd` -Specifies the working directory under which the psql command should be executed. +Specifies the working directory under which the psql command should be +executed. Default value: '/tmp'. @@ -1676,15 +1865,20 @@ Specifies the name of the database to execute the SQL command against. ##### `environment` -Specifies any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. +Specifies any additional environment variables you want to set for a SQL +command. Multiple environment variables should be specified as an array. ##### `name` -Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. +Sets an arbitrary tag for your own reference; the name of the message. +This is the namevar. ##### `onlyif` -Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. +Sets an optional SQL command to execute prior to the main command. This is +generally intended to be used for idempotency, to check for the existence of +an object in the database to determine whether or not the main SQL command +needs to be executed at all. ##### `port` @@ -1692,7 +1886,8 @@ Specifies the port of the database server to execute the SQL command against. ##### `psql_group` -Specifies the system user group account under which the psql command should be executed. +Specifies the system user group account under which the psql command should be +executed. Default value: 'postgres'. @@ -1704,13 +1899,15 @@ Default value: 'psql'. ##### `psql_user` -Specifies the system user account under which the psql command should be executed. +Specifies the system user account under which the psql command should be +executed. Default value: 'postgres'. ##### `refreshonly` -Specifies whether to execute the SQL only if there is a notify or subscribe event. +Specifies whether to execute the SQL only if there is a notify or subscribe +event. Valid values: `true`, `false`. @@ -1746,11 +1943,13 @@ Specifies the value to set for this parameter. #### postgresql_replication_slot -Allows you to create and destroy replication slots to register warm standby replication on a PostgreSQL master server. +Allows you to create and destroy replication slots to register warm standby +replication on a PostgreSQL master server. ##### `name` -Specifies the name of the slot to create. Must be a valid replication slot name. +Specifies the name of the slot to create. Must be a valid replication slot +name. This is the namevar. @@ -1766,11 +1965,14 @@ Default value: 'present'. #### postgresql_conn_validator -Validate the connection to a local or remote PostgreSQL database using this type. +Validate the connection to a local or remote PostgreSQL database using this +type. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`host`, etc). If provided, the individual parameters take precedence. +Specifies a hash of environment variables used when connecting to a remote +server. This is an alternative to providing individual parameters +(`host`, etc). If provided, the individual parameters take precedence. Default value: {} @@ -1782,7 +1984,8 @@ Default value: '' ##### `db_password` -Specifies the password to connect with. Can be left blank if `.pgpass` is being used, otherwise not recommended. +Specifies the password to connect with. Can be left blank if `.pgpass` is +being used, otherwise not recommended. Default value: '' @@ -1816,7 +2019,9 @@ Default value: '' ##### `run_as` -Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. +Specifies the user to run the `psql` command as. This is important when trying +to connect to a database locally using Unix sockets and `ident` authentication. +Not needed for remote testing. ##### `sleep` @@ -1824,29 +2029,39 @@ Sets the number of seconds to sleep for before trying again after a failure. ##### `tries` -Sets the number of attempts after failure before giving up and failing the resource. +Sets the number of attempts after failure before giving up and failing +the resource. ### Functions #### postgresql_password -Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it from the command line and then copy and paste the encrypted password into your manifest: +Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it +from the command line and then copy and paste the encrypted password into your +manifest: ```shell puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' ``` -Alternatively, you can call this from your production manifests, but the manifests will then contain a clear text version of your passwords. +Alternatively, you can call this from your production manifests, but +the manifests will then contain a clear text version of your passwords. #### postgresql_acls_to_resources_hash(acl_array, id, order_offset) -This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. +This internal function converts a list of `pg_hba.conf` based ACLs (passed in +as an array of strings) to a format compatible with +the `postgresql::pg_hba_rule` resource. **This function should only be used internally by the module**. ### Tasks -The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. +The Postgresql module has an example task that allows a user to execute +arbitary SQL against a database. Please refer to to +the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or +[Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how +to execute a task. ## Limitations @@ -1862,15 +2077,18 @@ Other systems might be compatible, but are not being actively tested. ### Apt module support -While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. +While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' +module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. ### PostGIS support -PostGIS is currently considered an unsupported feature, as it doesn't work on all platforms correctly. +PostGIS is currently considered an unsupported feature, as it doesn't work on +all platforms correctly. ### All versions of RHEL/CentOS -If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: +If you have SELinux enabled you must add any custom ports you use to +the `postgresql_port_t` context. You can do this as follows: ```shell semanage port -a -t postgresql_port_t -p tcp $customport @@ -1878,11 +2096,19 @@ semanage port -a -t postgresql_port_t -p tcp $customport ## Development -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). +Puppet Labs modules on the Puppet Forge are open projects, and community +contributions are essential for keeping them great. We can’t access the huge +number of platforms and myriad hardware, software, and deployment +configurations that Puppet is intended to serve. We want to keep it as easy +as possible to contribute changes so that our modules work in your environment. +There are a few guidelines that we need contributors to follow so that we can +have a chance of keeping on top of things. For more information, see our +[module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). ### Tests -There are two types of tests distributed with this module. Unit tests with `rspec-puppet` and system tests using `rspec-system`. +There are two types of tests distributed with this module. Unit tests with +`rspec-puppet` and system tests using `rspec-system`. For unit testing, make sure you have: @@ -1901,7 +2127,9 @@ And then run the unit tests: bundle exec rake spec ``` -The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your GitHub clone of this project. +The unit tests are run in Travis-CI as well. If you want to see the results of +your own tests, register the service hook through Travis-CI via the accounts +section for your GitHub clone of this project. To run the system tests, make sure you also have: @@ -1914,7 +2142,8 @@ Then run the tests using: bundle exec rspec spec/acceptance ``` -To run the tests on different operating systems, see the sets available in `.nodeset.yml` and run the specific set with the following syntax: +To run the tests on different operating systems, see the sets available +in `.nodeset.yml` and run the specific set with the following syntax: ```shell RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance @@ -1922,4 +2151,5 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### Contributors -View the full list of contributors on [Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). +View the full list of contributors on +[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). From 08ad29668e192616b348a21076639d91eed67ea3 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Wed, 31 Jan 2018 14:45:07 +0100 Subject: [PATCH 0306/1000] Copy-edit the README --- README.md | 428 ++++++++++++++++++++-------------------- readmes/README_ja_JP.md | 2 +- 2 files changed, 217 insertions(+), 213 deletions(-) diff --git a/README.md b/README.md index 2e3249d5e2..d791c3ed39 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,7 @@ class { 'postgresql::server': For default settings, declare the `postgresql::server` class as above. To customize PostgreSQL server settings, specify -the [parameters](#postgresqlserver) you want to change: +[the parameters](#postgresqlserver) you want to change: ```puppet class { 'postgresql::server': @@ -83,7 +83,7 @@ on whether you want to allow connections from that location, you might need to adjust your permissions. For more details about server configuration parameters, consult -the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). +[the PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). ### Create a database @@ -127,14 +127,15 @@ postgresql::server::table_grant { 'my_table of test2': } ``` -This example grants **all** privileges on the test1 database and on -the `my_table` table of the test2 database to the specified user or group. +This example grants **all** privileges on the `test1` database and on +the `my_table` table of the `test2` database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use. ### Manage ownership of DB objects -To change the ownership of all objects within a database using REASSIGN OWNED: +To change the ownership of all objects within a database using +`REASSIGN OWNED`: ```puppet postgresql::server::reassign_owned_by { 'new owner is meerkat': @@ -144,13 +145,13 @@ postgresql::server::reassign_owned_by { 'new owner is meerkat': } ``` -This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership +This would run the PostgreSQL statement `REASSIGN OWNED` to update to ownership of all tables, sequences, functions and views currently owned by -the role 'marmot' to be owned by the role 'meerkat' instead. +the role `marmot` to be owned by the role `meerkat` instead. -This applies to objects within the nominated database, 'test_db' only. +This applies to objects within the nominated database, `test_db` only. -For Postgresql >= 9.3, the ownership of the database is also updated. +For PostgreSQL >= 9.3, the ownership of the database is also updated. ### Override defaults @@ -187,17 +188,17 @@ class { 'postgresql::server': Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. -This provides control over how Puppet connects to the remote Postgres instances -and which version is used for generating SQL commands. +This provides control over how Puppet connects to the remote PostgreSQL +instances and which version is used for generating SQL commands. The `connect_settings` hash can contain environment variables to control -Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', -and 'PGSSLKEY'. See -the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) -documentation for a complete list of variables. +PostgreSQL client connections, such as `PGHOST`, `PGPORT`, `PGPASSWORD`, +and `PGSSLKEY`. See +[the PostgreSQL Environment Variables documentation](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) +for a complete list of variables. Additionally, you can specify the target database version with the special -value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, +value of `DBVERSION`. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. You can provide a `connect_settings` hash for each of the Puppet resources, @@ -341,7 +342,7 @@ The `recovery.conf` is only be created if at least one parameter is set To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql_conn_validator` resource. You can use -this on any node where the PostgreSQL client software is installed. It is +this on any node where the PostgreSQL client package is installed. It is often chained to other tasks such as starting an application server or performing a database migration. @@ -414,28 +415,29 @@ amount of control over your security settings. #### postgresql::client -Installs PostgreSQL client software. Set the following parameters if you have +Installs PostgreSQL client package. Set the following parameters if you have a custom version you would like to install. ->**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying +a custom version. ##### `package_ensure` Whether the PostgreSQL client package resource should be present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. ##### `package_name` Sets the name of the PostgreSQL client package. -Default value: 'file'. +Default value: `file`. #### postgresql::lib::docs -Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters +Installs PostgreSQL documentation package. Set the following parameters if you have a custom version you would like to install. **Note:** Make sure to add any necessary yum or apt repositories if specifying @@ -449,9 +451,9 @@ Specifies the name of the PostgreSQL docs package. Whether the PostgreSQL docs package resource should be present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. #### postgresql::globals @@ -487,9 +489,11 @@ Default value: OS dependent. ##### `createdb_path` -**Deprecated.** Path to the `createdb` command. +**Deprecated.** + +Path to the `createdb` command. -Default value: '${bindir}/createdb'. +Default value: `${bindir}/createdb`. ##### `datadir` @@ -497,13 +501,13 @@ Overrides the default PostgreSQL data directory for the target platform. Default value: OS dependent. -**Note:** Changing the datadir after installation causes the server to come +**Note:** Changing the `datadir` after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database -in the new datadir (`needs_initdb` defaults to true on other systems). +in the new `datadir` (`needs_initdb` defaults to true on other systems). -**Warning:** If datadir is changed from the default, Puppet does not manage +**Warning:** If `datadir` is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. @@ -511,16 +515,14 @@ directory is changed back to the original. Optional. -Data type: Boolean. - Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. -Default: initdb's default (`false`). +Default: `initdb`'s default (`false`). -**Warning:** This option is used during initialization by initdb, and cannot +**Warning:** This option is used during initialization by `initdb`, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. @@ -528,7 +530,7 @@ databases. Specifies the name of the default database to connect with. -Default value: 'postgres' (for most systems). +Default value: `postgres` (for most systems). ##### `devel_package_name` @@ -550,14 +552,14 @@ Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. -Default value: Dependent on the operating system's default encoding. +Default value: dependent on the operating system's default encoding. ##### `group` Overrides the default postgres user group to be used for related files in the file system. -Default value: 'postgres'. +Default value: `postgres`. ##### `initdb_path` @@ -565,7 +567,7 @@ Path to the `initdb` command. ##### `java_package_name` -Overrides the default PostgreSQL java package name. +Overrides the default PostgreSQL Java package name. Default value: OS dependent. @@ -575,10 +577,10 @@ Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. -Default value: `undef`, which is effectively 'C'. +Default value: `undef`, which is effectively `"C"`. -**On Debian, you'll need to ensure that the 'locales-all' package is installed -for full functionality of PostgreSQL.** +**Warning:** On Debian, you'll need to ensure that the `locales-all` package is +installed for full functionality of PostgreSQL. ##### `timezone` @@ -589,7 +591,7 @@ default is taking the systems timezone information. Overrides the default PostgreSQL log directory. -Default value: initdb's default path. +Default value: `initdb`'s default path. ##### `manage_package_repo` @@ -599,14 +601,14 @@ Default value: `false`. ##### `module_workdir` -Specifies working directory under which the psql command should be executed. -May need to specify if '/tmp' is on volume mounted with noexec option. +Specifies working directory under which the `psql` command should be executed. +May need to specify if `/tmp` is on volume mounted with `noexec` option. -Default value: '/tmp'. +Default value: `/tmp`. ##### `needs_initdb` -Explicitly calls the initdb operation after the server package is installed +Explicitly calls the `initdb` operation after the server package is installed and before the PostgreSQL service is started. Default value: OS dependent. @@ -624,20 +626,20 @@ Disables the defaults supplied with the module for `pg_hba.conf` if set to your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. -Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` +Default value: the globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`. ##### `pg_hba_conf_path` Specifies the path to your `pg_hba.conf` file. -Default value: '${confdir}/pg_hba.conf'. +Default value: `${confdir}/pg_hba.conf`. ##### `pg_ident_conf_path` Specifies the path to your `pg_ident.conf` file. -Default value: '${confdir}/pg_ident.conf'. +Default value: `${confdir}/pg_ident.conf`. ##### `plperl_package_name` @@ -655,14 +657,14 @@ Default value: OS dependent. Defines the version of PostGIS to install, if you install PostGIS. -Default value: The lowest available with the version of PostgreSQL to be +Default value: the lowest available with the version of PostgreSQL to be installed. ##### `postgresql_conf_path` Sets the path to your `postgresql.conf` file. -Default value: '${confdir}/postgresql.conf'. +Default value: `${confdir}/postgresql.conf`. ##### `psql_path` @@ -691,7 +693,7 @@ Debian is currently not supported. Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: The official PostgreSQL repository. +Default value: the official PostgreSQL repository. ##### `server_package_name` @@ -722,7 +724,7 @@ Default value: OS dependent. Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: 'postgres'. +Default value: `postgres`. ##### `version` @@ -744,7 +746,7 @@ symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). ##### `link_pg_config` If the bin directory used by the PostgreSQL page is not `/usr/bin` or -`/usr/local/bin`, symlinks `pg_config` from the package's bin dir into +`/usr/local/bin`, symlinks `pg_config` from the package's bin directory into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. @@ -754,16 +756,16 @@ Default value: `true`. ##### `package_ensure` -Overrides the 'ensure' parameter during package installation. +Overrides the `ensure` parameter during package installation. -Default value: 'present'. +Default value: `present`. ##### `package_name` Overrides the default package name for the distribution you are installing to. -Default value: 'postgresql-devel' or 'postgresql-devel' depending on -your distro. +Default value: `postgresql-devel` or `postgresql-devel` depending on +your OS. #### postgresql::lib::java @@ -777,9 +779,9 @@ a custom version. Specifies whether the package is present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. ##### `package_name` @@ -793,9 +795,9 @@ Installs the PostgreSQL Perl libraries. Specifies whether the package is present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. ##### `package_name` @@ -813,9 +815,9 @@ Specifies the name of the postgresql PL/Python package. Specifies whether the package is present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. #### postgresql::lib::python @@ -825,9 +827,9 @@ Installs PostgreSQL Python libraries. Specifies whether the package is present. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. ##### `package_name` @@ -837,31 +839,31 @@ The name of the PostgreSQL Python package. ##### `createdb_path` -**Deprecated.** Specifies the path to the `createdb` command. +**Deprecated.** + +Specifies the path to the `createdb` command. -Default value: '${bindir}/createdb'. +Default value: `${bindir}/createdb`. ##### `data_checksums` Optional. -Data type: Boolean. - Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. -Default value: initdb's default (`false`). +Default value: `initdb`'s default (`false`). -**Warning:** This option is used during initialization by initdb, and cannot be -changed later. If set, checksums are calculated for all objects, in all +**Warning:** This option is used during initialization by `initdb`, and cannot +be changed later. If set, checksums are calculated for all objects, in all databases. ##### `default_database` Specifies the name of the default database to connect with. On most systems -this is 'postgres'. +this is `postgres`. ##### `default_connect_settings` @@ -882,29 +884,27 @@ Default value: `undef`. Overrides the default postgres user group to be used for related files in the file system. -Default value: OS dependent default. +Default value: OS dependent. ##### `initdb_path` Specifies the path to the `initdb` command. -Default value: '${bindir}/initdb'. +Default value: `${bindir}/initdb`. ##### `ipv4acls` Lists strings for access control for connection method, users, databases, IPv4 -addresses; - -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) -on `pg_hba.conf` for information. +addresses. See +[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) +for information. ##### `ipv6acls` Lists strings for access control for connection method, users, databases, IPv6 -addresses. - -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) -on `pg_hba.conf` for information. +addresses. See +[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) +for information. ##### `ip_mask_allow_all_users` @@ -912,18 +912,18 @@ Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, -or '192.168.0.0/1' to allow connections from any machine on your local -'192.168' subnet. +Set to `0.0.0.0/0` to allow database users to connect from any remote machine, +or `192.168.0.0/1` to allow connections from any machine on your local +`192.168` subnet. -Default value: '127.0.0.1/32'. +Default value: `127.0.0.1/32`. ##### `ip_mask_deny_postgres_user` Specifies the IP mask from which remote connections should be denied for the postgres superuser. -Default value: '0.0.0.0/0', which denies any remote connection. +Default value: `0.0.0.0/0`, which denies any remote connection. ##### `locale` @@ -931,10 +931,10 @@ Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. -Default value: `undef`, which is effectively 'C'. +Default value: `undef`, which is effectively `"C"`. -**On Debian, you must ensure that the 'locales-all' package is installed for -full functionality of PostgreSQL.** +**Warning:** On Debian, you'll need to ensure that the `locales-all` package is +installed for full functionality of PostgreSQL. ##### `manage_pg_hba_conf` @@ -986,7 +986,7 @@ Default value: `undef`. ##### `package_name` -Specifies the name of the package to use for installing the server software. +Specifies the name of the package to use for installing the PostgreSQL server. Default value: OS dependent. @@ -1006,7 +1006,7 @@ Specifies the path to your `pg_hba.conf` file. Specifies the path to your `pg_ident.conf` file. -Default value: '${confdir}/pg_ident.conf'. +Default value: `${confdir}/pg_ident.conf`. ##### `plperl_package_name` @@ -1022,18 +1022,19 @@ Default value: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. **Note:** The same +Specifies the port for the PostgreSQL server to listen on. + +**Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. -Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +Default value: 5432 ##### `postgres_password` Sets the password for the postgres user to your specified value. By default, -this setting uses the superuser account in the Postgres database, with a user -called `postgres` and no password. +this setting uses the superuser account. Default value: `undef`. @@ -1041,7 +1042,7 @@ Default value: `undef`. Specifies the path to your `postgresql.conf` file. -Default value: '${confdir}/postgresql.conf'. +Default value: `${confdir}/postgresql.conf`. ##### `psql_path` @@ -1091,7 +1092,7 @@ Default value: OS dependent. Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: 'postgres'. +Default value: `postgres`. #### postgresql::server::contrib @@ -1137,11 +1138,11 @@ postgresql::server::config_entry { 'check_function_bodies': ##### `ensure` -Removes an entry if set to 'absent'. +Removes an entry when set to `absent`. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. ##### `value` @@ -1161,7 +1162,7 @@ command. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `dbname` @@ -1173,13 +1174,13 @@ Default value: the namevar. Overrides the character set during creation of the database. -Default value: The default defined during installation. +Default value: the default defined during installation. ##### `grant` Specifies the permissions to grant during creation. -Default value: 'ALL'. +Default value: `ALL`. ##### `istemplate` @@ -1191,18 +1192,20 @@ Default value: `false`. Overrides the locale during creation of the database. -Default value: The default defined during installation. +Default value: the default defined during installation. ##### `owner` Sets a user as the owner of the database. -Default value: '$user' variable set in `postgresql::server` or +Default value: `$user` variable set in `postgresql::server` or `postgresql::globals`. ##### `password` -**Required** Sets the password for the created user. +Required. + +Sets the password for the created user. ##### `tablespace` @@ -1214,11 +1217,13 @@ Default value: PostgreSQL default. Specifies the name of the template database from which to build this database. -Defaults value: `template0`. +Default value: `template0`. ##### `user` -User to create and assign access to the database upon creation. Mandatory. +Required. + +User to create and assign access to the database upon creation. #### postgresql::server::database @@ -1228,13 +1233,13 @@ Creates a database with no users and no permissions. Sets the name of the database. -Defaults value: The namevar. +Default value: the namevar. ##### `encoding` Overrides the character set during creation of the database. -Default value: The default defined during installation. +Default value: the default defined during installation. ##### `istemplate` @@ -1246,33 +1251,33 @@ Default value: `false`. Overrides the locale during creation of the database. -Default value: The default defined during installation. +Default value: the default defined during installation. ##### `owner` Sets name of the database owner. -Default value: The '$user' variable set in `postgresql::server` or +Default value: the `$user` variable set in `postgresql::server` or `postgresql::globals`. ##### `tablespace` Sets tablespace for where to create this database. -Default value: The default defined during installation. +Default value: the default defined during installation. ##### `template` Specifies the name of the template database from which to build this database. -Default value: 'template0'. +Default value: `template0`. #### postgresql::server::database_grant Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult -the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) +[the PostgreSQL documentation for `GRANT`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. #### `connect_settings` @@ -1280,7 +1285,7 @@ for more information. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `db` @@ -1290,21 +1295,21 @@ Specifies the database to which you are granting access. Specifies comma-separated list of privileges to grant. -Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. +Valid values: `ALL`, `CREATE`, `CONNECT`, `TEMPORARY`, `TEMP`. ##### `psql_db` Defines the database to execute the grant against. -**This should not ordinarily be changed from the default** +**Warning:** This should not ordinarily be changed from the default. -Default value: 'postgres'. +Default value: `postgres`. ##### `psql_user` Specifies the OS user for running `psql`. -Default value: The default user for the module, usually 'postgres'. +Default value: the default user for the module, usually `postgres`. ##### `role` @@ -1326,14 +1331,14 @@ Specifies the schema on which to activate the extension. Specifies whether to activate or deactivate the extension. -Valid options: 'present' or 'absent'. +Valid values: `present` or `absent`. -#### `extension` +##### `extension` Specifies the extension to activate. If left blank, uses the name of the resource. -#### `version` +##### `version` Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change @@ -1347,9 +1352,9 @@ This needs be updated using the PostgreSQL-specific SQL `ALTER EXTENSION...` `version` may be set to a specific version, in which case the extension is updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` -eg. If extension is set to `postgis` and version is set to `2.3.3`, this will -apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database -only. +For example, if extension is set to `postgis` and version is set to `2.3.3`, +this will only apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to +the database. `version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, and the version will be left unchanged. @@ -1380,16 +1385,14 @@ Specifies the database to which you are granting access. Specifies the type of object to which you are granting privileges. -Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', +Valid values: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. ##### `object_name` Specifies name of `object_type` to which to grant access, can be either -a string or a two element array. - -String: 'object_name' -Array: ['schema_name', 'object_name'] +a string or a two element array. When it is an array then the first element +must be the `object_type` and the second actual `object_name`. ##### `port` @@ -1402,21 +1405,21 @@ PostgreSQL packaging. Specifies the privilege to grant. -Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. +Valid values: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. ##### `psql_db` Specifies the database to execute the grant against. -**This should not ordinarily be changed from the default** +**Warning:** This should not ordinarily be changed from the default. -Default value: 'postgres'. +Default value: `postgres`. ##### `psql_user` Sets the OS user to run `psql`. -Default value: the default user for the module, usually 'postgres'. +Default value: the default user for the module, usually `postgres`. ##### `role` @@ -1441,9 +1444,9 @@ of the resource. Specifies whether to grant or revoke the membership. -Valid options: 'present' or 'absent'. +Valid values: `present` or `absent`. -Default value: 'present'. +Default value: `present`. ##### `port` @@ -1456,9 +1459,9 @@ PostgreSQL packaging. Specifies the database to execute the grant against. -**This should not ordinarily be changed from the default** +**Warning:** This should not ordinarily be changed from the default. -Default value: 'postgres'. +Default value: `postgres`. ##### `psql_user` @@ -1471,28 +1474,26 @@ Default value: the default user for the module, usually `postgres`. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. #### postgresql::server::pg_hba_rule Allows you to create an access rule for `pg_hba.conf`. For more details see -the [usage example](#create-an-access-rule-for-pghba.conf) and -the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). +[the usage example](#create-an-access-rule-for-pghba.conf) and +[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). ##### `address` -Sets a CIDR based address for this rule matching when the type is not 'local'. +Sets a CIDR based address for this rule matching when the type is not `local`. ##### `auth_method` Provides the method that is used for authentication for the connection that -this rule matches. Described further in the PostgreSQL `pg_hba.conf` -documentation. +this rule matches. ##### `auth_option` For certain `auth_method` settings there are extra options that can be passed. -Consult the PostgreSQL `pg_hba.conf` documentation for further details. ##### `database` @@ -1503,7 +1504,7 @@ Sets a comma-separated list of databases that this rule matches. Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. -Default value: 'none'. +Default value: `none`. Specifies a way to uniquely identify this resource, but functionally does nothing. @@ -1524,13 +1525,13 @@ Default value: the version set in `postgresql::server`. Provides the target for the rule, and is generally an internal only property. -**Use with caution.** +**Warning:** Use with caution. ##### `type` Sets the type of rule. -Valid options: 'local', 'host', 'hostssl' or 'hostnossl'. +Valid values: `local`, `host`, `hostssl` or `hostnossl`. ##### `user` @@ -1538,9 +1539,9 @@ Sets a comma-separated list of users that this rule matches. #### postgresql::server::pg_ident_rule -Allows you to create user name maps for `pg_ident.conf`. For more details see -the [usage example](#create-user-name-maps-for-pgidentconf) above and -the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). +Allows you to create user name maps for `pg_ident.conf`. For more details see +[the usage example](#create-user-name-maps-for-pgidentconf) above and +[the PostgreSQL User Name Maps documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). ##### `database_username` @@ -1552,7 +1553,7 @@ to this user name. Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. -Default value: 'none'. +Default value: `none`. ##### `map_name` @@ -1574,31 +1575,31 @@ the database). Provides the target for the rule and is generally an internal only property. -**Use with caution.** +**Warning:** Use with caution. #### postgresql::server::reassign_owned_by -Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer +Runs the PostgreSQL command `REASSIGN OWNED` on a database, to transfer the ownership of existing objects between database roles ##### `db` -Specifies the database to which the 'REASSIGN OWNED' will be applied +Specifies the database to which the `REASSIGN OWNED` will be applied. ##### `old_role` Specifies the role or user who is the current owner of the objects in -the specified db +the specified db. ##### `new_role` -Specifies the role or user who will be the new owner of these objects +Specifies the role or user who will be the new owner of these objects. ##### `psql_user` Specifies the OS user for running `psql`. -Default value: The default user for the module, usually 'postgres'. +Default value: the default user for the module, usually `postgres`. ##### `port` @@ -1612,20 +1613,20 @@ your PostgreSQL packaging. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. #### postgresql::server::recovery -Allows you to create the content for `recovery.conf`. For more details see -the [usage example](#create-recovery-configuration) and -the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +Allows you to create the content for `recovery.conf`. For more details see +[the usage example](#create-recovery-configuration) and +[the PostgreSQL Recovery Configuration documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. A detailed description of all listed parameters can be found in -the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +[the PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). The parameters are grouped into these three sections: @@ -1647,7 +1648,7 @@ The parameters are grouped into these three sections: ##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) -* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (`true`/`false`). +* `standby_mode`: Can be specified with the string (`on`/`off`), or by using a `Boolean` value (`true`/`false`). * `primary_conninfo` * `primary_slot_name` * `trigger_file` @@ -1657,7 +1658,7 @@ The parameters are grouped into these three sections: Provides the target for the rule, and is generally an internal only property. -**Use with caution.** +**Warning:** Use with caution. #### postgresql::server::role @@ -1676,14 +1677,14 @@ Default value: `present`. Specifies how many concurrent connections the role can make. -Default value: '-1', meaning no limit. +Default value: `-1`, meaning no limit. ##### `connect_settings` Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `createdb` @@ -1753,7 +1754,7 @@ Creates a schema. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `db` @@ -1773,15 +1774,16 @@ Default value: the namevar. #### postgresql::server::table_grant -Manages grant-based access privileges for users. Consult the PostgreSQL -documentation for `grant` for more information. +Manages grant-based access privileges for users. Consult +[the PostgreSQL documentation for `GRANT`](http://www.postgresql.org/docs/current/static/sql-grant.html) +for more information. ##### `connect_settings` Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `db` @@ -1789,22 +1791,24 @@ Specifies which database the table is in. ##### `privilege` -Specifies comma-separated list of privileges to grant. Valid options: 'ALL', -'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. +Specifies comma-separated list of privileges to grant. + +Valid values: `ALL`, `SELECT`, `INSERT`, `UPDATE`, `DELETE`, `TRUNCATE`, +`REFERENCES`, `TRIGGER`. ##### `psql_db` Specifies the database to execute the grant against. -This should not ordinarily be changed from the default. +**Warning:** This should not ordinarily be changed from the default. -Default value: 'postgres'. +Default value: `postgres`. ##### `psql_user` Specifies the OS user for running `psql`. -Default value: The default user for the module, usually 'postgres'. +Default value: the default user for the module, usually `postgres`. ##### `role` @@ -1824,7 +1828,7 @@ the same permissions as the PostgreSQL server. Specifies a hash of environment variables used when connecting to a remote server. -Default value: Connects to the local Postgres instance. +Default value: local PostgreSQL instance. ##### `location` @@ -1844,20 +1848,20 @@ Default value: the namevar. #### postgresql_psql -Enables Puppet to run psql statements. +Enables Puppet to run `psql` statements. ##### `command` Required. -Specifies the SQL command to execute via psql. +Specifies the SQL command to execute via `psql`. ##### `cwd` -Specifies the working directory under which the psql command should be +Specifies the working directory under which the `psql` command should be executed. -Default value: '/tmp'. +Default value: `/tmp`. ##### `db` @@ -1886,23 +1890,23 @@ Specifies the port of the database server to execute the SQL command against. ##### `psql_group` -Specifies the system user group account under which the psql command should be -executed. +Specifies the system user group account under which the `psql` command should +be executed. -Default value: 'postgres'. +Default value: `postgres`. ##### `psql_path` -Specifies the path to psql executable. +Specifies the path to `psql` executable. -Default value: 'psql'. +Default value: `psql`. ##### `psql_user` -Specifies the system user account under which the psql command should be +Specifies the system user account under which the `psql` command should be executed. -Default value: 'postgres'. +Default value: `postgres`. ##### `refreshonly` @@ -1935,7 +1939,7 @@ This is the namevar. Specifies the path to `postgresql.conf`. -Default value: '/etc/postgresql.conf'. +Default value: `/etc/postgresql.conf`. ##### `value` @@ -1959,9 +1963,9 @@ Required. Specifies the action to create or destroy named slot. -Valid values: 'present', 'absent'. +Valid values: `present`, `absent`. -Default value: 'present'. +Default value: `present`. #### postgresql_conn_validator @@ -1974,26 +1978,26 @@ Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`host`, etc). If provided, the individual parameters take precedence. -Default value: {} +Default value: `{}` ##### `db_name` Specifies the name of the database you wish to test. -Default value: '' +Default value: `''` ##### `db_password` Specifies the password to connect with. Can be left blank if `.pgpass` is being used, otherwise not recommended. -Default value: '' +Default value: `''` ##### `db_username` Specifies the username to connect with. -Default value: '' +Default value: `''` When using a Unix socket and ident auth, this is the user you are running as. @@ -2001,21 +2005,21 @@ When using a Unix socket and ident auth, this is the user you are running as. This is the command run against the target database to verify connectivity. -Default value: 'SELECT 1' +Default value: `SELECT 1` ##### `host` Sets the hostname of the database you wish to test. -Default value: '', which generally uses the designated local Unix socket. +Default value: `''`, which generally uses the designated local Unix socket. -**If the host is remote you must provide a username.** +**Warning:** If the host is remote you must provide a username. ##### `port` Defines the port to use when connecting. -Default value: '' +Default value: `''` ##### `run_as` @@ -2053,14 +2057,14 @@ This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. -**This function should only be used internally by the module**. +**Warning:** This function should only be used internally by the module. ### Tasks -The Postgresql module has an example task that allows a user to execute -arbitary SQL against a database. Please refer to to -the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or -[Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how +The postgresql module has an example task that allows a user to execute +arbitrary SQL against a database. Please refer to to +[the PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or +[the Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. ## Limitations @@ -2077,8 +2081,8 @@ Other systems might be compatible, but are not being actively tested. ### Apt module support -While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' -module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. +While this module supports both 1.x and 2.x versions of the puppetlabs-apt +module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. ### PostGIS support @@ -2097,7 +2101,7 @@ semanage port -a -t postgresql_port_t -p tcp $customport ## Development Puppet Labs modules on the Puppet Forge are open projects, and community -contributions are essential for keeping them great. We can’t access the huge +contributions are essential for keeping them great. We can't access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. @@ -2152,4 +2156,4 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### Contributors View the full list of contributors on -[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). +[GitHub](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index d1a0d75be6..e079ed5cf0 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1902,4 +1902,4 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### コントリビュータ -貢献してくださった方々の一覧を[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 +貢献してくださった方々の一覧を[GitHub](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 From 441ce54853990d0c2de44049401604f493f0b583 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 12 Feb 2018 14:31:13 +0000 Subject: [PATCH 0307/1000] (MODULES-6608) - Adding puppet requirement for tasks versioncmp in beaker-task_helper A change in the new beaker-task_helper uses versioncmp. Therefore adding a puppet requirement in the spec_helper_acceptance to access versioncmp. --- spec/spec_helper_acceptance.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 77a3992062..f1d9e3ee1c 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,3 +1,4 @@ +require 'puppet' require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' require 'beaker/puppet_install_helper' From 9937fdc8dc312f554745adfe3780ad92aa140b63 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 31 Jan 2018 14:43:20 +0000 Subject: [PATCH 0308/1000] Rubocop Conversion finished --- .sync.yml | 4 + .travis.yml | 2 + .../postgresql_acls_to_resources_hash.rb | 49 +- .../parser/functions/postgresql_escape.rb | 19 +- .../parser/functions/postgresql_password.rb | 11 +- lib/puppet/provider/postgresql_conf/parsed.rb | 62 ++- .../postgresql_conn_validator/ruby.rb | 4 +- lib/puppet/provider/postgresql_psql/ruby.rb | 59 ++- .../postgresql_replication_slot/ruby.rb | 45 +- lib/puppet/type/postgresql_conf.rb | 16 +- lib/puppet/type/postgresql_conn_validator.rb | 21 +- lib/puppet/type/postgresql_psql.rb | 68 +-- .../type/postgresql_replication_slot.rb | 4 +- lib/puppet/util/postgresql_validator.rb | 95 ++-- spec/acceptance/00-utf8_encoding_spec.rb | 22 +- spec/acceptance/alternative_port_spec.rb | 18 +- spec/acceptance/db_spec.rb | 31 +- spec/acceptance/default_parameters_spec.rb | 16 +- .../postgresql_conn_validator_spec.rb | 71 ++- spec/acceptance/postgresql_psql_spec.rb | 250 +++++----- spec/acceptance/remote_access_spec.rb | 29 +- spec/acceptance/server/config_entry_spec.rb | 21 +- spec/acceptance/server/grant_role_spec.rb | 448 +++++++++--------- spec/acceptance/server/grant_spec.rb | 309 ++++++------ .../server/reassign_owned_by_spec.rb | 152 +++--- spec/acceptance/server/recovery_spec.rb | 63 ++- spec/acceptance/server/schema_spec.rb | 95 ++-- spec/acceptance/sql_task_spec.rb | 6 +- spec/acceptance/z_alternative_pgdata_spec.rb | 17 +- spec/spec_helper_acceptance.rb | 32 +- spec/unit/classes/client_spec.rb | 49 +- spec/unit/classes/globals_spec.rb | 58 +-- spec/unit/classes/lib/devel_spec.rb | 79 +-- spec/unit/classes/lib/java_spec.rb | 67 +-- spec/unit/classes/lib/perl_spec.rb | 48 +- spec/unit/classes/lib/pgdocs_spec.rb | 43 +- spec/unit/classes/lib/python_spec.rb | 48 +- spec/unit/classes/params_spec.rb | 11 +- spec/unit/classes/repo_spec.rb | 28 +- spec/unit/classes/server/config_spec.rb | 174 +++---- spec/unit/classes/server/contrib_spec.rb | 44 +- spec/unit/classes/server/initdb_spec.rb | 120 ++--- spec/unit/classes/server/plperl_spec.rb | 42 +- spec/unit/classes/server/plpython_spec.rb | 58 ++- spec/unit/classes/server/postgis_spec.rb | 36 +- spec/unit/classes/server_spec.rb | 144 +++--- spec/unit/defines/server/config_entry_spec.rb | 134 +++--- .../defines/server/database_grant_spec.rb | 22 +- spec/unit/defines/server/database_spec.rb | 52 +- spec/unit/defines/server/db_spec.rb | 33 +- spec/unit/defines/server/extension_spec.rb | 171 +++---- spec/unit/defines/server/grant_role_spec.rb | 97 ++-- spec/unit/defines/server/grant_spec.rb | 196 ++++---- spec/unit/defines/server/pg_hba_rule_spec.rb | 120 +++-- .../unit/defines/server/pg_ident_rule_spec.rb | 46 +- .../defines/server/reassign_owned_by_spec.rb | 35 +- spec/unit/defines/server/recovery_spec.rb | 106 +++-- spec/unit/defines/server/role_spec.rb | 157 +++--- spec/unit/defines/server/schema_spec.rb | 28 +- spec/unit/defines/server/table_grant_spec.rb | 24 +- spec/unit/defines/server/tablespace_spec.rb | 24 +- .../defines/validate_db_connection_spec.rb | 58 +-- .../postgresql_acls_to_resources_hash_spec.rb | 103 +--- spec/unit/functions/postgresql_escape_spec.rb | 31 +- .../functions/postgresql_password_spec.rb | 14 +- .../provider/postgresql_conf/parsed_spec.rb | 127 +++-- .../postgresql_conn_validator/ruby_spec.rb | 55 ++- .../provider/postgresql_psql/ruby_spec.rb | 121 ++--- .../postgresql_replication_slot/ruby_spec.rb | 71 +-- .../puppet/type/postgresql_conn_validator.rb | 34 +- spec/unit/puppet/type/postgresql_psql_spec.rb | 323 +++++++------ .../type/postgresql_replication_slot_spec.rb | 6 +- spec/unit/type/postgresql_conf_spec.rb | 38 +- tasks/sql.rb | 2 +- 74 files changed, 2621 insertions(+), 2695 deletions(-) diff --git a/.sync.yml b/.sync.yml index 5850feded2..436f1c4ae8 100644 --- a/.sync.yml +++ b/.sync.yml @@ -5,3 +5,7 @@ appveyor.yml: delete: true spec/spec_helper.rb: allow_deprecations: true +.travis.yml: + extras: + - rvm: 2.1.9 + script: bundle exec rake rubocop diff --git a/.travis.yml b/.travis.yml index b5d31807d0..47c6d8debd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,5 +25,7 @@ matrix: - rvm: 2.1.9 bundler_args: --without system_tests env: PUPPET_GEM_VERSION="~> 4.0" + - rvm: 2.1.9 + script: bundle exec rake rubocop notifications: email: false diff --git a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb index 2508f85895..e9112caa6a 100644 --- a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb @@ -1,5 +1,6 @@ +# postgresql_acls_to_resources_hash.rb module Puppet::Parser::Functions - newfunction(:postgresql_acls_to_resources_hash, :type => :rvalue, :doc => <<-EOS + newfunction(:postgresql_acls_to_resources_hash, type: :rvalue, doc: <<-EOS This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outside of the postgresql internal classes/defined resources. @@ -14,11 +15,13 @@ module Puppet::Parser::Functions The third parameter is an order offset, so you can start the order at an arbitrary starting point. EOS - ) do |args| - func_name = "postgresql_acls_to_resources_hash()" + ) do |args| + func_name = 'postgresql_acls_to_resources_hash()' - raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " + - "given (#{args.size} for 3)") if args.size != 3 + if args.size != 3 + raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " \ + "given (#{args.size} for 3)") + end acls = args[0] raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ @@ -38,36 +41,32 @@ module Puppet::Parser::Functions parts = acl.split - raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " + - "have enough parts") unless parts.length >= 4 + unless parts.length >= 4 + raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " \ + 'have enough parts') + end resource = { 'type' => parts[0], 'database' => parts[1], 'user' => parts[2], - 'order' => format('%03d', offset + index), + 'order' => format('%03d', offset + index), # rubocop:disable Style/FormatString } - if parts[0] == 'local' then + if parts[0] == 'local' resource['auth_method'] = parts[3] - if parts.length > 4 then - resource['auth_option'] = parts.last(parts.length - 4).join(" ") + if parts.length > 4 + resource['auth_option'] = parts.last(parts.length - 4).join(' ') end - else - if parts[4] =~ /^\d/ - resource['address'] = parts[3] + ' ' + parts[4] - resource['auth_method'] = parts[5] + elsif parts[4] =~ %r{^\d} + resource['address'] = parts[3] + ' ' + parts[4] + resource['auth_method'] = parts[5] - if parts.length > 6 then - resource['auth_option'] = parts.last(parts.length - 6).join(" ") - end - else - resource['address'] = parts[3] - resource['auth_method'] = parts[4] + resource['auth_option'] = parts.last(parts.length - 6).join(' ') if parts.length > 6 + else + resource['address'] = parts[3] + resource['auth_method'] = parts[4] - if parts.length > 5 then - resource['auth_option'] = parts.last(parts.length - 5).join(" ") - end - end + resource['auth_option'] = parts.last(parts.length - 5).join(' ') if parts.length > 5 end resources["postgresql class generated rule #{id} #{index}"] = resource end diff --git a/lib/puppet/parser/functions/postgresql_escape.rb b/lib/puppet/parser/functions/postgresql_escape.rb index 1ec11b8579..49d6d7e2dd 100644 --- a/lib/puppet/parser/functions/postgresql_escape.rb +++ b/lib/puppet/parser/functions/postgresql_escape.rb @@ -1,22 +1,25 @@ require 'digest/md5' +# postgresql_escape.rb module Puppet::Parser::Functions - newfunction(:postgresql_escape, :type => :rvalue, :doc => <<-EOS + newfunction(:postgresql_escape, type: :rvalue, doc: <<-EOS Safely escapes a string using $$ using a random tag which should be consistent EOS - ) do |args| + ) do |args| - raise(Puppet::ParseError, "postgresql_escape(): Wrong number of arguments " + - "given (#{args.size} for 1)") if args.size != 1 + if args.size != 1 + raise(Puppet::ParseError, 'postgresql_escape(): Wrong number of arguments ' \ + "given (#{args.size} for 1)") + end password = args[0] - if password !~ /\$\$/ and password[-1] != '$' + if password !~ %r{\$\$} && password[-1] != '$' retval = "$$#{password}$$" else - escape = Digest::MD5.hexdigest(password)[0..5].gsub(/\d/,'') - until password !~ /#{escape}/ - escape = Digest::MD5.hexdigest(escape)[0..5].gsub(/\d/,'') + escape = Digest::MD5.hexdigest(password)[0..5].gsub(%r{\d}, '') + until password !~ %r{#{escape}} + escape = Digest::MD5.hexdigest(escape)[0..5].gsub(%r{\d}, '') end retval = "$#{escape}$#{password}$#{escape}$" end diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb index e5d262079f..e53e5f94f9 100644 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ b/lib/puppet/parser/functions/postgresql_password.rb @@ -1,14 +1,17 @@ # hash a string as mysql's "PASSWORD()" function would do it require 'digest/md5' +# postgresql_password.rb module Puppet::Parser::Functions - newfunction(:postgresql_password, :type => :rvalue, :doc => <<-EOS + newfunction(:postgresql_password, type: :rvalue, doc: <<-EOS Returns the postgresql password hash from the clear text username / password. EOS - ) do |args| + ) do |args| - raise(Puppet::ParseError, "postgresql_password(): Wrong number of arguments " + - "given (#{args.size} for 2)") if args.size != 2 + if args.size != 2 + raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ + "given (#{args.size} for 2)") + end username = args[0] password = args[1] diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index 88bd303f3b..40a9cd4d14 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -2,41 +2,39 @@ Puppet::Type.type(:postgresql_conf).provide( :parsed, - :parent => Puppet::Provider::ParsedFile, - :default_target => '/etc/postgresql.conf', - :filetype => :flat + parent: Puppet::Provider::ParsedFile, + default_target: '/etc/postgresql.conf', + filetype: :flat, ) do - desc "Set key/values in postgresql.conf." + desc 'Set key/values in postgresql.conf.' - text_line :comment, :match => /^\s*#/ - text_line :blank, :match => /^\s*$/ + text_line :comment, match: %r{^\s*#} + text_line :blank, match: %r{^\s*$} record_line :parsed, - :fields => %w{name value comment}, - :optional => %w{comment}, - :match => /^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$/, - :to_line => proc { |h| - - # simple string and numeric values don't need to be enclosed in quotes - if h[:value].is_a?(Numeric) - val = h[:value].to_s - else - val = h[:value] - end - dontneedquote = val.match(/^(\d+.?\d+|\w+)$/) - dontneedequal = h[:name].match(/^(include|include_if_exists)$/i) - - str = h[:name].downcase # normalize case - str += dontneedequal ? ' ' : ' = ' - str += "'" unless dontneedquote && !dontneedequal - str += val - str += "'" unless dontneedquote && !dontneedequal - str += " # #{h[:comment]}" unless (h[:comment].nil? or h[:comment] == :absent) - str - }, - :post_parse => proc { |h| - h[:name].downcase! # normalize case - h[:value].gsub!(/(^'|'$)/, '') # strip out quotes - } + fields: %w[name value comment], + optional: %w[comment], + match: %r{^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$}, + to_line: proc { |h| + # simple string and numeric values don't need to be enclosed in quotes + val = if h[:value].is_a?(Numeric) + h[:value].to_s + else + h[:value] + end + dontneedquote = val.match(%r{^(\d+.?\d+|\w+)$}) + dontneedequal = h[:name].match(%r{^(include|include_if_exists)$}i) + str = h[:name].downcase # normalize case + str += dontneedequal ? ' ' : ' = ' + str += "'" unless dontneedquote && !dontneedequal + str += val + str += "'" unless dontneedquote && !dontneedequal + str += " # #{h[:comment]}" unless h[:comment].nil? || h[:comment] == :absent + str + }, + post_parse: proc { |h| + h[:name].downcase! # normalize case + h[:value].gsub!(%r{(^'|'$)}, '') # strip out quotes + } end diff --git a/lib/puppet/provider/postgresql_conn_validator/ruby.rb b/lib/puppet/provider/postgresql_conn_validator/ruby.rb index f31b8b9181..6e26e529d5 100644 --- a/lib/puppet/provider/postgresql_conn_validator/ruby.rb +++ b/lib/puppet/provider/postgresql_conn_validator/ruby.rb @@ -1,4 +1,4 @@ -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..","..")) +$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', '..', '..')) require 'puppet/util/postgresql_validator' # This file contains a provider for the resource type `postgresql_conn_validator`, @@ -38,6 +38,4 @@ def create def validator @validator ||= Puppet::Util::PostgresqlValidator.new(resource) end - end - diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 166c8bc280..45e7b077a2 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -1,9 +1,8 @@ Puppet::Type.type(:postgresql_psql).provide(:ruby) do - def run_unless_sql_command(sql) # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', # which makes it easier to parse and process the output. - run_sql_command('SELECT COUNT(*) FROM (' << sql << ') count') + run_sql_command('SELECT COUNT(*) FROM (' << sql << ') count') end def run_sql_command(sql) @@ -12,9 +11,9 @@ def run_sql_command(sql) end command = [resource[:psql_path]] - command.push("-d", resource[:db]) if resource[:db] - command.push("-p", resource[:port]) if resource[:port] - command.push("-t", "-c", '"' + sql.gsub('"', '\"') + '"') + command.push('-d', resource[:db]) if resource[:db] + command.push('-p', resource[:port]) if resource[:port] + command.push('-t', '-c', '"' + sql.gsub('"', '\"') + '"') environment = get_environment @@ -29,28 +28,29 @@ def run_sql_command(sql) private - def get_environment + def get_environment # rubocop:disable Style/AccessorMethodName : Refactor does not work correctly environment = (resource[:connect_settings] || {}).dup - if envlist = resource[:environment] - envlist = [envlist] unless envlist.is_a? Array - envlist.each do |setting| - if setting =~ /^(\w+)=((.|\n)+)$/ - env_name = $1 - value = $2 - if environment.include?(env_name) || environment.include?(env_name.to_sym) - if env_name == 'NEWPGPASSWD' - warning "Overriding environment setting '#{env_name}' with '****'" - else - warning "Overriding environment setting '#{env_name}' with '#{value}'" - end + envlist = resource[:environment] + return environment unless envlist + + envlist = [envlist] unless envlist.is_a? Array + envlist.each do |setting| + if setting =~ %r{^(\w+)=((.|\n)+)$} + env_name = Regexp.last_match(1) + value = Regexp.last_match(2) + if environment.include?(env_name) || environment.include?(env_name.to_sym) + if env_name == 'NEWPGPASSWD' + warning "Overriding environment setting '#{env_name}' with '****'" + else + warning "Overriding environment setting '#{env_name}' with '#{value}'" end - environment[env_name] = value - else - warning "Cannot understand environment setting #{setting.inspect}" end + environment[env_name] = value + else + warning "Cannot understand environment setting #{setting.inspect}" end end - return environment + environment end def run_command(command, user, group, environment) @@ -65,16 +65,13 @@ def run_command(command, user, group, environment) Puppet::Util::SUIDManager.run_and_capture(command, user, group) end else - output = Puppet::Util::Execution.execute(command, { - :uid => user, - :gid => group, - :failonfail => false, - :combine => true, - :override_locale => true, - :custom_environment => environment, - }) + output = Puppet::Util::Execution.execute(command, uid: user, + gid: group, + failonfail: false, + combine: true, + override_locale: true, + custom_environment: environment) [output, $CHILD_STATUS.dup] end end - end diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index cc49f7b4cd..b12003813b 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -1,20 +1,19 @@ Puppet::Type.type(:postgresql_replication_slot).provide(:ruby) do # For confinement - commands :psql => 'psql' + commands psql: 'psql' def self.instances - run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ /\|/ }.map do |l| - name, *others = l.strip.split(/\s+\|\s+/) - new({ - :name => name, - :ensure => :present, - }) + run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ %r{\|} }.map do |l| + name, *_others = l.strip.split(%r{\s+\|\s+}) + new(name: name, + ensure: :present) end end def self.prefetch(resources) instances.each do |i| - if slot = resources[i.name] + slot = resources[i.name] + if slot slot.provider = i end end @@ -26,20 +25,14 @@ def exists? def create output = self.class.run_sql_command("SELECT * FROM pg_create_physical_replication_slot('#{resource[:name]}');") - if output[1].success? - @property_hash[:ensure] = :present - else - raise Puppet::Error, "Failed to create replication slot #{resource[:name]}:\n#{output[0]}" - end + raise Puppet::Error, "Failed to create replication slot #{resource[:name]}:\n#{output[0]}" unless output[1].success? + @property_hash[:ensure] = :present end def destroy output = self.class.run_sql_command("SELECT pg_drop_replication_slot('#{resource[:name]}');") - if output[1].success? - @property_hash[:ensure] = :absent - else - raise Puppet::Error, "Failed to destroy replication slot #{resource[:name]}:\n#{output[0]}" - end + raise Puppet::Error, "Failed to destroy replication slot #{resource[:name]}:\n#{output[0]}" unless output[1].success? + @property_hash[:ensure] = :absent end private @@ -47,21 +40,19 @@ def destroy def self.run_sql_command(sql) command = ['psql', '-t', '-c', sql] - self.run_command(command, 'postgres', 'postgres') + run_command(command, 'postgres', 'postgres') end def self.run_command(command, user, group) if Puppet::PUPPETVERSION.to_f < 3.4 Puppet::Util::SUIDManager.run_and_capture(command, user, group) else - output = Puppet::Util::Execution.execute(command, { - :uid => user, - :gid => group, - :failonfail => false, - :combine => true, - :override_locale => true, - :custom_environment => {} - }) + output = Puppet::Util::Execution.execute(command, uid: user, + gid: group, + failonfail: false, + combine: true, + override_locale: true, + custom_environment: {}) [output, $CHILD_STATUS.dup] end end diff --git a/lib/puppet/type/postgresql_conf.rb b/lib/puppet/type/postgresql_conf.rb index 6dbaaee368..bef52c2161 100644 --- a/lib/puppet/type/postgresql_conf.rb +++ b/lib/puppet/type/postgresql_conf.rb @@ -1,29 +1,27 @@ Puppet::Type.newtype(:postgresql_conf) do - - @doc = "This type allows puppet to manage postgresql.conf parameters." + @doc = 'This type allows puppet to manage postgresql.conf parameters.' ensurable newparam(:name) do - desc "The postgresql parameter name to manage." + desc 'The postgresql parameter name to manage.' isnamevar - newvalues(/^[\w\.]+$/) + newvalues(%r{^[\w\.]+$}) end newproperty(:value) do - desc "The value to set for this parameter." + desc 'The value to set for this parameter.' end newproperty(:target) do - desc "The path to postgresql.conf" - defaultto { + desc 'The path to postgresql.conf' + defaultto do if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile) @resource.class.defaultprovider.default_target else nil end - } + end end - end diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb index b9dc64e219..8a07c6c0de 100644 --- a/lib/puppet/type/postgresql_conn_validator.rb +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -1,5 +1,4 @@ Puppet::Type.newtype(:postgresql_conn_validator) do - @doc = "Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to prevent configuration changes from being applied if the PostgreSQL @@ -11,20 +10,20 @@ defaultto :present end - newparam(:name, :namevar => true) do + newparam(:name, namevar: true) do desc 'An arbitrary name used as the identity of the resource.' end newparam(:db_name) do - desc "The name of the database you are trying to validate a connection with." + desc 'The name of the database you are trying to validate a connection with.' end newparam(:db_username) do - desc "A user that has access to the target PostgreSQL database." + desc 'A user that has access to the target PostgreSQL database.' end newparam(:db_password) do - desc "The password required to access the target PostgreSQL database." + desc 'The password required to access the target PostgreSQL database.' end newparam(:host) do @@ -47,7 +46,7 @@ end newparam(:sleep) do - desc "The length of sleep time between connection tries." + desc 'The length of sleep time between connection tries.' validate do |value| Integer(value) @@ -60,7 +59,7 @@ end newparam(:tries) do - desc "The number of tries to validate the connection to the target PostgreSQL database." + desc 'The number of tries to validate the connection to the target PostgreSQL database.' validate do |value| Integer(value) @@ -73,16 +72,16 @@ end newparam(:psql_path) do - desc "Path to the psql command." + desc 'Path to the psql command.' end newparam(:run_as) do - desc "System user that will run the psql command." + desc 'System user that will run the psql command.' end newparam(:command) do - desc "Command to run against target database." + desc 'Command to run against target database.' - defaultto "SELECT 1" + defaultto 'SELECT 1' end end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 5b2702c2e8..1e7b2c4b48 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -1,7 +1,6 @@ Puppet::Type.newtype(:postgresql_psql) do - newparam(:name) do - desc "An arbitrary tag for your own reference; the name of the message." + desc 'An arbitrary tag for your own reference; the name of the message.' isnamevar end @@ -14,88 +13,90 @@ # a sync, else return the expected SQL command so no sync takes place def retrieve if @resource.should_run_sql - return :notrun + :notrun else - return self.should + should end end def sync output, status = provider.run_sql_command(value) - self.fail("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 + raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/NumericPredicate end end newparam(:unless) do - desc "An optional SQL command to execute prior to the main :command; " + - "this is generally intended to be used for idempotency, to check " + - "for the existence of an object in the database to determine whether " + - "or not the main SQL command needs to be executed at all." + desc 'An optional SQL command to execute prior to the main :command; ' \ + 'this is generally intended to be used for idempotency, to check ' \ + 'for the existence of an object in the database to determine whether ' \ + 'or not the main SQL command needs to be executed at all.' # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) - self.fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status == 0 + # rubocop:disable Style/NumericPredicate + fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/SignalException + # rubocop:enable Style/NumericPredicate result_count = output.strip.to_i - self.debug("Found #{result_count} row(s) executing 'unless' clause") + debug("Found #{result_count} row(s) executing 'unless' clause") result_count > 0 end end newparam(:onlyif) do - desc "An optional SQL command to execute prior to the main :command; " + - "this is generally intended to be used for idempotency, to check " + - "for the existence of an object in the database to determine whether " + - "or not the main SQL command needs to be executed at all." + desc 'An optional SQL command to execute prior to the main :command; ' \ + 'this is generally intended to be used for idempotency, to check ' \ + 'for the existence of an object in the database to determine whether ' \ + 'or not the main SQL command needs to be executed at all.' # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) status = output.exitcode if status.nil? - self.fail("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 + raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/NumericPredicate result_count = output.strip.to_i - self.debug("Found #{result_count} row(s) executing 'onlyif' clause") + debug("Found #{result_count} row(s) executing 'onlyif' clause") result_count > 0 end end newparam(:connect_settings) do - desc "Connection settings that will be used when connecting to postgres" + desc 'Connection settings that will be used when connecting to postgres' end newparam(:db) do - desc "The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings" + desc 'The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings' end newparam(:port) do - desc "The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings." + desc 'The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings.' end newparam(:search_path) do - desc "The schema search path to use when executing the SQL command" + desc 'The schema search path to use when executing the SQL command' end newparam(:psql_path) do - desc "The path to psql executable." - defaultto("psql") + desc 'The path to psql executable.' + defaultto('psql') end newparam(:psql_user) do - desc "The system user account under which the psql command should be executed." - defaultto("postgres") + desc 'The system user account under which the psql command should be executed.' + defaultto('postgres') end newparam(:psql_group) do - desc "The system user group account under which the psql command should be executed." - defaultto("postgres") + desc 'The system user group account under which the psql command should be executed.' + defaultto('postgres') end - newparam(:cwd, :parent => Puppet::Parameter::Path) do - desc "The working directory under which the psql command should be executed." - defaultto("/tmp") + newparam(:cwd, parent: Puppet::Parameter::Path) do + desc 'The working directory under which the psql command should be executed.' + defaultto('/tmp') end newparam(:environment) do @@ -105,14 +106,14 @@ def matches(value) validate do |values| Array(values).each do |value| - unless value =~ /\w+=/ + unless value =~ %r{\w+=} raise ArgumentError, "Invalid environment setting '#{value}'" end end end end - newparam(:refreshonly, :boolean => true) do + newparam(:refreshonly, boolean: true) do desc "If 'true', then the SQL will only be executed via a notify/subscribe event." defaultto(:false) @@ -129,7 +130,6 @@ def should_run_sql(refreshing = false) end def refresh - self.property(:command).sync if self.should_run_sql(true) + property(:command).sync if should_run_sql(true) end - end diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index b5b317cd93..c489cc3d77 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -9,8 +9,8 @@ ensurable newparam(:name) do - desc "The name of the slot to create. Must be a valid replication slot name." + desc 'The name of the slot to create. Must be a valid replication slot name.' isnamevar - newvalues /^[a-z0-9_]+$/ + newvalues %r{^[a-z0-9_]+$} end end diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index d737f12a89..972f936515 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -1,65 +1,64 @@ -module Puppet - module Util - class PostgresqlValidator - attr_reader :resource +module Puppet::Util + # postgresql_validator.rb + class PostgresqlValidator + attr_reader :resource - def initialize(resource) - @resource = resource - end - - def build_psql_cmd - final_cmd = [] + def initialize(resource) + @resource = resource + end - cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet --no-psqlrc" + def build_psql_cmd + final_cmd = [] - final_cmd.push cmd_init + cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet --no-psqlrc" - cmd_parts = { - :host => "--host #{@resource[:host]}", - :port => "--port #{@resource[:port]}", - :db_username => "--username #{@resource[:db_username]}", - :db_name => "--dbname #{@resource[:db_name]}", - :command => "--command '#{@resource[:command]}'" - } + final_cmd.push cmd_init - cmd_parts.each do |k,v| - final_cmd.push v if @resource[k] - end + cmd_parts = { + host: "--host #{@resource[:host]}", + port: "--port #{@resource[:port]}", + db_username: "--username #{@resource[:db_username]}", + db_name: "--dbname #{@resource[:db_name]}", + command: "--command '#{@resource[:command]}'", + } - final_cmd.join ' ' + cmd_parts.each do |k, v| + final_cmd.push v if @resource[k] end - def parse_connect_settings - c_settings = @resource[:connect_settings] || {} - c_settings.merge! ({ 'PGPASSWORD' => @resource[:db_password] }) if @resource[:db_password] - return c_settings.map { |k,v| "#{k}=#{v}" } - end + final_cmd.join ' ' + end - def attempt_connection(sleep_length, tries) - (0..tries-1).each do |try| - Puppet.debug "PostgresqlValidator.attempt_connection: Attempting connection to #{@resource[:db_name]}" - Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" - result = execute_command - if result && result.length > 0 - Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match /PGDATABASE/ }} successful!" - return true - else - Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" - sleep sleep_length - end + def parse_connect_settings + c_settings = @resource[:connect_settings] || {} + c_settings['PGPASSWORD'] = @resource[:db_password] if @resource[:db_password] + c_settings.map { |k, v| "#{k}=#{v}" } + end + + def attempt_connection(sleep_length, tries) + (0..tries - 1).each do |_try| + Puppet.debug "PostgresqlValidator.attempt_connection: Attempting connection to #{@resource[:db_name]}" + Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" + result = execute_command + if result && !result.empty? + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match %r{PGDATABASE} }} successful!" + return true + else + Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" + sleep sleep_length end - false end + false + end - private + private - def execute_command - Execution.execute(build_validate_cmd, :uid => @resource[:run_as]) - end + def execute_command + Execution.execute(build_validate_cmd, uid: @resource[:run_as]) + end - def build_validate_cmd - "#{parse_connect_settings.join(' ')} #{build_psql_cmd} " - end + def build_validate_cmd + "#{parse_connect_settings.join(' ')} #{build_psql_cmd} " end end end diff --git a/spec/acceptance/00-utf8_encoding_spec.rb b/spec/acceptance/00-utf8_encoding_spec.rb index 2e7770bed1..e98762c905 100644 --- a/spec/acceptance/00-utf8_encoding_spec.rb +++ b/spec/acceptance/00-utf8_encoding_spec.rb @@ -1,19 +1,18 @@ -require 'spec_helper_acceptance' +require 'spec_helper_acceptance' # rubocop:disable Style/FileName # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'with defaults' do - pp = <<-EOS +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + pp = <<-MANIFEST class { 'postgresql::globals': encoding => 'UTF8', locale => 'en_NG', } -> class { 'postgresql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + MANIFEST + it 'with defaults' do + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe port(5432) do @@ -22,16 +21,13 @@ class { 'postgresql::server': } it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(/List of databases/) + expect(r.stdout).to match(%r{List of databases}) end end it 'must set UTF8 as template1 encoding' do psql('--command="SELECT pg_encoding_to_char(encoding) FROM pg_database WHERE datname=\'template1\'"') do |r| - expect(r.stdout).to match(/UTF8/) + expect(r.stdout).to match(%r{UTF8}) end end end - - - diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 11094d36ae..6bf56b7edc 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,27 +2,23 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative port' do - pp = <<-EOS + pp = <<-MANIFEST class { 'postgresql::server': port => '55433' } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end - describe port(55433) do + describe port(55433) do # rubocop:disable Style/NumericLiterals it { is_expected.to be_listening } end it 'can connect with psql' do psql('-p 55433 --command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(/List of databases/) + expect(r.stdout).to match(%r{List of databases}) end end - end - - - diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 0285c3fce0..2e89d32d1a 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,10 +1,13 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::db', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + # rubocop:disable RSpec/ExampleLength + # rubocop:disable RSpec/MultipleExpectations + # rubocop:disable Metrics/LineLength it 'creates a database' do begin tmpdir = default.tmpdir('postgresql') - pp = <<-EOS + pp = <<-MANIFEST class { 'postgresql::server': postgres_password => 'space password', } @@ -17,34 +20,34 @@ class { 'postgresql::server': password => 'test1', tablespace => 'postgresql-test-db', } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) # Verify that the postgres password works shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") - shell("chmod 600 /root/.pgpass") + shell('chmod 600 /root/.pgpass') shell("psql -U postgres -h localhost --command='\\l'") psql('--command="select datname from pg_database" "postgresql-test-db"') do |r| - expect(r.stdout).to match(/postgresql-test-db/) + expect(r.stdout).to match(%r{postgresql-test-db}) expect(r.stderr).to eq('') end psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') do |r| - expect(r.stdout).to match(/\(1 row\)/) + expect(r.stdout).to match(%r{\(1 row\)}) end result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] - if version > "8.1" - comment_information_function = "shobj_description" - else - comment_information_function = "obj_description" - end + comment_information_function = if version > '8.1' + 'shobj_description' + else + 'obj_description' + end psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") do |r| - expect(r.stdout).to match(/\(1 row\)/) + expect(r.stdout).to match(%r{\(1 row\)}) end ensure psql('--command=\'drop database "postgresql-test-db" postgres\'') diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index 47634828a2..eb132e4da9 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -2,14 +2,14 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'with defaults' do - pp = <<-EOS + pp = <<-MANIFEST class { 'postgresql::server': } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe port(5432) do @@ -18,11 +18,7 @@ class { 'postgresql::server': } it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(/List of databases/) + expect(r.stdout).to match(%r{List of databases}) end end - end - - - diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 20d8422646..dfc116e4d4 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -1,31 +1,29 @@ require 'spec_helper_acceptance' -describe 'postgresql_conn_validator', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - let(:install_pp) { <<-EOS - class { 'postgresql::server': - postgres_password => 'space password', - }-> - postgresql::server::role { 'testuser': - password_hash => postgresql_password('testuser','test1'), - }-> - postgresql::server::database { 'testdb': - owner => 'testuser', - require => Postgresql::Server::Role['testuser'] - }-> - postgresql::server::database_grant { 'allow connect for testuser': - privilege => 'ALL', - db => 'testdb', - role => 'testuser', - } - - EOS - - } +describe 'postgresql_conn_validator', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + let(:install_pp) do + <<-MANIFEST + class { 'postgresql::server': + postgres_password => 'space password', + }-> + postgresql::server::role { 'testuser': + password_hash => postgresql_password('testuser','test1'), + }-> + postgresql::server::database { 'testdb': + owner => 'testuser', + require => Postgresql::Server::Role['testuser'] + }-> + postgresql::server::database_grant { 'allow connect for testuser': + privilege => 'ALL', + db => 'testdb', + role => 'testuser', + } + MANIFEST + end context 'local connection' do - it 'validates successfully with defaults' do - pp = <<-EOS + it 'validates successfully with defaults' do # rubocop:disable RSpec/ExampleLength + pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': db_name => 'testdb', @@ -34,14 +32,14 @@ class { 'postgresql::server': host => 'localhost', psql_path => '/usr/bin/psql', } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end - it 'works with connect settings hash' do - pp = <<-EOS + it 'works with connect settings hash' do # rubocop:disable RSpec/ExampleLength + pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': connect_settings => { @@ -53,24 +51,23 @@ class { 'postgresql::server': }, psql_path => '/usr/bin/psql' } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + MANIFEST + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end - it 'fails gracefully' do - pp = <<-EOS + it 'fails gracefully' do # rubocop:disable RSpec/ExampleLength + pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': psql_path => '/usr/bin/psql', tries => 3 } - EOS + MANIFEST result = apply_manifest(pp) - expect(result.stderr).to match /Unable to connect to PostgreSQL server/ + expect(result.stderr).to match %r{Unable to connect to PostgreSQL server} end end end diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 34a258c5f2..6362bc9d98 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -1,153 +1,143 @@ require 'spec_helper_acceptance' -describe 'postgresql_psql', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - it 'should always run SQL' do - pp = <<-EOS - class { 'postgresql::server': } -> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - } - EOS +describe 'postgresql_psql', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + pp_one = <<-MANIFEST + class { 'postgresql::server': } -> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'select 1', + } + MANIFEST + it 'alwayses run SQL' do + apply_manifest(pp_one, catch_failures: true) + apply_manifest(pp_one, expect_changes: true) + end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) + pp_two = <<-MANIFEST + class { 'postgresql::server': } -> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'select 1', + unless => 'select 1 where 1=2', + } + MANIFEST + it 'runs some SQL when the unless query returns no rows' do + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, expect_changes: true) end - it 'should run some SQL when the unless query returns no rows' do - pp = <<-EOS - class { 'postgresql::server': } -> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - unless => 'select 1 where 1=2', - } - EOS + pp_three = <<-MANIFEST + class { 'postgresql::server': } -> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'select * from pg_database limit 1', + unless => 'select 1 where 1=1', + } + MANIFEST + it 'does not run SQL when the unless query returns rows' do + apply_manifest(pp_three, catch_failures: true) + apply_manifest(pp_three, catch_changes: true) + end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) + pp_four = <<-MANIFEST + class { 'postgresql::server': } -> + notify { 'trigger': } ~> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'invalid sql statement', + unless => 'select 1 where 1=1', + } + MANIFEST + it 'does not run SQL when refreshed and the unless query returns rows' do + apply_manifest(pp_four, catch_failures: true) + apply_manifest(pp_four, expect_changes: true) end - it 'should not run SQL when the unless query returns rows' do - pp = <<-EOS + context 'with refreshonly' do + pp_five = <<-MANIFEST class { 'postgresql::server': } -> postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select * from pg_database limit 1', - unless => 'select 1 where 1=1', + db => 'postgres', + psql_user => 'postgres', + command => 'select 1', + unless => 'select 1 where 1=2', + refreshonly => true, } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end + MANIFEST + it 'does not run SQL when the unless query returns no rows' do + apply_manifest(pp_five, catch_failures: true) + apply_manifest(pp_five, catch_changes: true) + end - it 'should not run SQL when refreshed and the unless query returns rows' do - pp = <<-EOS + pp_six = <<-MANIFEST.unindent class { 'postgresql::server': } -> notify { 'trigger': } ~> postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'invalid sql statement', - unless => 'select 1 where 1=1', + db => 'postgres', + psql_user => 'postgres', + command => 'select 1', + unless => 'select 1 where 1=2', + refreshonly => true, } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) - end - - context 'with refreshonly' do - it 'should not run SQL when the unless query returns no rows' do - pp = <<-EOS - class { 'postgresql::server': } -> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - unless => 'select 1 where 1=2', - refreshonly => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + MANIFEST + it 'runs SQL when refreshed and the unless query returns no rows' do + apply_manifest(pp_six, catch_failures: true) + apply_manifest(pp_six, expect_changes: true) end - it 'should run SQL when refreshed and the unless query returns no rows' do - pp = <<-EOS.unindent - class { 'postgresql::server': } -> - notify { 'trigger': } ~> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - unless => 'select 1 where 1=2', - refreshonly => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) - end - - it 'should not run SQL when refreshed and the unless query returns rows' do - pp = <<-EOS.unindent - class { 'postgresql::server': } -> - notify { 'trigger': } ~> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'invalid sql query', - unless => 'select 1 where 1=1', - refreshonly => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) - end - end - - it 'should not run some SQL when the onlyif query returns no rows' do - pp = <<-EOS + pp_seven = <<-MANIFEST.unindent class { 'postgresql::server': } -> + notify { 'trigger': } ~> postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - onlyif => 'select 1 where 1=2', + db => 'postgres', + psql_user => 'postgres', + command => 'invalid sql query', + unless => 'select 1 where 1=1', + refreshonly => true, } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + MANIFEST + it 'does not run SQL when refreshed and the unless query returns rows' do + apply_manifest(pp_seven, catch_failures: true) + apply_manifest(pp_seven, expect_changes: true) + end end - it 'should run SQL when the onlyif query returns rows' do - pp = <<-EOS - class { 'postgresql::server': } -> - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select * from pg_database limit 1', - onlyif => 'select 1 where 1=1', - } - EOS + pp_eight = <<-MANIFEST + class { 'postgresql::server': } -> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'select 1', + onlyif => 'select 1 where 1=2', + } + MANIFEST + it 'does not run some SQL when the onlyif query returns no rows' do + apply_manifest(pp_eight, catch_failures: true) + apply_manifest(pp_eight, catch_changes: true) + end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) + pp_nine = <<-MANIFEST + class { 'postgresql::server': } -> + postgresql_psql { 'foobar': + db => 'postgres', + psql_user => 'postgres', + command => 'select * from pg_database limit 1', + onlyif => 'select 1 where 1=1', + } + MANIFEST + it 'runs SQL when the onlyif query returns rows' do + apply_manifest(pp_nine, catch_failures: true) + apply_manifest(pp_nine, expect_changes: true) end context 'with secure password passing by environment' do - it 'should run SQL that contanins password passed by environment' do + it 'runs SQL that contanins password passed by environment' do # rubocop:disable RSpec/ExampleLength select = "select \\'$PASS_TO_EMBED\\'" - pp = <<-EOS.unindent + pp = <<-MANIFEST.unindent class { 'postgresql::server': } -> postgresql_psql { 'password embedded by environment: #{select}': db => 'postgres', @@ -157,13 +147,13 @@ class { 'postgresql::server': } -> 'PASS_TO_EMBED=pa$swD', ], } - EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => false) + MANIFEST + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, expect_changes: false) end - it 'should run SQL that contanins password passed by environment in check' do + it 'runs SQL that contanins password passed by environment in check' do # rubocop:disable RSpec/ExampleLength select = "select 1 where \\'$PASS_TO_EMBED\\'=\\'passwD\\'" - pp = <<-EOS.unindent + pp = <<-MANIFEST.unindent class { 'postgresql::server': } -> postgresql_psql { 'password embedded by environment in check: #{select}': db => 'postgres', @@ -174,10 +164,10 @@ class { 'postgresql::server': } -> 'PASS_TO_EMBED=passwD', ], } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => false) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, expect_changes: false) end end end diff --git a/spec/acceptance/remote_access_spec.rb b/spec/acceptance/remote_access_spec.rb index 9dd31de1b6..f801f375e4 100644 --- a/spec/acceptance/remote_access_spec.rb +++ b/spec/acceptance/remote_access_spec.rb @@ -1,22 +1,20 @@ require 'spec_helper_acceptance' -describe 'remote-access', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before do - skip "These tests require the spec/acceptance/nodesets/centos-64-x64-2-hosts nodeset" +describe 'remote-access', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + before(:each) do + skip 'These tests require the spec/acceptance/nodesets/centos-64-x64-2-hosts nodeset' end - describe "configuring multi-node postgresql" do - + describe 'configuring multi-node postgresql' do # Get the database's IP to connect to from the database let(:database_ip_address) do - hosts_as('database').inject({}) do |memo,host| - fact_on host, "ipaddress_eth1" + hosts_as('database').reduce({}) do |_memo, host| + fact_on host, 'ipaddress_eth1' end end hosts_as('database').each do |host| - it "should be able to configure a host as database on #{host}" do - pp = <<-EOS + pp_one = <<-MANIFEST # Stop firewall so we can easily connect service {'iptables': ensure => 'stopped', @@ -40,14 +38,14 @@ class { 'postgresql::server': auth_method => 'password', order => '002', } - EOS - apply_manifest_on(host, pp, :catch_failures => true) + MANIFEST + it "should be able to configure a host as database on #{host}" do + apply_manifest_on(host, pp_one, catch_failures: true) end end hosts_as('client').each do |host| - it "should be able to configure a host as client on #{host} and then access database" do - pp = <<-EOS + pp_two = <<-MANIFEST class { 'postgresql::client':} $connection_settings = { @@ -64,8 +62,9 @@ class { 'postgresql::client':} psql_group => 'root', connect_settings => $connection_settings, } - EOS - apply_manifest_on(host, pp, :catch_failures => true) + MANIFEST + it "should be able to configure a host as client on #{host} and then access database" do + apply_manifest_on(host, pp_two, catch_failures: true) end end end diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index 6e562592da..c606a0d020 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -1,31 +1,32 @@ require 'spec_helper_acceptance' describe 'postgresql::server::config_entry' do - - let(:pp_setup) { <<-EOS + let(:pp_setup) do + <<-MANIFEST class { 'postgresql::server': postgresql_conf_path => '/tmp/postgresql.conf', } - EOS - } + MANIFEST + end context 'unix_socket_directories' do - let(:pp_test) { pp_setup + <<-EOS + let(:pp_test) do + pp_setup + <<-MANIFEST postgresql::server::config_entry { 'unix_socket_directories': value => '/var/socket/, /root/' } - EOS - } + MANIFEST + end - #get postgresql version + # get postgresql version apply_manifest("class { 'postgresql::server': }") result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] if version >= '9.3' it 'is expected to run idempotently' do - apply_manifest(pp_test, :catch_failures => true) - apply_manifest(pp_test, :catch_changes => true) + apply_manifest(pp_test, catch_failures: true) + apply_manifest(pp_test, catch_changes: true) end it 'is expected to contain directories' do diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 552c2f51b6..90d62abab5 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -1,259 +1,263 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant_role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - +describe 'postgresql::server::grant_role:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do let(:db) { 'grant_role_test' } let(:user) { 'psql_grant_role_tester' } let(:group) { 'test_group' } let(:password) { 'psql_grant_role_pw' } let(:version) do - if fact('osfamily') == 'RedHat' and fact('operatingsystemrelease') =~ /5/ + if fact('osfamily') == 'RedHat' && fact('operatingsystemrelease') =~ %r{5} '8.1' end end + let(:pp_one) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + $version = '#{version}' + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + MANIFEST + end + let(:pp_two) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + $version = '#{version}' + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + MANIFEST + end + let(:pp_three) do + <<-MANIFEST + $db = "#{db}" + $user = "#{user}" + $group = "#{group}" + $password = #{password} + $version = '#{version}' + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } + + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } + + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } + + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1, + } + + # Create a role to grant to the user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user, + group => $group, + } + + postgresql::server::grant_role {"revoke ${group} from ${user}": + ensure => absent, + role => $user, + group => $group, + } + MANIFEST + end + let(:pp_four) do + <<-MANIFEST + $db = "#{db}" + $user = "#{user}" + $group = "#{group}" + $password = #{password} + + class { 'postgresql::server': } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => absent, + } + + postgresql::server::database { $db: + } + + # Create a role to grant to the nonexistent user + postgresql::server::role { $group: + db => $db, + login => false, + require => Postgresql::Server::Database[$db], + } + + # Grant the role to the nonexistent user + postgresql::server::grant_role { "grant_role ${group} to ${user}": + role => $user + group => $group, + } + MANIFEST + end - it 'should grant a role to a user' do + # rubocop:disable RSpec/ExampleLength + # rubocop:disable RSpec/MultipleExpectations + it 'grants a role to a user' do begin - pp = <<-EOS.unindent - $db = #{db} - $user = #{user} - $group = #{group} - $password = #{password} - $version = '#{version}' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: - owner => $user, - require => Postgresql::Server::Role[$user], - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } - - # Create a role to grant to the user - postgresql::server::role { $group: - db => $db, - login => false, - require => Postgresql::Server::Database[$db], - } - - # Grant the role to the user - postgresql::server::grant_role { "grant_role ${group} to ${user}": - role => $user, - group => $group, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_one, catch_failures: true) + apply_manifest(pp_one, catch_changes: true) ## Check that the role was granted to the user psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(/\(1 row\)/) + expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end end end - it 'should grant a role to a superuser' do + it 'grants a role to a superuser' do begin - pp = <<-EOS.unindent - $db = "#{db}" - $user = "#{user}" - $group = "#{group}" - $password = #{password} - $version = '#{version}' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - superuser => true, - } - - postgresql::server::database { $db: - owner => $user, - require => Postgresql::Server::Role[$user], - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } - - # Create a role to grant to the user - postgresql::server::role { $group: - db => $db, - login => false, - require => Postgresql::Server::Database[$db], - } - - # Grant the role to the user - postgresql::server::grant_role { "grant_role ${group} to ${user}": - role => $user, - group => $group, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, catch_changes: true) ## Check that the role was granted to the user - psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(/\(1 row\)/) + psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| # rubocop:disable Metrics/LineLength + expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end end end - it 'should revoke a role from a user' do + it 'revokes a role from a user' do begin - pp = <<-EOS - - $db = "#{db}" - $user = "#{user}" - $group = "#{group}" - $password = #{password} - $version = '#{version}' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: - owner => $user, - require => Postgresql::Server::Role[$user], - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } - - # Create a role to grant to the user - postgresql::server::role { $group: - db => $db, - login => false, - require => Postgresql::Server::Database[$db], - } - - # Grant the role to the user - postgresql::server::grant_role { "grant_role ${group} to ${user}": - role => $user, - group => $group, - } - - postgresql::server::grant_role {"revoke ${group} from ${user}": - ensure => absent, - role => $user, - group => $group, - } - EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :expect_changes => true) + apply_manifest(pp_three, catch_failures: true) + apply_manifest(pp_three, expect_changes: true) psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(/\(0 rows\)/) + expect(r.stdout).to match(%r{\(0 rows\)}) expect(r.stderr).to eq('') end end end - it 'should not grant permission to a nonexistent user' do - begin - pp = <<-EOS - - $db = "#{db}" - $user = "#{user}" - $group = "#{group}" - $password = #{password} - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => absent, - } - - postgresql::server::database { $db: - } - - # Create a role to grant to the nonexistent user - postgresql::server::role { $group: - db => $db, - login => false, - require => Postgresql::Server::Database[$db], - } - - # Grant the role to the nonexistent user - postgresql::server::grant_role { "grant_role ${group} to ${user}": - role => $user - group => $group, - } - EOS - apply_manifest(pp, :expect_failures => true) - - psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(/\(0 rows\)/) - expect(r.stderr).to eq('') - end - end - end + it 'does not grant permission to a nonexistent user' do + begin + apply_manifest(pp_four, expect_failures: true) + + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') + end + end + end end diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 63f2d7e47d..dd7f8a7cc0 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,61 +1,62 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - +describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + # rubocop:disable RSpec/ExampleLength + # rubocop:disable RSpec/MultipleExpectations let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } let(:password) { 'psql_grant_role_pw' } - let(:pp_install) { "class {'postgresql::server': }"} - - let(:pp_setup) { pp_setup = <<-EOS.unindent - $db = #{db} - $owner = #{owner} - $user = #{user} - $password = #{password} - - class { 'postgresql::server': } - - postgresql::server::role { $owner: - password_hash => postgresql_password($owner, $password), - } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $owner: - ensure => present, - } - - postgresql::server::database { $db: - owner => $owner, - require => Postgresql::Server::Role[$owner], - } - - # Create a user to grant privileges to - postgresql::server::role { $user: - db => $db, - require => Postgresql::Server::Database[$db], - } - - # Make a local user for ident auth - user { $user: - ensure => present, - } - - # Grant them connect to the database - postgresql::server::database_grant { "allow connect for ${user}": - privilege => 'CONNECT', - db => $db, - role => $user, - } - EOS - } + let(:pp_install) { "class {'postgresql::server': }" } + let(:pp_setup) do + <<-MANIFEST.unindent + $db = #{db} + $owner = #{owner} + $user = #{user} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $owner: + password_hash => postgresql_password($owner, $password), + } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $owner: + ensure => present, + } + + postgresql::server::database { $db: + owner => $owner, + require => Postgresql::Server::Role[$owner], + } + + # Create a user to grant privileges to + postgresql::server::role { $user: + db => $db, + require => Postgresql::Server::Database[$db], + } + + # Make a local user for ident auth + user { $user: + ensure => present, + } + + # Grant them connect to the database + postgresql::server::database_grant { "allow connect for ${user}": + privilege => 'CONNECT', + db => $db, + role => $user, + } + MANIFEST + end context 'LANGUAGE' do describe 'GRANT * ON LANGUAGE' do - #testing grants on language requires a superuser + # testing grants on language requires a superuser let(:superuser) { 'postgres' } - let(:pp_lang) { pp_setup + <<-EOS.unindent - + let(:pp_lang) do + pp_setup + <<-MANIFEST.unindent postgresql_psql { 'make sure plpgsql exists': command => 'CREATE LANGUAGE plpgsql', db => $db, @@ -74,36 +75,10 @@ class { 'postgresql::server': } require => [ Postgresql_psql['make sure plpgsql exists'], Postgresql::Server::Role[$user], ] } - EOS - } - - it 'is expected to run idempotently' do - apply_manifest(pp_install) - - #postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] - - if version >= '8.4.0' - apply_manifest(pp_lang, :catch_failures => true) - apply_manifest(pp_lang, :catch_changes => true) - end - end - - it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] - - if version >= '8.4.0' - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') - end - end - end - - let(:pp_onlyif) { pp_setup + <<-EOS.unindent + MANIFEST + end + let(:pp_onlyif) do + pp_setup + <<-MANIFEST.unindent postgresql::server::grant { 'grant usage on BSql': psql_user => '#{superuser}', privilege => 'USAGE', @@ -113,30 +88,54 @@ class { 'postgresql::server': } db => $db, onlyif_exists => true, } - EOS - } + MANIFEST + end + + it 'is expected to run idempotently' do + apply_manifest(pp_install) + + # postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '8.4.0' + apply_manifest(pp_lang, catch_failures: true) + apply_manifest(pp_lang, catch_changes: true) + end + end - #test onlyif_exists function + it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '8.4.0' + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + + # test onlyif_exists function it 'is expected to not GRANT USAGE ON (dummy)LANGUAGE BSql to ROLE' do apply_manifest(pp_install) - #postgres version + # postgres version result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] if version >= '8.4.0' - apply_manifest(pp_onlyif, :catch_failures => true) - apply_manifest(pp_onlyif, :catch_changes => true) + apply_manifest(pp_onlyif, catch_failures: true) + apply_manifest(pp_onlyif, catch_changes: true) end end end end context 'sequence' do - it 'should grant usage on a sequence to a user' do - begin - pp = pp_setup + <<-EOS.unindent - + let(:pp_one) do + pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequence': command => 'CREATE SEQUENCE test_seq', db => $db, @@ -154,31 +153,10 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequence'], Postgresql::Server::Role[$user], ] } - EOS - - apply_manifest(pp_install, :catch_failures => true) - - #postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] - - if version >= '9.0' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') - end - end - end + MANIFEST end - - it 'should grant update on a sequence to a user' do - begin - pp = pp_setup + <<-EOS.unindent - + let(:pp_two) do + pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequence': command => 'CREATE SEQUENCE test_seq', db => $db, @@ -196,21 +174,43 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequence'], Postgresql::Server::Role[$user], ] } - EOS + MANIFEST + end + let(:result) do + shell('psql --version') + end + let(:version) do + result.stdout.match(%r{\s(\d\.\d)})[1] + end - apply_manifest(pp_install, :catch_failures => true) + before(:each) do + apply_manifest(pp_install, catch_failures: true) + end - #postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + it 'grants usage on a sequence to a user' do + begin + if version >= '9.0' + apply_manifest(pp_one, catch_failures: true) + apply_manifest(pp_one, catch_changes: true) + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + end + + it 'grants update on a sequence to a user' do + begin if version >= '9.0' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, catch_changes: true) ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end end @@ -219,9 +219,8 @@ class { 'postgresql::server': } end context 'all sequences' do - it 'should grant usage on all sequences to a user' do - begin - pp = pp_setup + <<-EOS.unindent + let(:pp_one) do + pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequences': command => 'CREATE SEQUENCE test_seq2; CREATE SEQUENCE test_seq3;', @@ -240,30 +239,10 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequences'], Postgresql::Server::Role[$user], ] } - EOS - - apply_manifest(pp_install, :catch_failures => true) - - #postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] - - if version >= '9.0' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - ## Check that the privileges were granted to the user, this check is not available on version < 9.0 - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) - expect(r.stderr).to eq('') - end - end - end + MANIFEST end - - it 'should grant update on all sequences to a user' do - begin - pp = pp_setup + <<-EOS.unindent + let(:pp_two) do + pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequences': command => 'CREATE SEQUENCE test_seq2; CREATE SEQUENCE test_seq3;', @@ -282,21 +261,43 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequences'], Postgresql::Server::Role[$user], ] } - EOS + MANIFEST + end + let(:result) do + shell('psql --version') + end + let(:version) do + result.stdout.match(%r{\s(\d\.\d)})[1] + end - apply_manifest(pp_install, :catch_failures => true) + before(:each) do + apply_manifest(pp_install, catch_failures: true) + end - #postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + it 'grants usage on all sequences to a user' do + begin + if version >= '9.0' + apply_manifest(pp_one, catch_failures: true) + apply_manifest(pp_one, catch_changes: true) + + ## Check that the privileges were granted to the user, this check is not available on version < 9.0 + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + end + it 'grants update on all sequences to a user' do + begin if version >= '9.0' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, catch_changes: true) ## Check that the privileges were granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(/\(1 row\)/) + expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end end diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index fc6c9cdfa3..86db4c11e5 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,69 +1,71 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::reassign_owned_by:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - +describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do let(:db) { 'reassign_test' } let(:old_owner) { 'psql_reassign_old_owner' } let(:new_owner) { 'psql_reassign_new_owner' } let(:password) { 'psql_reassign_pw' } let(:superuser) { 'postgres' } - let(:pp_setup) { pp_setup = <<-EOS.unindent - $db = #{db} - $old_owner = #{old_owner} - $new_owner = #{new_owner} - $password = #{password} - - class { 'postgresql::server': } - - postgresql::server::role { $old_owner: - password_hash => postgresql_password($old_owner, $password), - } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $old_owner: - ensure => present, - } - - # Create a user to reassign ownership to - postgresql::server::role { $new_owner: - db => $db, - require => Postgresql::Server::Database[$db], - } - - # Make a local user for ident auth - user { $new_owner: - ensure => present, - } - - # Grant the new owner membership of the old owner (must have both for REASSIGN OWNED BY to work) - postgresql::server::grant_role { "grant_role to ${new_owner}": - role => $new_owner, - group => $old_owner, - } - - # Grant them connect to the database - postgresql::server::database_grant { "allow connect for ${old_owner}": - privilege => 'CONNECT', - db => $db, - role => $old_owner, - } - EOS - } - - let(:pp_db_old_owner) { <<-EOS.unindent - postgresql::server::database { $db: - owner => $old_owner, - require => Postgresql::Server::Role[$old_owner], - } - EOS - } - - let(:pp_db_no_owner) { <<-EOS.unindent - postgresql::server::database { $db: - } - EOS - } + let(:pp_setup) do + <<-MANIFEST.unindent + $db = #{db} + $old_owner = #{old_owner} + $new_owner = #{new_owner} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $old_owner: + password_hash => postgresql_password($old_owner, $password), + } + + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $old_owner: + ensure => present, + } + + # Create a user to reassign ownership to + postgresql::server::role { $new_owner: + db => $db, + require => Postgresql::Server::Database[$db], + } + + # Make a local user for ident auth + user { $new_owner: + ensure => present, + } + + # Grant the new owner membership of the old owner (must have both for REASSIGN OWNED BY to work) + postgresql::server::grant_role { "grant_role to ${new_owner}": + role => $new_owner, + group => $old_owner, + } + + # Grant them connect to the database + postgresql::server::database_grant { "allow connect for ${old_owner}": + privilege => 'CONNECT', + db => $db, + role => $old_owner, + } + MANIFEST + end + + let(:pp_db_old_owner) do + <<-MANIFEST.unindent + postgresql::server::database { $db: + owner => $old_owner, + require => Postgresql::Server::Role[$old_owner], + } + MANIFEST + end + + let(:pp_db_no_owner) do + <<-MANIFEST.unindent + postgresql::server::database { $db: + } + MANIFEST + end context 'reassign_owned_by' do describe 'REASSIGN OWNED BY tests' do @@ -71,7 +73,8 @@ class { 'postgresql::server': } let(:old_owner) { 'psql_reassign_old_owner' } let(:new_owner) { 'psql_reassign_new_owner' } - let(:pp_setup_objects) { <<-EOS.unindent + let(:pp_setup_objects) do + <<-MANIFEST.unindent postgresql_psql { 'create test table': command => 'CREATE TABLE test_tbl (col1 integer)', db => '#{db}', @@ -86,48 +89,51 @@ class { 'postgresql::server': } unless => "SELECT relname FROM pg_catalog.pg_class WHERE relkind='S' AND relname = 'test_seq'", require => [ Postgresql_psql['create test table'], Postgresql::Server::Database['#{db}'] ], } - EOS - } - let(:pp_reassign_owned_by) { <<-EOS.unindent + MANIFEST + end + let(:pp_reassign_owned_by) do + <<-MANIFEST.unindent postgresql::server::reassign_owned_by { 'test reassign to new_owner': db => '#{db}', old_role => '#{old_owner}', new_role => '#{new_owner}', psql_user => '#{new_owner}', } - EOS - } + MANIFEST + end - it 'should reassign all objects to new_owner' do + # rubocop:disable RSpec/ExampleLength + # rubocop:disable RSpec/MultipleExpectations + it 'reassigns all objects to new_owner' do begin - #postgres version + # postgres version result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] if version >= '9.0' - apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, :catch_failures => true) + apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) - apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_failures => true) - apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, :catch_changes => true) + apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, catch_failures: true) + apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, catch_changes: true) ## Check that the ownership was transferred psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| - expect(r.stdout).to match(/test_tbl.#{new_owner}/) + expect(r.stdout).to match(%r{test_tbl.#{new_owner}}) expect(r.stderr).to eq('') end psql("-d #{db} --tuples-only --no-align --command=\"SELECT relname,pg_get_userbyid(relowner) FROM pg_catalog.pg_class c WHERE relkind='S'\"", superuser) do |r| - expect(r.stdout).to match(/test_seq.#{new_owner}/) + expect(r.stdout).to match(%r{test_seq.#{new_owner}}) expect(r.stderr).to eq('') end if version >= '9.3' psql("-d #{db} --tuples-only --no-align --command=\"SELECT pg_get_userbyid(datdba) FROM pg_database WHERE datname = current_database()\"", superuser) do |r| - expect(r.stdout).to match(/#{new_owner}/) + expect(r.stdout).to match(%r{#{new_owner}}) expect(r.stderr).to eq('') end end end end - end # it should reassign all objects + end # it should reassign all objects end end ##################### diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index b27a5c5afb..1ae5310ca0 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,56 +1,54 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::recovery', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::recovery', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'should manage recovery' do after(:all) do - pp = <<-EOS.unindent + pp = <<-MANIFEST.unindent file { '/tmp/recovery.conf': ensure => absent, } - EOS + MANIFEST - apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, catch_failures: true) end - it 'adds conf file' do - pp = <<-EOS.unindent - class { 'postgresql::globals': - recovery_conf_path => '/tmp/recovery.conf', - manage_recovery_conf => true, - } + pp = <<-MANIFEST.unindent + class { 'postgresql::globals': + recovery_conf_path => '/tmp/recovery.conf', + manage_recovery_conf => true, + } - class { 'postgresql::server': } + class { 'postgresql::server': } - # Create a recovery.conf file - postgresql::server::recovery { "recovery.conf": - restore_command => 'restore_command', - recovery_target_timeline => 'recovery_target_timeline', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + # Create a recovery.conf file + postgresql::server::recovery { "recovery.conf": + restore_command => 'restore_command', + recovery_target_timeline => 'recovery_target_timeline', + } + MANIFEST + it 'adds conf file' do + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe file('/tmp/recovery.conf') do it { is_expected.to be_file } - it { is_expected.to contain /restore_command = 'restore_command'/ } - it { is_expected.to contain /recovery_target_timeline = 'recovery_target_timeline'/ } + it { is_expected.to contain %r{restore_command = 'restore_command'} } + it { is_expected.to contain %r{recovery_target_timeline = 'recovery_target_timeline'} } end end describe 'should not manage recovery' do - it 'does not add conf file' do - pp = <<-EOS.unindent - class { 'postgresql::globals': - manage_recovery_conf => false, - } - - class { 'postgresql::server': } - EOS + pp = <<-MANIFEST.unindent + class { 'postgresql::globals': + manage_recovery_conf => false, + } - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + class { 'postgresql::server': } + MANIFEST + it 'does not add conf file' do + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe file('/tmp/recovery.conf') do @@ -58,4 +56,3 @@ class { 'postgresql::server': } end end end - diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 43b2c8ac3b..1c10d1af5a 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -1,71 +1,72 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::schema:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - +describe 'postgresql::server::schema:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do let(:version) do - if fact('osfamily') == 'RedHat' and fact('operatingsystemrelease') =~ /5/ + if fact('osfamily') == 'RedHat' && fact('operatingsystemrelease') =~ %r{5} '8.1' end end + let(:pp) do + <<-MANIFEST.unindent + $db = 'schema_test' + $user = 'psql_schema_tester' + $password = 'psql_schema_pw' + $version = '#{version}' - it 'should create a schema for a user' do - begin - pp = <<-EOS.unindent - $db = 'schema_test' - $user = 'psql_schema_tester' - $password = 'psql_schema_pw' - $version = '#{version}' - - class { 'postgresql::server': } + class { 'postgresql::server': } - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } + # Since we are not testing pg_hba or any of that, make a local user for ident auth + user { $user: + ensure => present, + } - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } + postgresql::server::role { $user: + password_hash => postgresql_password($user, $password), + } - postgresql::server::database { $db: - owner => $user, - require => Postgresql::Server::Role[$user], - } + postgresql::server::database { $db: + owner => $user, + require => Postgresql::Server::Role[$user], + } - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } + # Create a rule for the user + postgresql::server::pg_hba_rule { "allow ${user}": + type => 'local', + database => $db, + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1, + } - postgresql::server::schema { $user: - db => $db, - owner => $user, - require => Postgresql::Server::Database[$db], - } - EOS + postgresql::server::schema { $user: + db => $db, + owner => $user, + require => Postgresql::Server::Database[$db], + } + MANIFEST + end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + # rubocop:disable RSpec/ExampleLength + # rubocop:disable RSpec/MultipleExpectations + it 'creates a schema for a user' do + begin + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) ## Check that the user can create a table in the database psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| - expect(r.stdout).to match(/CREATE TABLE/) + expect(r.stdout).to match(%r{CREATE TABLE}) expect(r.stderr).to eq('') end ensure psql('--command="drop table psql_schema_tester.foo" schema_test', 'psql_schema_tester') end end - end diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb index 3b323c6131..2cc4618f7e 100644 --- a/spec/acceptance/sql_task_spec.rb +++ b/spec/acceptance/sql_task_spec.rb @@ -3,16 +3,16 @@ describe 'postgresql task', if: puppet_version =~ %r{(5\.\d\.\d)} && !pe_install? do describe 'sql task' do - pp = <<-EOS + pp = <<-MANIFEST class { 'postgresql::server': } -> postgresql::server::db { 'spec1': user => 'root1', password => postgresql_password('root1', 'password'), } - EOS + MANIFEST it 'sets up a postgres db' do - apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, catch_failures: true) end it 'execute some sql' do diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index 9f80f96e25..b893630982 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -4,31 +4,30 @@ # location properly. # Allow postgresql to use /tmp/* as a datadir -if fact('osfamily') == 'RedHat' and fact('selinux') == 'true' +if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' shell 'setenforce 0' end -describe 'postgresql::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative pgdata location' do - pp = <<-EOS + pp = <<-MAIFEST #file { '/var/lib/pgsql': ensure => directory, } -> # needs_initdb will be true by default for all OS's except Debian # in order to change the datadir we need to tell it explicitly to call initdb class { 'postgresql::server': datadir => '/tmp/data', needs_initdb => true } - EOS + MAIFEST - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe file('/tmp/data') do - it { should be_directory } + it { is_expected.to be_directory } end it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(/List of databases/) + expect(r.stdout).to match(%r{List of databases}) end end - end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 77a3992062..a018126330 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -7,7 +7,7 @@ run_puppet_install_helper install_ca_certs unless pe_install? -UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] +UNSUPPORTED_PLATFORMS = %w[AIX windows Solaris Suse].freeze # monkey patch to get around apt/forge issue (PUP-8008) module Beaker::ModuleInstallHelper @@ -20,7 +20,7 @@ def module_dependencies_from_metadata dependencies = [] # get it outta here! - metadata['dependencies'].delete_if {|d| d['name'] == 'puppetlabs/apt' } + metadata['dependencies'].delete_if { |d| d['name'] == 'puppetlabs/apt' } metadata['dependencies'].each do |d| tmp = { module_name: d['name'].sub('/', '-') } @@ -36,11 +36,10 @@ def module_dependencies_from_metadata end end - install_bolt_on(hosts) unless pe_install? install_module_on(hosts) install_module_dependencies_on(hosts) -install_module_from_forge_on(hosts,'puppetlabs/apt','< 4.2.0') +install_module_from_forge_on(hosts, 'puppetlabs/apt', '< 4.2.0') DEFAULT_PASSWORD = if default[:hypervisor] == 'vagrant' 'vagrant' @@ -52,7 +51,7 @@ class String # Provide ability to remove indentation from strings, for the purpose of # left justifying heredoc blocks. def unindent - gsub(/^#{scan(/^\s*/).min_by{|l|l.length}}/, "") + gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') end end @@ -67,18 +66,18 @@ def shellescape(str) # Treat multibyte characters as is. It is caller's responsibility # to encode the string in the right encoding for the shell # environment. - str.gsub!(/([^A-Za-z0-9_\-.,:\/@\n])/, "\\\\\\1") + str.gsub!(%r{([^A-Za-z0-9_\-.,:\/@\n])}, '\\\\\\1') # A LF cannot be escaped with a backslash because a backslash + LF # combo is regarded as line continuation and simply ignored. - str.gsub!(/\n/, "'\n'") + str.gsub!(%r{\n}, "'\n'") - return str + str end -def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) +def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) psql = "psql #{psql_cmd}" - shell("su #{shellescape(user)} -c #{shellescape(psql)}", :acceptable_exit_codes => exit_codes, &block) + shell("su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) end RSpec.configure do |c| @@ -106,7 +105,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) } EOS - apply_manifest_on(agents, pp, :catch_failures => false) + apply_manifest_on(agents, pp, catch_failures: false) end # net-tools required for netstat utility being used by be_listening @@ -115,16 +114,15 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) package { 'net-tools': ensure => installed } EOS - apply_manifest_on(agents, pp, :catch_failures => false) + apply_manifest_on(agents, pp, catch_failures: false) end hosts.each do |host| on host, 'chmod 755 /root' - if fact_on(host, 'osfamily') == 'Debian' - on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" - on host, '/usr/sbin/locale-gen' - on host, '/usr/sbin/update-locale' - end + next unless fact_on(host, 'osfamily') == 'Debian' + on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" + on host, '/usr/sbin/locale-gen' + on host, '/usr/sbin/update-locale' end end end diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 3f2e58f4b1..0ecdef8d74 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -1,57 +1,52 @@ require 'spec_helper' -describe 'postgresql::client', :type => :class do +describe 'postgresql::client', type: :class do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', } end describe 'with parameters' do let :params do { - :validcon_script_path => '/opt/bin/my-validate-con.sh', - :package_ensure => 'absent', - :package_name => 'mypackage', - :file_ensure => 'file' + validcon_script_path: '/opt/bin/my-validate-con.sh', + package_ensure: 'absent', + package_name: 'mypackage', + file_ensure: 'file', } end - it 'should modify package' do - is_expected.to contain_package("postgresql-client").with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) + it 'modifies package' do + is_expected.to contain_package('postgresql-client').with(ensure: 'absent', + name: 'mypackage', + tag: 'postgresql') end - it 'should have specified validate connexion' do - should contain_file('/opt/bin/my-validate-con.sh').with({ - :ensure => 'file', - :owner => 0, - :group => 0, - :mode => '0755' - }) + it 'has specified validate connexion' do + is_expected.to contain_file('/opt/bin/my-validate-con.sh').with(ensure: 'file', + owner: 0, + group: 0, + mode: '0755') end end describe 'with no parameters' do - it 'should create package with postgresql tag' do - is_expected.to contain_package('postgresql-client').with({ - :tag => 'postgresql', - }) + it 'creates package with postgresql tag' do + is_expected.to contain_package('postgresql-client').with(tag: 'postgresql') end end describe 'with client package name explicitly set undef' do let :params do { - :package_name => 'UNSET' + package_name: 'UNSET', } end - it 'should not manage postgresql-client package' do + + it 'does not manage postgresql-client package' do is_expected.not_to contain_package('postgresql-client') end end diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index 67890905bf..e3d87ce293 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -2,26 +2,26 @@ describe 'postgresql::globals', type: :class do context 'on a debian 6' do - let (:facts) do + let(:facts) do { - :os => { - :family => 'Debian', - :name => 'Debian', - :release => { - :full => '6.0', - :major => '6' - } + os: { + family: 'Debian', + name: 'Debian', + release: { + full: '6.0', + major: '6', + }, }, - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze' + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + lsbdistid: 'Debian', + lsbdistcodename: 'squeeze', } end describe 'with no parameters' do - it 'should work' do + it 'works' do is_expected.to contain_class('postgresql::globals') end end @@ -29,25 +29,27 @@ describe 'manage_package_repo => true' do let(:params) do { - manage_package_repo: true + manage_package_repo: true, } end - it 'should pull in class postgresql::repo' do + + it 'pulls in class postgresql::repo' do is_expected.to contain_class('postgresql::repo') end end end context 'on redhat family systems' do - let (:facts) do + let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', - operatingsystemrelease: '7.1' + operatingsystemrelease: '7.1', } end + describe 'with no parameters' do - it 'should work' do + it 'works' do is_expected.to contain_class('postgresql::globals') end end @@ -56,19 +58,19 @@ let(:params) do { manage_package_repo: true, - repo_proxy: 'http://proxy-server:8080' + repo_proxy: 'http://proxy-server:8080', } end - it 'should pull in class postgresql::repo' do + it 'pulls in class postgresql::repo' do is_expected.to contain_class('postgresql::repo') end it do - should contain_yumrepo('yum.postgresql.org').with( + is_expected.to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', - 'proxy' => 'http://proxy-server:8080' - ) + 'proxy' => 'http://proxy-server:8080', + ) end end @@ -76,18 +78,18 @@ let(:params) do { manage_package_repo: true, - repo_baseurl: 'http://mirror.localrepo.com' + repo_baseurl: 'http://mirror.localrepo.com', } end - it 'should pull in class postgresql::repo' do + it 'pulls in class postgresql::repo' do is_expected.to contain_class('postgresql::repo') end it do - should contain_yumrepo('yum.postgresql.org').with( + is_expected.to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', - 'baseurl' => 'http://mirror.localrepo.com' + 'baseurl' => 'http://mirror.localrepo.com', ) end end diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index ca0ebb3b80..8317a4ddf2 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -1,73 +1,84 @@ require 'spec_helper' -describe 'postgresql::lib::devel', :type => :class do +describe 'postgresql::lib::devel', type: :class do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', } end - it { is_expected.to contain_class("postgresql::lib::devel") } + + it { is_expected.to contain_class('postgresql::lib::devel') } describe 'link pg_config to /usr/bin' do - it { should_not contain_file('/usr/bin/pg_config') \ - .with_ensure('link') \ - .with_target('/usr/lib/postgresql/8.4/bin/pg_config') + it { + is_expected.not_to contain_file('/usr/bin/pg_config') \ + .with_ensure('link') \ + .with_target('/usr/lib/postgresql/8.4/bin/pg_config') } end describe 'disable link_pg_config' do - let(:params) {{ - :link_pg_config => false, - }} - it { should_not contain_file('/usr/bin/pg_config') } + let(:params) do + { + link_pg_config: false, + } + end + + it { is_expected.not_to contain_file('/usr/bin/pg_config') } end describe 'should not link pg_config on RedHat with default version' do - let(:facts) {{ - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.3', - :operatingsystemmajrelease => '6', - }} - it { should_not contain_file('/usr/bin/pg_config') } + let(:facts) do + { + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.3', + operatingsystemmajrelease: '6', + } + end + + it { is_expected.not_to contain_file('/usr/bin/pg_config') } end describe 'link pg_config on RedHat with non-default version' do - let(:facts) {{ - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.3', - :operatingsystemmajrelease => '6', - }} + let(:facts) do + { + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.3', + operatingsystemmajrelease: '6', + } + end let :pre_condition do - "class { '::postgresql::globals': version => '9.3' }" + "class { '::postgresql::globals': version => '9.3' }" end - it { should contain_file('/usr/bin/pg_config') \ - .with_ensure('link') \ - .with_target('/usr/pgsql-9.3/bin/pg_config') + it { + is_expected.to contain_file('/usr/bin/pg_config') \ + .with_ensure('link') \ + .with_target('/usr/pgsql-9.3/bin/pg_config') } end describe 'on Gentoo' do let :facts do { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', + osfamily: 'Gentoo', + operatingsystem: 'Gentoo', } end let :params do { - :link_pg_config => false, + link_pg_config: false, } end - it 'should fail to compile' do + it 'fails to compile' do # rubocop:disable RSpec/MultipleExpectations expect { is_expected.to compile - }.to raise_error(/is not supported/) + }.to raise_error(%r{is not supported}) end end end diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 76dbbd987e..58ec2f8b85 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -1,43 +1,52 @@ require 'spec_helper' -describe 'postgresql::lib::java', :type => :class do - +describe 'postgresql::lib::java', type: :class do describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } + let :facts do + { + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + } end - it { is_expected.to contain_package('postgresql-jdbc').with( - :name => 'libpg-java', - :ensure => 'present', - :tag => 'postgresql' - )} + + it { + is_expected.to contain_package('postgresql-jdbc').with( + name: 'libpg-java', + ensure: 'present', + tag: 'postgresql', + ) + } end describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } + let :facts do + { + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + } end - it { is_expected.to contain_package('postgresql-jdbc').with( - :name => 'postgresql-jdbc', - :ensure => 'present', - :tag => 'postgresql' - )} + + it { + is_expected.to contain_package('postgresql-jdbc').with( + name: 'postgresql-jdbc', + ensure: 'present', + tag: 'postgresql', + ) + } describe 'when parameters are supplied' do let :params do - {:package_ensure => 'latest', :package_name => 'somepackage'} + { package_ensure: 'latest', package_name: 'somepackage' } end - it { is_expected.to contain_package('postgresql-jdbc').with( - :name => 'somepackage', - :ensure => 'latest', - :tag => 'postgresql' - )} + + it { + is_expected.to contain_package('postgresql-jdbc').with( + name: 'somepackage', + ensure: 'latest', + tag: 'postgresql', + ) + } end end - end diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/unit/classes/lib/perl_spec.rb index 922cfa0b85..d8c8a59c84 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/unit/classes/lib/perl_spec.rb @@ -1,31 +1,37 @@ require 'spec_helper' -describe 'postgresql::lib::perl', :type => :class do - +describe 'postgresql::lib::perl', type: :class do describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } + let :facts do + { + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + } end - it { is_expected.to contain_package('perl-DBD-Pg').with( - :name => 'perl-DBD-Pg', - :ensure => 'present' - )} + + it { + is_expected.to contain_package('perl-DBD-Pg').with( + name: 'perl-DBD-Pg', + ensure: 'present', + ) + } end describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } + let :facts do + { + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + } end - it { is_expected.to contain_package('perl-DBD-Pg').with( - :name => 'libdbd-pg-perl', - :ensure => 'present' - )} - end + it { + is_expected.to contain_package('perl-DBD-Pg').with( + name: 'libdbd-pg-perl', + ensure: 'present', + ) + } + end end diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/unit/classes/lib/pgdocs_spec.rb index a751e987d2..878abaced7 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/unit/classes/lib/pgdocs_spec.rb @@ -1,29 +1,34 @@ require 'spec_helper' -describe 'postgresql::lib::docs', :type => :class do - +describe 'postgresql::lib::docs', type: :class do describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } + let :facts do + { + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + } end - it { is_expected.to contain_package('postgresql-docs').with( - :name => 'postgresql-docs', - :ensure => 'present', - :tag => 'postgresql' - )} + + it { + is_expected.to contain_package('postgresql-docs').with( + name: 'postgresql-docs', + ensure: 'present', + tag: 'postgresql', + ) + } describe 'when parameters are supplied' do let :params do - {:package_ensure => 'latest', :package_name => 'somepackage'} + { package_ensure: 'latest', package_name: 'somepackage' } end - it { is_expected.to contain_package('postgresql-docs').with( - :name => 'somepackage', - :ensure => 'latest', - :tag => 'postgresql' - )} + + it { + is_expected.to contain_package('postgresql-docs').with( + name: 'somepackage', + ensure: 'latest', + tag: 'postgresql', + ) + } end end - end diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index 095c2e15a1..bbf93b4f91 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -1,31 +1,37 @@ require 'spec_helper' -describe 'postgresql::lib::python', :type => :class do - +describe 'postgresql::lib::python', type: :class do describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } + let :facts do + { + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + } end - it { is_expected.to contain_package('python-psycopg2').with( - :name => 'python-psycopg2', - :ensure => 'present' - )} + + it { + is_expected.to contain_package('python-psycopg2').with( + name: 'python-psycopg2', + ensure: 'present', + ) + } end describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } + let :facts do + { + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + } end - it { is_expected.to contain_package('python-psycopg2').with( - :name => 'python-psycopg2', - :ensure => 'present' - )} - end + it { + is_expected.to contain_package('python-psycopg2').with( + name: 'python-psycopg2', + ensure: 'present', + ) + } + end end diff --git a/spec/unit/classes/params_spec.rb b/spec/unit/classes/params_spec.rb index a415966e10..49dbb19c88 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/unit/classes/params_spec.rb @@ -1,12 +1,13 @@ require 'spec_helper' -describe 'postgresql::params', :type => :class do +describe 'postgresql::params', type: :class do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', } end - it { is_expected.to contain_class("postgresql::params") } + + it { is_expected.to contain_class('postgresql::params') } end diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index 3942d65d20..f0660933df 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -1,26 +1,26 @@ require 'spec_helper' -describe 'postgresql::repo', :type => :class do +describe 'postgresql::repo', type: :class do let :facts do { - :os => { - :name => 'Debian', - :family => 'Debian', - :release => { - :full => '6.0', - :major => '6' - } + os: { + name: 'Debian', + family: 'Debian', + release: { + full: '6.0', + major: '6', + }, }, - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + lsbdistid: 'Debian', + lsbdistcodename: 'squeeze', } end describe 'with no parameters' do - it 'should instantiate apt_postgresql_org class' do + it 'instantiates apt_postgresql_org class' do is_expected.to contain_class('postgresql::repo::apt_postgresql_org') end end diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index fbf5529e82..5e22d05dbb 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -1,36 +1,37 @@ require 'spec_helper' -describe 'postgresql::server::config', :type => :class do - let (:pre_condition) do - "include postgresql::server" +describe 'postgresql::server::config', type: :class do + let(:pre_condition) do + 'include postgresql::server' end describe 'on RedHat 7' do - let :facts do + let(:facts) do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '7.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '7.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - it 'should have the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with ({ - :ensure => 'present', - :path => '/etc/systemd/system/postgresql.service', - :owner => 'root', - :group => 'root', - }) + + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'present', path: '/etc/systemd/system/postgresql.service', + owner: 'root', group: 'root' + ) + end + it 'has the correct systemd-override file #content' do is_expected.to contain_file('systemd-override') \ - .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql.service/) + .with_content(%r{.include \/usr\/lib\/systemd\/system\/postgresql.service}) end describe 'with manage_package_repo => true and a version' do - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': manage_package_repo => true, @@ -40,45 +41,46 @@ class { 'postgresql::server': } EOS end - it 'should have the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with ({ - :ensure => 'present', - :path => '/etc/systemd/system/postgresql-9.4.service', - :owner => 'root', - :group => 'root', - }) + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'present', path: '/etc/systemd/system/postgresql-9.4.service', + owner: 'root', group: 'root' + ) + end + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('systemd-override') \ - .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql-9.4.service/) + .with_content(%r{.include \/usr\/lib\/systemd\/system\/postgresql-9.4.service}) end end end describe 'on Fedora 21' do - let :facts do + let(:facts) do { - :osfamily => 'RedHat', - :operatingsystem => 'Fedora', - :operatingsystemrelease => '21', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'Fedora', + operatingsystemrelease: '21', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - it 'should have the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with ({ - :ensure => 'present', - :path => '/etc/systemd/system/postgresql.service', - :owner => 'root', - :group => 'root', - }) + + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'present', path: '/etc/systemd/system/postgresql.service', + owner: 'root', group: 'root' + ) + end + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('systemd-override') \ - .with_content(/.include \/lib\/systemd\/system\/postgresql.service/) + .with_content(%r{.include \/lib\/systemd\/system\/postgresql.service}) end describe 'with manage_package_repo => true and a version' do - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': manage_package_repo => true, @@ -88,21 +90,21 @@ class { 'postgresql::server': } EOS end - it 'should have the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with ({ - :ensure => 'present', - :path => '/etc/systemd/system/postgresql-9.4.service', - :owner => 'root', - :group => 'root', - }) + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'present', path: '/etc/systemd/system/postgresql-9.4.service', + owner: 'root', group: 'root' + ) + end + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('systemd-override') \ - .with_content(/.include \/lib\/systemd\/system\/postgresql-9.4.service/) + .with_content(%r{.include \/lib\/systemd\/system\/postgresql-9.4.service}) end end end describe 'on Gentoo' do - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': version => '9.5', @@ -110,32 +112,33 @@ class { 'postgresql::globals': class { 'postgresql::server': } EOS end - let :facts do + let(:facts) do { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => 'unused', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => false, + osfamily: 'Gentoo', + operatingsystem: 'Gentoo', + operatingsystemrelease: 'unused', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: false, } end - it 'should have the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with ({ - :ensure => 'present', - :path => '/etc/systemd/system/postgresql-9.5.service', - :owner => 'root', - :group => 'root', - }) + + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'present', path: '/etc/systemd/system/postgresql-9.5.service', + owner: 'root', group: 'root' + ) + end + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('systemd-override') \ - .with_content(/.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service/) + .with_content(%r{.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service}) end end describe 'with managed pg_hba_conf and ipv4acls' do - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': version => '9.5', @@ -149,22 +152,23 @@ class { 'postgresql::server': } EOS end - let :facts do + let(:facts) do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '7.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '7.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - it 'should have hba rule default' do + + it 'has hba rule default' do is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') end - it 'should have hba rule ipv4acls' do + it 'has hba rule ipv4acls' do is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') end end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index e26843616b..221c857a10 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -1,59 +1,55 @@ require 'spec_helper' -describe 'postgresql::server::contrib', :type => :class do +describe 'postgresql::server::contrib', type: :class do let :pre_condition do "class { 'postgresql::server': }" end let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with parameters' do let(:params) do { - :package_name => 'mypackage', - :package_ensure => 'absent', + package_name: 'mypackage', + package_ensure: 'absent', } end - it 'should create package with correct params' do - is_expected.to contain_package('postgresql-contrib').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) + it 'creates package with correct params' do + is_expected.to contain_package('postgresql-contrib').with(ensure: 'absent', + name: 'mypackage', + tag: 'postgresql') end end describe 'with no parameters' do - it 'should create package with postgresql tag' do - is_expected.to contain_package('postgresql-contrib').with({ - :tag => 'postgresql', - }) + it 'creates package with postgresql tag' do + is_expected.to contain_package('postgresql-contrib').with(tag: 'postgresql') end end describe 'on Gentoo' do let :facts do { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', + osfamily: 'Gentoo', + operatingsystem: 'Gentoo', } end - it 'should fail to compile' do + it 'fails to compile' do # rubocop:disable RSpec/MultipleExpectations expect { is_expected.to compile - }.to raise_error(/is not supported/) + }.to raise_error(%r{is not supported}) end end end diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 3482970069..3c05d0797b 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -1,54 +1,57 @@ require 'spec_helper' -describe 'postgresql::server::initdb', :type => :class do - let (:pre_condition) do - "include postgresql::server" +describe 'postgresql::server::initdb', type: :class do + let(:pre_condition) do + 'include postgresql::server' end + describe 'on RedHat' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end + it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } end describe 'on Amazon' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'Amazon', - :operatingsystemrelease => '1.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'Amazon', + operatingsystemrelease: '1.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end + it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } end describe 'exec with module_workdir => /var/tmp' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': module_workdir => '/var/tmp', @@ -57,27 +60,27 @@ class { 'postgresql::server': } EOS end - it 'should contain exec with specified working directory' do - is_expected.to contain_exec('postgresql_initdb').with ({ - :cwd => '/var/tmp', - }) + it 'contains exec with specified working directory' do + is_expected.to contain_exec('postgresql_initdb').with( + cwd: '/var/tmp', + ) end end describe 'exec with module_workdir => undef' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': }-> @@ -85,29 +88,28 @@ class { 'postgresql::server': } EOS end - it 'should contain exec with default working directory' do - is_expected.to contain_exec('postgresql_initdb').with ({ - :cwd => '/tmp', - }) + it 'contains exec with default working directory' do + is_expected.to contain_exec('postgresql_initdb').with( + cwd: '/tmp', + ) end end - describe 'postgresql_psql with module_workdir => /var/tmp' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let (:pre_condition) do + let(:pre_condition) do <<-EOS class { 'postgresql::globals': module_workdir => '/var/tmp', @@ -117,11 +119,9 @@ class { 'postgresql::globals': class { 'postgresql::server': } EOS end - it 'should contain postgresql_psql with specified working directory' do - is_expected.to contain_postgresql_psql('Set template1 encoding to test').with({ - :cwd => '/var/tmp', - }) + + it 'contains postgresql_psql with specified working directory' do + is_expected.to contain_postgresql_psql('Set template1 encoding to test').with(cwd: '/var/tmp') end end end - diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index 00ddf09c5e..90d7d2db09 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::plperl', :type => :class do +describe 'postgresql::server::plperl', type: :class do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('plperl'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('plperl'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -18,30 +18,26 @@ end describe 'with no parameters' do - it { is_expected.to contain_class("postgresql::server::plperl") } - it 'should create package' do - is_expected.to contain_package('postgresql-plperl').with({ - :ensure => 'present', - :tag => 'postgresql', - }) + it { is_expected.to contain_class('postgresql::server::plperl') } + it 'creates package' do + is_expected.to contain_package('postgresql-plperl').with(ensure: 'present', + tag: 'postgresql') end end describe 'with parameters' do let :params do { - :package_ensure => 'absent', - :package_name => 'mypackage', + package_ensure: 'absent', + package_name: 'mypackage', } end - it { is_expected.to contain_class("postgresql::server::plperl") } - it 'should create package with correct params' do - is_expected.to contain_package('postgresql-plperl').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) + it { is_expected.to contain_class('postgresql::server::plperl') } + it 'creates package with correct params' do + is_expected.to contain_package('postgresql-plperl').with(ensure: 'absent', + name: 'mypackage', + tag: 'postgresql') end end end diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index 29a1440b7b..ea879518e3 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -1,16 +1,16 @@ require 'spec_helper' -describe 'postgresql::server::plpython', :type => :class do +describe 'postgresql::server::plpython', type: :class do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('plpython'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'CentOS', + operatingsystemrelease: '6.0', + concat_basedir: tmpfilename('plpython'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end @@ -19,30 +19,26 @@ end describe 'on RedHat with no parameters' do - it { is_expected.to contain_class("postgresql::server::plpython") } - it 'should create package' do - is_expected.to contain_package('postgresql-plpython').with({ - :ensure => 'present', - :tag => 'postgresql', - }) + it { is_expected.to contain_class('postgresql::server::plpython') } + it 'creates package' do + is_expected.to contain_package('postgresql-plpython').with(ensure: 'present', + tag: 'postgresql') end end - + describe 'with parameters' do - let :params do - { - :package_ensure => 'absent', - :package_name => 'mypackage', - } - end - - it { is_expected.to contain_class("postgresql::server::plpython") } - it 'should create package with correct params' do - is_expected.to contain_package('postgresql-plpython').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) - end + let :params do + { + package_ensure: 'absent', + package_name: 'mypackage', + } + end + + it { is_expected.to contain_class('postgresql::server::plpython') } + it 'creates package with correct params' do + is_expected.to contain_package('postgresql-plpython').with(ensure: 'absent', + name: 'mypackage', + tag: 'postgresql') end + end end diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index 1e53c21c5a..b021bb3422 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -1,44 +1,40 @@ require 'spec_helper' -describe 'postgresql::server::postgis', :type => :class do +describe 'postgresql::server::postgis', type: :class do let :pre_condition do "class { 'postgresql::server': }" end let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('postgis'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('postgis'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with parameters' do let(:params) do { - :package_name => 'mypackage', - :package_ensure => 'absent', + package_name: 'mypackage', + package_ensure: 'absent', } end - it 'should create package with correct params' do - is_expected.to contain_package('postgresql-postgis').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) + it 'creates package with correct params' do + is_expected.to contain_package('postgresql-postgis').with(ensure: 'absent', + name: 'mypackage', + tag: 'postgresql') end end describe 'with no parameters' do - it 'should create package with postgresql tag' do - is_expected.to contain_package('postgresql-postgis').with({ - :tag => 'postgresql', - }) + it 'creates package with postgresql tag' do + is_expected.to contain_package('postgresql-postgis').with(tag: 'postgresql') end end end diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 18013d8ff4..02d5a95d45 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -1,36 +1,35 @@ require 'spec_helper' -describe 'postgresql::server', :type => :class do +describe 'postgresql::server', type: :class do let :facts do { - :os => { - :family => 'Debian', - :name => 'Debian', - :release => { - :full => '6.0', - :major => '6' - } + os: { + family: 'Debian', + name: 'Debian', + release: { + full: '6.0', + major: '6', + }, }, - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie', - :operatingsystemrelease => '8.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + lsbdistid: 'Debian', + lsbdistcodename: 'jessie', + operatingsystemrelease: '8.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with no parameters' do - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } - it { is_expected.to contain_exec('postgresql_reload').with({ - 'command' => 'service postgresql reload', - }) + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { + is_expected.to contain_exec('postgresql_reload').with('command' => 'service postgresql reload') } - it 'should validate connection' do + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -38,81 +37,83 @@ describe 'service_ensure => running' do let(:params) do { - :service_ensure => 'running', - :postgres_password => 'new-p@s$word-to-set' + service_ensure: 'running', + postgres_password: 'new-p@s$word-to-set', } end - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } - it { is_expected.to contain_class("postgresql::server::passwd") } - it 'should validate connection' do + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_class('postgresql::server::passwd') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end - it 'should set postgres password' do - is_expected.to contain_exec('set_postgres_postgrespw').with({ - 'command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', - 'user' => 'postgres', - 'environment' => [ - "PGPASSWORD=new-p@s$word-to-set", - "PGPORT=5432", - "NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$" - ], - 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null", - }) + it 'sets postgres password' do + is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end end describe 'service_ensure => stopped' do - let(:params) {{ :service_ensure => 'stopped' }} - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } + let(:params) { { service_ensure: 'stopped' } } + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } it 'shouldnt validate connection' do is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') end end describe 'service_restart_on_change => false' do - let(:params) {{ :service_restart_on_change => false }} - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } - it { is_expected.to_not contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + let(:params) { { service_restart_on_change: false } } + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { + is_expected.not_to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } - it 'should validate connection' do + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end describe 'service_restart_on_change => true' do - let(:params) {{ :service_restart_on_change => true }} - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } - it { is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + let(:params) { { service_restart_on_change: true } } + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { + is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } - it 'should validate connection' do + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end describe 'service_reload => /bin/true' do - let(:params) {{ :service_reload => '/bin/true' }} - it { is_expected.to contain_class("postgresql::params") } - it { is_expected.to contain_class("postgresql::server") } - it { is_expected.to contain_exec('postgresql_reload').with({ - 'command' => '/bin/true', - }) + let(:params) { { service_reload: '/bin/true' } } + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { + is_expected.to contain_exec('postgresql_reload').with('command' => '/bin/true') } - it 'should validate connection' do + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end end describe 'service_manage => true' do - let(:params) {{ :service_manage => true }} + let(:params) { { service_manage: true } } + it { is_expected.to contain_service('postgresqld') } end describe 'service_manage => false' do - let(:params) {{ :service_manage => false }} + let(:params) { { service_manage: false } } + it { is_expected.not_to contain_service('postgresqld') } it 'shouldnt validate connection' do is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') @@ -122,31 +123,27 @@ describe 'package_ensure => absent' do let(:params) do { - :package_ensure => 'absent', + package_ensure: 'absent', } end - it 'should remove the package' do - is_expected.to contain_package('postgresql-server').with({ - :ensure => 'purged', - }) + it 'removes the package' do + is_expected.to contain_package('postgresql-server').with(ensure: 'purged') end - it 'should still enable the service' do - is_expected.to contain_service('postgresqld').with({ - :ensure => 'running', - }) + it 'stills enable the service' do + is_expected.to contain_service('postgresqld').with(ensure: 'running') end end describe 'needs_initdb => true' do let(:params) do { - :needs_initdb => true, + needs_initdb: true, } end - it 'should contain proper initdb exec' do + it 'contains proper initdb exec' do is_expected.to contain_exec('postgresql_initdb') end end @@ -161,6 +158,7 @@ class { 'postgresql::globals': } EOS end + it 'contains the correct package version' do is_expected.to contain_class('postgresql::repo').with_version('99.5') end diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 34f0c70002..852ced8d4a 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -1,20 +1,20 @@ require 'spec_helper' -describe 'postgresql::server::config_entry', :type => :define do +describe 'postgresql::server::config_entry', type: :define do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let(:title) { 'config_entry'} + let(:title) { 'config_entry' } let :target do tmpfilename('postgresql_conf') @@ -24,8 +24,9 @@ "class {'postgresql::server':}" end - context "syntax check" do - let(:params) { { :ensure => 'present'} } + context 'syntax check' do + let(:params) { { ensure: 'present' } } + it { is_expected.to contain_postgresql__server__config_entry('config_entry') } end @@ -33,104 +34,111 @@ context 'redhat 6' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '6.4', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} + let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } - it 'stops postgresql and changes the port' do + it 'stops postgresql and changes the port #exec' do is_expected.to contain_exec('postgresql_stop_port') + end + it 'stops postgresql and changes the port #augeas' do is_expected.to contain_augeas('override PGPORT in /etc/sysconfig/pgsql/postgresql') end end context 'redhat 7' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '7.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} + let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } - it 'stops postgresql and changes the port' do + it 'stops postgresql and changes the port #file' do is_expected.to contain_file('systemd-override') + end + it 'stops postgresql and changes the port #exec' do is_expected.to contain_exec('restart-systemd') end end context 'fedora 19' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'Fedora', - :operatingsystemrelease => '19', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'Fedora', + operatingsystemrelease: '19', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} + let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } - it 'stops postgresql and changes the port' do + it 'stops postgresql and changes the port #file' do is_expected.to contain_file('systemd-override') + end + it 'stops postgresql and changes the port #exec' do is_expected.to contain_exec('restart-systemd') end end end - context "data_directory" do - let(:params) {{ :ensure => 'present', :name => 'data_directory_spec', :value => '/var/pgsql' }} + context 'data_directory' do + let(:params) { { ensure: 'present', name: 'data_directory_spec', value: '/var/pgsql' } } - it 'stops postgresql and changes the data directory' do + it 'stops postgresql and changes the data directory #exec' do is_expected.to contain_exec('postgresql_data_directory') + end + it 'stops postgresql and changes the data directory #augeas' do is_expected.to contain_augeas('override PGDATA in /etc/sysconfig/pgsql/postgresql') end end - context "passes values through appropriately" do - let(:params) {{ :ensure => 'present', :name => 'check_function_bodies', :value => 'off' }} + context 'passes values through appropriately' do + let(:params) { { ensure: 'present', name: 'check_function_bodies', value: 'off' } } it 'with no quotes' do - is_expected.to contain_postgresql_conf('check_function_bodies').with({ - :name => 'check_function_bodies', - :value => 'off' }) + is_expected.to contain_postgresql_conf('check_function_bodies').with(name: 'check_function_bodies', + value: 'off') end end context 'unix_socket_directories' do let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :selinux => true, + osfamily: 'RedHat', + operatingsystem: 'RedHat', + operatingsystemrelease: '7.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, } end - let(:params) {{ :ensure => 'present', :name => 'unix_socket_directories', :value => '/var/pgsql, /opt/postgresql, /root/' }} + let(:params) { { ensure: 'present', name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/' } } - it 'should restart the server and change unix_socket_directories to the provided list' do + it 'restarts the server and change unix_socket_directories to the provided list' do is_expected.to contain_postgresql_conf('unix_socket_directories') - .with({ :name => 'unix_socket_directories', - :value => '/var/pgsql, /opt/postgresql, /root/'}) - .that_notifies('Class[postgresql::server::service]') + .with(name: 'unix_socket_directories', + value: '/var/pgsql, /opt/postgresql, /root/') + .that_notifies('Class[postgresql::server::service]') end end end diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index 19dfce99fb..d4c65b6fc2 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::database_grant', :type => :define do +describe 'postgresql::server::database_grant', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,9 +19,9 @@ let :params do { - :privilege => 'ALL', - :db => 'test', - :role => 'test', + privilege: 'ALL', + db: 'test', + role: 'test', } end diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index c9993f61c8..9880bbc721 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::database', :type => :define do +describe 'postgresql::server::database', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do @@ -24,38 +24,41 @@ it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"') } context "with comment set to 'test comment'" do - let (:params) {{ :comment => 'test comment' }} + let(:params) { { comment: 'test comment' } } - it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE \"test\" IS 'test comment'").with_connect_settings( {} ) } + it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE \"test\" IS 'test comment'").with_connect_settings({}) } end - context "with specific db connection settings - default port" do + context 'with specific db connection settings - default port' do let :pre_condition do "class {'postgresql::server':}" end - let (:params) {{ :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', }}} + let(:params) do + { connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1' } } + end - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1').with_port(5432) } end - context "with specific db connection settings - including port" do + context 'with specific db connection settings - including port' do let :pre_condition do "class {'postgresql::globals':} class {'postgresql::server':}" end - let (:params) {{ :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234' }}} - - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( nil ) } + let(:params) do + { connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' } } + end + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(nil) } end - context "with global db connection settings - including port" do + context 'with global db connection settings - including port' do let :pre_condition do "class {'postgresql::globals': default_connect_settings => { 'PGHOST' => 'postgres-db-server', @@ -66,12 +69,11 @@ class {'postgresql::server':}" class {'postgresql::server':}" end - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.2','PGPORT' => '1234' } ).with_port( nil ) } - + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.2', 'PGPORT' => '1234').with_port(nil) } end - context "with different owner" do - let (:params) {{ :owner => 'test_owner' }} + context 'with different owner' do + let(:params) { { owner: 'test_owner' } } it { is_expected.to contain_postgresql_psql('ALTER DATABASE "test" OWNER TO "test_owner"') } end diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 78e36b002c..9dd9ad4eb9 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::db', :type => :define do +describe 'postgresql::server::db', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -18,12 +18,11 @@ end context 'without dbname param' do - let :params do { - :user => 'test', - :password => 'test', - :owner => 'tester', + user: 'test', + password: 'test', + owner: 'tester', } end @@ -35,17 +34,15 @@ it { is_expected.to contain_postgresql__server__database('test').with_owner('tester') } it { is_expected.to contain_postgresql__server__role('test').that_comes_before('Postgresql::Server::Database[test]') } it { is_expected.to contain_postgresql__server__database_grant('GRANT test - ALL - test') } - end context 'dbname' do - let :params do { - :dbname => 'testtest', - :user => 'test', - :password => 'test', - :owner => 'tester', + dbname: 'testtest', + user: 'test', + password: 'test', + owner: 'tester', } end diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index efb4b8b59b..84bd53de1d 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'postgresql::server::extension', :type => :define do +describe 'postgresql::server::extension', type: :define do # rubocop:disable RSpec/MultipleDescribes let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis': @@ -10,126 +10,113 @@ let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('postgis'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('postgis'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end - let (:title) { 'postgis' } - let (:params) { { - :database => 'template_postgis', - } } + let(:title) { 'postgis' } + let(:params) do + { + database: 'template_postgis', + } + end - context "with mandatory arguments only" do + context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql('template_postgis: CREATE EXTENSION "postgis"').with({ - :db => 'template_postgis', - :command => 'CREATE EXTENSION "postgis"', - }).that_requires('Postgresql::Server::Database[template_postgis]') + is_expected.to contain_postgresql_psql('template_postgis: CREATE EXTENSION "postgis"') + .with(db: 'template_postgis', command: 'CREATE EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } end - context "when schema is specified" do - let (:params) { super().merge({ - :schema => 'pg_catalog', - }) } + context 'when schema is specified' do + let(:params) do + super().merge(schema: 'pg_catalog') + end it { is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" SET SCHEMA "pg_catalog"') } end - context "when setting package name" do - let (:params) { super().merge({ - :package_name => 'postgis', - }) } + context 'when setting package name' do + let(:params) do + super().merge(package_name: 'postgis') + end it { - is_expected.to contain_package('postgis').with({ - :ensure => 'present', - :name => 'postgis', - }).that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') + is_expected.to contain_package('postgis') + .with(ensure: 'present', name: 'postgis').that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') } end - context "when ensuring absence" do - let (:params) { super().merge({ - :ensure => 'absent', - :package_name => 'postgis', - }) } + context 'when ensuring absence' do + let(:params) do + super().merge(ensure: 'absent', + package_name: 'postgis') + end it { - is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"').with({ - :db => 'template_postgis', - :command => 'DROP EXTENSION "postgis"', - }).that_requires('Postgresql::Server::Database[template_postgis]') + is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') + .with(db: 'template_postgis', command: 'DROP EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } it { - is_expected.to contain_package('postgis').with({ - :ensure => 'absent', - :name => 'postgis', - }) + is_expected.to contain_package('postgis').with(ensure: 'absent', + name: 'postgis') } - context "when keeping package installed" do - let (:params) { super().merge({ - :package_ensure => 'present', - }) } + context 'when keeping package installed' do + let(:params) do + super().merge(package_ensure: 'present') + end it { - is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"').with({ - :db => 'template_postgis', - :command => 'DROP EXTENSION "postgis"', - }).that_requires('Postgresql::Server::Database[template_postgis]') + is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') + .with(db: 'template_postgis', command: 'DROP EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } it { - is_expected.to contain_package('postgis').with({ - :ensure => 'present', - :name => 'postgis', - }).that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') + is_expected.to contain_package('postgis') + .with(ensure: 'present', name: 'postgis').that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') } end end - context "when extension version is specified" do - let (:params) { super().merge({ - :ensure => 'absent', - :package_name => 'postgis', - :version => '99.99.99', - }) } + context 'when extension version is specified' do + let(:params) do + super().merge(ensure: 'absent', + package_name: 'postgis', + version: '99.99.99') + end it { - is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE TO \'99.99.99\'').with({ - :db => 'template_postgis', - :unless => "SELECT 1 FROM pg_extension WHERE extname='postgis' AND extversion='99.99.99'", - }).that_requires('Postgresql::Server::Database[template_postgis]') + is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE TO \'99.99.99\'') + .with(db: 'template_postgis', unless: "SELECT 1 FROM pg_extension WHERE extname='postgis' AND extversion='99.99.99'").that_requires('Postgresql::Server::Database[template_postgis]') } end - context "when extension version is latest" do - let (:params) { super().merge({ - :ensure => 'absent', - :package_name => 'postgis', - :version => 'latest', - }) } + context 'when extension version is latest' do + let(:params) do + super().merge(ensure: 'absent', + package_name: 'postgis', + version: 'latest') + end it { - is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE').with({ - :db => 'template_postgis', - :unless => "SELECT 1 FROM pg_available_extensions WHERE name = 'postgis' AND default_version = installed_version", - }).that_requires('Postgresql::Server::Database[template_postgis]') + is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE') + .with(db: 'template_postgis', + unless: "SELECT 1 FROM pg_available_extensions WHERE name = 'postgis' AND default_version = installed_version").that_requires('Postgresql::Server::Database[template_postgis]') } end end -describe 'postgresql::server::extension', :type => :define do +describe 'postgresql::server::extension', type: :define do let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis2': @@ -139,28 +126,28 @@ let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('postgis'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('postgis'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end - let (:title) { 'postgis_db2' } - let (:params) { { - :database => 'template_postgis2', - :extension => 'postgis', - } } + let(:title) { 'postgis_db2' } + let(:params) do + { + database: 'template_postgis2', + extension: 'postgis', + } + end - context "with mandatory arguments only" do + context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"').with({ - :db => 'template_postgis2', - :command => 'CREATE EXTENSION "postgis"', - }).that_requires('Postgresql::Server::Database[template_postgis2]') + is_expected.to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"') + .with(db: 'template_postgis2', command: 'CREATE EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis2]') } end end diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 12a41e2bfc..6fbada8a0f 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -1,69 +1,68 @@ require 'spec_helper' -describe 'postgresql::server::grant_role', :type => :define do +describe 'postgresql::server::grant_role', type: :define do let :pre_condition do "class { 'postgresql::server': }" end - let :facts do - {:osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', :concat_basedir => tmpfilename('postgis'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } + let(:facts) do + { osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', concat_basedir: tmpfilename('postgis'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' } end - let (:title) { 'test' } + let(:title) { 'test' } - let (:params) { { - :group => 'my_group', - :role => 'my_role', - } } + let(:params) do + { + group: 'my_group', + role: 'my_role', + } + end - context "with mandatory arguments only" do + context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ - :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", - }).that_requires('Class[postgresql::server]') + is_expected.to contain_postgresql_psql("grant_role:#{title}") + .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true") # rubocop:disable Metrics/LineLength + .that_requires('Class[postgresql::server]') } end - context "with db arguments" do - let (:params) { super().merge({ - :psql_db => 'postgres', - :psql_user => 'postgres', - :port => '5432', - }) } + context 'with db arguments' do + let(:params) do + super().merge(psql_db: 'postgres', + psql_user: 'postgres', + port: '5432') + end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ - :command => "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", - :db => params[:psql_db], - :psql_user => params[:psql_user], - :port => params[:port], - }).that_requires('Class[postgresql::server]') + is_expected.to contain_postgresql_psql("grant_role:#{title}") + .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", # rubocop:disable Metrics/LineLength + db: params[:psql_db], psql_user: params[:psql_user], + port: params[:port]).that_requires('Class[postgresql::server]') } end - context "with ensure => absent" do - let (:params) { super().merge({ - :ensure => 'absent', - }) } + context 'with ensure => absent' do + let(:params) do + super().merge(ensure: 'absent') + end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").with({ - :command => "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", - :unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true", - }).that_requires('Class[postgresql::server]') + is_expected.to contain_postgresql_psql("grant_role:#{title}") + .with(command: "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true") # rubocop:disable Metrics/LineLength + .that_requires('Class[postgresql::server]') } end - context "with user defined" do - let :pre_condition do + context 'with user defined' do + let(:pre_condition) do "class { 'postgresql::server': } postgresql::server::role { '#{params[:role]}': }" end @@ -76,8 +75,8 @@ } end - context "with group defined" do - let :pre_condition do + context 'with group defined' do + let(:pre_condition) do "class { 'postgresql::server': } postgresql::server::role { '#{params[:group]}': }" end @@ -90,13 +89,13 @@ } end - context "with connect_settings" do - let (:params) { super().merge({ - :connect_settings => { 'PGHOST' => 'postgres-db-server' }, - }) } + context 'with connect_settings' do + let(:params) do + super().merge(connect_settings: { 'PGHOST' => 'postgres-db-server' }) + end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings( { 'PGHOST' => 'postgres-db-server' } ) + is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings('PGHOST' => 'postgres-db-server') } it { is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]') diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 2244146e8f..c221dc8d91 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::grant', :type => :define do +describe 'postgresql::server::grant', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -20,8 +20,8 @@ context 'plain' do let :params do { - :db => 'test', - :role => 'test', + db: 'test', + role: 'test', } end @@ -35,10 +35,10 @@ context 'sequence' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'usage', - :object_type => 'sequence', + db: 'test', + role: 'test', + privilege: 'usage', + object_type: 'sequence', } end @@ -47,21 +47,21 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => /GRANT USAGE ON SEQUENCE "test" TO\s* "test"/m, - 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)/m, - } - ) } + it { + is_expected.to contain_postgresql_psql('grant:test').with( + 'command' => %r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m, + 'unless' => %r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m, + ) + } end context 'SeQuEnCe case insensitive object_type match' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'usage', - :object_type => 'SeQuEnCe', + db: 'test', + role: 'test', + privilege: 'usage', + object_type: 'SeQuEnCe', } end @@ -70,22 +70,22 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => /GRANT USAGE ON SEQUENCE "test" TO\s* "test"/m, - 'unless' => /SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)/m, - } - ) } + it { + is_expected.to contain_postgresql_psql('grant:test').with( + 'command' => %r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m, + 'unless' => %r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m, + ) + } end context 'all sequences' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'usage', - :object_type => 'all sequences in schema', - :object_name => 'public', + db: 'test', + role: 'test', + privilege: 'usage', + object_type: 'all sequences in schema', + object_name: 'public', } end @@ -94,21 +94,21 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => /GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"/m, - 'unless' => /SELECT 1 FROM \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\) P\s* HAVING count\(P\.sequence_name\) = 0/m, - } - ) } + it { + is_expected.to contain_postgresql_psql('grant:test').with( + 'command' => %r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m, + 'unless' => %r{SELECT 1 FROM \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\) P\s* HAVING count\(P\.sequence_name\) = 0}m, # rubocop:disable Metrics/LineLength + ) + } end - context "with specific db connection settings - default port" do + context 'with specific db connection settings - default port' do let :params do { - :db => 'test', - :role => 'test', - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', }, + db: 'test', + role: 'test', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1' }, } end @@ -117,17 +117,17 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1' } ).with_port( 5432 ) } + it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1').with_port(5432) } end - context "with specific db connection settings - including port" do + context 'with specific db connection settings - including port' do let :params do { - :db => 'test', - :role => 'test', - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', }, + db: 'test', + role: 'test', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' }, } end @@ -136,18 +136,18 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ) } + it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') } end - context "with specific db connection settings - port overriden by explicit parameter" do + context 'with specific db connection settings - port overriden by explicit parameter' do let :params do { - :db => 'test', - :role => 'test', - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', }, - :port => 5678, + db: 'test', + role: 'test', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' }, + port: 5678, } end @@ -156,17 +156,17 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql("grant:test").with_connect_settings( { 'PGHOST' => 'postgres-db-server','DBVERSION' => '9.1','PGPORT' => '1234' } ).with_port( '5678' ) } + it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('5678') } end context 'with specific schema name' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'all', - :object_name => ['myschema', 'mytable'], - :object_type => 'table', + db: 'test', + role: 'test', + privilege: 'all', + object_name: %w[myschema mytable], + object_type: 'table', } end @@ -175,21 +175,21 @@ end it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql('grant:test').with( - { - 'command' => /GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"/m, - 'unless' => /SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)/m, - } - ) } + it { + is_expected.to contain_postgresql_psql('grant:test').with( + 'command' => %r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m, + 'unless' => %r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m, + ) + } end context 'invalid object_type' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'usage', - :object_type => 'invalid', + db: 'test', + role: 'test', + privilege: 'usage', + object_type: 'invalid', } end @@ -197,17 +197,17 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_type' expects a match for Pattern/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_type' expects a match for Pattern}) } end context 'invalid object_name - wrong type' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'all', - :object_name => 1, - :object_type => 'table', + db: 'test', + role: 'test', + privilege: 'all', + object_name: 1, + object_type: 'table', } end @@ -215,17 +215,17 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(/parameter 'object_name' expects a value of type (Array|Undef, Array,) or String, got Integer/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' expects a value of type (Array|Undef, Array,) or String, got Integer}) } end context 'invalid object_name - insufficent array elements' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'all', - :object_name => ['oops'], - :object_type => 'table', + db: 'test', + role: 'test', + privilege: 'all', + object_name: ['oops'], + object_type: 'table', } end @@ -234,20 +234,20 @@ end if Puppet::Util::Package.versioncmp(Puppet.version, '5.2.0') >= 0 - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 1 expects size to be 2, got 1/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' variant 1 expects size to be 2, got 1}) } else - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 1/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' variant 0 expects size to be 2, got 1}) } end end context 'invalid object_name - too many array elements' do let :params do { - :db => 'test', - :role => 'test', - :privilege => 'all', - :object_name => ['myschema', 'mytable', 'oops'], - :object_type => 'table', + db: 'test', + role: 'test', + privilege: 'all', + object_name: %w[myschema mytable oops], + object_type: 'table', } end @@ -256,9 +256,9 @@ end if Puppet::Util::Package.versioncmp(Puppet.version, '5.2.0') >= 0 - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 1 expects size to be 2, got 3/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' variant 1 expects size to be 2, got 3}) } else - it { is_expected.to compile.and_raise_error(/parameter 'object_name' variant 0 expects size to be 2, got 3/) } + it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' variant 0 expects size to be 2, got 3}) } end end end diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 24ead07d1b..44b854c02a 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::pg_hba_rule', :type => :define do +describe 'postgresql::server::pg_hba_rule', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('pg_hba'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('pg_hba'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do @@ -21,136 +21,128 @@ context 'test template 1' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :type => 'host', - :database => 'all', - :user => 'all', - :address => '1.1.1.1/24', - :auth_method => 'md5', - :target => target, + type: 'host', + database: 'all', + user: 'all', + address: '1.1.1.1/24', + auth_method: 'md5', + target: target, } end + it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ - :content => /host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5/ - }) + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5}) end end context 'test template 2' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :type => 'local', - :database => 'all', - :user => 'all', - :auth_method => 'ident', - :target => target, + type: 'local', + database: 'all', + user: 'all', + auth_method: 'ident', + target: target, } end + it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ - :content => /local\s+all\s+all\s+ident/ - }) + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{local\s+all\s+all\s+ident}) end end context 'test template 3' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :type => 'host', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'ldap', - :auth_option => 'foo=bar', - :target => target, + type: 'host', + database: 'all', + user: 'all', + address: '0.0.0.0/0', + auth_method: 'ldap', + auth_option: 'foo=bar', + target: target, } end + it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ - :content => /host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar/ - }) + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar}) end end context 'validation' do context 'validate supported auth_method' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::globals': version => '9.2', } class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'peer', - :target => target, + type: 'local', + database: 'all', + user: 'all', + address: '0.0.0.0/0', + auth_method: 'peer', + target: target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with( - { - :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ - } + content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer}, ) end end context 'allows scram-sha-256 on postgres 10' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::globals': version => '10', } class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'scram-sha-256', - :target => target, + type: 'local', + database: 'all', + user: 'all', + address: '0.0.0.0/0', + auth_method: 'scram-sha-256', + target: target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with( - { - :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+scram-sha-256/ - } + content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+scram-sha-256}, ) end end - end end diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index 71dfff866f..68bdfb24e9 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::pg_ident_rule', :type => :define do +describe 'postgresql::server::pg_ident_rule', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('pg_ident'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('pg_ident'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do @@ -21,46 +21,46 @@ context 'managing pg_ident' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::globals': manage_pg_ident_conf => true, } class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :map_name => 'thatsmymap', - :system_username => 'systemuser', - :database_username => 'dbuser', + map_name: 'thatsmymap', + system_username: 'systemuser', + database_username: 'dbuser', } end + it do - is_expected.to contain_concat__fragment('pg_ident_rule_test').with({ - :content => /thatsmymap\s+systemuser\s+dbuser/ - }) + is_expected.to contain_concat__fragment('pg_ident_rule_test').with(content: %r{thatsmymap\s+systemuser\s+dbuser}) end end context 'not managing pg_ident' do let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::globals': manage_pg_ident_conf => false, } class { 'postgresql::server': } - EOS + MANIFEST end let :params do { - :map_name => 'thatsmymap', - :system_username => 'systemuser', - :database_username => 'dbuser', + map_name: 'thatsmymap', + system_username: 'systemuser', + database_username: 'dbuser', } end - it 'should fail because $manage_pg_ident_conf is false' do + + it 'fails because $manage_pg_ident_conf is false' do expect { catalogue }.to raise_error(Puppet::Error, - /postgresql::server::manage_pg_ident_conf has been disabled/) + %r{postgresql::server::manage_pg_ident_conf has been disabled}) end end end diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 72f67c3b49..1c8bd9f0b0 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::reassign_owned_by', :type => :define do +describe 'postgresql::server::reassign_owned_by', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('reassign_owned_by'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('reassign_owned_by'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,26 +19,25 @@ let :params do { - :db => 'test', - :old_role => 'test_old_role', - :new_role => 'test_new_role', + db: 'test', + old_role: 'test_old_role', + new_role: 'test_new_role', } end let :pre_condition do - <<-EOS + <<-MANIFEST class {'postgresql::server':} postgresql::server::role{ ['test_old_role','test_new_role']: } - EOS + MANIFEST end it { is_expected.to contain_postgresql__server__reassign_owned_by('test') } it { - is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"').with({ - 'command' => "REASSIGN OWNED BY \"test_old_role\" TO \"test_new_role\"", - 'onlyif' => /SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*/m, - }).that_requires('Class[postgresql::server]') + is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') + .with('command' => 'REASSIGN OWNED BY "test_old_role" TO "test_new_role"', + 'onlyif' => %r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) + .that_requires('Class[postgresql::server]') } - end diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index 8c78e3ec3b..25bc132dce 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -1,18 +1,18 @@ require 'spec_helper' -describe 'postgresql::server::recovery', :type => :define do +describe 'postgresql::server::recovery', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('recovery'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('recovery'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end - let :title do + let(:title) do 'test' end let :target do @@ -20,94 +20,96 @@ end context 'managing recovery' do - let :pre_condition do - <<-EOS + let(:pre_condition) do + <<-MANIFEST class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } - EOS + MANIFEST end - let :params do + let(:params) do { - :restore_command => 'restore_command', - :recovery_target_timeline => 'recovery_target_timeline', + restore_command: 'restore_command', + recovery_target_timeline: 'recovery_target_timeline', } end + it do - is_expected.to contain_concat__fragment('recovery.conf').with({ - :content => /restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'/ - }) + is_expected.to contain_concat__fragment('recovery.conf') + .with(content: %r{restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'}) end end context 'not managing recovery' do - let :pre_condition do - <<-EOS + let(:pre_condition) do + <<-MANIFEST class { 'postgresql::globals': manage_recovery_conf => false, } class { 'postgresql::server': } - EOS + MANIFEST end - let :params do + let(:params) do { - :restore_command => '', + restore_command: '', } end - it 'should fail because $manage_recovery_conf is false' do + + it 'fails because $manage_recovery_conf is false' do expect { catalogue }.to raise_error(Puppet::Error, - /postgresql::server::manage_recovery_conf has been disabled/) + %r{postgresql::server::manage_recovery_conf has been disabled}) end end context 'not managing recovery, missing param' do - let :pre_condition do - <<-EOS + let(:pre_condition) do + <<-MANIFEST class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } - EOS + MANIFEST end - it 'should fail because no param set' do + + it 'fails because no param set' do expect { catalogue }.to raise_error(Puppet::Error, - /postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense./) + %r{postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.}) end end context 'managing recovery with all params' do - let :pre_condition do - <<-EOS + let(:pre_condition) do + <<-MANIFEST class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } - EOS + MANIFEST end - let :params do + let(:params) do { - :restore_command => 'restore_command', - :archive_cleanup_command => 'archive_cleanup_command', - :recovery_end_command => 'recovery_end_command', - :recovery_target_name => 'recovery_target_name', - :recovery_target_time => 'recovery_target_time', - :recovery_target_xid => 'recovery_target_xid', - :recovery_target_inclusive => true, - :recovery_target => 'recovery_target', - :recovery_target_timeline => 'recovery_target_timeline', - :pause_at_recovery_target => true, - :standby_mode => 'on', - :primary_conninfo => 'primary_conninfo', - :primary_slot_name => 'primary_slot_name', - :trigger_file => 'trigger_file', - :recovery_min_apply_delay => 0, + restore_command: 'restore_command', + archive_cleanup_command: 'archive_cleanup_command', + recovery_end_command: 'recovery_end_command', + recovery_target_name: 'recovery_target_name', + recovery_target_time: 'recovery_target_time', + recovery_target_xid: 'recovery_target_xid', + recovery_target_inclusive: true, + recovery_target: 'recovery_target', + recovery_target_timeline: 'recovery_target_timeline', + pause_at_recovery_target: true, + standby_mode: 'on', + primary_conninfo: 'primary_conninfo', + primary_slot_name: 'primary_slot_name', + trigger_file: 'trigger_file', + recovery_min_apply_delay: 0, } end + it do - is_expected.to contain_concat__fragment('recovery.conf').with({ - :content => /restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+/ - }) + is_expected.to contain_concat__fragment('recovery.conf') + .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Metrics/LineLength end end end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 6da904d7b8..1cd2ca9244 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::role', :type => :define do +describe 'postgresql::server::role', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('contrib'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,124 +19,100 @@ let :params do { - :password_hash => 'new-pa$s', + password_hash: 'new-pa$s', } end let :pre_condition do - "class {'postgresql::server':}" + "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__role('test') } - it 'should have create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => "5432", - }) + it 'has create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", + 'environment' => 'NEWPGPASSWD=new-pa$s', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432') end - it 'should have alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", - 'port' => "5432", - }) + it 'has alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", + 'environment' => 'NEWPGPASSWD=new-pa$s', + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'port' => '5432') end - context "with specific db connection settings - default port" do + context 'with specific db connection settings - default port' do let :params do { - :password_hash => 'new-pa$s', - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + password_hash: 'new-pa$s', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, } end let :pre_condition do - "class {'postgresql::server':}" + "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__role('test') } - it 'should have create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => "5432", - - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, - }) + it 'has create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => 'NEWPGPASSWD=new-pa$s', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432', + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end - it 'should have alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", - 'port' => "5432", - - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, - }) + it 'has alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => 'NEWPGPASSWD=new-pa$s', + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'port' => '5432', + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end end - context "with specific db connection settings - including port" do + context 'with specific db connection settings - including port' do let :params do { - :password_hash => 'new-pa$s', - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + password_hash: 'new-pa$s', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, } end let :pre_condition do - "class {'postgresql::server':}" + "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__role('test') } - it 'should have create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, - }) + it 'has create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", + 'environment' => 'NEWPGPASSWD=new-pa$s', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', + 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end - it 'should have alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ - 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", - 'environment' => "NEWPGPASSWD=new-pa$s", - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, - }) + it 'has alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => 'NEWPGPASSWD=new-pa$s', + 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', + 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end end context 'with update_password set to false' do let :params do { - :password_hash => 'new-pa$s', - :update_password => false, + password_hash: 'new-pa$s', + update_password: false, } end @@ -144,7 +120,7 @@ "class {'postgresql::server':}" end - it 'should not have alter role for "test" user with password as **** if update_password is false' do + it 'does not have alter role for "test" user with password as **** if update_password is false' do is_expected.not_to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') end end @@ -152,7 +128,7 @@ context 'with ensure set to absent' do let :params do { - :ensure => 'absent', + ensure: 'absent', } end @@ -160,9 +136,8 @@ "class {'postgresql::server':}" end - it 'should have drop role for "test" user if ensure absent' do + it 'has drop role for "test" user if ensure absent' do is_expected.to contain_postgresql_psql('DROP ROLE "test"') end end - end diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index c8fa3d9703..a87f3dcca3 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::schema', :type => :define do +describe 'postgresql::server::schema', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('schema'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('schema'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,8 +19,8 @@ let :params do { - :owner => 'jane', - :db => 'janedb', + owner: 'jane', + db: 'janedb', } end @@ -28,13 +28,13 @@ "class {'postgresql::server':}" end - it { should contain_postgresql__server__schema('test') } + it { is_expected.to contain_postgresql__server__schema('test') } - context "with different owner" do + context 'with different owner' do let :params do { - :owner => 'nate', - :db => 'natedb', + owner: 'nate', + db: 'natedb', } end diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index eac55bd60b..4314eb2fe1 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::table_grant', :type => :define do +describe 'postgresql::server::table_grant', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('table_grant'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('table_grant'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,10 +19,10 @@ let :params do { - :privilege => 'ALL', - :db => 'test', - :role => 'test', - :table => 'foo', + privilege: 'ALL', + db: 'test', + role: 'test', + table: 'foo', } end diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 50a93e222e..96285d56e0 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' -describe 'postgresql::server::tablespace', :type => :define do +describe 'postgresql::server::tablespace', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('tablespace'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('tablespace'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end @@ -19,7 +19,7 @@ let :params do { - :location => '/srv/data/foo', + location: '/srv/data/foo', } end @@ -29,11 +29,11 @@ it { is_expected.to contain_postgresql__server__tablespace('test') } - context "with different owner" do + context 'with different owner' do let :params do { - :location => '/srv/data/foo', - :owner => 'test_owner', + location: '/srv/data/foo', + owner: 'test_owner', } end diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index c7406dc7d7..243c5917f6 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -1,11 +1,11 @@ require 'spec_helper' -describe 'postgresql::validate_db_connection', :type => :define do +describe 'postgresql::validate_db_connection', type: :define do let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', } end @@ -20,53 +20,47 @@ describe 'should work with all parameters' do let :params do { - :database_host => 'test', - :database_name => 'test', - :database_password => 'test', - :database_username => 'test', - :database_port => 5432, - :run_as => 'postgresq', - :sleep => 4, - :tries => 30, + database_host: 'test', + database_name: 'test', + database_password: 'test', + database_username: 'test', + database_port: 5432, + run_as: 'postgresq', + sleep: 4, + tries: 30, } end + it { is_expected.to contain_postgresql__validate_db_connection('test') } - it 'should have proper path for validate command' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with({ - :unless => %r'^/usr/local/bin/validate_postgresql_connection.sh\s+\d+' - }) + it 'has proper path for validate command' do + is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: %r{^/usr/local/bin/validate_postgresql_connection.sh\s+\d+}) end end describe 'should work while specifying validate_connection in postgresql::client' do - let :params do { - :database_host => 'test', - :database_name => 'test', - :database_password => 'test', - :database_username => 'test', - :database_port => 5432 + database_host: 'test', + database_name: 'test', + database_password: 'test', + database_username: 'test', + database_port: 5432, } end let :pre_condition do - <<-EOS + <<-MANIFEST class { 'postgresql::globals': module_workdir => '/var/tmp', } -> class { 'postgresql::client': validcon_script_path => '/opt/something/validate.sh' } - EOS - end - - it 'should have proper path for validate command and correct cwd' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with({ - :unless => %r'^/opt/something/validate.sh\s+\d+', - :cwd => '/var/tmp', - }) + MANIFEST end + it 'has proper path for validate command and correct cwd' do + is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: %r{^/opt/something/validate.sh\s+\d+}, + cwd: '/var/tmp') + end end - end diff --git a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb b/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb index e21b521208..76df663648 100644 --- a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb +++ b/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb @@ -1,137 +1,74 @@ require 'spec_helper' -describe 'postgresql_acls_to_resources_hash', :type => :puppet_function do +describe 'postgresql_acls_to_resources_hash', type: :puppet_function do context 'individual transform tests' do it do input = 'local all postgres ident' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"postgres", - "auth_method"=>"ident", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'postgres', + 'auth_method' => 'ident', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'local all root ident' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"root", - "auth_method"=>"ident", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'root', + 'auth_method' => 'ident', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do - input_array = [ - 'local all all ident', - ] - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"all", - "auth_method"=>"ident", - "order"=>"100", - }, - } + input_array = ['local all all ident'] + result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'all', + 'auth_method' => 'ident', 'order' => '100' } } is_expected.to run.with_params(input_array, 'test', 100).and_return(result) end it do input = 'host all all 127.0.0.1/32 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"127.0.0.1/32", - "auth_method"=>"md5", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '127.0.0.1/32', + 'auth_method' => 'md5', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 0.0.0.0/0 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"0.0.0.0/0", - "auth_method"=>"md5", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '0.0.0.0/0', + 'auth_method' => 'md5', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all ::1/128 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"::1/128", - "auth_method"=>"md5", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '::1/128', + 'auth_method' => 'md5', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 1.1.1.1 255.255.255.0 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"1.1.1.1 255.255.255.0", - "auth_method"=>"md5", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '1.1.1.1 255.255.255.0', + 'auth_method' => 'md5', 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 1.1.1.1 255.255.255.0 ldap ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"1.1.1.1 255.255.255.0", - "auth_method"=>"ldap", - "auth_option"=>"ldapserver=ldap.example.net ldapprefix=\"cn=\" ldapsuffix=\", dc=example, dc=net\"", - "order"=>"100", - }, - } + result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '1.1.1.1 255.255.255.0', + 'auth_method' => 'ldap', 'auth_option' => 'ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"', + 'order' => '100' } } is_expected.to run.with_params([input], 'test', 100).and_return(result) end end - it 'should return an empty hash when input is empty array' do + it 'returns an empty hash when input is empty array' do is_expected.to run.with_params([], 'test', 100).and_return({}) end end diff --git a/spec/unit/functions/postgresql_escape_spec.rb b/spec/unit/functions/postgresql_escape_spec.rb index b4c9488a26..2edd38893a 100644 --- a/spec/unit/functions/postgresql_escape_spec.rb +++ b/spec/unit/functions/postgresql_escape_spec.rb @@ -1,14 +1,21 @@ require 'spec_helper' - -describe 'postgresql_escape', :type => :puppet_function do - it { is_expected.to run.with_params('foo'). - and_return('$$foo$$') } -end -describe 'postgresql_escape', :type => :puppet_function do - it { is_expected.to run.with_params('fo$$o'). - and_return('$ed$fo$$o$ed$') } -end -describe 'postgresql_escape', :type => :puppet_function do - it { is_expected.to run.with_params('foo$'). - and_return('$a$foo$$a$') } +describe 'postgresql_escape' do + describe 'postgresql_escape', type: :puppet_function do + it { + is_expected.to run.with_params('foo') + .and_return('$$foo$$') + } + end + describe 'postgresql_escape', type: :puppet_function do + it { + is_expected.to run.with_params('fo$$o') + .and_return('$ed$fo$$o$ed$') + } + end + describe 'postgresql_escape', type: :puppet_function do + it { + is_expected.to run.with_params('foo$') + .and_return('$a$foo$$a$') + } + end end diff --git a/spec/unit/functions/postgresql_password_spec.rb b/spec/unit/functions/postgresql_password_spec.rb index 89699f6fc7..aef13ea885 100644 --- a/spec/unit/functions/postgresql_password_spec.rb +++ b/spec/unit/functions/postgresql_password_spec.rb @@ -1,8 +1,12 @@ require 'spec_helper' -describe 'postgresql_password', :type => :puppet_function do - it { is_expected.to run.with_params('foo', 'bar'). - and_return('md596948aad3fcae80c08a35c9b5958cd89') } - it { is_expected.to run.with_params('foo', 1234). - and_return('md539a0e1b308278a8de5e007cd1f795920') } +describe 'postgresql_password', type: :puppet_function do + it { + is_expected.to run.with_params('foo', 'bar') + .and_return('md596948aad3fcae80c08a35c9b5958cd89') + } + it { + is_expected.to run.with_params('foo', 1234) + .and_return('md539a0e1b308278a8de5e007cd1f795920') + } end diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index 24e31c180f..511f6c88f1 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -1,147 +1,146 @@ require 'spec_helper' -require "tempfile" +require 'tempfile' provider_class = Puppet::Type.type(:postgresql_conf).provider(:parsed) describe provider_class do let(:title) { 'postgresql_conf' } - let(:provider) { + let(:provider) do conf_class = Puppet::Type.type(:postgresql_conf) provider = conf_class.provider(:parsed) conffile = tmpfilename('postgresql.conf') - allow_any_instance_of(provider).to receive(:target).and_return conffile + allow_any_instance_of(provider).to receive(:target).and_return conffile # rubocop:disable RSpec/AnyInstance provider - } + end - before do + before(:each) do end after :each do provider.initvars end - describe "simple configuration that should be allowed" do - it "should parse a simple ini line" do + describe 'simple configuration that should be allowed' do + it 'parses a simple ini line' do expect(provider.parse_line("listen_addreses = '*'")).to eq( - { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } + name: 'listen_addreses', value: '*', comment: nil, record_type: :parsed, ) end - it "should parse a simple ini line (2)" do + it 'parses a simple ini line (2)' do expect(provider.parse_line(" listen_addreses = '*'")).to eq( - { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } + name: 'listen_addreses', value: '*', comment: nil, record_type: :parsed, ) end - it "should parse a simple ini line (3)" do + it 'parses a simple ini line (3)' do expect(provider.parse_line("listen_addreses = '*' # dont mind me")).to eq( - { :name=>"listen_addreses", :value=>"*", :comment=>"dont mind me", :record_type=>:parsed } + name: 'listen_addreses', value: '*', comment: 'dont mind me', record_type: :parsed, ) end - it "should parse a comment" do - expect(provider.parse_line("# dont mind me")).to eq( - { :line=>"# dont mind me", :record_type=>:comment } + it 'parses a comment' do + expect(provider.parse_line('# dont mind me')).to eq( + line: '# dont mind me', record_type: :comment, ) end - it "should parse a comment (2)" do + it 'parses a comment (2)' do expect(provider.parse_line(" \t# dont mind me")).to eq( - { :line=>" \t# dont mind me", :record_type=>:comment } + line: " \t# dont mind me", record_type: :comment, ) end - it "should allow includes" do - expect(provider.parse_line("include puppetextra")).to eq( - { :name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed } + it 'allows includes' do + expect(provider.parse_line('include puppetextra')).to eq( + name: 'include', value: 'puppetextra', comment: nil, record_type: :parsed, ) end - it "should allow numbers through without quotes" do - expect(provider.parse_line("wal_keep_segments = 32")).to eq( - { :name=>"wal_keep_segments", :value=>"32", :comment=>nil, :record_type=>:parsed } + it 'allows numbers through without quotes' do + expect(provider.parse_line('wal_keep_segments = 32')).to eq( + name: 'wal_keep_segments', value: '32', comment: nil, record_type: :parsed, ) end - it "should allow blanks through " do - expect(provider.parse_line("")).to eq( - { :line=>"", :record_type=>:blank } + it 'allows blanks through' do + expect(provider.parse_line('')).to eq( + line: '', record_type: :blank, ) end - it "should parse keys with dots " do - expect(provider.parse_line("auto_explain.log_min_duration = 1ms")).to eq( - { :name => "auto_explain.log_min_duration", :value => "1ms", :comment => nil, :record_type => :parsed } + it 'parses keys with dots' do + expect(provider.parse_line('auto_explain.log_min_duration = 1ms')).to eq( + name: 'auto_explain.log_min_duration', value: '1ms', comment: nil, record_type: :parsed, ) end end - describe "configuration that should be set" do - it "should set comment lines" do - expect(provider.to_line({ :line=>"# dont mind me", :record_type=>:comment })).to eq( - '# dont mind me' + describe 'configuration that should be set' do + it 'sets comment lines' do + expect(provider.to_line(line: '# dont mind me', record_type: :comment)).to eq( + '# dont mind me', ) end - it "should set blank lines" do - expect(provider.to_line({ :line=>"", :record_type=>:blank })).to eq( - '' + it 'sets blank lines' do + expect(provider.to_line(line: '', record_type: :blank)).to eq( + '', ) end - it "should set simple configuration" do - expect(provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>nil, :record_type=>:parsed })).to eq( - "listen_addresses = '*'" + it 'sets simple configuration' do + expect(provider.to_line(name: 'listen_addresses', value: '*', comment: nil, record_type: :parsed)).to eq( + "listen_addresses = '*'", ) end - it "should set simple configuration with period in name" do - expect(provider.to_line({:name => "auto_explain.log_min_duration", :value => '100ms', :comment => nil, :record_type => :parsed })).to eq( - "auto_explain.log_min_duration = 100ms" + it 'sets simple configuration with period in name' do + expect(provider.to_line(name: 'auto_explain.log_min_duration', value: '100ms', comment: nil, record_type: :parsed)).to eq( + 'auto_explain.log_min_duration = 100ms', ) end - it "should set simple configuration even with comments" do - expect(provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>'dont mind me', :record_type=>:parsed })).to eq( - "listen_addresses = '*' # dont mind me" + it 'sets simple configuration even with comments' do + expect(provider.to_line(name: 'listen_addresses', value: '*', comment: 'dont mind me', record_type: :parsed)).to eq( + "listen_addresses = '*' # dont mind me", ) end - it 'should quote includes' do - expect(provider.to_line( {:name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed })).to eq( - "include 'puppetextra'" + it 'quotes includes' do + expect(provider.to_line(name: 'include', value: 'puppetextra', comment: nil, record_type: :parsed)).to eq( + "include 'puppetextra'", ) end - it 'should quote multiple words' do - expect(provider.to_line( {:name=>"archive_command", :value=>"rsync up", :comment=>nil, :record_type=>:parsed })).to eq( - "archive_command = 'rsync up'" + it 'quotes multiple words' do + expect(provider.to_line(name: 'archive_command', value: 'rsync up', comment: nil, record_type: :parsed)).to eq( + "archive_command = 'rsync up'", ) end - it 'shouldn\'t quote numbers' do - expect(provider.to_line( {:name=>"wal_segments", :value=>"32", :comment=>nil, :record_type=>:parsed })).to eq( - "wal_segments = 32" + it 'does not quote numbers' do + expect(provider.to_line(name: 'wal_segments', value: '32', comment: nil, record_type: :parsed)).to eq( + 'wal_segments = 32', ) end - it "should allow numbers" do - expect(provider.to_line( {:name=>"integer", :value=>42, :comment=>nil, :record_type=>:parsed })).to eq( - "integer = 42" + it 'allows numbers' do + expect(provider.to_line(name: 'integer', value: 42, comment: nil, record_type: :parsed)).to eq( + 'integer = 42', ) end - it "should allow floats" do - expect(provider.to_line( {:name=>"float", :value=>2.71828182845, :comment=>nil, :record_type=>:parsed })).to eq( - "float = 2.71828182845" + it 'allows floats' do + expect(provider.to_line(name: 'float', value: 2.71828182845, comment: nil, record_type: :parsed)).to eq( + 'float = 2.71828182845', ) end - it "quotes addresses" do - expect(provider.to_line( {:name=>"listen_addresses", :value=>"0.0.0.0", :comment=>nil, :record_type=>:parsed })).to eq( - "listen_addresses = '0.0.0.0'" + it 'quotes addresses' do + expect(provider.to_line(name: 'listen_addresses', value: '0.0.0.0', comment: nil, record_type: :parsed)).to eq( + "listen_addresses = '0.0.0.0'", ) end end end - diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 3d678ea03c..d4989ab7c7 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -1,25 +1,34 @@ require 'spec_helper' describe Puppet::Type.type(:postgresql_conn_validator).provider(:ruby) do - - let(:resource) { Puppet::Type.type(:postgresql_conn_validator).new({ - :name => "testname" - }.merge attributes) } + let(:resource) do + Puppet::Type.type(:postgresql_conn_validator).new({ + name: 'testname', + }.merge(attributes)) + end let(:provider) { resource.provider } - let(:attributes) do { - :psql_path => '/usr/bin/psql', - :host => 'db.test.com', - :port => 4444, - :db_username => 'testuser', - :db_password => 'testpass' + psql_path: '/usr/bin/psql', + host: 'db.test.com', + port: 4444, + db_username: 'testuser', + db_password: 'testpass', + } + end + let(:connect_settings) do + { + connect_settings: { + PGPASSWORD: 'testpass', + PGHOST: 'db.test.com', + PGPORT: '1234', + }, } end describe '#build_psql_cmd' do it 'contains expected commandline options' do - expect(provider.validator.build_psql_cmd).to match /\/usr\/bin\/psql.*--host.*--port.*--username.*/ + expect(provider.validator.build_psql_cmd).to match %r{/usr/bin/psql.*--host.*--port.*--username.*} end end @@ -33,34 +42,24 @@ expect(provider.validator.parse_connect_settings).to eq([]) end - let(:connect_settings) do - { - :connect_settings => { - :PGPASSWORD => 'testpass', - :PGHOST => 'db.test.com', - :PGPORT => '1234' - } - } - end it 'returns an array of settings' do attributes.delete(:db_password) attributes.merge! connect_settings - expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass','PGHOST=db.test.com','PGPORT=1234']) + expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass', 'PGHOST=db.test.com', 'PGPORT=1234']) end end describe '#attempt_connection' do - let(:sleep_length) {1} - let(:tries) {3} - let(:exec) { + let(:sleep_length) { 1 } + let(:tries) { 3 } + let(:exec) do provider.validator.stub(:execute_command).and_return(true) - } + end it 'tries the correct number of times' do - expect(provider.validator).to receive(:execute_command).exactly(3).times - - provider.validator.attempt_connection(sleep_length,tries) + expect(provider.validator).to receive(:execute_command).exactly(3).times # rubocop:disable RSpec/MessageSpies + provider.validator.attempt_connection(sleep_length, tries) end end end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index b75bd987aa..ee1444f9c2 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -1,104 +1,109 @@ require 'spec_helper' describe Puppet::Type.type(:postgresql_psql).provider(:ruby) do + # rubocop:disable RSpec/MessageSpies let(:name) { 'rspec psql test' } let(:resource) do - Puppet::Type.type(:postgresql_psql).new({ :name => name, :provider => :ruby }.merge attributes) + Puppet::Type.type(:postgresql_psql).new({ name: name, provider: :ruby }.merge(attributes)) end - let(:provider) { resource.provider } - context("#run_sql_command") do - describe "with default attributes" do - let(:attributes) do { :db => 'spec_db' } end + context('#run_sql_command') do + describe 'with default attributes' do + let(:attributes) { { db: 'spec_db' } } - it "executes with the given psql_path on the given DB" do + it 'executes with the given psql_path on the given DB' do expect(provider).to receive(:run_command).with(['psql', '-d', - attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', - 'postgres', {}) + attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', + 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end - describe "with psql_path and db" do - let(:attributes) do { - :psql_path => '/opt/postgres/psql', - :psql_user => 'spec_user', - :psql_group => 'spec_group', - :cwd => '/spec', - :db => 'spec_db' - } end - - it "executes with the given psql_path on the given DB" do + describe 'with psql_path and db' do + let(:attributes) do + { + psql_path: '/opt/postgres/psql', + psql_user: 'spec_user', + psql_group: 'spec_group', + cwd: '/spec', + db: 'spec_db', + } + end + + it 'executes with the given psql_path on the given DB' do # rubocop:disable RSpec/MultipleExpectations expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], - '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], - attributes[:psql_user], attributes[:psql_group], {}) + '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], + attributes[:psql_user], attributes[:psql_group], {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end - describe "with search_path string" do - let(:attributes) do { - :search_path => "schema1" - } end + describe 'with search_path string' do + let(:attributes) do + { + search_path: 'schema1', + } + end - it "executes with the given search_path" do + it 'executes with the given search_path' do expect(provider).to receive(:run_command).with(['psql', '-t', '-c', - '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], - 'postgres', 'postgres', {}) + '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], + 'postgres', 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end - describe "with search_path array" do - let(:attributes) do { - :search_path => ['schema1','schema2'], - } end + describe 'with search_path array' do + let(:attributes) do + { + search_path: %w[schema1 schema2], + } + end - it "executes with the given search_path" do + it 'executes with the given search_path' do expect(provider).to receive(:run_command).with(['psql', '-t', '-c', - '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], - 'postgres', - 'postgres', - {} - ) + '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], + 'postgres', 'postgres', + {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end end - describe "with port string" do - let(:attributes) do { :port => '5555' } end + describe 'with port string' do + let(:attributes) { { port: '5555' } } - it "executes with the given port" do - expect(provider).to receive(:run_command).with(["psql", - "-p", "5555", - "-t", "-c", "\"SELECT something\""], - "postgres", "postgres", {} ) + it 'executes with the given port' do + expect(provider).to receive(:run_command).with(['psql', + '-p', '5555', + '-t', '-c', '"SELECT something"'], + 'postgres', 'postgres', {}) - provider.run_sql_command("SELECT something") - end + provider.run_sql_command('SELECT something') end - describe "with connect_settings" do - let(:attributes) do { :connect_settings => { 'PGHOST' => '127.0.0.1' } } end + end + describe 'with connect_settings' do + let(:attributes) { { connect_settings: { 'PGHOST' => '127.0.0.1' } } } - it "executes with the given host" do - expect(provider).to receive(:run_command).with(["psql", - "-t", "-c", - "\"SELECT something\""], - "postgres", "postgres", { 'PGHOST' => '127.0.0.1' } ) + it 'executes with the given host' do + expect(provider).to receive(:run_command).with(['psql', + '-t', '-c', + '"SELECT something"'], + 'postgres', 'postgres', 'PGHOST' => '127.0.0.1') - provider.run_sql_command("SELECT something") - end + provider.run_sql_command('SELECT something') end + end - context("#run_unless_sql_command") do - let(:attributes) do { } end + context('#run_unless_sql_command') do + let(:attributes) { {} } - it "calls #run_sql_command with SQL" do + it 'calls #run_sql_command with SQL' do expect(provider).to receive(:run_sql_command).with('SELECT COUNT(*) FROM (SELECT 1) count') provider.run_unless_sql_command('SELECT 1') end end + # rubocop:enable RSpec/MessageSpies end diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index 4fc8b55390..8ac59f7bf1 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -2,90 +2,95 @@ type = Puppet::Type.type(:postgresql_replication_slot) describe type.provider(:ruby) do - let(:name) { 'standby' } - let(:resource) do - type.new({ :name => name, :provider => :ruby }.merge attributes) - end - - let(:sql_instances) do - "abc | | physical | | | t | | | 0/3000420 -def | | physical | | | t | | | 0/3000420\n" - end - class SuccessStatus def success? true end end - let(:success_status) { SuccessStatus.new } - class FailStatus def success? false end end - let(:fail_status) { FailStatus.new } + let(:name) { 'standby' } + let(:resource) do + type.new({ name: name, provider: :ruby }.merge(attributes)) + end + let(:sql_instances) do + "abc | | physical | | | t | | | 0/3000420 +def | | physical | | | t | | | 0/3000420\n" + end + let(:success_status) { SuccessStatus.new } + let(:fail_status) { FailStatus.new } let(:provider) { resource.provider } context 'when listing instances' do - let(:attributes) do { } end + before(:each) do + provider.class.expects(:run_command).with(['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], 'postgres', 'postgres').returns([sql_instances, nil]) + end + let(:attributes) { {} } + let(:instances) { provider.class.instances } + let(:expected) { %w[abc def] } - it 'should list instances' do - provider.class.expects(:run_command).with( - ['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], - 'postgres', 'postgres').returns([sql_instances, nil]) - instances = provider.class.instances + it 'lists instances #size' do expect(instances.size).to eq 2 - expect(instances[0].name).to eq 'abc' - expect(instances[1].name).to eq 'def' + end + it 'lists instances #content' do + expected.each_with_index do |expect, index| + expect(instances[index].name).to eq expect + end end end context 'when creating slot' do - let(:attributes) do { :ensure => 'present' } end + let(:attributes) { { ensure: 'present' } } context 'when creation works' do - it 'should call psql and succeed' do + it 'calls psql and succeed' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], - 'postgres', 'postgres').returns([nil, success_status]) + 'postgres', 'postgres' + ).returns([nil, success_status]) expect { provider.create }.not_to raise_error end end context 'when creation fails' do - it 'should call psql and fail' do + it 'calls psql and fail' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], - 'postgres', 'postgres').returns([nil, fail_status]) + 'postgres', 'postgres' + ).returns([nil, fail_status]) - expect { provider.create }.to raise_error(Puppet::Error, /Failed to create replication slot standby:/) + expect { provider.create }.to raise_error(Puppet::Error, %r{Failed to create replication slot standby:}) end end end context 'when destroying slot' do - let(:attributes) do { :ensure => 'absent' } end + let(:attributes) { { ensure: 'absent' } } context 'when destruction works' do - it 'should call psql and succeed' do + it 'calls psql and succeed' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], - 'postgres', 'postgres').returns([nil, success_status]) + 'postgres', 'postgres' + ).returns([nil, success_status]) expect { provider.destroy }.not_to raise_error end end context 'when destruction fails' do - it 'should call psql and fail' do + it 'calls psql and fail' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], - 'postgres', 'postgres').returns([nil, fail_status]) + 'postgres', 'postgres' + ).returns([nil, fail_status]) - expect { provider.destroy }.to raise_error(Puppet::Error, /Failed to destroy replication slot standby:/) + expect { provider.destroy }.to raise_error(Puppet::Error, %r{Failed to destroy replication slot standby:}) end end end diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index ef3a1edde5..663ce3ad04 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -1,14 +1,14 @@ -#! /usr/bin/env ruby +#! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission require 'spec_helper' describe Puppet::Type.type(:postgresql_conn_validator) do - before do + before(:each) do @provider_class = described_class.provide(:simple) { mk_resource_methods } - @provider_class.stub(:suitable?).and_return true - described_class.stub(:defaultprovider).and_return @provider_class + @provider_class.stub(:suitable?).and_return true # rubocop:disable RSpec/InstanceVariable + described_class.stub(:defaultprovider).and_return @provider_class # rubocop:disable RSpec/InstanceVariable end - describe "when validating attributes" do + describe 'when validating attributes' do [:name, :db_name, :db_username, :command, :host, :port, :connect_settings, :sleep, :tries, :psql_path].each do |param| it "should have a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) @@ -16,26 +16,28 @@ end end - describe "when validating values" do - describe "tries and sleep" do + describe 'when validating values' do + describe 'tries and sleep' do [:tries, :sleep, :port].each do |param| - it "#{param} should be able to cast value as integer" do - expect { described_class.new(:name => 'test', param => '1') }.to_not raise_error - expect { described_class.new(:name => 'test', param => 1) }.to_not raise_error + it "#{param} should be able to cast value as integer #string" do + expect { described_class.new(:name => 'test', param => '1') }.not_to raise_error + end + it "#{param} should be able to cast value as integer #integer" do + expect { described_class.new(:name => 'test', param => 1) }.not_to raise_error end it "#{param} should not accept non-numeric string" do expect { described_class.new(:name => 'test', param => 'test') }.to raise_error Puppet::ResourceError end end end - describe "connect_settings" do - it "should accept a hash" do - expect { described_class.new(:name => 'test', :connect_settings => { "PGPASSWORD" => "test1" }) }.to_not raise_error + describe 'connect_settings' do + it 'accepts a hash' do + expect { described_class.new(name: 'test', connect_settings: { 'PGPASSWORD' => 'test1' }) }.not_to raise_error end end - describe "port" do - it "does not accept a word" do - expect { described_class.new(:name => 'test', :port => 'test')}.to raise_error Puppet::Error + describe 'port' do + it 'does not accept a word' do + expect { described_class.new(name: 'test', port: 'test') }.to raise_error Puppet::Error end end end diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 38833271af..85e844f3bd 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -1,83 +1,87 @@ require 'spec_helper' -describe Puppet::Type.type(:postgresql_psql), "when validating attributes" do - [:name, :unless, :db, :psql_path, :psql_user, :psql_group, :connect_settings].each do |attr| - it "should have a #{attr} parameter" do - expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) +describe Puppet::Type.type(:postgresql_psql) do # rubocop:disable RSpec/MultipleDescribes + context 'when validating attributes' do + [:name, :unless, :db, :psql_path, :psql_user, :psql_group, :connect_settings].each do |attr| + it "should have a #{attr} parameter" do + expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) + end end - end - [:command].each do |attr| - it "should have a #{attr} property" do - expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:property) + [:command].each do |attr| + it "should have a #{attr} property" do + expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:property) + end end end end -describe Puppet::Type.type(:postgresql_psql), :unless => Puppet.features.microsoft_windows? do +describe Puppet::Type.type(:postgresql_psql), unless: Puppet.features.microsoft_windows? do subject do - Puppet::Type.type(:postgresql_psql).new({:name => 'rspec'}.merge attributes) + Puppet::Type.type(:postgresql_psql).new({ name: 'rspec' }.merge(attributes)) end - describe "available attributes" do + describe 'available attributes' do { - :name => "rspec", - :command => "SELECT stuff", - :unless => "SELECT other,stuff", - :db => "postgres", - :psql_path => "/bin/false", - :psql_user => "postgres", - :psql_group => "postgres", - :cwd => "/var/lib", - :refreshonly => :true, - :search_path => [ "schema1", "schema2"], - :connect_settings => { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', }, + name: 'rspec', + command: 'SELECT stuff', + unless: 'SELECT other,stuff', + db: 'postgres', + psql_path: '/bin/false', + psql_user: 'postgres', + psql_group: 'postgres', + cwd: '/var/lib', + refreshonly: :true, + search_path: %w[schema1 schema2], + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1' }, }.each do |attr, value| context attr do - let(:attributes) do { attr => value } end + describe [attr] + subject { super()[attr] } - describe [attr] do - subject { super()[attr] } - it { is_expected.to eq(value) } - end + let(:attributes) { { attr => value } } + + it { is_expected.to eq(value) } end end + let(:attributes) { {} } - context "default values" do - let(:attributes) do {} end + context 'default value: [:psql_path]' do + subject { super()[:psql_path] } - describe '[:psql_path]' do - subject { super()[:psql_path] } - it { is_expected.to eq("psql") } - end + it { is_expected.to eq('psql') } + end + context 'default value: [:psql_user]' do + subject { super()[:psql_user] } - describe '[:psql_user]' do - subject { super()[:psql_user] } - it { is_expected.to eq("postgres") } - end + it { is_expected.to eq('postgres') } + end + context 'default value: [:psql_group]' do + subject { super()[:psql_group] } - describe '[:psql_group]' do - subject { super()[:psql_group] } - it { is_expected.to eq("postgres") } - end + it { is_expected.to eq('postgres') } + end + context 'default value: [:cwd]' do + subject { super()[:cwd] } - describe '[:cwd]' do - subject { super()[:cwd] } - it { is_expected.to eq("/tmp") } - end + it { is_expected.to eq('/tmp') } + end + context 'default value: #refreshonly?' do + subject { super().refreshonly? } - describe '#refreshonly?' do - subject { super().refreshonly? } - it { is_expected.to be_falsey } - end + it { is_expected.to be_falsey } end end - describe "#command" do - let(:attributes) do {:command => 'SELECT stuff'} end + # rubocop:disable RSpec/MultipleExpectations + # rubocop:disable RSpec/MessageSpies + # rubocop:disable RSpec/NamedSubject + # rubocop:disable RSpec/SubjectStub + describe '#command' do + let(:attributes) { { command: 'SELECT stuff' } } - it "will have the value :notrun if the command should execute" do + it 'will have the value :notrun if the command should execute' do expect(subject).to receive(:should_run_sql).and_return(true) expect(subject.property(:command).retrieve).to eq(:notrun) end @@ -87,162 +91,175 @@ expect(subject.property(:command).retrieve).to eq('SELECT stuff') end - it "will call provider#run_sql_command on sync" do - expect(subject.provider).to receive(:run_sql_command).with('SELECT stuff').and_return(["done", 0]) + it 'will call provider#run_sql_command on sync' do + expect(subject.provider).to receive(:run_sql_command).with('SELECT stuff').and_return(['done', 0]) subject.property(:command).sync end end - describe "#unless" do - let(:attributes) do {:unless => 'SELECT something'} end + describe '#unless' do + let(:attributes) { { unless: 'SELECT something' } } - describe "#matches" do - it "does not fail when the status is successful" do - expect(subject.provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] + describe '#matches' do + it 'does not fail when the status is successful' do + expect(subject.provider).to receive(:run_unless_sql_command).and_return ['1 row returned', 0] subject.parameter(:unless).matches('SELECT something') end - it "returns true when rows are returned" do - expect(subject.provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] + it 'returns true when rows are returned' do + expect(subject.provider).to receive(:run_unless_sql_command).and_return ['1 row returned', 0] expect(subject.parameter(:unless).matches('SELECT something')).to be_truthy end - it "returns false when no rows are returned" do - expect(subject.provider).to receive(:run_unless_sql_command).and_return ["0 rows returned", 0] + it 'returns false when no rows are returned' do + expect(subject.provider).to receive(:run_unless_sql_command).and_return ['0 rows returned', 0] expect(subject.parameter(:unless).matches('SELECT something')).to be_falsey end - it "raises an error when the sql command fails" do - allow(subject.provider).to receive(:run_unless_sql_command).and_return ["Something went wrong", 1] + it 'raises an error when the sql command fails' do + allow(subject.provider).to receive(:run_unless_sql_command).and_return ['Something went wrong', 1] expect { subject.parameter(:unless).matches('SELECT something') - }.to raise_error(Puppet::Error, /Something went wrong/) + }.to raise_error(Puppet::Error, %r{Something went wrong}) end end end + # rubocop:enable RSpec/MultipleExpectations - describe "#should_run_sql" do - context "without 'unless'" do - [true, :true].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - } end - - context "not refreshing" do - it { expect(subject.should_run_sql).to be_falsey } - end - - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_truthy } - end + describe "#should_run_sql without 'unless'" do + [true, :true].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly } end + + context 'not refreshing' + it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly } + end - [false, :false].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - } end + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_truthy } + end + end - context "not refreshing" do - it { expect(subject.should_run_sql).to be_truthy } - end + [false, :false].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly } + end - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_truthy } - end + context 'not refreshing' + it { expect(subject.should_run_sql).to be_truthy } + end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly } end + + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_truthy } end end + end - context "with matching 'unless'" do - before { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(true) } - - [true, :true].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - :unless => 'SELECT something', - } end - - context "not refreshing" do - it { expect(subject.should_run_sql).to be_falsey } - end + describe "#should_run_sql with matching 'unless'" do + before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(true) } # rubocop:disable RSpec/ExpectInHook - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_falsey } - end + [true, :true].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } end + + context 'not refreshing' + it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } + end - [false, :false].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - :unless => 'SELECT something', - } end + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_falsey } + end + end - context "not refreshing" do - it { expect(subject.should_run_sql).to be_falsey } - end + [false, :false].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } + end - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_falsey } - end + context 'not refreshing' + it { expect(subject.should_run_sql).to be_falsey } + end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } end + + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_falsey } end end + end - context "when not matching 'unless'" do - before { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(false) } - - [true, :true].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - :unless => 'SELECT something', - } end - - context "not refreshing" do - it { expect(subject.should_run_sql).to be_falsey } - end + describe "#should_run_sql when not matching 'unless'" do + before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(false) } # rubocop:disable RSpec/ExpectInHook - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_truthy } - end + [true, :true].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } end + + context 'not refreshing' + it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } + end - [false, :false].each do |refreshonly| - context "refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { - :refreshonly => refreshonly, - :unless => 'SELECT something', - } end + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_truthy } + end + end - context "not refreshing" do - it { expect(subject.should_run_sql).to be_truthy } - end + [false, :false].each do |refreshonly| + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } + end - context "refreshing" do - it { expect(subject.should_run_sql(true)).to be_truthy } - end + context 'not refreshing' + it { expect(subject.should_run_sql).to be_truthy } + end + context "refreshonly => #{refreshonly.inspect}" do + let(:attributes) do + { refreshonly: refreshonly, unless: 'SELECT something' } end + + context 'refreshing' + it { expect(subject.should_run_sql(true)).to be_truthy } end end end - describe "#refresh" do - let(:attributes) do {} end + describe '#refresh' do + let(:attributes) { {} } - it "syncs command property when command should run" do + it 'syncs command property when command should run' do # rubocop:disable RSpec/MultipleExpectations expect(subject).to receive(:should_run_sql).with(true).and_return(true) expect(subject.property(:command)).to receive(:sync) subject.refresh end - it "does not sync command property when command should not run" do + it 'does not sync command property when command should not run' do # rubocop:disable RSpec/MultipleExpectations expect(subject).to receive(:should_run_sql).with(true).and_return(false) expect(subject.property(:command)).not_to receive(:sync) subject.refresh diff --git a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb index 0d7c668853..37d85a631b 100644 --- a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb +++ b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb @@ -2,10 +2,10 @@ describe Puppet::Type.type(:postgresql_replication_slot) do subject do - Puppet::Type.type(:postgresql_psql).new({:name => 'standby'}) + Puppet::Type.type(:postgresql_psql).new(name: 'standby') end - it 'should have a name parameter' do - expect(subject[:name]).to eq 'standby' + it 'has a name parameter' do + expect(subject[:name]).to eq 'standby' # rubocop:disable RSpec/NamedSubject end end diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index a406b0c384..0cbab1052f 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -1,26 +1,26 @@ -#! /usr/bin/env ruby +#! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission require 'spec_helper' describe Puppet::Type.type(:postgresql_conf) do - before do + before(:each) do @provider_class = described_class.provide(:simple) { mk_resource_methods } - allow(@provider_class).to receive(:suitable?).and_return true - allow(described_class).to receive(:defaultprovider).and_return @provider_class + allow(@provider_class).to receive(:suitable?).and_return true # rubocop:disable RSpec/InstanceVariable + allow(described_class).to receive(:defaultprovider).and_return @provider_class # rubocop:disable RSpec/InstanceVariable end - describe "namevar validation" do - it "should have :name as its namevar" do + describe 'namevar validation' do + it 'has :name as its namevar' do expect(described_class.key_attributes).to eq([:name]) end - it "should not invalid names" do - expect { described_class.new(:name => 'foo bar') }.to raise_error(Puppet::Error, /Invalid value/) + it 'does not invalid names' do + expect { described_class.new(name: 'foo bar') }.to raise_error(Puppet::Error, %r{Invalid value}) end - it "should allow dots in names" do - expect { described_class.new(:name => 'foo.bar') }.to_not raise_error + it 'allows dots in names' do + expect { described_class.new(name: 'foo.bar') }.not_to raise_error end end - describe "when validating attributes" do + describe 'when validating attributes' do [:name, :provider].each do |param| it "should have a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) @@ -34,16 +34,16 @@ end end - describe "when validating values" do - describe "ensure" do - it "should support present as a value for ensure" do - expect { described_class.new(:name => 'foo', :ensure => :present) }.to_not raise_error + describe 'when validating values' do + describe 'ensure' do + it 'supports present as a value for ensure' do + expect { described_class.new(name: 'foo', ensure: :present) }.not_to raise_error end - it "should support absent as a value for ensure" do - expect { described_class.new(:name => 'foo', :ensure => :absent) }.to_not raise_error + it 'supports absent as a value for ensure' do + expect { described_class.new(name: 'foo', ensure: :absent) }.not_to raise_error end - it "should not support other values" do - expect { described_class.new(:name => 'foo', :ensure => :foo) }.to raise_error(Puppet::Error, /Invalid value/) + it 'does not support other values' do + expect { described_class.new(name: 'foo', ensure: :foo) }.to raise_error(Puppet::Error, %r{Invalid value}) end end end diff --git a/tasks/sql.rb b/tasks/sql.rb index c706016318..dc407c9d6a 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -4,7 +4,7 @@ require 'puppet' def get(sql, database, user, port, password, host) - env_hash = {'PGPASSWORD' => password} unless password.nil? + env_hash = { 'PGPASSWORD' => password } unless password.nil? cmd_string = "psql -c \"#{sql}\"" cmd_string << " --dbname=#{database}" unless database.nil? cmd_string << " --username=#{user}" unless user.nil? From 07a09bd2c4207223cb573a15614607c14b344dbb Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 15 Feb 2018 15:48:40 +0000 Subject: [PATCH 0309/1000] 5.3.0 Pre Release --- CHANGELOG.md | 22 ++++++++++++++++++++++ metadata.json | 2 +- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c1cc5ca675..a05fed5008 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,26 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## Supported Release [5.3.0] +### Summary +Implements rubocop changes within the module, alongside other smaller changes. + +#### Added +- ensure=>absent added to postgresql::server:role. +- Support added for Fedora 27. +- scram-sha-256 added as a valid ph_hba_rule auth method. +- 9.6 settings inherited for later PgSQL versions on FreeBSD. +- A require has been added for puppet. + +#### Changed +- Changes made to avoid the useless loading of files by augeas. +- Modulesync changes. +- psql_path defaulted to postgresql::server::psql_path. +- Rubocop changes have been made. + +#### Removed +- Debian 9 support deprecated. + ## Supported Release 5.2.1 ### Summary Bug fix for issue introduced in 5.2.0 @@ -956,3 +976,5 @@ Notable features: * Remove trailing commas. (e6af5e5) 2012-08-16 - Version 0.2.0 released + +[5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 diff --git a/metadata.json b/metadata.json index e448752d88..dc4ff78a57 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.2.1", + "version": "5.3.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From ff9c1ada8e9746c2307315645108347b18ee194c Mon Sep 17 00:00:00 2001 From: jbondpdx Date: Thu, 15 Feb 2018 10:54:13 -0800 Subject: [PATCH 0310/1000] add task listing to README, edit --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index ff041947de..0ac059bee7 100644 --- a/README.md +++ b/README.md @@ -368,6 +368,8 @@ The postgresql module comes with many options for configuring the server. While **Tasks:** +* [`sql`](#tasks) + ### Classes #### postgresql::client @@ -1491,16 +1493,17 @@ Provides the target for the rule, and is generally an internal only property. **Use with caution.** #### postgresql::server::role + Creates or drops a role or user in PostgreSQL. ##### `ensure` Specify whether to create or drop the role. -Specifying `present` will create the role. -Specifying `absent` will drop the role. +Specifying 'present' creates the role. +Specifying 'absent' drops the role. -Default value: `present`. +Default value: 'present'. ##### `connection_limit` Specifies how many concurrent connections the role can make. @@ -1846,7 +1849,7 @@ This internal function converts a list of `pg_hba.conf` based ACLs (passed in as ### Tasks -The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. +The postgresql module `sql` example task executes arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. ## Limitations @@ -1862,7 +1865,7 @@ Other systems might be compatible, but are not being actively tested. ### Apt module support -While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. +While this module supports both 1.x and 2.x versions of the `puppetlabs-apt` module, it does not support `puppetlabs-apt` 2.0.0 or 2.0.1. ### PostGIS support From d8c22a72ce74dcb6a518bcdd3b006a458fbfecf2 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Mon, 19 Feb 2018 09:37:11 +0000 Subject: [PATCH 0311/1000] Dont setup tasks on LTS --- spec/spec_helper_acceptance.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 4a5d3edd41..7f7252cf57 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -87,7 +87,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) # Configure all nodes in nodeset c.before :suite do - run_puppet_access_login(user: 'admin') if pe_install? + run_puppet_access_login(user: 'admin') if pe_install? && puppet_version =~ %r{(5\.\d\.\d)} # Set up selinux if appropriate. if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' pp = <<-EOS From 7d96b2a3f0d5e6c6b79b17a3f5d245cf89a91439 Mon Sep 17 00:00:00 2001 From: Ben Young Date: Thu, 22 Feb 2018 13:30:24 -0800 Subject: [PATCH 0312/1000] Fix syntax error in README Documentation error, `reassign_owned_by` uses `*_role` not `*_owner` --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index d791c3ed39..93a531c2e2 100644 --- a/README.md +++ b/README.md @@ -139,9 +139,9 @@ To change the ownership of all objects within a database using ```puppet postgresql::server::reassign_owned_by { 'new owner is meerkat': - db => 'test_db', - old_owner => 'marmot', - new_owner => 'meerkat', + db => 'test_db', + old_role => 'marmot', + new_role => 'meerkat', } ``` From b842daa6c4c0dcd37d4468e4352f373f789ca6c7 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Fri, 23 Feb 2018 10:36:56 -0800 Subject: [PATCH 0313/1000] Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 40 +++++++++++++++++++++++++++++++--------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index de69428dc9..ff679d7c4b 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -20,6 +20,7 @@ * [定義できるタイプ](#defined-types) * [タイプ](#types) * [関数](#functions) + * [タスク](#tasks) 5. [制約事項 - OSの互換性など](#limitations) 6. [開発 - モジュール貢献についてのガイド](#development) * [コントリビュータ - モジュール貢献者の一覧](#contributors) @@ -318,7 +319,7 @@ exec { 'rake db:migrate': } ``` -## 参考 +## リファレンス postgresqlモジュールには、サーバー設定用に多数のオプションがあります。以下の設定をすべて使うことはないかもしれませんが、これらを使用することで、セキュリティ設定をかなり制御することができます。 @@ -365,6 +366,10 @@ postgresqlモジュールには、サーバー設定用に多数のオプショ * [postgresql_password](#function-postgresql_password) * [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) +**タスク:** + +* [`sql`](#tasks) + ### クラス #### postgresql::client @@ -421,7 +426,7 @@ PostgreSQL docsパッケージリソースが存在する必要があるかど デフォルト値: OSによって異なります。 -##### `confdir` +##### `confdir`  ターゲットプラットフォームのデフォルトのPostgreSQL設定ディレクトリをオーバーライドします。 @@ -957,7 +962,7 @@ PostgreSQLサービスのデフォルトのリロードコマンドをオーバ ##### `service_restart_on_change` -設定変更をアクティブにするにはサービスの再起動が必要な設定エントリが変更された場合に、PostgreSQLサービスを再起動する際のデフォルト動作をオーバーライドします。 +設定変更をアクティブにするためにサービスの再起動が必要な設定エントリが変更された場合に、PostgreSQLサービスを再起動する際のデフォルト動作をオーバーライドします。 デフォルト値: `true`。 @@ -969,7 +974,7 @@ PostgreSQLサービスのデフォルトのステータスチェックコマン ##### `user` -ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよびオーナーをオーバーライドします。 +ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよび所有者をオーバーライドします。 デフォルト値: 'postgres'。 @@ -1037,7 +1042,7 @@ PostgreSQLのCOMMENTコマンドを使用して、データベースについて ##### `connect_settings` -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 デフォルト値: ローカルのPostgresインスタンスに接続します。 @@ -1149,7 +1154,7 @@ PostgreSQLのCOMMENTコマンドを使用して、データベースについて #### `connect_settings` -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。 +リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 デフォルト値: ローカルのPostgresインスタンスに接続します。 @@ -1189,6 +1194,10 @@ PostgreSQL拡張を管理します。 拡張を有効化するデータベースを指定します。 +##### `schema` + +拡張を有効化するスキーマを指定します。 + ##### `ensure` 拡張を有効化するか無効化するかを指定します。 @@ -1484,7 +1493,16 @@ PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し **注意して使用してください。** #### postgresql::server::role -PostgreSQLのロールまたはユーザを作成します。 + +PostgreSQLのロールまたはユーザを作成もしくは削除します。 + +##### `ensure` + +ロールを作成するか削除するかを指定します。 + +'present'を指定するとロールが作成され、'absent'を指定するとロールが削除されます。 + +デフォルト値: 'present'。 ##### `connection_limit` ロールが同時に接続可能な数を指定します。 @@ -1796,7 +1814,7 @@ Unixソケットとident認証を使用するとき、このユーザとして 接続するときに使用するポートを定義します。 -デフォルト値: '' +デフォルト値: '' ##### `run_as` @@ -1828,6 +1846,10 @@ puppet apply --execute 'notify { 'test': message => postgresql_password('usernam **この関数は、モジュールによる内部的な使用のみ可能です。** +### タスク + +postgresqlモジュールの'sqlサンプルタスクは、データベースに対して任意のSQLを実行します。タスクの実行方法については、[Puppet Enterpriseマニュアル](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html)または[Boltマニュアル](https://puppet.com/docs/bolt/latest/bolt.html)を参照してください。 + ## 制約事項 PostgreSQLのバージョン8.1~9.5で動作します。 @@ -1842,7 +1864,7 @@ PostgreSQLのバージョン8.1~9.5で動作します。 ### Aptモジュールのサポート -このモジュールは1.xと2.x両方のバージョンの'puppetlabs-apt'モジュールをサポートしていますが、'puppetlabs-apt'の2.0.0と2.0.1はサポートしていません。 +このモジュールは1.xと2.x両方のバージョンの`puppetlabs-apt` モジュールをサポートしていますが、2.0.0と2.0.1の`puppetlabs-apt`はサポートしていません。 ### PostGISのサポート From 575003f94eb13ceabba5992dc261afad4bbe1d0b Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 1 Mar 2018 12:11:48 +0000 Subject: [PATCH 0314/1000] pdk convert 1.4.1 --- .gitignore | 37 +++++----- .rubocop.yml | 15 +++- .sync.yml | 50 +++++++++++-- .travis.yml | 81 +++++++++++++++------ Gemfile | 174 ++++++++++++++++++++++++++++---------------- Rakefile | 38 +--------- metadata.json | 21 ++++-- spec/spec_helper.rb | 29 +++++++- 8 files changed, 287 insertions(+), 158 deletions(-) diff --git a/.gitignore b/.gitignore index a1022772e0..56efb9ca14 100644 --- a/.gitignore +++ b/.gitignore @@ -1,23 +1,22 @@ -# This file is generated by ModuleSync, do not edit. -*.iml .*.sw[op] -.DS_Store -.bundle/ -.idea/ .metadata -.vagrant/ .yardoc .yardwarns -Gemfile.local -Gemfile.lock -bin/ -coverage/ -doc/ -junit/ -log/ -pkg/ -spec/fixtures/manifests/ -spec/fixtures/modules/ -tmp/ -vendor/ - +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +.DS_Store diff --git a/.rubocop.yml b/.rubocop.yml index 515ef6314c..40a58e0717 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,7 +1,7 @@ --- -require: - - rubocop-rspec +require: rubocop-rspec AllCops: + DisplayCopNames: true TargetRubyVersion: '2.1' Include: - "./**/*.rb" @@ -13,7 +13,6 @@ AllCops: - pkg/**/* - spec/fixtures/**/* - vendor/**/* -inherit_from: .rubocop_todo.yml Metrics/LineLength: Description: People have wide screens, use them. Max: 200 @@ -64,12 +63,16 @@ Style/TrailingCommaInLiteral: Style/SymbolArray: Description: Using percent style obscures symbolic intent of array's contents. EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true +Layout/EndOfLine: + Enabled: false Metrics/AbcSize: Enabled: false Metrics/BlockLength: @@ -88,8 +91,14 @@ Metrics/PerceivedComplexity: Enabled: false RSpec/DescribeClass: Enabled: false +RSpec/ExampleLength: + Enabled: false RSpec/MessageExpectation: Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/NestedGroups: + Enabled: false Style/AsciiComments: Enabled: false Style/IfUnlessModifier: diff --git a/.sync.yml b/.sync.yml index 436f1c4ae8..92e8d266f4 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,11 +1,45 @@ --- -NOTICE: - unmanaged: true -appveyor.yml: - delete: true -spec/spec_helper.rb: - allow_deprecations: true .travis.yml: + bundle_args: --without system_tests + docker_sets: + - set: docker/centos-7 + options: + - set: docker/ubuntu-14.04 + options: + docker_defaults: + bundler_args: "" + secure: "" + branches: + - release extras: - - rvm: 2.1.9 - script: bundle exec rake rubocop + - env: CHECK=release_checks + rvm: 2.1.9 + +Gemfile: + required: + ':system_tests': + - gem: 'puppet-module-posix-system-r#{minor_version}' + platforms: ruby + - gem: 'puppet-module-win-system-r#{minor_version}' + platforms: + - mswin + - mingw + - x64_mingw + - gem: beaker + version: '~> 3.13' + from_env: BEAKER_VERSION + - gem: beaker-abs + from_env: BEAKER_ABS_VERSION + version: '~> 0.1' + - gem: beaker-pe + - gem: beaker-hostgenerator + from_env: BEAKER_HOSTGENERATOR_VERSION + - gem: beaker-rspec + from_env: BEAKER_RSPEC_VERSION + ':development': + - gem: puppet-blacksmith + version: '~> 3.4' + +Rakefile: + requires: + - puppet_blacksmith/rake_tasks diff --git a/.travis.yml b/.travis.yml index 47c6d8debd..dcfcf14669 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,31 +1,68 @@ -#This file is generated by ModuleSync, do not edit. --- sudo: false +dist: trusty language: ruby cache: bundler -script: "bundle exec rake release_checks" +before_install: + - bundle -v + - rm Gemfile.lock || true + - gem update --system + - gem update bundler + - gem --version + - bundle -v +script: + - 'bundle exec rake $CHECK' +bundler_args: --without system_tests +rvm: + - 2.4.1 +env: + - PUPPET_GEM_VERSION="~> 5.0" CHECK=spec matrix: fast_finish: true include: - - rvm: 2.3.1 - dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 - script: bundle exec rake beaker - services: docker - sudo: required - - rvm: 2.3.1 - dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 - script: bundle exec rake beaker - services: docker - sudo: required - - rvm: 2.4.1 - bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 5.0" - - rvm: 2.1.9 - bundler_args: --without system_tests - env: PUPPET_GEM_VERSION="~> 4.0" - - rvm: 2.1.9 - script: bundle exec rake rubocop + - + bundler_args: + dist: trusty + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 + rvm: 2.4.1 + script: bundle exec rake beaker + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 + rvm: 2.4.1 + script: bundle exec rake beaker + services: docker + sudo: required + - + env: CHECK=rubocop + - + env: CHECK="syntax lint" + - + env: CHECK=metadata_lint + - + env: CHECK=spec + - + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=spec + rvm: 2.1.9 + - + env: CHECK=release_checks + rvm: 2.1.9 +branches: + only: + - master + - /^v\d/ + - release notifications: email: false +deploy: + provider: puppetforge + user: puppet + password: + secure: "" + on: + tags: true + all_branches: true + condition: "$DEPLOY_TO_FORGE = yes" diff --git a/Gemfile b/Gemfile index 84b23f2b4e..37597a3035 100644 --- a/Gemfile +++ b/Gemfile @@ -1,84 +1,136 @@ -#This file is generated by ModuleSync, do not edit. +source ENV['GEM_SOURCE'] || 'https://rubygems.org' -source ENV['GEM_SOURCE'] || "https://rubygems.org" +def location_for(place_or_version, fake_version = nil) + if place_or_version =~ %r{\A(git[:@][^#]*)#(.*)} + [fake_version, { git: Regexp.last_match(1), branch: Regexp.last_match(2), require: false }].compact + elsif place_or_version =~ %r{\Afile:\/\/(.*)} + ['>= 0', { path: File.expand_path(Regexp.last_match(1)), require: false }] + else + [place_or_version, { require: false }] + end +end -# Determines what type of gem is requested based on place_or_version. def gem_type(place_or_version) - if place_or_version =~ /^git:/ + if place_or_version =~ %r{\Agit[:@]} :git - elsif place_or_version =~ /^file:/ + elsif !place_or_version.nil? && place_or_version.start_with?('file:') :file else :gem end end -# Find a location or specific version for a gem. place_or_version can be a -# version, which is most often used. It can also be git, which is specified as -# `git://somewhere.git#branch`. You can also use a file source location, which -# is specified as `file://some/location/on/disk`. -def location_for(place_or_version, fake_version = nil) - if place_or_version =~ /^(git[:@][^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place_or_version =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place_or_version, { :require => false }] - end -end - -# Used for gem conditionals ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = "#{ruby_version_segments[0]}.#{ruby_version_segments[1]}" - -# The following gems are not included by default as they require DevKit on Windows. -# You should probably include them in a Gemfile.local or a ~/.gemfile -#gem 'pry' #this may already be included in the gemfile -#gem 'pry-stack_explorer', :require => false -#if RUBY_VERSION =~ /^2/ -# gem 'pry-byebug' -#else -# gem 'pry-debugger' -#end +minor_version = ruby_version_segments[0..1].join('.') group :development do - gem "puppet-module-posix-default-r#{minor_version}", :require => false, :platforms => "ruby" - gem "puppet-module-win-default-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] - gem "puppet-module-posix-dev-r#{minor_version}", :require => false, :platforms => "ruby" - gem "puppet-module-win-dev-r#{minor_version}", '0.0.7', :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] - gem "json_pure", '<= 2.0.1', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "fast_gettext", '1.1.0', :require => false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", :require => false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-blacksmith", '~> 3.4', require: false end - group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", :require => false, :platforms => "ruby" - gem "puppet-module-win-system-r#{minor_version}", :require => false, :platforms => ["mswin", "mingw", "x64_mingw"] - gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '>= 3') - gem "beaker-pe", :require => false - gem "beaker-rspec", *location_for(ENV['BEAKER_RSPEC_VERSION']) - gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) - gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') - gem "puppet-blacksmith", '~> 3.4', :require => false + gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] + gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 3.13') + gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') + gem "beaker-pe", require: false + gem "beaker-hostgenerator" + gem "beaker-rspec" +end + +puppet_version = ENV['PUPPET_GEM_VERSION'] +puppet_type = gem_type(puppet_version) +facter_version = ENV['FACTER_GEM_VERSION'] +hiera_version = ENV['HIERA_GEM_VERSION'] + +def puppet_older_than?(version) + puppet_version = ENV['PUPPET_GEM_VERSION'] + !puppet_version.nil? && + Gem::Version.correct?(puppet_version) && + Gem::Requirement.new("< #{version}").satisfied_by?(Gem::Version.new(puppet_version.dup)) end -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) +gems = {} -# Only explicitly specify Facter/Hiera if a version has been specified. -# Otherwise it can lead to strange bundler behavior. If you are seeing weird -# gem resolution behavior, try setting `DEBUG_RESOLVER` environment variable -# to `1` and then run bundle install. -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) if ENV['FACTER_GEM_VERSION'] -gem 'hiera', *location_for(ENV['HIERA_GEM_VERSION']) if ENV['HIERA_GEM_VERSION'] +gems['puppet'] = location_for(puppet_version) -# Evaluate Gemfile.local if it exists -if File.exists? "#{__FILE__}.local" - eval(File.read("#{__FILE__}.local"), binding) +# If facter or hiera versions have been specified via the environment +# variables, use those versions. If not, and if the puppet version is < 3.5.0, +# use known good versions of both for puppet < 3.5.0. +if facter_version + gems['facter'] = location_for(facter_version) +elsif puppet_type == :gem && puppet_older_than?('3.5.0') + gems['facter'] = ['>= 1.6.11', '<= 1.7.5', require: false] end -# Evaluate ~/.gemfile if it exists -if File.exists?(File.join(Dir.home, '.gemfile')) - eval(File.read(File.join(Dir.home, '.gemfile')), binding) +if hiera_version + gems['hiera'] = location_for(ENV['HIERA_GEM_VERSION']) +elsif puppet_type == :gem && puppet_older_than?('3.5.0') + gems['hiera'] = ['>= 1.0.0', '<= 1.3.0', require: false] end -# vim:ft=ruby +if Gem.win_platform? && (puppet_type != :gem || puppet_older_than?('3.5.0')) + # For Puppet gems < 3.5.0 (tested as far back as 3.0.0) on Windows + if puppet_type == :gem + gems['ffi'] = ['1.9.0', require: false] + gems['minitar'] = ['0.5.4', require: false] + gems['win32-eventlog'] = ['0.5.3', '<= 0.6.5', require: false] + gems['win32-process'] = ['0.6.5', '<= 0.7.5', require: false] + gems['win32-security'] = ['~> 0.1.2', '<= 0.2.5', require: false] + gems['win32-service'] = ['0.7.2', '<= 0.8.8', require: false] + else + gems['ffi'] = ['~> 1.9.0', require: false] + gems['minitar'] = ['~> 0.5.4', require: false] + gems['win32-eventlog'] = ['~> 0.5', '<= 0.6.5', require: false] + gems['win32-process'] = ['~> 0.6', '<= 0.7.5', require: false] + gems['win32-security'] = ['~> 0.1', '<= 0.2.5', require: false] + gems['win32-service'] = ['~> 0.7', '<= 0.8.8', require: false] + end + + gems['win32-dir'] = ['~> 0.3', '<= 0.4.9', require: false] + + if RUBY_VERSION.start_with?('1.') + gems['win32console'] = ['1.3.2', require: false] + # sys-admin was removed in Puppet 3.7.0 and doesn't compile under Ruby 2.x + gems['sys-admin'] = ['1.5.6', require: false] + end + + # Puppet < 3.7.0 requires these. + # Puppet >= 3.5.0 gem includes these as requirements. + # The following versions are tested to work with 3.0.0 <= puppet < 3.7.0. + gems['win32-api'] = ['1.4.8', require: false] + gems['win32-taskscheduler'] = ['0.2.2', require: false] + gems['windows-api'] = ['0.4.3', require: false] + gems['windows-pr'] = ['1.2.3', require: false] +elsif Gem.win_platform? + # If we're using a Puppet gem on Windows which handles its own win32-xxx gem + # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). + gems['win32-dir'] = ['<= 0.4.9', require: false] + gems['win32-eventlog'] = ['<= 0.6.5', require: false] + gems['win32-process'] = ['<= 0.7.5', require: false] + gems['win32-security'] = ['<= 0.2.5', require: false] + gems['win32-service'] = ['<= 0.8.8', require: false] +end + +gems.each do |gem_name, gem_params| + gem gem_name, *gem_params +end + +# Evaluate Gemfile.local and ~/.gemfile if they exist +extra_gemfiles = [ + "#{__FILE__}.local", + File.join(Dir.home, '.gemfile'), +] + +extra_gemfiles.each do |gemfile| + if File.file?(gemfile) && File.readable?(gemfile) + eval(File.read(gemfile), binding) + end +end +# vim: syntax=ruby diff --git a/Rakefile b/Rakefile index d12d85495d..802f67b501 100644 --- a/Rakefile +++ b/Rakefile @@ -1,37 +1,3 @@ require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') - -desc 'Generate pooler nodesets' -task :gen_nodeset do - require 'beaker-hostgenerator' - require 'securerandom' - require 'fileutils' - - agent_target = ENV['TEST_TARGET'] - if ! agent_target - STDERR.puts 'TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat-64default."' - agent_target = 'redhat-64default.' - end - - master_target = ENV['MASTER_TEST_TARGET'] - if ! master_target - STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat7-64mdcl"' - master_target = 'redhat7-64mdcl' - end - - targets = "#{master_target}-#{agent_target}" - cli = BeakerHostGenerator::CLI.new([targets]) - nodeset_dir = "tmp/nodesets" - nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" - FileUtils.mkdir_p(nodeset_dir) - File.open(nodeset, 'w') do |fh| - fh.print(cli.execute) - end - puts nodeset -end +require 'puppet-syntax/tasks/puppet-syntax' +require 'puppet_blacksmith/rake_tasks' diff --git a/metadata.json b/metadata.json index dc4ff78a57..ad5a312279 100644 --- a/metadata.json +++ b/metadata.json @@ -8,11 +8,19 @@ "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 4.13.1 < 5.0.0"}, - {"name":"puppetlabs/apt","version_requirement":">= 2.0.0 < 5.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 < 5.0.0"} + { + "name": "puppetlabs/stdlib", + "version_requirement": ">= 4.13.1 < 5.0.0" + }, + { + "name": "puppetlabs/apt", + "version_requirement": ">= 2.0.0 < 5.0.0" + }, + { + "name": "puppetlabs/concat", + "version_requirement": ">= 1.1.0 < 5.0.0" + } ], - "data_provider": null, "operatingsystem_support": [ { "operatingsystem": "RedHat", @@ -66,5 +74,8 @@ "name": "puppet", "version_requirement": ">= 4.7.0 < 6.0.0" } - ] + ], + "pdk-version": "1.4.1", + "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git", + "template-ref": "1.4.1-0-g52adbbb" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 01912b60c4..efd225b540 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,9 +1,30 @@ -# This file is generated by ModuleSync, do not edit. require 'puppetlabs_spec_helper/module_spec_helper' +require 'rspec-puppet-facts' -# put local configuration and setup into spec_helper_local begin - require 'spec_helper_local' + require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) rescue LoadError => loaderror - puts "Could not require spec_helper_local: #{loaderror.message}" + warn "Could not require spec_helper_local: #{loaderror.message}" +end + +include RspecPuppetFacts + +default_facts = { + puppetversion: Puppet.version, + facterversion: Facter.version, +} + +default_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')) +default_module_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')) + +if File.exist?(default_facts_path) && File.readable?(default_facts_path) + default_facts.merge!(YAML.safe_load(File.read(default_facts_path))) +end + +if File.exist?(default_module_facts_path) && File.readable?(default_module_facts_path) + default_facts.merge!(YAML.safe_load(File.read(default_module_facts_path))) +end + +RSpec.configure do |c| + c.default_facts = default_facts end From c18609183056796f33257231ab4e90e6d50ad1ff Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 1 Mar 2018 12:37:44 +0000 Subject: [PATCH 0315/1000] Addressing Rubocop errors --- spec/acceptance/db_spec.rb | 2 -- spec/acceptance/postgresql_conn_validator_spec.rb | 6 +++--- spec/acceptance/postgresql_psql_spec.rb | 4 ++-- spec/acceptance/server/grant_role_spec.rb | 2 -- spec/acceptance/server/grant_spec.rb | 2 -- spec/acceptance/server/reassign_owned_by_spec.rb | 2 -- spec/acceptance/server/schema_spec.rb | 2 -- spec/unit/classes/lib/devel_spec.rb | 2 +- spec/unit/classes/server/contrib_spec.rb | 2 +- .../puppet/provider/postgresql_conn_validator/ruby_spec.rb | 2 +- spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb | 4 +--- spec/unit/puppet/type/postgresql_psql_spec.rb | 7 ++----- 12 files changed, 11 insertions(+), 26 deletions(-) diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 2e89d32d1a..76d3ce1cc9 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,8 +1,6 @@ require 'spec_helper_acceptance' describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - # rubocop:disable RSpec/ExampleLength - # rubocop:disable RSpec/MultipleExpectations # rubocop:disable Metrics/LineLength it 'creates a database' do begin diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index dfc116e4d4..1b718b238e 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -22,7 +22,7 @@ class { 'postgresql::server': end context 'local connection' do - it 'validates successfully with defaults' do # rubocop:disable RSpec/ExampleLength + it 'validates successfully with defaults' do pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': @@ -38,7 +38,7 @@ class { 'postgresql::server': apply_manifest(pp, catch_changes: true) end - it 'works with connect settings hash' do # rubocop:disable RSpec/ExampleLength + it 'works with connect settings hash' do pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': @@ -57,7 +57,7 @@ class { 'postgresql::server': apply_manifest(pp, catch_changes: true) end - it 'fails gracefully' do # rubocop:disable RSpec/ExampleLength + it 'fails gracefully' do pp = <<-MANIFEST #{install_pp}-> postgresql_conn_validator { 'validate this': diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 6362bc9d98..7f5ce79afa 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -135,7 +135,7 @@ class { 'postgresql::server': } -> end context 'with secure password passing by environment' do - it 'runs SQL that contanins password passed by environment' do # rubocop:disable RSpec/ExampleLength + it 'runs SQL that contanins password passed by environment' do select = "select \\'$PASS_TO_EMBED\\'" pp = <<-MANIFEST.unindent class { 'postgresql::server': } -> @@ -151,7 +151,7 @@ class { 'postgresql::server': } -> apply_manifest(pp, catch_failures: true) apply_manifest(pp, expect_changes: false) end - it 'runs SQL that contanins password passed by environment in check' do # rubocop:disable RSpec/ExampleLength + it 'runs SQL that contanins password passed by environment in check' do select = "select 1 where \\'$PASS_TO_EMBED\\'=\\'passwD\\'" pp = <<-MANIFEST.unindent class { 'postgresql::server': } -> diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 90d62abab5..b8da0ad8f0 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -210,8 +210,6 @@ class { 'postgresql::server': } MANIFEST end - # rubocop:disable RSpec/ExampleLength - # rubocop:disable RSpec/MultipleExpectations it 'grants a role to a user' do begin apply_manifest(pp_one, catch_failures: true) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index dd7f8a7cc0..0046b0f0e3 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,8 +1,6 @@ require 'spec_helper_acceptance' describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - # rubocop:disable RSpec/ExampleLength - # rubocop:disable RSpec/MultipleExpectations let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 86db4c11e5..44eea11bc7 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -102,8 +102,6 @@ class { 'postgresql::server': } MANIFEST end - # rubocop:disable RSpec/ExampleLength - # rubocop:disable RSpec/MultipleExpectations it 'reassigns all objects to new_owner' do begin # postgres version diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 1c10d1af5a..41fcf0572f 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -53,8 +53,6 @@ class { 'postgresql::server': } MANIFEST end - # rubocop:disable RSpec/ExampleLength - # rubocop:disable RSpec/MultipleExpectations it 'creates a schema for a user' do begin apply_manifest(pp, catch_failures: true) diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 8317a4ddf2..835bf51e0d 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -75,7 +75,7 @@ } end - it 'fails to compile' do # rubocop:disable RSpec/MultipleExpectations + it 'fails to compile' do expect { is_expected.to compile }.to raise_error(%r{is not supported}) diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index 221c857a10..d118ca06f2 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -46,7 +46,7 @@ } end - it 'fails to compile' do # rubocop:disable RSpec/MultipleExpectations + it 'fails to compile' do expect { is_expected.to compile }.to raise_error(%r{is not supported}) diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index d4989ab7c7..88cab60f66 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -57,7 +57,7 @@ end it 'tries the correct number of times' do - expect(provider.validator).to receive(:execute_command).exactly(3).times # rubocop:disable RSpec/MessageSpies + expect(provider.validator).to receive(:execute_command).exactly(3).times provider.validator.attempt_connection(sleep_length, tries) end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index ee1444f9c2..bc53367553 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -1,7 +1,6 @@ require 'spec_helper' describe Puppet::Type.type(:postgresql_psql).provider(:ruby) do - # rubocop:disable RSpec/MessageSpies let(:name) { 'rspec psql test' } let(:resource) do Puppet::Type.type(:postgresql_psql).new({ name: name, provider: :ruby }.merge(attributes)) @@ -31,7 +30,7 @@ } end - it 'executes with the given psql_path on the given DB' do # rubocop:disable RSpec/MultipleExpectations + it 'executes with the given psql_path on the given DB' do expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], @@ -105,5 +104,4 @@ provider.run_unless_sql_command('SELECT 1') end end - # rubocop:enable RSpec/MessageSpies end diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 85e844f3bd..ff900224f1 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -74,8 +74,6 @@ end end - # rubocop:disable RSpec/MultipleExpectations - # rubocop:disable RSpec/MessageSpies # rubocop:disable RSpec/NamedSubject # rubocop:disable RSpec/SubjectStub describe '#command' do @@ -124,7 +122,6 @@ end end end - # rubocop:enable RSpec/MultipleExpectations describe "#should_run_sql without 'unless'" do [true, :true].each do |refreshonly| @@ -253,13 +250,13 @@ describe '#refresh' do let(:attributes) { {} } - it 'syncs command property when command should run' do # rubocop:disable RSpec/MultipleExpectations + it 'syncs command property when command should run' do expect(subject).to receive(:should_run_sql).with(true).and_return(true) expect(subject.property(:command)).to receive(:sync) subject.refresh end - it 'does not sync command property when command should not run' do # rubocop:disable RSpec/MultipleExpectations + it 'does not sync command property when command should not run' do expect(subject).to receive(:should_run_sql).with(true).and_return(false) expect(subject.property(:command)).not_to receive(:sync) subject.refresh From bac1d2a07f8af5b2e8a837c8440c0dcf22a1a482 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 1 Mar 2018 13:12:06 +0000 Subject: [PATCH 0316/1000] Adding require puppet-lint/tasks/puppet-lint --- .sync.yml | 1 + Rakefile | 1 + 2 files changed, 2 insertions(+) diff --git a/.sync.yml b/.sync.yml index 92e8d266f4..8f093203dd 100644 --- a/.sync.yml +++ b/.sync.yml @@ -43,3 +43,4 @@ Gemfile: Rakefile: requires: - puppet_blacksmith/rake_tasks + - puppet-lint/tasks/puppet-lint diff --git a/Rakefile b/Rakefile index 802f67b501..a39cae2f03 100644 --- a/Rakefile +++ b/Rakefile @@ -1,3 +1,4 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' From 383f3e8ff91992e6d813970f7cbcfeb4ad8e8a79 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Thu, 1 Mar 2018 17:43:57 +0000 Subject: [PATCH 0317/1000] Revert " Copy-edit the README" --- README.md | 770 ++++++++++++++-------------------------- readmes/README_ja_JP.md | 6 +- 2 files changed, 271 insertions(+), 505 deletions(-) diff --git a/README.md b/README.md index ab6adf3749..d27dc52a80 100644 --- a/README.md +++ b/README.md @@ -31,9 +31,7 @@ The postgresql module allows you to manage PostgreSQL databases with Puppet. -PostgreSQL is a high-performance, free, open-source relational database server. -The postgresql module allows you to manage packages, services, databases, -users, and common security settings in PostgreSQL. +PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL. ## Setup @@ -45,8 +43,7 @@ users, and common security settings in PostgreSQL. ### Getting started with postgresql -To configure a basic default PostgreSQL server, declare -the `postgresql::server` class. +To configure a basic default PostgreSQL server, declare the `postgresql::server` class. ```puppet class { 'postgresql::server': @@ -57,9 +54,7 @@ class { 'postgresql::server': ### Configure a server -For default settings, declare the `postgresql::server` class as above. -To customize PostgreSQL server settings, specify -[the parameters](#postgresqlserver) you want to change: +For default settings, declare the `postgresql::server` class as above. To customize PostgreSQL server settings, specify the [parameters](#postgresqlserver) you want to change: ```puppet class { 'postgresql::server': @@ -77,19 +72,13 @@ psql -h localhost -U postgres psql -h my.postgres.server -U ``` -If you get an error message from these commands, your permission settings -restrict access from the location you're trying to connect from. Depending -on whether you want to allow connections from that location, you might need -to adjust your permissions. +If you get an error message from these commands, your permission settings restrict access from the location you're trying to connect from. Depending on whether you want to allow connections from that location, you might need to adjust your permissions. -For more details about server configuration parameters, consult -[the PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). +For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). ### Create a database -You can set up a variety of PostgreSQL databases with -the `postgresql::server::db` defined type. For instance, to set up a database -for PuppetDB: +You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: ```puppet class { 'postgresql::server': @@ -127,15 +116,11 @@ postgresql::server::table_grant { 'my_table of test2': } ``` -This example grants **all** privileges on the `test1` database and on -the `my_table` table of the `test2` database to the specified user or group. -After the values are added into the PuppetDB config file, this database would -be ready for use. +This example grants **all** privileges on the test1 database and on the `my_table` table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use. ### Manage ownership of DB objects -To change the ownership of all objects within a database using -`REASSIGN OWNED`: +To change the ownership of all objects within a database using REASSIGN OWNED: ```puppet postgresql::server::reassign_owned_by { 'new owner is meerkat': @@ -145,22 +130,17 @@ postgresql::server::reassign_owned_by { 'new owner is meerkat': } ``` -This would run the PostgreSQL statement `REASSIGN OWNED` to update to ownership -of all tables, sequences, functions and views currently owned by -the role `marmot` to be owned by the role `meerkat` instead. +This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership of all tables, sequences, functions and views currently owned by the role 'marmot' to be owned by the role 'meerkat' instead. -This applies to objects within the nominated database, `test_db` only. +This applies to objects within the nominated database, 'test_db' only. -For PostgreSQL >= 9.3, the ownership of the database is also updated. +For Postgresql >= 9.3, the ownership of the database is also updated. ### Override defaults -The `postgresql::globals` class allows you to configure the main settings -for this module globally, so that other classes and defined resources can use -them. By itself, it does nothing. +The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing. -For example, to overwrite the default `locale` and `encoding` for all classes, -use the following: +For example, to overwrite the default `locale` and `encoding` for all classes, use the following: ```puppet class { 'postgresql::globals': @@ -186,25 +166,13 @@ class { 'postgresql::server': ### Manage remote users, roles, and permissions -Remote SQL objects are managed using the same Puppet resources as local -SQL objects, along with a [`connect_settings`](#connect_settings) hash. -This provides control over how Puppet connects to the remote PostgreSQL -instances and which version is used for generating SQL commands. +Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. -The `connect_settings` hash can contain environment variables to control -PostgreSQL client connections, such as `PGHOST`, `PGPORT`, `PGPASSWORD`, -and `PGSSLKEY`. See -[the PostgreSQL Environment Variables documentation](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) -for a complete list of variables. +The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) documentation for a complete list of variables. -Additionally, you can specify the target database version with the special -value of `DBVERSION`. If the `connect_settings` hash is omitted or empty, -then Puppet connects to the local PostgreSQL instance. +Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. -You can provide a `connect_settings` hash for each of the Puppet resources, -or you can set a default `connect_settings` hash in `postgresql::globals`. -Configuring `connect_settings` per resource allows SQL objects to be created -on multiple databases by multiple users. +You can provide a `connect_settings` hash for each of the Puppet resources, or you can set a default `connect_settings` hash in `postgresql::globals`. Configuring `connect_settings` per resource allows SQL objects to be created on multiple databases by multiple users. ```puppet $connection_settings_super2 = { @@ -256,10 +224,7 @@ This would create a ruleset in `pg_hba.conf` similar to: host app app 200.1.2.0/24 md5 ``` -By default, `pg_hba_rule` requires that you include `postgresql::server`. -However, you can override that behavior by setting target and -postgresql_version when declaring your rule. That might look like -the following: +By default, `pg_hba_rule` requires that you include `postgresql::server`. However, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following: ```puppet postgresql::server::pg_hba_rule { 'allow application network to access app database': @@ -334,17 +299,11 @@ primary_conninfo = 'host=localhost port=5432' recovery_min_apply_delay = 0 ``` -Only the specified parameters are recognized in the template. -The `recovery.conf` is only be created if at least one parameter is set -**and** [manage_recovery_conf](#manage_recovery_conf) is set to true. +Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. ### Validate connectivity -To validate client connections to a remote PostgreSQL database before starting -dependent tasks, use the `postgresql_conn_validator` resource. You can use -this on any node where the PostgreSQL client package is installed. It is -often chained to other tasks such as starting an application server or -performing a database migration. +To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql_conn_validator` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration. Example usage: @@ -362,9 +321,7 @@ exec { 'rake db:migrate': ## Reference -The postgresql module comes with many options for configuring the server. -While you are unlikely to use all of the settings below, they provide a decent -amount of control over your security settings. +The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. **Classes:** @@ -417,33 +374,29 @@ amount of control over your security settings. #### postgresql::client -Installs PostgreSQL client package. Set the following parameters if you have -a custom version you would like to install. +Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. -**Note:** Make sure to add any necessary yum or apt repositories if specifying -a custom version. +>**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_ensure` Whether the PostgreSQL client package resource should be present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. ##### `package_name` Sets the name of the PostgreSQL client package. -Default value: `file`. +Default value: 'file'. #### postgresql::lib::docs -Installs PostgreSQL documentation package. Set the following parameters -if you have a custom version you would like to install. +Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. -**Note:** Make sure to add any necessary yum or apt repositories if specifying -a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_name` @@ -453,16 +406,13 @@ Specifies the name of the PostgreSQL docs package. Whether the PostgreSQL docs package resource should be present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. #### postgresql::globals -**Note:** Most server-specific defaults should be overridden in -the `postgresql::server` class. This class should be used only if you are -using a non-standard OS, or if you are changing elements that can only be -changed here, such as `version` or `manage_package_repo`. +**Note:** Most server-specific defaults should be overridden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. ##### `bindir` @@ -478,8 +428,7 @@ Default value: OS dependent. ##### `confdir` -Overrides the default PostgreSQL configuration directory for the target -platform. +Overrides the default PostgreSQL configuration directory for the target platform. Default value: OS dependent. @@ -491,11 +440,9 @@ Default value: OS dependent. ##### `createdb_path` -**Deprecated.** +**Deprecated.** Path to the `createdb` command. -Path to the `createdb` command. - -Default value: `${bindir}/createdb`. +Default value: '${bindir}/createdb'. ##### `datadir` @@ -503,36 +450,29 @@ Overrides the default PostgreSQL data directory for the target platform. Default value: OS dependent. -**Note:** Changing the `datadir` after installation causes the server to come -to a full stop before making the change. For Red Hat systems, the data -directory must be labeled appropriately for SELinux. On Ubuntu, you must -explicitly set `needs_initdb = true` to allow Puppet to initialize the database -in the new `datadir` (`needs_initdb` defaults to true on other systems). +**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). -**Warning:** If `datadir` is changed from the default, Puppet does not manage -purging of the original data directory, which causes it to fail if the data -directory is changed back to the original. +**Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. ##### `data_checksums` Optional. -Use checksums on data pages to help detect corruption by the I/O system that -would otherwise be silent. +Data type: Boolean. + +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. -Default: `initdb`'s default (`false`). +Default: initdb's default (`false`). -**Warning:** This option is used during initialization by `initdb`, and cannot -be changed later. If set, checksums are calculated for all objects, in all -databases. +**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. ##### `default_database` Specifies the name of the default database to connect with. -Default value: `postgres` (for most systems). +Default value: 'postgres' (for most systems). ##### `devel_package_name` @@ -550,18 +490,15 @@ Default value: OS dependent. ##### `encoding` -Sets the default encoding for all databases created with this module. -On certain operating systems, this is also used during the `template1` -initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. -Default value: dependent on the operating system's default encoding. +Default value: Dependent on the operating system's default encoding. ##### `group` -Overrides the default postgres user group to be used for related files in -the file system. +Overrides the default postgres user group to be used for related files in the file system. -Default value: `postgres`. +Default value: 'postgres'. ##### `initdb_path` @@ -569,31 +506,27 @@ Path to the `initdb` command. ##### `java_package_name` -Overrides the default PostgreSQL Java package name. +Overrides the default PostgreSQL java package name. Default value: OS dependent. ##### `locale` -Sets the default database locale for all databases created with this module. -On certain operating systems, this is also used during the `template1` -initialization, so it becomes a default outside of the module as well. +Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. -Default value: `undef`, which is effectively `"C"`. +Default value: `undef`, which is effectively 'C'. -**Warning:** On Debian, you'll need to ensure that the `locales-all` package is -installed for full functionality of PostgreSQL. +**On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `timezone` -Sets the default timezone of the postgresql server. The postgresql built-in -default is taking the systems timezone information. +Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. ##### `logdir` Overrides the default PostgreSQL log directory. -Default value: `initdb`'s default path. +Default value: initdb's default path. ##### `manage_package_repo` @@ -603,15 +536,13 @@ Default value: `false`. ##### `module_workdir` -Specifies working directory under which the `psql` command should be executed. -May need to specify if `/tmp` is on volume mounted with `noexec` option. +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: `/tmp`. +Default value: '/tmp'. ##### `needs_initdb` -Explicitly calls the `initdb` operation after the server package is installed -and before the PostgreSQL service is started. +Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. Default value: OS dependent. @@ -623,25 +554,21 @@ Default value: OS dependent. ##### `pg_hba_conf_defaults` -Disables the defaults supplied with the module for `pg_hba.conf` if set to -`false`. This is useful if you want to override the defaults. Be sure that -your changes align with the rest of the module, as some access is required -to perform some operations, such as basic `psql` operations. +Disables the defaults supplied with the module for `pg_hba.conf` if set to `false`. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. -Default value: the globals value set in `postgresql::globals::manage_pg_hba_conf` -which defaults to `true`. +Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`. ##### `pg_hba_conf_path` Specifies the path to your `pg_hba.conf` file. -Default value: `${confdir}/pg_hba.conf`. +Default value: '${confdir}/pg_hba.conf'. ##### `pg_ident_conf_path` Specifies the path to your `pg_ident.conf` file. -Default value: `${confdir}/pg_ident.conf`. +Default value: '${confdir}/pg_ident.conf'. ##### `plperl_package_name` @@ -659,14 +586,13 @@ Default value: OS dependent. Defines the version of PostGIS to install, if you install PostGIS. -Default value: the lowest available with the version of PostgreSQL to be -installed. +Default value: The lowest available with the version of PostgreSQL to be installed. ##### `postgresql_conf_path` Sets the path to your `postgresql.conf` file. -Default value: `${confdir}/postgresql.conf`. +Default value: '${confdir}/postgresql.conf'. ##### `psql_path` @@ -684,18 +610,15 @@ Path to your `recovery.conf` file. ##### `repo_proxy` -Sets the proxy option for the official PostgreSQL yum-repositories only. -This is useful if your server is behind a corporate firewall and needs to use -proxy servers for outside connectivity. +Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. Debian is currently not supported. ##### `repo_baseurl` -Sets the baseurl for the PostgreSQL repository. Useful if you host your own -mirror of the repository. +Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: the official PostgreSQL repository. +Default value: The official PostgreSQL repository. ##### `server_package_name` @@ -723,10 +646,9 @@ Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related -files in the file system. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: `postgres`. +Default value: 'postgres'. ##### `version` @@ -742,15 +664,11 @@ Default value: initdb's default path. #### postgresql::lib::devel -Installs the packages containing the development libraries for PostgreSQL and -symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). +Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). ##### `link_pg_config` -If the bin directory used by the PostgreSQL page is not `/usr/bin` or -`/usr/local/bin`, symlinks `pg_config` from the package's bin directory into -`usr/bin` (not applicable to Debian systems). Set to `false` to disable -this behavior. +If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. Valid values: `true`, `false`. @@ -758,32 +676,29 @@ Default value: `true`. ##### `package_ensure` -Overrides the `ensure` parameter during package installation. +Overrides the 'ensure' parameter during package installation. -Default value: `present`. +Default value: 'present'. ##### `package_name` Overrides the default package name for the distribution you are installing to. -Default value: `postgresql-devel` or `postgresql-devel` depending on -your OS. +Default value: 'postgresql-devel' or 'postgresql-devel' depending on your distro. #### postgresql::lib::java -Installs PostgreSQL bindings for Java (JDBC). Set the following parameters -if you have a custom version you would like to install. +Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install. -**Note:** Make sure to add any necessary yum or apt repositories if specifying -a custom version. +**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. ##### `package_ensure` Specifies whether the package is present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. ##### `package_name` @@ -797,9 +712,9 @@ Installs the PostgreSQL Perl libraries. Specifies whether the package is present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. ##### `package_name` @@ -817,9 +732,9 @@ Specifies the name of the postgresql PL/Python package. Specifies whether the package is present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. #### postgresql::lib::python @@ -829,9 +744,9 @@ Installs PostgreSQL Python libraries. Specifies whether the package is present. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. ##### `package_name` @@ -841,102 +756,83 @@ The name of the PostgreSQL Python package. ##### `createdb_path` -**Deprecated.** +**Deprecated.** Specifies the path to the `createdb` command. -Specifies the path to the `createdb` command. - -Default value: `${bindir}/createdb`. +Default value: '${bindir}/createdb'. ##### `data_checksums` Optional. -Use checksums on data pages to help detect corruption by the I/O system that -would otherwise be silent. +Data type: Boolean. + +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Valid values: `true` or `false`. -Default value: `initdb`'s default (`false`). +Default value: initdb's default (`false`). -**Warning:** This option is used during initialization by `initdb`, and cannot -be changed later. If set, checksums are calculated for all objects, in all -databases. +**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. ##### `default_database` -Specifies the name of the default database to connect with. On most systems -this is `postgres`. +Specifies the name of the default database to connect with. On most systems this is 'postgres'. ##### `default_connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. Becomes the default for other defined types, such as -`postgresql::server::role`. +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as `postgresql::server::role`. ##### `encoding` -Sets the default encoding for all databases created with this module. On -certain operating systems this is also used during the `template1` -initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. Default value: `undef`. ##### `group` -Overrides the default postgres user group to be used for related files in -the file system. +Overrides the default postgres user group to be used for related files in the file system. -Default value: OS dependent. +Default value: OS dependent default. ##### `initdb_path` Specifies the path to the `initdb` command. -Default value: `${bindir}/initdb`. +Default value: '${bindir}/initdb'. ##### `ipv4acls` -Lists strings for access control for connection method, users, databases, IPv4 -addresses. See -[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) -for information. +Lists strings for access control for connection method, users, databases, IPv4 addresses; + +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ipv6acls` -Lists strings for access control for connection method, users, databases, IPv6 -addresses. See -[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) -for information. +Lists strings for access control for connection method, users, databases, IPv6 addresses. + +see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. ##### `ip_mask_allow_all_users` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL -does not allow database user accounts to connect via TCP from remote machines. -If you'd like to allow this, you can override this setting. +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to `0.0.0.0/0` to allow database users to connect from any remote machine, -or `192.168.0.0/1` to allow connections from any machine on your local -`192.168` subnet. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. -Default value: `127.0.0.1/32`. +Default value: '127.0.0.1/32'. ##### `ip_mask_deny_postgres_user` -Specifies the IP mask from which remote connections should be denied for -the postgres superuser. +Specifies the IP mask from which remote connections should be denied for the postgres superuser. -Default value: `0.0.0.0/0`, which denies any remote connection. +Default value: '0.0.0.0/0', which denies any remote connection. ##### `locale` -Sets the default database locale for all databases created with this module. -On certain operating systems this is used during the `template1` initialization -as well, so it becomes a default outside of the module. +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. -Default value: `undef`, which is effectively `"C"`. +Default value: `undef`, which is effectively 'C'. -**Warning:** On Debian, you'll need to ensure that the `locales-all` package is -installed for full functionality of PostgreSQL. +**On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** ##### `manage_pg_hba_conf` @@ -974,31 +870,25 @@ Default value: `false`. ##### `needs_initdb` -Explicitly calls the `initdb` operation after server package is installed, and -before the PostgreSQL service is started. +Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. Default value: OS dependent. ##### `package_ensure` -Passes a value through to the `package` resource when creating the server -instance. +Passes a value through to the `package` resource when creating the server instance. Default value: `undef`. ##### `package_name` -Specifies the name of the package to use for installing the PostgreSQL server. +Specifies the name of the package to use for installing the server software. Default value: OS dependent. ##### `pg_hba_conf_defaults` -If `false`, disables the defaults supplied with the module for `pg_hba.conf`. -This is useful if you disagree with the defaults and wish to override them -yourself. Be sure that your changes of course align with the rest of -the module, as some access is required to perform basic `psql` operations -for example. +If `false`, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ##### `pg_hba_conf_path` @@ -1008,7 +898,7 @@ Specifies the path to your `pg_hba.conf` file. Specifies the path to your `pg_ident.conf` file. -Default value: `${confdir}/pg_ident.conf`. +Default value: '${confdir}/pg_ident.conf'. ##### `plperl_package_name` @@ -1024,19 +914,13 @@ Default value: OS dependent. ##### `port` -Specifies the port for the PostgreSQL server to listen on. +Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. -**Note:** The same -port number is used for all IP addresses the server listens on. Also, -for Red Hat systems and early Debian systems, changing the port causes -the server to come to a full stop before being able to make the change. - -Default value: 5432 +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. ##### `postgres_password` -Sets the password for the postgres user to your specified value. By default, -this setting uses the superuser account. +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called `postgres` and no password. Default value: `undef`. @@ -1044,7 +928,7 @@ Default value: `undef`. Specifies the path to your `postgresql.conf` file. -Default value: `${confdir}/postgresql.conf`. +Default value: '${confdir}/postgresql.conf'. ##### `psql_path` @@ -1078,8 +962,7 @@ Default value: OS dependent. ##### `service_restart_on_change` -Overrides the default behavior to restart your PostgreSQL service when a config -entry has been changed that requires a service restart to become active. +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default value: `true`. @@ -1091,10 +974,9 @@ Default value: OS dependent. ##### `user` -Overrides the default PostgreSQL super user and owner of PostgreSQL related -files in the file system. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: `postgres`. +Default value: 'postgres'. #### postgresql::server::contrib @@ -1140,11 +1022,11 @@ postgresql::server::config_entry { 'check_function_bodies': ##### `ensure` -Removes an entry when set to `absent`. +Removes an entry if set to 'absent'. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. ##### `value` @@ -1156,15 +1038,13 @@ Creates a local database, user, and assigns necessary permissions. ##### `comment` -Defines a comment to be stored about the database using the PostgreSQL COMMENT -command. +Defines a comment to be stored about the database using the PostgreSQL COMMENT command. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `dbname` @@ -1176,13 +1056,13 @@ Default value: the namevar. Overrides the character set during creation of the database. -Default value: the default defined during installation. +Default value: The default defined during installation. ##### `grant` Specifies the permissions to grant during creation. -Default value: `ALL`. +Default value: 'ALL'. ##### `istemplate` @@ -1194,20 +1074,17 @@ Default value: `false`. Overrides the locale during creation of the database. -Default value: the default defined during installation. +Default value: The default defined during installation. ##### `owner` Sets a user as the owner of the database. -Default value: `$user` variable set in `postgresql::server` or -`postgresql::globals`. +Default value: '$user' variable set in `postgresql::server` or `postgresql::globals`. ##### `password` -Required. - -Sets the password for the created user. +**Required** Sets the password for the created user. ##### `tablespace` @@ -1219,13 +1096,11 @@ Default value: PostgreSQL default. Specifies the name of the template database from which to build this database. -Default value: `template0`. +Defaults value: `template0`. ##### `user` -Required. - -User to create and assign access to the database upon creation. +User to create and assign access to the database upon creation. Mandatory. #### postgresql::server::database @@ -1235,13 +1110,13 @@ Creates a database with no users and no permissions. Sets the name of the database. -Default value: the namevar. +Defaults value: The namevar. ##### `encoding` Overrides the character set during creation of the database. -Default value: the default defined during installation. +Default value: The default defined during installation. ##### `istemplate` @@ -1253,34 +1128,29 @@ Default value: `false`. Overrides the locale during creation of the database. -Default value: the default defined during installation. +Default value: The default defined during installation. ##### `owner` Sets name of the database owner. -Default value: the `$user` variable set in `postgresql::server` or -`postgresql::globals`. +Default value: The '$user' variable set in `postgresql::server` or `postgresql::globals`. ##### `tablespace` Sets tablespace for where to create this database. -Default value: the default defined during installation. +Default value: The default defined during installation. ##### `template` Specifies the name of the template database from which to build this database. -Default value: `template0`. +Default value: 'template0'. #### postgresql::server::database_grant -Manages grant-based access privileges for users, wrapping -the `postgresql::server::database_grant` for database specific permissions. -Consult -[the PostgreSQL documentation for `GRANT`](http://www.postgresql.org/docs/current/static/sql-grant.html) -for more information. +Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. ##### `ensure` @@ -1294,10 +1164,9 @@ Default value: 'present'. #### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `db` @@ -1307,21 +1176,21 @@ Specifies the database to which you are granting access. Specifies comma-separated list of privileges to grant. -Valid values: `ALL`, `CREATE`, `CONNECT`, `TEMPORARY`, `TEMP`. +Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. ##### `psql_db` Defines the database to execute the grant against. -**Warning:** This should not ordinarily be changed from the default. +**This should not ordinarily be changed from the default** -Default value: `postgres`. +Default value: 'postgres'. ##### `psql_user` Specifies the OS user for running `psql`. -Default value: the default user for the module, usually `postgres`. +Default value: The default user for the module, usually 'postgres'. ##### `role` @@ -1343,33 +1212,26 @@ Specifies the schema on which to activate the extension. Specifies whether to activate or deactivate the extension. -Valid values: `present` or `absent`. +Valid options: 'present' or 'absent'. -##### `extension` +#### `extension` -Specifies the extension to activate. If left blank, uses the name of -the resource. +Specifies the extension to activate. If left blank, uses the name of the resource. -##### `version` +#### `version` Specifies the version of the extension which the database uses. -When an extension package is updated, this does not automatically change -the effective version in each database. +When an extension package is updated, this does not automatically change the effective version in each database. This needs be updated using the PostgreSQL-specific SQL `ALTER EXTENSION...` -`version` may be set to `latest`, in which case the SQL -`ALTER EXTENSION "extension" UPDATE` is applied to this database (only). +`version` may be set to `latest`, in which case the SQL `ALTER EXTENSION "extension" UPDATE` is applied to this database (only). -`version` may be set to a specific version, in which case the extension is -updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` +`version` may be set to a specific version, in which case the extension is updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` -For example, if extension is set to `postgis` and version is set to `2.3.3`, -this will only apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to -the database. +eg. If extension is set to `postgis` and version is set to `2.3.3`, this will apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database only. -`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, -and the version will be left unchanged. +`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, and the version will be left unchanged. ##### `package_name` @@ -1379,15 +1241,11 @@ Specifies a package to install prior to activating the extension. Overrides default package deletion behavior. -By default, the package specified with `package_name` is installed when -the extension is activated and removed when the extension is deactivated. -To override this behavior, set the `ensure` value for the package. +By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. #### postgresql::server::grant -Manages grant-based access privileges for roles. See -[PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) -for more information. +Manages grant-based access privileges for roles. See [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. ##### `ensure` @@ -1407,41 +1265,40 @@ Specifies the database to which you are granting access. Specifies the type of object to which you are granting privileges. -Valid values: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', -'TABLE' or 'ALL TABLES IN SCHEMA'. +Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. ##### `object_name` -Specifies name of `object_type` to which to grant access, can be either -a string or a two element array. When it is an array then the first element -must be the `object_type` and the second actual `object_name`. +Specifies name of `object_type` to which to grant access, can be either a string or a two element array. + +String: 'object_name' +Array: ['schema_name', 'object_name'] ##### `port` Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on your -PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `privilege` Specifies the privilege to grant. -Valid values: `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. +Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. ##### `psql_db` Specifies the database to execute the grant against. -**Warning:** This should not ordinarily be changed from the default. +**This should not ordinarily be changed from the default** -Default value: `postgres`. +Default value: 'postgres'. ##### `psql_user` Sets the OS user to run `psql`. -Default value: the default user for the module, usually `postgres`. +Default value: the default user for the module, usually 'postgres'. ##### `role` @@ -1449,9 +1306,7 @@ Specifies the role or user whom you are granting access to. #### postgresql::server::grant_role -Allows you to assign a role to a (group) role. See -[PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) -for more information. +Allows you to assign a role to a (group) role. See [PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) for more information. ##### `group` @@ -1459,31 +1314,29 @@ Specifies the group role to which you are assigning a role. ##### `role` -Specifies the role you want to assign to a group. If left blank, uses the name -of the resource. +Specifies the role you want to assign to a group. If left blank, uses the name of the resource. ##### `ensure` Specifies whether to grant or revoke the membership. -Valid values: `present` or `absent`. +Valid options: 'present' or 'absent'. -Default value: `present`. +Default value: 'present'. ##### `port` Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on your -PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `psql_db` Specifies the database to execute the grant against. -**Warning:** This should not ordinarily be changed from the default. +**This should not ordinarily be changed from the default** -Default value: `postgres`. +Default value: 'postgres'. ##### `psql_user` @@ -1493,29 +1346,25 @@ Default value: the default user for the module, usually `postgres`. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. #### postgresql::server::pg_hba_rule -Allows you to create an access rule for `pg_hba.conf`. For more details see -[the usage example](#create-an-access-rule-for-pghba.conf) and -[the PostgreSQL HBA documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). +Allows you to create an access rule for `pg_hba.conf`. For more details see the [usage example](#create-an-access-rule-for-pghba.conf) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). ##### `address` -Sets a CIDR based address for this rule matching when the type is not `local`. +Sets a CIDR based address for this rule matching when the type is not 'local'. ##### `auth_method` -Provides the method that is used for authentication for the connection that -this rule matches. +Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL `pg_hba.conf` documentation. ##### `auth_option` -For certain `auth_method` settings there are extra options that can be passed. +For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. ##### `database` @@ -1523,13 +1372,11 @@ Sets a comma-separated list of databases that this rule matches. ##### `description` -Defines a longer description for this rule, if required. This description is -placed in the comments above the rule in `pg_hba.conf`. +Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. -Default value: `none`. +Default value: 'none'. -Specifies a way to uniquely identify this resource, but functionally does -nothing. +Specifies a way to uniquely identify this resource, but functionally does nothing. ##### `order` @@ -1547,40 +1394,36 @@ Default value: the version set in `postgresql::server`. Provides the target for the rule, and is generally an internal only property. -**Warning:** Use with caution. +**Use with caution.** ##### `type` Sets the type of rule. -Valid values: `local`, `host`, `hostssl` or `hostnossl`. +Valid options: 'local', 'host', 'hostssl' or 'hostnossl'. ##### `user` Sets a comma-separated list of users that this rule matches. + #### postgresql::server::pg_ident_rule -Allows you to create user name maps for `pg_ident.conf`. For more details see -[the usage example](#create-user-name-maps-for-pgidentconf) above and -[the PostgreSQL User Name Maps documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). +Allows you to create user name maps for `pg_ident.conf`. For more details see the [usage example](#create-user-name-maps-for-pgidentconf) above and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). ##### `database_username` -Specifies the user name of the database user. The `system_username` is mapped -to this user name. +Specifies the user name of the database user. The `system_username` is mapped to this user name. ##### `description` -Sets a longer description for this rule if required. This description is -placed in the comments above the rule in `pg_ident.conf`. +Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. -Default value: `none`. +Default value: 'none'. ##### `map_name` -Sets the name of the user map that is used to refer to this mapping -in `pg_hba.conf`. +Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. ##### `order` @@ -1590,65 +1433,55 @@ Default value: 150. ##### `system_username` -Specifies the operating system user name (the user name used to connect to -the database). +Specifies the operating system user name (the user name used to connect to the database). ##### `target` Provides the target for the rule and is generally an internal only property. -**Warning:** Use with caution. +**Use with caution.** #### postgresql::server::reassign_owned_by -Runs the PostgreSQL command `REASSIGN OWNED` on a database, to transfer -the ownership of existing objects between database roles +Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer the ownership of existing objects between database roles ##### `db` -Specifies the database to which the `REASSIGN OWNED` will be applied. +Specifies the database to which the 'REASSIGN OWNED' will be applied ##### `old_role` -Specifies the role or user who is the current owner of the objects in -the specified db. +Specifies the role or user who is the current owner of the objects in the specified db ##### `new_role` -Specifies the role or user who will be the new owner of these objects. +Specifies the role or user who will be the new owner of these objects ##### `psql_user` Specifies the OS user for running `psql`. -Default value: the default user for the module, usually `postgres`. +Default value: The default user for the module, usually 'postgres'. ##### `port` Port to use when connecting. -Default value: `undef`, which generally defaults to port 5432 depending on -your PostgreSQL packaging. +Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. #### postgresql::server::recovery -Allows you to create the content for `recovery.conf`. For more details see -[the usage example](#create-recovery-configuration) and -[the PostgreSQL Recovery Configuration documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). -Every parameter value is a string set in the template except -`recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and -`recovery_min_apply_delay`. +Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. -A detailed description of all listed parameters can be found in -[the PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). The parameters are grouped into these three sections: @@ -1659,7 +1492,6 @@ The parameters are grouped into these three sections: * `recovery_end_command` ##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) - * `recovery_target_name` * `recovery_target_time` * `recovery_target_xid` @@ -1669,21 +1501,18 @@ The parameters are grouped into these three sections: * `pause_at_recovery_target` ##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) - -* `standby_mode`: Can be specified with the string (`on`/`off`), or by using a `Boolean` value (`true`/`false`). +* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (`true`/`false`). * `primary_conninfo` * `primary_slot_name` * `trigger_file` * `recovery_min_apply_delay` ##### `target` - Provides the target for the rule, and is generally an internal only property. -**Warning:** Use with caution. +**Use with caution.** #### postgresql::server::role - Creates or drops a role or user in PostgreSQL. ##### `ensure` @@ -1696,52 +1525,40 @@ Specifying 'absent' drops the role. Default value: 'present'. ##### `connection_limit` - Specifies how many concurrent connections the role can make. -Default value: `-1`, meaning no limit. +Default value: '-1', meaning no limit. ##### `connect_settings` +Specifies a hash of environment variables used when connecting to a remote server. -Specifies a hash of environment variables used when connecting to a remote -server. - -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `createdb` - Specifies whether to grant the ability to create new databases with this role. Default value: `false`. ##### `createrole` - Specifies whether to grant the ability to create new roles with this role. Default value: `false`. ##### `inherit` - Specifies whether to grant inherit capability for the new role. Default value: `true`. ##### `login` - Specifies whether to grant login capability for the new role. Default value: `true`. ##### `password_hash` - -Sets the hash to use during password creation. If the password is not already -pre-encrypted in a format that PostgreSQL supports, use -the `postgresql_password` function to provide an MD5 hash here, for example: +Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: ##### `update_password` - -If set to true, updates the password on changes. Set this to false to not -modify the role's password after creation. +If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. ```puppet postgresql::server::role { 'myusername': @@ -1773,10 +1590,9 @@ Creates a schema. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `db` @@ -1796,9 +1612,7 @@ Default value: the namevar. #### postgresql::server::table_grant -Manages grant-based access privileges for users. Consult -[the PostgreSQL documentation for `GRANT`](http://www.postgresql.org/docs/current/static/sql-grant.html) -for more information. +Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. ##### `ensure` @@ -1812,10 +1626,9 @@ Default value: 'present'. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `db` @@ -1823,24 +1636,21 @@ Specifies which database the table is in. ##### `privilege` -Specifies comma-separated list of privileges to grant. - -Valid values: `ALL`, `SELECT`, `INSERT`, `UPDATE`, `DELETE`, `TRUNCATE`, -`REFERENCES`, `TRIGGER`. +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. ##### `psql_db` Specifies the database to execute the grant against. -**Warning:** This should not ordinarily be changed from the default. +This should not ordinarily be changed from the default. -Default value: `postgres`. +Default value: 'postgres'. ##### `psql_user` Specifies the OS user for running `psql`. -Default value: the default user for the module, usually `postgres`. +Default value: The default user for the module, usually 'postgres'. ##### `role` @@ -1852,15 +1662,13 @@ Specifies the table to which you are granting access. #### postgresql::server::tablespace -Creates a tablespace. If necessary, also creates the location and assigns -the same permissions as the PostgreSQL server. +Creates a tablespace. If necessary, also creates the location and assigns the same permissions as the PostgreSQL server. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. +Specifies a hash of environment variables used when connecting to a remote server. -Default value: local PostgreSQL instance. +Default value: Connects to the local Postgres instance. ##### `location` @@ -1880,20 +1688,19 @@ Default value: the namevar. #### postgresql_psql -Enables Puppet to run `psql` statements. +Enables Puppet to run psql statements. ##### `command` Required. -Specifies the SQL command to execute via `psql`. +Specifies the SQL command to execute via psql. ##### `cwd` -Specifies the working directory under which the `psql` command should be -executed. +Specifies the working directory under which the psql command should be executed. -Default value: `/tmp`. +Default value: '/tmp'. ##### `db` @@ -1901,20 +1708,15 @@ Specifies the name of the database to execute the SQL command against. ##### `environment` -Specifies any additional environment variables you want to set for a SQL -command. Multiple environment variables should be specified as an array. +Specifies any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. ##### `name` -Sets an arbitrary tag for your own reference; the name of the message. -This is the namevar. +Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. ##### `onlyif` -Sets an optional SQL command to execute prior to the main command. This is -generally intended to be used for idempotency, to check for the existence of -an object in the database to determine whether or not the main SQL command -needs to be executed at all. +Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. ##### `port` @@ -1922,28 +1724,25 @@ Specifies the port of the database server to execute the SQL command against. ##### `psql_group` -Specifies the system user group account under which the `psql` command should -be executed. +Specifies the system user group account under which the psql command should be executed. -Default value: `postgres`. +Default value: 'postgres'. ##### `psql_path` -Specifies the path to `psql` executable. +Specifies the path to psql executable. -Default value: `psql`. +Default value: 'psql'. ##### `psql_user` -Specifies the system user account under which the `psql` command should be -executed. +Specifies the system user account under which the psql command should be executed. -Default value: `postgres`. +Default value: 'postgres'. ##### `refreshonly` -Specifies whether to execute the SQL only if there is a notify or subscribe -event. +Specifies whether to execute the SQL only if there is a notify or subscribe event. Valid values: `true`, `false`. @@ -1971,7 +1770,7 @@ This is the namevar. Specifies the path to `postgresql.conf`. -Default value: `/etc/postgresql.conf`. +Default value: '/etc/postgresql.conf'. ##### `value` @@ -1979,13 +1778,11 @@ Specifies the value to set for this parameter. #### postgresql_replication_slot -Allows you to create and destroy replication slots to register warm standby -replication on a PostgreSQL master server. +Allows you to create and destroy replication slots to register warm standby replication on a PostgreSQL master server. ##### `name` -Specifies the name of the slot to create. Must be a valid replication slot -name. +Specifies the name of the slot to create. Must be a valid replication slot name. This is the namevar. @@ -1995,41 +1792,37 @@ Required. Specifies the action to create or destroy named slot. -Valid values: `present`, `absent`. +Valid values: 'present', 'absent'. -Default value: `present`. +Default value: 'present'. #### postgresql_conn_validator -Validate the connection to a local or remote PostgreSQL database using this -type. +Validate the connection to a local or remote PostgreSQL database using this type. ##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote -server. This is an alternative to providing individual parameters -(`host`, etc). If provided, the individual parameters take precedence. +Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`host`, etc). If provided, the individual parameters take precedence. -Default value: `{}` +Default value: {} ##### `db_name` Specifies the name of the database you wish to test. -Default value: `''` +Default value: '' ##### `db_password` -Specifies the password to connect with. Can be left blank if `.pgpass` is -being used, otherwise not recommended. +Specifies the password to connect with. Can be left blank if `.pgpass` is being used, otherwise not recommended. -Default value: `''` +Default value: '' ##### `db_username` Specifies the username to connect with. -Default value: `''` +Default value: '' When using a Unix socket and ident auth, this is the user you are running as. @@ -2037,27 +1830,25 @@ When using a Unix socket and ident auth, this is the user you are running as. This is the command run against the target database to verify connectivity. -Default value: `SELECT 1` +Default value: 'SELECT 1' ##### `host` Sets the hostname of the database you wish to test. -Default value: `''`, which generally uses the designated local Unix socket. +Default value: '', which generally uses the designated local Unix socket. -**Warning:** If the host is remote you must provide a username. +**If the host is remote you must provide a username.** ##### `port` Defines the port to use when connecting. -Default value: `''` +Default value: '' ##### `run_as` -Specifies the user to run the `psql` command as. This is important when trying -to connect to a database locally using Unix sockets and `ident` authentication. -Not needed for remote testing. +Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. ##### `sleep` @@ -2065,39 +1856,29 @@ Sets the number of seconds to sleep for before trying again after a failure. ##### `tries` -Sets the number of attempts after failure before giving up and failing -the resource. +Sets the number of attempts after failure before giving up and failing the resource. ### Functions #### postgresql_password -Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it -from the command line and then copy and paste the encrypted password into your -manifest: +Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it from the command line and then copy and paste the encrypted password into your manifest: ```shell puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' ``` -Alternatively, you can call this from your production manifests, but -the manifests will then contain a clear text version of your passwords. +Alternatively, you can call this from your production manifests, but the manifests will then contain a clear text version of your passwords. #### postgresql_acls_to_resources_hash(acl_array, id, order_offset) -This internal function converts a list of `pg_hba.conf` based ACLs (passed in -as an array of strings) to a format compatible with -the `postgresql::pg_hba_rule` resource. +This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. -**Warning:** This function should only be used internally by the module. +**This function should only be used internally by the module**. ### Tasks -The postgresql module has an example task that allows a user to execute -arbitrary SQL against a database. Please refer to to -[the PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or -[the Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how -to execute a task. +The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. ## Limitations @@ -2114,19 +1895,16 @@ Other systems might be compatible, but are not being actively tested. ### Apt module support -While this module supports both 1.x and 2.x versions of the puppetlabs-apt -module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. +While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1. ### PostGIS support -PostGIS is currently considered an unsupported feature, as it doesn't work on -all platforms correctly. +PostGIS is currently considered an unsupported feature, as it doesn't work on all platforms correctly. ### All versions of RHEL/CentOS -If you have SELinux enabled you must add any custom ports you use to -the `postgresql_port_t` context. You can do this as follows: +If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: ```shell semanage port -a -t postgresql_port_t -p tcp $customport @@ -2134,19 +1912,11 @@ semanage port -a -t postgresql_port_t -p tcp $customport ## Development -Puppet Labs modules on the Puppet Forge are open projects, and community -contributions are essential for keeping them great. We can't access the huge -number of platforms and myriad hardware, software, and deployment -configurations that Puppet is intended to serve. We want to keep it as easy -as possible to contribute changes so that our modules work in your environment. -There are a few guidelines that we need contributors to follow so that we can -have a chance of keeping on top of things. For more information, see our -[module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). ### Tests -There are two types of tests distributed with this module. Unit tests with -`rspec-puppet` and system tests using `rspec-system`. +There are two types of tests distributed with this module. Unit tests with `rspec-puppet` and system tests using `rspec-system`. For unit testing, make sure you have: @@ -2165,9 +1935,7 @@ And then run the unit tests: bundle exec rake spec ``` -The unit tests are run in Travis-CI as well. If you want to see the results of -your own tests, register the service hook through Travis-CI via the accounts -section for your GitHub clone of this project. +The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your GitHub clone of this project. To run the system tests, make sure you also have: @@ -2180,8 +1948,7 @@ Then run the tests using: bundle exec rspec spec/acceptance ``` -To run the tests on different operating systems, see the sets available -in `.nodeset.yml` and run the specific set with the following syntax: +To run the tests on different operating systems, see the sets available in `.nodeset.yml` and run the specific set with the following syntax: ```shell RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance @@ -2189,5 +1956,4 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### Contributors -View the full list of contributors on -[GitHub](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). +View the full list of contributors on [Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors). diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 6517e36a4e..7d35811ba8 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1066,7 +1066,7 @@ PostgreSQLのCOMMENTコマンドを使用して、データベースについて ##### `istemplate` -`true`に設定すると、そのデータベースをテンプレートとして指定します。 +`true`に設定すると、そのデータベースをテンプレートとして指定します。 デフォルト値: `false`。 @@ -1814,7 +1814,7 @@ Unixソケットとident認証を使用するとき、このユーザとして 接続するときに使用するポートを定義します。 -デフォルト値: '' +デフォルト値: '' ##### `run_as` @@ -1924,4 +1924,4 @@ RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance ### コントリビュータ -貢献してくださった方々の一覧を[GitHub](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 +貢献してくださった方々の一覧を[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 From fdbd89aab89e2aa987528b4b901b4f78278453a9 Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 6 Mar 2018 14:30:59 +0000 Subject: [PATCH 0318/1000] grant_spec.rb fix --- README.md | 2 +- spec/acceptance/server/grant_spec.rb | 31 +++++++++++++++++----------- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index d27dc52a80..d83137aebf 100644 --- a/README.md +++ b/README.md @@ -1154,7 +1154,7 @@ Manages grant-based access privileges for users, wrapping the `postgresql::serve ##### `ensure` -Specifies whether to grant or revoke the privilege. Default is to grant the privilege. +Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. Valid values: 'present', 'absent'. * 'present' to grant the privilege diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index e4a3231775..c53d5ff685 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -500,18 +500,25 @@ class { 'postgresql::server': } describe 'REVOKE ... ON DATABASE...' do it 'do not fail on revoke connect from non-existant user' do begin - apply_manifest(pp_setup, catch_failures: true) - pp = pp_setup + <<-EOS.unindent - postgresql::server::grant { 'revoke connect on db from norole': - ensure => absent, - privilege => 'CONNECT', - object_type => 'DATABASE', - db => '#{db}', - role => '#{user}_does_not_exist', - } - EOS - apply_manifest(pp, catch_changes: true) - apply_manifest(pp, catch_failures: true) + # Test fail's on postgresql versions earlier than 9.1.24 + # postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.1.24' + apply_manifest(pp_setup, catch_failures: true) + pp = pp_setup + <<-EOS.unindent + postgresql::server::grant { 'revoke connect on db from norole': + ensure => absent, + privilege => 'CONNECT', + object_type => 'DATABASE', + db => '#{db}', + role => '#{user}_does_not_exist', + } + EOS + apply_manifest(pp, catch_changes: true) + apply_manifest(pp, catch_failures: true) + end end end end From e5d006d2cb07ea33ea295c36c1242b55f38d7c3d Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 16 Feb 2018 11:39:37 +0100 Subject: [PATCH 0319/1000] Revert PUP-8008 workaround Since PUP-8008 is fixed in 4.10.9 and 5.3.3, this workaround is no longer needed. --- spec/spec_helper_acceptance.rb | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 7f7252cf57..3332730532 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -10,37 +10,9 @@ UNSUPPORTED_PLATFORMS = %w[AIX windows Solaris Suse].freeze -# monkey patch to get around apt/forge issue (PUP-8008) -module Beaker::ModuleInstallHelper - include Beaker::DSL - - def module_dependencies_from_metadata - metadata = module_metadata - return [] unless metadata.key?('dependencies') - - dependencies = [] - - # get it outta here! - metadata['dependencies'].delete_if { |d| d['name'] == 'puppetlabs/apt' } - - metadata['dependencies'].each do |d| - tmp = { module_name: d['name'].sub('/', '-') } - - if d.key?('version_requirement') - tmp[:version] = module_version_from_requirement(tmp[:module_name], - d['version_requirement']) - end - dependencies.push(tmp) - end - - dependencies - end -end - install_bolt_on(hosts) unless pe_install? install_module_on(hosts) install_module_dependencies_on(hosts) -install_module_from_forge_on(hosts, 'puppetlabs/apt', '< 4.2.0') DEFAULT_PASSWORD = if default[:hypervisor] == 'vagrant' 'vagrant' From b5cda6856dbc1fccea7e83466e33e5b47df18bd3 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 18 Jan 2018 16:04:11 +0100 Subject: [PATCH 0320/1000] Clean up spec tests coding --- spec/unit/defines/server/grant_spec.rb | 52 ++++++++++--------- .../defines/server/reassign_owned_by_spec.rb | 4 +- spec/unit/defines/server/role_spec.rb | 9 ++-- 3 files changed, 35 insertions(+), 30 deletions(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 6b38458248..89fe800bef 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -29,6 +29,7 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } end @@ -46,13 +47,13 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } - it { - is_expected.to contain_postgresql_psql('grant:test').with( - 'command' => %r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m, - 'unless' => %r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m, - ) - } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m) + end end context 'SeQuEnCe case insensitive object_type match' do @@ -69,13 +70,13 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } - it { - is_expected.to contain_postgresql_psql('grant:test').with( - 'command' => %r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m, - 'unless' => %r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m, - ) - } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m) + end end context 'all sequences' do @@ -93,13 +94,13 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } - it { - is_expected.to contain_postgresql_psql('grant:test').with( - 'command' => %r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m, - 'unless' => %r{SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)}m, # rubocop:disable Metrics/LineLength - ) - } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)}m) # rubocop:disable Metrics/LineLength + end end context 'with specific db connection settings - default port' do @@ -116,6 +117,7 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1').with_port(5432) } end @@ -135,6 +137,7 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') } end @@ -155,6 +158,7 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('5678') } end @@ -174,13 +178,13 @@ "class {'postgresql::server':}" end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } - it { - is_expected.to contain_postgresql_psql('grant:test').with( - 'command' => %r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m, - 'unless' => %r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m, - ) - } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m) + end end context 'invalid object_type' do diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 1c8bd9f0b0..c71dfa8902 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -36,8 +36,8 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') - .with('command' => 'REASSIGN OWNED BY "test_old_role" TO "test_new_role"', - 'onlyif' => %r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) + .with_command('REASSIGN OWNED BY "test_old_role" TO "test_new_role"') + .with_onlyif(%r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) .that_requires('Class[postgresql::server]') } end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 1cd2ca9244..ba8ff8762b 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -61,10 +61,11 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => 'NEWPGPASSWD=new-pa$s', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432', - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) + .with_command("CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1") + .with_environment('NEWPGPASSWD=new-pa$s') + .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") + .with_port(5432) + .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') From 9e5fed27dd37e5ac45341b3d324c5ea68f9f70b9 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 18 Jan 2018 16:18:58 +0100 Subject: [PATCH 0321/1000] Add a test for Role -> Grant --- spec/unit/defines/server/grant_spec.rb | 27 ++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 89fe800bef..a41b1f061a 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -187,6 +187,33 @@ end end + context 'with a role defined' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_name: %w[myschema mytable], + object_type: 'table', + } + end + + let :pre_condition do + <<-EOS + class {'postgresql::server':} + postgresql::server::role { 'test': } + EOS + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql__server__role('test') } + it do + is_expected.to contain_postgresql_psql('grant:test') \ + .that_requires('Postgresql::Server::Role[test]') + end + end + context 'invalid object_type' do let :params do { From 37b75591f8c58168aca9c2d5a4545414bf0b7c4b Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Thu, 15 Mar 2018 13:27:33 +0000 Subject: [PATCH 0322/1000] (MODULES-6852) - Release Prep 5.4.0 --- CHANGELOG.md | 17 ++++++++++++++++- metadata.json | 2 +- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a05fed5008..2e06180c5e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## Supported Release [5.4.0] +### Summary +This is a minor release, it makes this module PDK-compliant for easier maintenance and includes a roll up of maintenance changes. + +#### Added +- PDK conversion [MODULES-6330](https://tickets.puppetlabs.com/browse/MODULES-6330). +- Parameter for `postgresql::server::database`: + - `ensure` Capability to revoke database privileges [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html). +- Parameter for `postgresql::server::database_grant`: + - `ensure` Capability to revoke database privileges [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html). + +#### Fixed +- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. + ## Supported Release [5.3.0] ### Summary Implements rubocop changes within the module, alongside other smaller changes. @@ -25,7 +39,7 @@ Implements rubocop changes within the module, alongside other smaller changes. ## Supported Release 5.2.1 ### Summary -Bug fix for issue introduced in 5.2.0 +Bug fix for issue introduced in 5.2.0 #### Fixed - issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) @@ -977,4 +991,5 @@ Notable features: 2012-08-16 - Version 0.2.0 released +[5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 diff --git a/metadata.json b/metadata.json index ad5a312279..97085c8279 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.3.0", + "version": "5.4.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 4c91554ca98af7ff5315c2a1892e7074b272f6a7 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Thu, 22 Mar 2018 10:22:24 -0700 Subject: [PATCH 0323/1000] Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 45 ++++++++++++++++++++++++++++++++++------- 1 file changed, 38 insertions(+), 7 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 7d35811ba8..9f4710c333 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -124,9 +124,9 @@ REASSIGN OWNEDを使用して、データベース内にあるすべてのオブ ```puppet postgresql::server::reassign_owned_by { 'new owner is meerkat': - db => 'test_db', - old_owner => 'marmot', - new_owner => 'meerkat', + db => 'test_db', + old_role => 'marmot', + new_role => 'meerkat', } ``` @@ -1152,6 +1152,16 @@ PostgreSQLのCOMMENTコマンドを使用して、データベースについて データベース固有のパーミッションについて`postgresql::server::database_grant`をラッピングして、grantベースのユーザアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 +##### `ensure` + +権限を付与するか、無効化するかを指定します。無効化する'absent'はPostgreSQLバージョン9.1.24以降でのみ機能します。 + +有効な値: 'present'、'absent'。 +* 権限を付与するには'present'を指定します。 +* 権限を無効化するには'absent'を指定します。 + +デフォルト値: 'present'。 + #### `connect_settings` リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 @@ -1237,6 +1247,16 @@ PostgreSQL拡張を管理します。 ロールのgrantベースのアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 +##### `ensure` + +権限を付与するか、無効化するかを指定します。デフォルトでは権限を付与します。 + +有効な値: 'present'、'absent'。 +* 権限を付与するには'present'を指定します。 +* 権限を無効化するには'absent'を指定します。 + +デフォルト値: 'present'。 + ##### `db` アクセス権を付与するデータベースを指定します。 @@ -1493,7 +1513,6 @@ PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し **注意して使用してください。** #### postgresql::server::role - PostgreSQLのロールまたはユーザを作成もしくは削除します。 ##### `ensure` @@ -1594,6 +1613,16 @@ postgresql::server::role { 'myusername': ユーザのgrantベースのアクセス権を管理します。詳細については、PostgreSQLマニュアルの`grant`の項を参照してください。 +##### `ensure` + +権限を付与するか、無効化するかを指定します。デフォルトでは権限を付与します。 + +有効な値: 'present'、'absent'。 +* 権限を付与するには'present'を指定します。 +* 権限を無効化するには'absent'を指定します。 + +デフォルト値: 'present'。 + ##### `connect_settings` リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 @@ -1814,7 +1843,7 @@ Unixソケットとident認証を使用するとき、このユーザとして 接続するときに使用するポートを定義します。 -デフォルト値: '' +デフォルト値: '' ##### `run_as` @@ -1848,7 +1877,8 @@ puppet apply --execute 'notify { 'test': message => postgresql_password('usernam ### タスク -postgresqlモジュールの'sqlサンプルタスクは、データベースに対して任意のSQLを実行します。タスクの実行方法については、[Puppet Enterpriseマニュアル](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html)または[Boltマニュアル](https://puppet.com/docs/bolt/latest/bolt.html)を参照してください。 +Postgresqlモジュールにはサンプルタスクがあり、ユーザはデータベースに対して任意のSQLを実行できます。[PEマニュアル](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html)または[Boltマニュアル](https://puppet.com/docs/bolt/latest/bolt.html) で、タスクを実行する方法に関する情報を参照してください。 + ## 制約事項 @@ -1864,7 +1894,8 @@ PostgreSQLのバージョン8.1~9.5で動作します。 ### Aptモジュールのサポート -このモジュールは1.xと2.x両方のバージョンの`puppetlabs-apt` モジュールをサポートしていますが、2.0.0と2.0.1の`puppetlabs-apt`はサポートしていません。 +このモジュールは1.xと2.x両方のバージョンの'puppetlabs-apt'モジュールをサポートしていますが、'puppetlabs-apt'の2.0.0と2.0.1はサポートしていません。 + ### PostGISのサポート From d69ff1ec91d02337415911fac35d8a1fa5a906fa Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 31 Jan 2018 18:36:09 +0100 Subject: [PATCH 0324/1000] Autorequire the service class for postgresql_psql --- lib/puppet/type/postgresql_psql.rb | 2 ++ manifests/server/grant.pp | 1 - manifests/server/reassign_owned_by.pp | 1 - manifests/server/role.pp | 9 +++------ manifests/server/tablespace.pp | 2 +- spec/unit/defines/server/grant_spec.rb | 2 +- spec/unit/defines/server/reassign_owned_by_spec.rb | 3 ++- spec/unit/defines/server/role_spec.rb | 3 ++- spec/unit/defines/server/tablespace_spec.rb | 1 + 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 1e7b2c4b48..a96ea78b03 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -120,6 +120,8 @@ def matches(value) newvalues(:true, :false) end + autorequire(:class) { ['Postgresql::Server::Service'] } + def should_run_sql(refreshing = false) onlyif_param = @parameters[:onlyif] unless_param = @parameters[:unless] diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 4817326c93..22e1040da7 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -413,7 +413,6 @@ psql_path => $psql_path, unless => $_unless, onlyif => $_onlyif, - require => Class['postgresql::server'] } if($role != undef and defined(Postgresql::Server::Role[$role])) { diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 812c7e228a..d4d6f5b088 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -45,7 +45,6 @@ psql_group => $group, psql_path => $psql_path, onlyif => $onlyif, - require => Class['postgresql::server'] } if($old_role != undef and defined(Postgresql::Server::Role[$old_role])) { diff --git a/manifests/server/role.pp b/manifests/server/role.pp index daef4829d5..c8db8b334c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -47,10 +47,7 @@ psql_path => $psql_path, connect_settings => $connect_settings, cwd => $module_workdir, - require => [ - Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], - Class['postgresql::server'], - ], + require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], } if $ensure == 'present' { @@ -72,7 +69,7 @@ command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", environment => $environment, - require => Class['Postgresql::Server'], + require => undef, } postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": @@ -128,7 +125,7 @@ # ensure == absent postgresql_psql { "DROP ROLE \"${username}\"": onlyif => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", - require => Class['Postgresql::Server'], + require => undef, } } } diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index cf0b65dc0b..35dd8b7bc6 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -40,7 +40,7 @@ postgresql_psql { "CREATE TABLESPACE \"${spcname}\"": command => "CREATE TABLESPACE \"${spcname}\" LOCATION '${location}'", unless => "SELECT 1 FROM pg_tablespace WHERE spcname = '${spcname}'", - require => [Class['postgresql::server'], File[$location]], + require => File[$location], } if $owner { diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index a41b1f061a..6e9729476c 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -210,7 +210,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do is_expected.to contain_postgresql_psql('grant:test') \ - .that_requires('Postgresql::Server::Role[test]') + .that_requires(['Class[postgresql::server::service]', 'Postgresql::Server::Role[test]']) end end diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index c71dfa8902..c5a1794e30 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -32,12 +32,13 @@ class {'postgresql::server':} MANIFEST end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__reassign_owned_by('test') } it { is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_command('REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_onlyif(%r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) - .that_requires('Class[postgresql::server]') + .that_requires('Class[Postgresql::Server::Service]') } end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index ba8ff8762b..3867eb40ba 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -66,6 +66,7 @@ .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") .with_port(5432) .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') + .that_requires('Class[postgresql::server::service]') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') @@ -138,7 +139,7 @@ end it 'has drop role for "test" user if ensure absent' do - is_expected.to contain_postgresql_psql('DROP ROLE "test"') + is_expected.to contain_postgresql_psql('DROP ROLE "test"').that_requires('Class[postgresql::server::service]') end end end diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 96285d56e0..7a3af76679 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -28,6 +28,7 @@ end it { is_expected.to contain_postgresql__server__tablespace('test') } + it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Class[postgresql::server::service]') } context 'with different owner' do let :params do From 5ae1dd47417a24f5bd708a525183b3bdca1e4778 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 18 Jan 2018 16:03:25 +0100 Subject: [PATCH 0325/1000] Use contain rather than the anchor pattern --- manifests/server.pp | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 7509ec97e1..e9d2bf438e 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -74,11 +74,15 @@ # Reload has its own ordering, specified by other defines class { "${pg}::reload": require => Class["${pg}::install"] } - anchor { "${pg}::start": } - -> class { "${pg}::install": } - -> class { "${pg}::initdb": } - -> class { "${pg}::config": } - -> class { "${pg}::service": } - -> class { "${pg}::passwd": } - -> anchor { "${pg}::end": } + contain postgresql::server::install + contain postgresql::server::initdb + contain postgresql::server::config + contain postgresql::server::service + contain postgresql::server::passwd + + Class['postgresql::server::install'] + -> Class['postgresql::server::initdb'] + -> Class['postgresql::server::config'] + -> Class['postgresql::server::service'] + -> Class['postgresql::server::passwd'] } From 27a48138c9c2d6d3727f9dda7a25e2ffd15d9d4e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 18 Jan 2018 16:03:45 +0100 Subject: [PATCH 0326/1000] Allow adding roles, config entires and hba rules via hiera --- manifests/server.pp | 23 +++++++++ spec/acceptance/overridden_settings_spec.rb | 53 ++++++++++++++++++++ spec/unit/classes/server_spec.rb | 54 +++++++++++++++++++++ 3 files changed, 130 insertions(+) create mode 100644 spec/acceptance/overridden_settings_spec.rb diff --git a/manifests/server.pp b/manifests/server.pp index e9d2bf438e..2f2fe1506b 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -55,6 +55,11 @@ $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, $manage_recovery_conf = $postgresql::params::manage_recovery_conf, $module_workdir = $postgresql::params::module_workdir, + + Hash[String, Hash] $roles = {}, + Hash[String, Any] $config_entries = {}, + Hash[String, Hash] $pg_hba_rules = {}, + #Deprecated $version = undef, ) inherits postgresql::params { @@ -85,4 +90,22 @@ -> Class['postgresql::server::config'] -> Class['postgresql::server::service'] -> Class['postgresql::server::passwd'] + + $roles.each |$rolename, $role| { + postgresql::server::role { $rolename: + * => $role, + } + } + + $config_entries.each |$entry, $value| { + postgresql::server::config_entry { $entry: + value => $value, + } + } + + $pg_hba_rules.each |$rule_name, $rule| { + postgresql::server::pg_hba_rule { $rule_name: + * => $rule, + } + } } diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb new file mode 100644 index 0000000000..b956bf10ac --- /dev/null +++ b/spec/acceptance/overridden_settings_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper_acceptance' + +# These tests are designed to ensure that the module, when ran overrides, +# sets up everything correctly and allows us to connect to Postgres. +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + pp = <<-MANIFEST + class { 'postgresql::server': + roles => { + 'testusername' => { + password_hash => postgresql_password('testusername', 'supersecret'), + createdb => true, + }, + }, + config_entries => { + max_connections => 200, + }, + pg_hba_rules => { + 'from_remote_host' => { + type => 'host', + database => 'mydb', + user => 'myuser', + auth_method => 'md5', + address => '192.0.2.100/32', + }, + }, + } + + postgresql::server::database { 'testusername': + owner => 'testusername', + } + MANIFEST + + it 'with additional hiera entries' do + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) + end + + describe port(5432) do + it { is_expected.to be_listening } + end + + it 'can connect with psql' do + psql('--command="\l" postgres', 'postgres') do |r| + expect(r.stdout).to match(%r{List of databases}) + end + end + + it 'can connect with psql as testusername' do + shell('PGPASSWORD=supersecret psql -U testusername -h localhost --command="\l"') do |r| + expect(r.stdout).to match(%r{List of databases}) + end + end +end diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 02d5a95d45..0667567670 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -163,4 +163,58 @@ class { 'postgresql::globals': is_expected.to contain_class('postgresql::repo').with_version('99.5') end end + + describe 'additional roles' do + let(:params) do + { + roles: { + username: { createdb: true }, + }, + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__role('username').with_createdb(true) } + end + + describe 'additional config_entries' do + let(:params) do + { + config_entries: { + fsync: 'off', + checkpoint_segments: '20', + }, + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__config_entry('fsync').with_value('off') } + it { is_expected.to contain_postgresql__server__config_entry('checkpoint_segments').with_value('20') } + end + + describe 'additional pg_hba_rules' do + let(:params) do + { + pg_hba_rules: { + from_remote_host: { + type: 'host', + database: 'mydb', + user: 'myuser', + auth_method: 'md5', + address: '192.0.2.100', + }, + }, + } + end + + it { is_expected.to compile.with_all_deps } + it do + is_expected.to contain_postgresql__server__pg_hba_rule('from_remote_host') + .with_type('host') + .with_database('mydb') + .with_user('myuser') + .with_auth_method('md5') + .with_address('192.0.2.100') + end + end end From aeebd2369f01e4d563849397529ea8cb3882779b Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 29 Mar 2018 13:53:27 -0700 Subject: [PATCH 0327/1000] Add docs for #950 --- README.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.md b/README.md index d83137aebf..15dfaefdbc 100644 --- a/README.md +++ b/README.md @@ -754,6 +754,12 @@ The name of the PostgreSQL Python package. #### postgresql::server +##### `config_entries` + +Specifies a hash from which to generate `postgresql::server::config_entry` resources. + +Default value: `{}` + ##### `createdb_path` **Deprecated.** Specifies the path to the `createdb` command. @@ -894,6 +900,12 @@ If `false`, disables the defaults supplied with the module for `pg_hba.conf`. Th Specifies the path to your `pg_hba.conf` file. +##### `pg_hba_rules` + +Specifies a hash from which to generate `postgresql::server::pg_hba_rule` resources. + +Default value: `{}` + ##### `pg_ident_conf_path` Specifies the path to your `pg_ident.conf` file. @@ -936,6 +948,12 @@ Specifies the path to the `psql` command. Default value: OS dependent. +##### `roles` + +Specifies a hash from which to generate `postgresql::server::role` resources. + +Default value: `{}` + ##### `service_manage` Defines whether or not Puppet should manage the service. From bb43bc2ae0258ad0658c42a5a3925055cdfb6875 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 4 Apr 2018 12:44:25 +0200 Subject: [PATCH 0328/1000] Lower max connections to 21 in acceptance tests The max memory of postgresql is partly determined by the max connections. Since we don't actually care about the value here, we set it to something lower. 21 should be non-default. --- spec/acceptance/overridden_settings_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index b956bf10ac..0a76da4f96 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -12,7 +12,7 @@ class { 'postgresql::server': }, }, config_entries => { - max_connections => 200, + max_connections => 21, }, pg_hba_rules => { 'from_remote_host' => { From 61e69fb178eb2a919ec3d4ffdaa2b6fc792b6b6d Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 16 Mar 2018 07:40:37 -0700 Subject: [PATCH 0329/1000] Make changelog GCG'd for 5.4.0 --- .github_changelog_generator | 3 + CHANGELOG.md | 29 +- HISTORY.md | 976 ++++++++++++++++++++++++++++++++++++ 3 files changed, 994 insertions(+), 14 deletions(-) create mode 100644 .github_changelog_generator create mode 100644 HISTORY.md diff --git a/.github_changelog_generator b/.github_changelog_generator new file mode 100644 index 0000000000..7c3fb127ea --- /dev/null +++ b/.github_changelog_generator @@ -0,0 +1,3 @@ +user=puppetlabs +project=puppetlabs-postgresql +since_tag=5.3.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 2e06180c5e..468cd7b365 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,21 +1,19 @@ -# Change log +# Changelog -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) -and this project adheres to [Semantic Versioning](http://semver.org). +All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## Supported Release [5.4.0] -### Summary -This is a minor release, it makes this module PDK-compliant for easier maintenance and includes a roll up of maintenance changes. +## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-20) -#### Added -- PDK conversion [MODULES-6330](https://tickets.puppetlabs.com/browse/MODULES-6330). -- Parameter for `postgresql::server::database`: - - `ensure` Capability to revoke database privileges [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html). -- Parameter for `postgresql::server::database_grant`: - - `ensure` Capability to revoke database privileges [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html). +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.3.0...5.4.0) -#### Fixed -- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. +### Added + +- \(MODULES-6330\) PDK convert 1.4.1 [\#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) +- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database\_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) + +### Fixed + +- Documentation error, `reassign\_owned\_by` uses `\*\_role` not `\*\_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) ## Supported Release [5.3.0] ### Summary @@ -993,3 +991,6 @@ Notable features: [5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* \ No newline at end of file diff --git a/HISTORY.md b/HISTORY.md new file mode 100644 index 0000000000..e688f91425 --- /dev/null +++ b/HISTORY.md @@ -0,0 +1,976 @@ +## Supported Release [5.3.0] +### Summary +Implements rubocop changes within the module, alongside other smaller changes. + +#### Added +- ensure=>absent added to postgresql::server:role. +- Support added for Fedora 27. +- scram-sha-256 added as a valid ph_hba_rule auth method. +- 9.6 settings inherited for later PgSQL versions on FreeBSD. +- A require has been added for puppet. + +#### Changed +- Changes made to avoid the useless loading of files by augeas. +- Modulesync changes. +- psql_path defaulted to postgresql::server::psql_path. +- Rubocop changes have been made. + +#### Removed +- Debian 9 support deprecated. + +## Supported Release 5.2.1 +### Summary +Bug fix for issue introduced in 5.2.0 + +#### Fixed +- issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) + +## Supported Release 5.2.0 +### Summary +Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. + +#### Added +- Added default postgresql version of Ubuntu 17.4 version to the globals.pp file. +- Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. +- Use postgresql 9.6 for the newest SLES and openSUSE releases. +- Enhanced --data-checksums on initdb. +- Added support for Debian version 9. +- Added a `version` parameter. + +#### Changed +- Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. +- Installation method for apt in the spec_helper_acceptance, this is a temporary workaround due to issues with module installation. + +#### Fixed +- Updated spec tests to remove deprecation warnings. +- Docs formatting. +- Pass default_connect_settings to validate service ([MODULES-4682](https://tickets.puppetlabs.com/browse/MODULES-4682)) +- Rocket Alignment for Lint. +- Fixed changes in error messages in tests ([MODULES-5378](https://tickets.puppetlabs.com/browse/MODULES-5378)) + +#### Removed +- Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) +- Removed unsupported Debian version 6. +- Removed numeric order override. + +## Supported Release 5.1.0 +### Summary +This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. + +#### Features +- Updating translations for readmes/README_ja_JP.md +- add defined type postgresql::server::reassign_owned_by +- Allow order parameter to be string value +- prep for puppet 5 ([MODULES-5144](https://tickets.puppetlabs.com/browse/MODULES-5144)) +- add data_checksums option to initdb +- parameter ensure of custom resource postgresql_replication_slot is not documented ([MODULES-2989](https://tickets.puppetlabs.com/browse/MODULES-2989)) + +#### Bug Fixes +- Adding a space for header formatting +- use https for apt.postgresql.org repo +- msync puppet 5 and ruby 2.4 ([MODULES-5197](https://tickets.puppetlabs.com/browse/MODULES-5187)) +- Only run test on postgresql >= 9.0 ([FM-6240](https://tickets.puppetlabs.com/browse/FM-6240)) +- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash + +## Supported Release 5.0.0 +### Summary +This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. + +#### Added +- `locales/` directory, .pot file, and i18n `config.yaml`. ([FM-6116](https://tickets.puppet.com/browse/FM-6116)) +- `update_password` parameter to toggle password management per role. +- **Puppet 4** type validation. +- new `postgresql_conn_validator` custom type and deprecated `validate_db_connection`. ([MODULES-1394](https://tickets.puppet.com/browse/MODULES-1394)) + +#### Changed +- default postgis versions in postgresql::globals to use newer versions. +- puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) +- default value for `log_line_prefix` to `undef`. +- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. +- use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. +- lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) + +#### Fixed +- deprecated apt::source parameters(`key`,`key_source`, & `include_src`). +- default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) +- use of force parameter on concat resources. + +## Supported Release 4.9.0 +### Summary +This release adds several types and, among other bugs, fixes an issue with the yum URL. + +#### Features +- Modifying ownership of databases and schemas now available (MODULES-3247) +- Use `module_workdir` to specify a custom directory in which to execute psql commands +- `grant_role` and `grant` types added! +- Support for parallel unit testing (parallel_tests) +- Override download/installation repo URL with `repo_baseurl` +- Set your timezone with `timezone` +- Grant privileges on LANGUAGEs +- Added support for Debian Stretch and Ubuntu Yakkety Yak + +#### Bugfixes +- Usernames and passwords are now converted to strings before password hash is created +- Specify default database name if it is not the username +- Update to yum repo +- Schema name conflicts fix + +## Supported Release 4.8.0 +### Summary +This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. + +#### Features +- Add `default_connect_settings` parameter to `postgresql::server` +- Running under strict variables is now supported +- Add timestamps into logs by default + +#### Bugfixes +- Obscure password in postgresql\_psql type +- Fix ip address quoting in postgresql\_conf type +- Fix handling of systemd service on Ubuntu +- Mark log_min_duration_statement setting as requiring a service restart +- Add fixes for Fedora 23, Fedora 24, FreeBSD, OpenBSD +- Fix environment handling to avoid "Overriding environment setting" message +- Work around PUP-6385, using empty arrays instead of undef when specifying resource relationships +- README editorial pass +- Reduce whitespace in templates +- Update build/test infrastructure + +## Supported Release 4.7.1 +### Summary +This release contains some bugfixes and documentation updates. + +#### Bugfixes +- (MODULES-3024) Quote database objects when creating databases. +- Properly escape case where password ends with '$'. +- Fixes password change when postgres is configure to non-standard port. +- Unpins concat dependency to be able to use concat 2.x. +- Workaround to fix installing on Amazon Linux. +- Fixes proper defaulting of `$service_provider` parameter. +- Fixes postgres server init script naming on Amazon Linux. +- Fixes service reload parameter on Arch Linux. +- Adds missing onlyif_function to sequence grant code. +- Fixes to the markdown of the README. + +## Supported Release 4.7.0 +### Summary +A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. + +#### Features +- Remote DB support - Connection-settings allows a hash of options that can be used when connecting to a remote DB. +- Debian 8 support. +- Updated systemd-override to support fedora and CentOS paths. +- Adds the ability to define the extension name separately from the title of the resource, which allows you to add the extension to more than one database. +- Added parameter to disable automatic service restarts on config changes. +- Ubuntu 15.10 compatibility. +- OpenBSD version is now 9.4. +- Added .gitattributes to maintain line endings for .sh and .rb files. +- Adds default postgis version for 9.5. +- Allows float postgresql_conf values. +- Schedule apt update after install of repo. + +#### Bugfixes +- Fixed systemd-override for RedHat systems with unmanaged Yum repos. +- Removed inherits postgresql::params. +- Multi-node tests are now not ran by default. +- Change apt::pin to apt_postgresql_org to prevent error message. +- Removed syntax error near UTF8. +- Removal of extra blanks and backslashes in README. +- Double quotes now used around database name to prevent syntax error. +- Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. +- Fixed paths to work on Amazon Linux. +- Fixed quotes around locale options. +- Huge README update. +- Update to use current msync configs. +- Fixes postgresql::server acceptance test descriptions. + +## Supported Release 4.6.1 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + +## 2015-09-01 - Supported Release 4.6.0 +### Summary +This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. + +#### Features +- Support setting a proxy for yum operations +- Allow for undefined PostGIS version +- Decouple pg_hba_rule from postgresql::server + +#### Bugfixes +- Fix postgis default package name on RedHat + +## 2015-07-27 - Supported Release 4.5.0 +### Summary +This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to +the psql resource. + +### Features +- Add `onlyif` parameter to `postgresql_psql` +- Add unsupported compatibility with Ubuntu 15.04 +- Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 +- Add `postgresql::server::grant::onlyif_exists` attribute +- Add `postgresql::server::table_grant::onlyif_exists` attribute +- Add granting permissions on sequences + +### Bugfixes +- Added docs for `postgresql::server::grant` +- Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls +- Fix 9.4 for `postgresql::server::pg_hba_rule` + +## 2015-07-07 - Supported Release 4.4.2 +### Summary +This release fixes a bug introduced in 4.4.0. + +#### Bugfixes +- Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) + +## 2015-07-01 - Supported Release 4.4.1 +### Summary +This release fixes RHEL 7 & Fedora with manage_package_repo switched on. + +#### Bugfixes +- Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 + +## 2015-06-30 - Supported Release 4.4.0 +### Summary +This release has several new features, bugfixes, and test improvements. + +#### Features +- Adds a resource to manage recovery.conf. +- Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. +- Adds support for plpython package management. +- Adds support for postgresql-docs management. +- Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) +- Updates puppetlabs-apt module dependency to support version 2.1.0. + +#### Bugfixes +- Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser +- Fix setting postgres role password (MODULES-1869) +- Fix execution command with puppet <3.4 (MODULES-1923) +- Fix Puppet.newtype deprecation warning (MODULES-2007) +- Fix systemd override for manage_repo package versions +- Fix Copy snakeoil certificate and key instead of symlinking + +#### Test Improvements +- Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. +- Enables Unit testing on Travis CI with Puppet 4. +- Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. + +## 2015-03-24 - Supported Release 4.3.0 +### Summary +This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. + +#### Features +- Add `postgresql::server::logdir` parameter to manage the logdir +- Add `environment` parameter to `postgresql_psql` +- Add `postgresql_replication_slot` custom resource + +#### Bugfixes +- Fix for Puppet 4 +- Don't print postgresql\_psql password in command +- Allow `postgresql::validate_db_connection` for more than one host+port+database combo +- Fix service command on Debian 8 and up +- Fix `postgresql::server::extension` to work with custom user/group/port +- Fix `postgresql::server::initdb` to work with custom user/group/port +- Fix changing template1 encoding +- Fix default `postgresql::server::grant::object_name` value +- Fix idempotency of granting all tables in schema with `puppet::server::grant` +- Fix lint warnings +- Fix apt key to use 40 character key and bump puppetlabs-apt to >= 1.8.0 < 2.0.0 + + +##2015-03-10 - Supported Release 4.2.0 +###Summary + +This release has several new features including support for server extensions, improved grant support, and a number of bugfixes. + +####Features +- Changes to support OpenBSD +- Add `service_reload` parameter to `postgresql::server` +- Add `comment` parameter to `postgresql::server::database` (MODULES-1153) +- Add `postgresql::server::extension` defined type +- Add postgresql versions for utopic and jessie +- Update `postgresql::server::grant` to support 'GRANT SCHEMA' and 'ALL TABLES IN SCHEMA' + +####Bugfixes +- Lint cleanup +- Remove outdated upgrade info from README +- Use correct TCP port when checking password +- Create role before database +- Fix template1 encoding on Debian +- Require server package before user permissions +- Fix `service_status` default for FreeBSD to allow PostgreSQL to start the first run +- Fix invalid US-ASCII byte sequence in `postgresql::server::grant` comments +- Reverted to default behavior for Debian systems as `pg_config` should not be overwritten (MODULES-1485) + +##2014-11-04 - Supported Release 4.1.0 +###Summary + +This release adds the ability to change the PGDATA directory, and also includes documentation and test updates, future parser support, and a few other new features. + +####Features +- Future parser support +- Documentation updates +- Test updates +- Add a link from `/etc/sysconfig/pgsql/postgresql-${version}` to `/etc/sysconfig/pgsql/postgresql` to support init scripts from the postgresql.org repo +- Add support for changing the PGDATA directory +- Set default versions for Fedora 21 and FreeBSD + +##2014-09-03 - Supported Release 4.0.0 +###Summary + +This release removes the uninstall ability from the module, removes the firewall +management, overhauls all of the acceptance testing, as well as adds better +support for SuSE and Fedora. + +###Backwards Incompatible changes. + +- Uninstall code removal. +- Firewall management for Postgres. +- Set manage_pg_ident_conf to true. + +####Uninstallation removal + +We rely heavily on the ability to uninstall and reinstall postgres throughout +our testing code, testing features like "can I move from the distribution +packages to the upstream packages through the module" and over time we've +learnt that the uninstall code simply doesn't work a lot of the time. It +leaves traces of postgres behind or fails to remove certain packages on Ubuntu, +and generally causes bits to be left on your system that you didn't expect. + +When we then reinstall things fail because it's not a true clean slate, and +this causes us enormous problems during test. We've spent weeks and months +working on these tests and they simply don't hold up well across the full range +of PE platforms. + +Due to all these problems we've decided to take a stance on uninstalling in +general. We feel that in 2014 it's completely reasonable and normal to have a +good provisioning pipeline combined with your configuration management and the +"correct" way to uninstall a fully installed service like postgresql is to +simply reprovision the server without it in the first place. As a general rule +this is how I personally like to work and I think is a good practice. + +####I'm not OK with this! + +We understand that there are environments and situations in which it's not easy +to do that. What if you accidently deployed Postgres on 100,000 nodes? In the +future we're going to take a look at building some example 'profiles' to be +found under examples/ within this module that can uninstall postgres on popular +platforms. These can be modified and used in your specific case to uninstall +postgresql. They will be much more brute force and reliant on deleting entire +directories and require you to do more work up front in specifying where things +are installed but we think it'll prove to be a much cleaner mechanism for this +kind of thing rather than trying to weave it into the main module logic itself. + +####Features +- Removal of uninstall. +- Removal of firewall management. +- Tests ported to rspec3. +- Acceptance tests rewritten. +- Add a defined type for creating database schemas. +- Add a pg_ident_rule defined type. +- Set manage_pg_ident_conf to true. +- Manage pg_ident.conf by default. +- Improve selinux support for tablespace. +- Remove deprecation warnings. +- Support changing PGDATA on RedHat. +- Add SLES 11 support. + +####Bugfixes +- Link pg_config binary into /usr/bin. +- Fix fedora support by using systemd. +- Initdb should create xlogdir if set. +- Use a regular expression to match the major OS version on Ubuntu. + +##2014-07-31 - Supported Release 3.4.2 +###Summary + +This release fixes recent Fedora versions. + +####Features +####Bugfixes +- Fix Fedora. + +##2014-07-15 - Supported Release 3.4.1 +###Summary + +This release merely updates metadata.json so the module can be uninstalled and +upgraded via the puppet module command. + +##2014-04-14 - Supported Release 3.4.0 +###Summary + +This feature rolls up several important features, the biggest being PostGIS +handling and allowing `port` to be set on postgresql::server in order to +change the port that Postgres listens on. We've added support for RHEL7 +and Ubuntu 14.04, as well as allowing you to manage the service via +`service_ensure` finally. + +####Features +- Added `perl_package_name` for installing bindings. +- Added `service_ensure` for allowing control of services. +- Added `postgis_version` and postgis class for installing postgis. +- Added `port` for selecting the port Postgres runs on. +- Add support for RHEL7 and Ubuntu 14.04. +- Add `default_db` to postgresql::server::database. +- Widen the selection of unquoted parameters in postgresql_conf{} +- Require the service within postgresql::server::reload for RHEL7. +- Add `inherit` to postgresql::server::role. + +####Bugfixes + +##2014-03-04 - Supported Release 3.3.3 +###Summary + +This is a supported release. This release removes a testing symlink that can +cause trouble on systems where /var is on a seperate filesystem from the +modulepath. + +####Features +####Bugfixes +####Known Bugs +* SLES is not supported. + +##2014-03-04 - Supported Release 3.3.2 +###Summary +This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. + +####Bugfixes +- Correct psql path when setting password on custom versions. +- Documentation updates +- Test updates + +####Known Bugs +* SLES is not supported. + + +##2014-02-12 - Version 3.3.1 +####Bugfix: +- Allow dynamic rubygems host + + +##2014-01-28 - Version 3.3.0 + +###Summary + +This release rolls up a bunch of bugfixes our users have found and fixed for +us over the last few months. This improves things for 9.1 users, and makes +this module usable on FreeBSD. + +This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues +thanks to Puppet::Util::SUIDManager.run_and_capture. + +####Features + - Add lc_ config entry settings + - Can pass template at database creation. + - Add FreeBSD support. + - Add support for customer `xlogdir` parameter. + - Switch tests from rspec-system to beaker. (This isn't really a feature) + +####Bugfixes + - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. + - Fix NOREPLICATION option for Postgres 9.1 + - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf + - Add $postgresql::server::client_package_name, referred to by install.pp + - Add missing service_provider/service_name descriptions in ::globals. + - Fix several smaller typos/issues throughout. + - Exec['postgresql_initdb'] needs to be done after $datadir exists + - Prevent defined resources from floating in the catalog. + - Fix granting all privileges on a table. + - Add some missing privileges. + - Remove deprecated and unused concat::fragment parameters. + + +##2013-11-05 - Version 3.2.0 + +###Summary + +Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. + +####Features +- Add versions for Ubuntu 13.10 and 14.04. +- Use default_database in validate_db_connection instead of a hardcoded +'postgres' +- Add globals/params layering for default_database. +- Allow specification of default database name. + +####Bugs +- Fixes to the README. + + +##2013-10-25 - Version 3.1.0 + +###Summary + +This is a minor feature and bug fix release. + +Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. + +The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. + +And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. + +####Features +- Defined $default_version for Fedora 17 (Bret Comnes) +- add search_path attribute to postgresql_psql resource (Jeremy Kitchen) +- (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) + +####Bugs +- enabling defined postgres user password without resetting on every puppet run (jonoterc) +- periods are valid in configuration variables also (Jeremy Kitchen) +- Add zero length string to join() function (Jarl Stefansson) +- add require of install to reload class (cdenneen) +- (GH-198) Fix race condition on postgresql startup (Ken Barber) +- Remove concat::setup for include in preparation for the next concat release (Ken Barber) + + +##2013-10-14 - Version 3.0.0 + +Final release of 3.0, enjoy! + + +##2013-10-14 - Version 3.0.0-rc3 + +###Summary + +Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well +as allowing owner to be passed into x. + +####Features +- `manage_pg_hba_conf` parameter added to control pg_hba.conf management. +- `owner` parameter added to server::db. + + +##2013-10-09 - Version 3.0.0-rc2 + +###Summary + +A few bugfixes have been found since -rc1. + +####Fixes +- Special case for $datadir on Amazon +- Fix documentation about username/password for the postgresql_hash function + + +##2013-10-01 - Version 3.0.0-rc1 + +###Summary + +Version 3 was a major rewrite to fix some internal dependency issues, and to +make the new Public API more clear. As a consequence a lot of things have +changed for version 3 and older revisions that we will try to outline here. + +(NOTE: The format of this CHANGELOG differs to normal in an attempt to +explain the scope of changes) + +* Server specific objects now moved under `postgresql::server::` namespace: + +To restructure server specific elements under the `postgresql::server::` +namespaces the following objects were renamed as such: + +`postgresql::database` -> `postgresql::server::database` +`postgresql::database_grant` -> `postgresql::server::database_grant` +`postgresql::db` -> `postgresql::server::db` +`postgresql::grant` -> `postgresql::server::grant` +`postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` +`postgresql::plperl` -> `postgresql::server::plperl` +`postgresql::contrib` -> `postgresql::server::contrib` +`postgresql::role` -> `postgresql::server::role` +`postgresql::table_grant` -> `postgresql::server::table_grant` +`postgresql::tablespace` -> `postgresql::server::tablespace` + +* New `postgresql::server::config_entry` resource for managing configuration: + +Previously we used the `file_line` resource to modify `postgresql.conf`. This +new revision now adds a new resource named `postgresql::server::config_entry` +for managing this file. For example: + +```puppet + postgresql::server::config_entry { 'check_function_bodies': + value => 'off', + } +``` + +If you were using `file_line` for this purpose, you should change to this new +methodology. + +* `postgresql_puppet_extras.conf` has been removed: + +Now that we have a methodology for managing `postgresql.conf`, and due to +concerns over the file management methodology using an `exec { 'touch ...': }` +as a way to create an empty file the existing postgresql\_puppet\_extras.conf +file is no longer managed by this module. + +If you wish to recreate this methodology yourself, use this pattern: + +```puppet + class { 'postgresql::server': } + + $extras = "/tmp/include.conf" + + file { $extras: + content => 'max_connections = 123', + notify => Class['postgresql::server::service'], + }-> + postgresql::server::config_entry { 'include': + value => $extras, + } +``` + +* All uses of the parameter `charset` changed to `encoding`: + +Since PostgreSQL uses the terminology `encoding` not `charset` the parameter +has been made consisent across all classes and resources. + +* The `postgresql` base class is no longer how you set globals: + +The old global override pattern was less then optimal so it has been fixed, +however we decided to demark this properly by specifying these overrides in +the class `postgresql::global`. Consult the documentation for this class now +to see what options are available. + +Also, some parameter elements have been moved between this and the +`postgresql::server` class where it made sense. + +* `config_hash` parameter collapsed for the `postgresql::server` class: + +Because the `config_hash` was really passing data through to what was in +effect an internal class (`postgresql::config`). And since we don't want this +kind of internal exposure the parameters were collapsed up into the +`postgresql::server` class directly. + +* Lots of changes to 'private' or 'undocumented' classes: + +If you were using these before, these have changed names. You should only use +what is documented in this README.md, and if you don't have what you need you +should raise a patch to add that feature to a public API. All internal classes +now have a comment at the top indicating them as private to make sure the +message is clear that they are not supported as Public API. + +* `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: + +The defaults should be good enough for most cases (if not raise a bug) but if +you simply need an escape hatch, this setting will turn off the defaults. If +you want to do this, it may affect the rest of the module so make sure you +replace the rules with something that continues operation. + +* `postgresql::database_user` has now been removed: + +Use `postgresql::server::role` instead. + +* `postgresql::psql` resource has now been removed: + +Use `postgresql_psql` instead. In the future we may recreate this as a wrapper +to add extra capability, but it will not match the old behaviour. + +* `postgresql_default_version` fact has now been removed: + +It didn't make sense to have this logic in a fact any more, the logic has been +moved into `postgresql::params`. + +* `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: + +The older concat module is now deprecated and moved into the +`puppetlabs/concat` namespace. Functionality is more or less identical, but +you may need to intervene during the installing of this package - as both use +the same `concat` namespace. + +--- +##2013-09-09 Release 2.5.0 + +###Summary + +The focus of this release is primarily to capture the fixes done to the +types and providers to make sure refreshonly works properly and to set +the stage for the large scale refactoring work of 3.0.0. + +####Features + + +####Bugfixes +- Use boolean for refreshonly. +- Fix postgresql::plperl documentation. +- Add two missing parameters to config::beforeservice +- Style fixes + + +##2013-08-01 Release 2.4.1 + +###Summary + +This minor bugfix release solves an idempotency issue when using plain text +passwords for the password_hash parameter for the postgresql::role defined +type. Without this, users would continually see resource changes everytime +your run Puppet. + +####Bugfixes +- Alter role call not idempotent with cleartext passwords (Ken Barber) + + +##2013-07-19 Release 2.4.0 + +###Summary + +This updates adds the ability to change permissions on tables, create template +databases from normal databases, manage PL-Perl's postgres package, and +disable the management of `pg_hba.conf`. + +####Features +- Add `postgresql::table_grant` defined resource +- Add `postgresql::plperl` class +- Add `manage_pg_hba_conf` parameter to the `postgresql::config` class +- Add `istemplate` parameter to the `postgresql::database` define + +####Bugfixes +- Update `postgresql::role` class to be able to update roles when modified +instead of only on creation. +- Update tests +- Fix documentation of `postgresql::database_grant` + + +##2.3.0 + +This feature release includes the following changes: + +* Add a new parameter `owner` to the `database` type. This can be used to + grant ownership of a new database to a specific user. (Bruno Harbulot) +* Add support for operating systems other than Debian/RedHat, as long as the + user supplies custom values for all of the required paths, package names, etc. + (Chris Price) +* Improved integration testing (Ken Barber) + + +##2.2.1 + +This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. + +Users of previous versions might have seen this error: + + Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" + +This patch should correct that. + +#### Detail Changes + +* Set /tmp as default CWD for postgresql_psql + + +##2.2.0 + +This feature release introduces a number of new features and bug fixes. + +First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. + + class { 'postgresql::python': + } + +You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). + +We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. + +This release in particular has largely been contributed by the community members below, a big thanks to one and all. + +#### Detailed Changes + +* Add support for psycopg installation (Flaper Fesp and Dan Prince) +* Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) +* Add ability to create users without a password (Bruno Harbulot) +* Three Puppet 2.6 fixes (Dominic Cleal) +* Add explicit call to concat::setup when creating concat file (Dominic Cleal) +* Fix readme typo (Jordi Boggiano) +* Update postgres_default_version for Ubuntu (Kamil Szymanski) +* Allow to set connection for noew role (Kamil Szymanski) +* Fix pg_hba_rule for postgres local access (Kamil Szymanski) +* Fix versions for travis-ci (Ken Barber) +* Add replication support (Jordi Boggiano) +* Cleaned up and added unit tests (Ken Barber) +* Generalization to provide more flexability in postgresql configuration (Karel Brezina) +* Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) +* Allow SQL commands to be run against a specific DB (Carlos Villela) +* Drop trailing comma to support Puppet 2.6 (Michael Arnold) + + +##2.1.1 + + +This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: + + Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: + +And the postgresql log entry: + + FATAL: unrecognized configuration parameter "include" + +This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. + +#### Detailed Changes + +2013-01-21 - Ken Barber +* Only install `include` directive and included file on PostgreSQL >= 8.2 +* Add system tests for Centos 5 + + +##2.1.0 + +This release is primarily a feature release, introducing some new helpful constructs to the module. + +For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. + +We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: + + postgresql::tablespace { 'dbspace': + location => '/srv/dbspace', + } + +We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: + + postgresql::db { 'mydatabase': + user => 'myuser', + password => 'mypassword', + encoding => 'UTF8', + locale => 'en_NG', + } + +There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: + + class { 'postgresql::java': } + +And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: + + postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', + } + +Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. + +A big thanks to all those listed below who made this feature release possible :-). + +#### Detailed Changes + +2013-01-18 - Simão Fontes & Flaper Fesp +* Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility + +2013-01-18 - Lauren Rother +* Updated README.md to conform with best practices template + +2013-01-09 - Adrien Thebo +* Update postgresql_default_version to 9.1 for Debian 7.0 + +2013-01-28 - Karel Brezina +* Add support for tablespaces + +2013-01-16 - Chris Price & Karel Brezina +* Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. + +2013-01-31 - jv +* Fix typo in README.pp for postgresql::db example + +2013-02-03 - Ken Barber +* Add unit tests and travis-ci support + +2013-02-02 - Ken Barber +* Add locale parameter support to the 'postgresql' class + +2013-01-21 - Michael Arnold +* Add a class for install the packages containing the PostgreSQL JDBC jar + +2013-02-06 - fhrbek +* Coding style fixes to reduce warnings in puppet-lint and Geppetto + +2013-02-10 - Ken Barber +* Provide new defined resource for managing pg_hba.conf + +2013-02-11 - Ken Barber +* Fix bug with reload of Postgresql on Redhat/Centos + +2013-02-15 - Erik Dalén +* Fix more style issues to reduce warnings in puppet-lint and Geppetto + +2013-02-15 - Erik Dalén +* Fix case whereby we were modifying a hash after creation + + +##2.0.1 + +Minor bugfix release. + +2013-01-16 - Chris Price + * Fix revoke command in database.pp to support postgres 8.1 (43ded42) + +2013-01-15 - Jordi Boggiano + * Add support for ubuntu 12.10 status (3504405) + +##2.0.0 + +Many thanks to the following people who contributed patches to this +release: + +* Adrien Thebo +* Albert Koch +* Andreas Ntaflos +* Brett Porter +* Chris Price +* dharwood +* Etienne Pelletier +* Florin Broasca +* Henrik +* Hunter Haugen +* Jari Bakken +* Jordi Boggiano +* Ken Barber +* nzakaria +* Richard Arends +* Spenser Gilliland +* stormcrow +* William Van Hevelingen + +Notable features: + + * Add support for versions of postgres other than the system default version + (which varies depending on OS distro). This includes optional support for + automatically managing the package repo for the "official" postgres yum/apt + repos. (Major thanks to Etienne Pelletier and + Ken Barber for their tireless efforts and patience on this + feature set!) For example usage see `tests/official-postgresql-repos.pp`. + + * Add some support for Debian Wheezy and Ubuntu Quantal + + * Add new `postgres_psql` type with a Ruby provider, to replace the old + exec-based `psql` type. This gives us much more flexibility around + executing SQL statements and controlling their logging / reports output. + + * Major refactor of the "spec" tests--which are actually more like + acceptance tests. We now support testing against multiple OS distros + via vagrant, and the framework is in place to allow us to very easily add + more distros. Currently testing against Cent6 and Ubuntu 10.04. + + * Fixed a bug that was preventing multiple databases from being owned by the + same user + (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) + + * Add support for ACLs for finer-grained control of user/interface access + (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) + + * Many other bug fixes and improvements! + +--- +##1.0.0 + +2012-09-17 - Version 0.3.0 released + +2012-09-14 - Chris Price + * Add a type for validating a postgres connection (ce4a049) + +2012-08-25 - Jari Bakken + * Remove trailing commas. (e6af5e5) + +2012-08-16 - Version 0.2.0 released + +[5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 +[5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 From 152049fa1c84f4b95f401d3bd35f60154d271a1e Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 5 Apr 2018 08:33:30 -0700 Subject: [PATCH 0330/1000] (MODULES-6965) Prep 5.5.0 --- CHANGELOG.md | 10 +++++++++- metadata.json | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 468cd7b365..6770f3754c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-20) +## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-05) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) + +### Added + +- Parameters `roles`, `config\_entires`, and `pg\_hba\_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) + +## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-22) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.3.0...5.4.0) diff --git a/metadata.json b/metadata.json index 97085c8279..5a92eda189 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.4.0", + "version": "5.5.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 09dc0e662d2c99ba49b8b3ac745fcb3248b9fb02 Mon Sep 17 00:00:00 2001 From: Francesco Canovai Date: Wed, 18 Apr 2018 18:03:02 +0200 Subject: [PATCH 0331/1000] Change initdb option '--xlogdir' to '-X' for PG10 compatibility Signed-off-by: Francesco Canovai --- manifests/server/initdb.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 7eb0652c89..70bf9a7319 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -72,7 +72,7 @@ $ic_base = "${initdb_path} --encoding '${encoding}' --pgdata '${datadir}'" $ic_xlog = $xlogdir ? { undef => $ic_base, - default => "${ic_base} --xlogdir '${xlogdir}'" + default => "${ic_base} -X '${xlogdir}'" } # The xlogdir need to be present before initdb runs. From 4a9998f262179092057d04ac723b854aca3bf856 Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 26 Apr 2018 14:57:44 +0100 Subject: [PATCH 0332/1000] (MODULES-7023) removing duplication in .sync.yml --- .sync.yml | 15 ++------------- .travis.yml | 3 --- 2 files changed, 2 insertions(+), 16 deletions(-) diff --git a/.sync.yml b/.sync.yml index 8f093203dd..930b0930f8 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,19 +1,13 @@ --- .travis.yml: - bundle_args: --without system_tests docker_sets: - set: docker/centos-7 - options: - set: docker/ubuntu-14.04 - options: docker_defaults: bundler_args: "" secure: "" branches: - release - extras: - - env: CHECK=release_checks - rvm: 2.1.9 Gemfile: required: @@ -36,11 +30,6 @@ Gemfile: from_env: BEAKER_HOSTGENERATOR_VERSION - gem: beaker-rspec from_env: BEAKER_RSPEC_VERSION - ':development': - - gem: puppet-blacksmith - version: '~> 3.4' -Rakefile: - requires: - - puppet_blacksmith/rake_tasks - - puppet-lint/tasks/puppet-lint +appveyor.yml: + delete: true diff --git a/.travis.yml b/.travis.yml index dcfcf14669..34ab66491b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,9 +47,6 @@ matrix: - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=spec rvm: 2.1.9 - - - env: CHECK=release_checks - rvm: 2.1.9 branches: only: - master From 91db75451e504bb4e4e0daec1d70c4f6020664e9 Mon Sep 17 00:00:00 2001 From: lutaylor Date: Tue, 1 May 2018 16:15:45 -0300 Subject: [PATCH 0333/1000] Adding default Postgresql version for Ubuntu 18.04 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 8fad0c524d..2948907b43 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -96,6 +96,7 @@ /^(14.10|15.04|15.10)$/ => '9.4', /^(16.04|16.10)$/ => '9.5', /^(17.04)$/ => '9.6', + /^(18.04)$/ => '10', default => undef, }, default => undef, From e3620acdde1cdb99b1eb281ea18216521f5dfcc0 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Fri, 4 May 2018 14:32:47 +0100 Subject: [PATCH 0334/1000] (maint) - Re-add release_checks --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 34ab66491b..14288376fd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,7 @@ language: ruby cache: bundler before_install: - bundle -v - - rm Gemfile.lock || true + - rm -f Gemfile.lock - gem update --system - gem update bundler - gem --version @@ -42,6 +42,8 @@ matrix: env: CHECK="syntax lint" - env: CHECK=metadata_lint + - + env: CHECK=release_checks - env: CHECK=spec - From 591abbf02584c2627e9467b554caf1527ba074d3 Mon Sep 17 00:00:00 2001 From: Emre Hasegeli Date: Tue, 24 Apr 2018 12:31:26 +0200 Subject: [PATCH 0335/1000] Fix quoting on schema owners --- manifests/server/schema.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index f0e762e64b..8b727b15c5 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -51,7 +51,7 @@ if $owner { postgresql_psql { "${db}: ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\"": - command => "ALTER SCHEMA \"${schema}\" OWNER TO ${owner}", + command => "ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\"", unless => "SELECT 1 FROM pg_namespace JOIN pg_roles rol ON nspowner = rol.oid WHERE nspname = '${schema}' AND rolname = '${owner}'", require => Postgresql_psql["${db}: CREATE SCHEMA \"${schema}\""], } From 027493b60a1602ac6743df023675c93d92453a54 Mon Sep 17 00:00:00 2001 From: Paula McMaw Date: Fri, 11 May 2018 11:52:32 +0100 Subject: [PATCH 0336/1000] (MODULES-7153) - Unmanage gitlab-ci.yml --- .sync.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.sync.yml b/.sync.yml index 930b0930f8..6dd4f21391 100644 --- a/.sync.yml +++ b/.sync.yml @@ -33,3 +33,6 @@ Gemfile: appveyor.yml: delete: true + +.gitlab-ci.yml: + unmanaged: true From a1b669a8aff2bb9b8e6b564ad48800a77c382ddf Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Wed, 16 May 2018 16:33:55 +0100 Subject: [PATCH 0337/1000] pdksync_heads/master-0-gfe44b98 --- .gitignore | 1 + .pdkignore | 23 ++++++++++++++++ .rubocop.yml | 7 +++-- .travis.yml | 13 +++++---- .yardopts | 1 + Gemfile | 62 +++++------------------------------------- Rakefile | 5 ++-- metadata.json | 6 ++-- spec/default_facts.yml | 8 ++++++ spec/spec_helper.rb | 6 ++++ 10 files changed, 64 insertions(+), 68 deletions(-) create mode 100644 .pdkignore create mode 100644 .yardopts create mode 100644 spec/default_facts.yml diff --git a/.gitignore b/.gitignore index 56efb9ca14..49bc2a4014 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,5 @@ /tmp/ /vendor/ /convert_report.txt +/update_report.txt .DS_Store diff --git a/.pdkignore b/.pdkignore new file mode 100644 index 0000000000..49bc2a4014 --- /dev/null +++ b/.pdkignore @@ -0,0 +1,23 @@ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt +.DS_Store diff --git a/.rubocop.yml b/.rubocop.yml index 40a58e0717..b35bbcbc34 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,11 +8,14 @@ AllCops: Exclude: - bin/* - ".vendor/**/*" - - Gemfile - - Rakefile + - "**/Gemfile" + - "**/Rakefile" - pkg/**/* - spec/fixtures/**/* - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" Metrics/LineLength: Description: People have wide screens, use them. Max: 200 diff --git a/.travis.yml b/.travis.yml index 14288376fd..0c7489b0d3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,14 +16,15 @@ bundler_args: --without system_tests rvm: - 2.4.1 env: - - PUPPET_GEM_VERSION="~> 5.0" CHECK=spec + global: + - BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0" matrix: fast_finish: true include: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 rvm: 2.4.1 script: bundle exec rake beaker services: docker @@ -31,7 +32,7 @@ matrix: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 rvm: 2.4.1 script: bundle exec rake beaker services: docker @@ -43,11 +44,11 @@ matrix: - env: CHECK=metadata_lint - - env: CHECK=release_checks + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file" - - env: CHECK=spec + env: CHECK=parallel_spec - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=spec + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec rvm: 2.1.9 branches: only: diff --git a/.yardopts b/.yardopts new file mode 100644 index 0000000000..29c933bcf1 --- /dev/null +++ b/.yardopts @@ -0,0 +1 @@ +--markup markdown diff --git a/Gemfile b/Gemfile index 37597a3035..a7ec8208c8 100644 --- a/Gemfile +++ b/Gemfile @@ -28,11 +28,12 @@ group :development do gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4') gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-blacksmith", '~> 3.4', require: false + gem "puppet-blacksmith", '~> 3.4', require: false, platforms: [:ruby] end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] @@ -49,73 +50,24 @@ puppet_type = gem_type(puppet_version) facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] -def puppet_older_than?(version) - puppet_version = ENV['PUPPET_GEM_VERSION'] - !puppet_version.nil? && - Gem::Version.correct?(puppet_version) && - Gem::Requirement.new("< #{version}").satisfied_by?(Gem::Version.new(puppet_version.dup)) -end - gems = {} gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment -# variables, use those versions. If not, and if the puppet version is < 3.5.0, -# use known good versions of both for puppet < 3.5.0. -if facter_version - gems['facter'] = location_for(facter_version) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gems['facter'] = ['>= 1.6.11', '<= 1.7.5', require: false] -end - -if hiera_version - gems['hiera'] = location_for(ENV['HIERA_GEM_VERSION']) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gems['hiera'] = ['>= 1.0.0', '<= 1.3.0', require: false] -end +# variables -if Gem.win_platform? && (puppet_type != :gem || puppet_older_than?('3.5.0')) - # For Puppet gems < 3.5.0 (tested as far back as 3.0.0) on Windows - if puppet_type == :gem - gems['ffi'] = ['1.9.0', require: false] - gems['minitar'] = ['0.5.4', require: false] - gems['win32-eventlog'] = ['0.5.3', '<= 0.6.5', require: false] - gems['win32-process'] = ['0.6.5', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1.2', '<= 0.2.5', require: false] - gems['win32-service'] = ['0.7.2', '<= 0.8.8', require: false] - else - gems['ffi'] = ['~> 1.9.0', require: false] - gems['minitar'] = ['~> 0.5.4', require: false] - gems['win32-eventlog'] = ['~> 0.5', '<= 0.6.5', require: false] - gems['win32-process'] = ['~> 0.6', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1', '<= 0.2.5', require: false] - gems['win32-service'] = ['~> 0.7', '<= 0.8.8', require: false] - end - - gems['win32-dir'] = ['~> 0.3', '<= 0.4.9', require: false] - - if RUBY_VERSION.start_with?('1.') - gems['win32console'] = ['1.3.2', require: false] - # sys-admin was removed in Puppet 3.7.0 and doesn't compile under Ruby 2.x - gems['sys-admin'] = ['1.5.6', require: false] - end +gems['facter'] = location_for(facter_version) if facter_version +gems['hiera'] = location_for(hiera_version) if hiera_version - # Puppet < 3.7.0 requires these. - # Puppet >= 3.5.0 gem includes these as requirements. - # The following versions are tested to work with 3.0.0 <= puppet < 3.7.0. - gems['win32-api'] = ['1.4.8', require: false] - gems['win32-taskscheduler'] = ['0.2.2', require: false] - gems['windows-api'] = ['0.4.3', require: false] - gems['windows-pr'] = ['1.2.3', require: false] -elsif Gem.win_platform? +if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['<= 0.8.8', require: false] + gems['win32-service'] = ['0.8.8', require: false] end gems.each do |gem_name, gem_params| diff --git a/Rakefile b/Rakefile index a39cae2f03..fb58663a6d 100644 --- a/Rakefile +++ b/Rakefile @@ -1,4 +1,5 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' +require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? + +PuppetLint.configuration.send('relative') diff --git a/metadata.json b/metadata.json index 97085c8279..2b6e8041f1 100644 --- a/metadata.json +++ b/metadata.json @@ -75,7 +75,7 @@ "version_requirement": ">= 4.7.0 < 6.0.0" } ], - "pdk-version": "1.4.1", - "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git", - "template-ref": "1.4.1-0-g52adbbb" + "pdk-version": "1.5.0", + "template-url": "https://github.com/puppetlabs/pdk-templates", + "template-ref": "heads/master-0-gfe44b98" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml new file mode 100644 index 0000000000..3248be5aa6 --- /dev/null +++ b/spec/default_facts.yml @@ -0,0 +1,8 @@ +# Use default_module_facts.yml for module specific facts. +# +# Facts specified here will override the values provided by rspec-puppet-facts. +--- +concat_basedir: "/tmp" +ipaddress: "172.16.254.254" +is_pe: false +macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index efd225b540..e117192684 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,4 @@ + require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' @@ -27,4 +28,9 @@ RSpec.configure do |c| c.default_facts = default_facts + c.before :each do + # set to strictest setting for testing + # by default Puppet runs at warning level + Puppet.settings[:strict] = :warning + end end From a74a0e9b34f554942481343c25b2d301935c9d20 Mon Sep 17 00:00:00 2001 From: david22swan Date: Thu, 17 May 2018 16:54:15 +0100 Subject: [PATCH 0338/1000] Revert "pdksync - Update using 1.5.0" --- .gitignore | 1 - .pdkignore | 23 ---------------- .rubocop.yml | 7 ++--- .travis.yml | 13 ++++----- .yardopts | 1 - Gemfile | 62 +++++++++++++++++++++++++++++++++++++----- Rakefile | 5 ++-- metadata.json | 6 ++-- spec/default_facts.yml | 8 ------ spec/spec_helper.rb | 6 ---- 10 files changed, 68 insertions(+), 64 deletions(-) delete mode 100644 .pdkignore delete mode 100644 .yardopts delete mode 100644 spec/default_facts.yml diff --git a/.gitignore b/.gitignore index 49bc2a4014..56efb9ca14 100644 --- a/.gitignore +++ b/.gitignore @@ -19,5 +19,4 @@ /tmp/ /vendor/ /convert_report.txt -/update_report.txt .DS_Store diff --git a/.pdkignore b/.pdkignore deleted file mode 100644 index 49bc2a4014..0000000000 --- a/.pdkignore +++ /dev/null @@ -1,23 +0,0 @@ -.*.sw[op] -.metadata -.yardoc -.yardwarns -*.iml -/.bundle/ -/.idea/ -/.vagrant/ -/coverage/ -/bin/ -/doc/ -/Gemfile.local -/Gemfile.lock -/junit/ -/log/ -/pkg/ -/spec/fixtures/manifests/ -/spec/fixtures/modules/ -/tmp/ -/vendor/ -/convert_report.txt -/update_report.txt -.DS_Store diff --git a/.rubocop.yml b/.rubocop.yml index b35bbcbc34..40a58e0717 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,14 +8,11 @@ AllCops: Exclude: - bin/* - ".vendor/**/*" - - "**/Gemfile" - - "**/Rakefile" + - Gemfile + - Rakefile - pkg/**/* - spec/fixtures/**/* - vendor/**/* - - "**/Puppetfile" - - "**/Vagrantfile" - - "**/Guardfile" Metrics/LineLength: Description: People have wide screens, use them. Max: 200 diff --git a/.travis.yml b/.travis.yml index 0c7489b0d3..14288376fd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,15 +16,14 @@ bundler_args: --without system_tests rvm: - 2.4.1 env: - global: - - BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0" + - PUPPET_GEM_VERSION="~> 5.0" CHECK=spec matrix: fast_finish: true include: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 rvm: 2.4.1 script: bundle exec rake beaker services: docker @@ -32,7 +31,7 @@ matrix: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 rvm: 2.4.1 script: bundle exec rake beaker services: docker @@ -44,11 +43,11 @@ matrix: - env: CHECK=metadata_lint - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file" + env: CHECK=release_checks - - env: CHECK=parallel_spec + env: CHECK=spec - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=spec rvm: 2.1.9 branches: only: diff --git a/.yardopts b/.yardopts deleted file mode 100644 index 29c933bcf1..0000000000 --- a/.yardopts +++ /dev/null @@ -1 +0,0 @@ ---markup markdown diff --git a/Gemfile b/Gemfile index a7ec8208c8..37597a3035 100644 --- a/Gemfile +++ b/Gemfile @@ -28,12 +28,11 @@ group :development do gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4') gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-blacksmith", '~> 3.4', require: false, platforms: [:ruby] + gem "puppet-blacksmith", '~> 3.4', require: false end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] @@ -50,24 +49,73 @@ puppet_type = gem_type(puppet_version) facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] +def puppet_older_than?(version) + puppet_version = ENV['PUPPET_GEM_VERSION'] + !puppet_version.nil? && + Gem::Version.correct?(puppet_version) && + Gem::Requirement.new("< #{version}").satisfied_by?(Gem::Version.new(puppet_version.dup)) +end + gems = {} gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment -# variables +# variables, use those versions. If not, and if the puppet version is < 3.5.0, +# use known good versions of both for puppet < 3.5.0. +if facter_version + gems['facter'] = location_for(facter_version) +elsif puppet_type == :gem && puppet_older_than?('3.5.0') + gems['facter'] = ['>= 1.6.11', '<= 1.7.5', require: false] +end + +if hiera_version + gems['hiera'] = location_for(ENV['HIERA_GEM_VERSION']) +elsif puppet_type == :gem && puppet_older_than?('3.5.0') + gems['hiera'] = ['>= 1.0.0', '<= 1.3.0', require: false] +end -gems['facter'] = location_for(facter_version) if facter_version -gems['hiera'] = location_for(hiera_version) if hiera_version +if Gem.win_platform? && (puppet_type != :gem || puppet_older_than?('3.5.0')) + # For Puppet gems < 3.5.0 (tested as far back as 3.0.0) on Windows + if puppet_type == :gem + gems['ffi'] = ['1.9.0', require: false] + gems['minitar'] = ['0.5.4', require: false] + gems['win32-eventlog'] = ['0.5.3', '<= 0.6.5', require: false] + gems['win32-process'] = ['0.6.5', '<= 0.7.5', require: false] + gems['win32-security'] = ['~> 0.1.2', '<= 0.2.5', require: false] + gems['win32-service'] = ['0.7.2', '<= 0.8.8', require: false] + else + gems['ffi'] = ['~> 1.9.0', require: false] + gems['minitar'] = ['~> 0.5.4', require: false] + gems['win32-eventlog'] = ['~> 0.5', '<= 0.6.5', require: false] + gems['win32-process'] = ['~> 0.6', '<= 0.7.5', require: false] + gems['win32-security'] = ['~> 0.1', '<= 0.2.5', require: false] + gems['win32-service'] = ['~> 0.7', '<= 0.8.8', require: false] + end + + gems['win32-dir'] = ['~> 0.3', '<= 0.4.9', require: false] + + if RUBY_VERSION.start_with?('1.') + gems['win32console'] = ['1.3.2', require: false] + # sys-admin was removed in Puppet 3.7.0 and doesn't compile under Ruby 2.x + gems['sys-admin'] = ['1.5.6', require: false] + end -if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} + # Puppet < 3.7.0 requires these. + # Puppet >= 3.5.0 gem includes these as requirements. + # The following versions are tested to work with 3.0.0 <= puppet < 3.7.0. + gems['win32-api'] = ['1.4.8', require: false] + gems['win32-taskscheduler'] = ['0.2.2', require: false] + gems['windows-api'] = ['0.4.3', require: false] + gems['windows-pr'] = ['1.2.3', require: false] +elsif Gem.win_platform? # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['0.8.8', require: false] + gems['win32-service'] = ['<= 0.8.8', require: false] end gems.each do |gem_name, gem_params| diff --git a/Rakefile b/Rakefile index fb58663a6d..a39cae2f03 100644 --- a/Rakefile +++ b/Rakefile @@ -1,5 +1,4 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? - -PuppetLint.configuration.send('relative') +require 'puppet_blacksmith/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' diff --git a/metadata.json b/metadata.json index 2b6e8041f1..97085c8279 100644 --- a/metadata.json +++ b/metadata.json @@ -75,7 +75,7 @@ "version_requirement": ">= 4.7.0 < 6.0.0" } ], - "pdk-version": "1.5.0", - "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-gfe44b98" + "pdk-version": "1.4.1", + "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git", + "template-ref": "1.4.1-0-g52adbbb" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml deleted file mode 100644 index 3248be5aa6..0000000000 --- a/spec/default_facts.yml +++ /dev/null @@ -1,8 +0,0 @@ -# Use default_module_facts.yml for module specific facts. -# -# Facts specified here will override the values provided by rspec-puppet-facts. ---- -concat_basedir: "/tmp" -ipaddress: "172.16.254.254" -is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e117192684..efd225b540 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,4 +1,3 @@ - require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' @@ -28,9 +27,4 @@ RSpec.configure do |c| c.default_facts = default_facts - c.before :each do - # set to strictest setting for testing - # by default Puppet runs at warning level - Puppet.settings[:strict] = :warning - end end From c0b618f99fdc1a59eb0ca46f8256c0c46145fdf9 Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Fri, 18 May 2018 15:28:14 +0100 Subject: [PATCH 0339/1000] pdksync_heads/master-0-g34e3266 --- .gitignore | 1 + .pdkignore | 23 +++++++ .rubocop.yml | 12 +++- .travis.yml | 20 +++--- .yardopts | 1 + Gemfile | 62 +++---------------- Rakefile | 6 +- lib/puppet/provider/postgresql_conf/parsed.rb | 4 +- metadata.json | 6 +- spec/default_facts.yml | 8 +++ spec/spec_helper.rb | 6 ++ spec/spec_helper_acceptance.rb | 2 +- spec/unit/defines/server/grant_spec.rb | 6 +- .../provider/postgresql_psql/ruby_spec.rb | 2 +- .../postgresql_replication_slot/ruby_spec.rb | 2 +- spec/unit/puppet/type/postgresql_psql_spec.rb | 2 +- 16 files changed, 79 insertions(+), 84 deletions(-) create mode 100644 .pdkignore create mode 100644 .yardopts create mode 100644 spec/default_facts.yml diff --git a/.gitignore b/.gitignore index 56efb9ca14..49bc2a4014 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,5 @@ /tmp/ /vendor/ /convert_report.txt +/update_report.txt .DS_Store diff --git a/.pdkignore b/.pdkignore new file mode 100644 index 0000000000..49bc2a4014 --- /dev/null +++ b/.pdkignore @@ -0,0 +1,23 @@ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt +.DS_Store diff --git a/.rubocop.yml b/.rubocop.yml index 40a58e0717..7ed6225c7d 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,11 +8,14 @@ AllCops: Exclude: - bin/* - ".vendor/**/*" - - Gemfile - - Rakefile + - "**/Gemfile" + - "**/Rakefile" - pkg/**/* - spec/fixtures/**/* - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" Metrics/LineLength: Description: People have wide screens, use them. Max: 200 @@ -65,6 +68,11 @@ Style/SymbolArray: EnforcedStyle: brackets RSpec/MessageSpies: EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* +Style/WordArray: + EnforcedStyle: brackets Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: diff --git a/.travis.yml b/.travis.yml index 14288376fd..76b202cef8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,6 @@ before_install: - bundle -v - rm -f Gemfile.lock - gem update --system - - gem update bundler - gem --version - bundle -v script: @@ -16,14 +15,15 @@ bundler_args: --without system_tests rvm: - 2.4.1 env: - - PUPPET_GEM_VERSION="~> 5.0" CHECK=spec + global: + - BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0" matrix: fast_finish: true include: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 rvm: 2.4.1 script: bundle exec rake beaker services: docker @@ -31,23 +31,17 @@ matrix: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-14.04 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 rvm: 2.4.1 script: bundle exec rake beaker services: docker sudo: required - - env: CHECK=rubocop + env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop" - - env: CHECK="syntax lint" + env: CHECK=parallel_spec - - env: CHECK=metadata_lint - - - env: CHECK=release_checks - - - env: CHECK=spec - - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=spec + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec rvm: 2.1.9 branches: only: diff --git a/.yardopts b/.yardopts new file mode 100644 index 0000000000..29c933bcf1 --- /dev/null +++ b/.yardopts @@ -0,0 +1 @@ +--markup markdown diff --git a/Gemfile b/Gemfile index 37597a3035..a7ec8208c8 100644 --- a/Gemfile +++ b/Gemfile @@ -28,11 +28,12 @@ group :development do gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4') gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-blacksmith", '~> 3.4', require: false + gem "puppet-blacksmith", '~> 3.4', require: false, platforms: [:ruby] end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] @@ -49,73 +50,24 @@ puppet_type = gem_type(puppet_version) facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] -def puppet_older_than?(version) - puppet_version = ENV['PUPPET_GEM_VERSION'] - !puppet_version.nil? && - Gem::Version.correct?(puppet_version) && - Gem::Requirement.new("< #{version}").satisfied_by?(Gem::Version.new(puppet_version.dup)) -end - gems = {} gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment -# variables, use those versions. If not, and if the puppet version is < 3.5.0, -# use known good versions of both for puppet < 3.5.0. -if facter_version - gems['facter'] = location_for(facter_version) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gems['facter'] = ['>= 1.6.11', '<= 1.7.5', require: false] -end - -if hiera_version - gems['hiera'] = location_for(ENV['HIERA_GEM_VERSION']) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gems['hiera'] = ['>= 1.0.0', '<= 1.3.0', require: false] -end +# variables -if Gem.win_platform? && (puppet_type != :gem || puppet_older_than?('3.5.0')) - # For Puppet gems < 3.5.0 (tested as far back as 3.0.0) on Windows - if puppet_type == :gem - gems['ffi'] = ['1.9.0', require: false] - gems['minitar'] = ['0.5.4', require: false] - gems['win32-eventlog'] = ['0.5.3', '<= 0.6.5', require: false] - gems['win32-process'] = ['0.6.5', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1.2', '<= 0.2.5', require: false] - gems['win32-service'] = ['0.7.2', '<= 0.8.8', require: false] - else - gems['ffi'] = ['~> 1.9.0', require: false] - gems['minitar'] = ['~> 0.5.4', require: false] - gems['win32-eventlog'] = ['~> 0.5', '<= 0.6.5', require: false] - gems['win32-process'] = ['~> 0.6', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1', '<= 0.2.5', require: false] - gems['win32-service'] = ['~> 0.7', '<= 0.8.8', require: false] - end - - gems['win32-dir'] = ['~> 0.3', '<= 0.4.9', require: false] - - if RUBY_VERSION.start_with?('1.') - gems['win32console'] = ['1.3.2', require: false] - # sys-admin was removed in Puppet 3.7.0 and doesn't compile under Ruby 2.x - gems['sys-admin'] = ['1.5.6', require: false] - end +gems['facter'] = location_for(facter_version) if facter_version +gems['hiera'] = location_for(hiera_version) if hiera_version - # Puppet < 3.7.0 requires these. - # Puppet >= 3.5.0 gem includes these as requirements. - # The following versions are tested to work with 3.0.0 <= puppet < 3.7.0. - gems['win32-api'] = ['1.4.8', require: false] - gems['win32-taskscheduler'] = ['0.2.2', require: false] - gems['windows-api'] = ['0.4.3', require: false] - gems['windows-pr'] = ['1.2.3', require: false] -elsif Gem.win_platform? +if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['<= 0.8.8', require: false] + gems['win32-service'] = ['0.8.8', require: false] end gems.each do |gem_name, gem_params| diff --git a/Rakefile b/Rakefile index a39cae2f03..d4e36dadfd 100644 --- a/Rakefile +++ b/Rakefile @@ -1,4 +1,6 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' +require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? + +PuppetLint.configuration.send('disable_relative') + diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index 40a9cd4d14..34709dfa42 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -12,8 +12,8 @@ text_line :blank, match: %r{^\s*$} record_line :parsed, - fields: %w[name value comment], - optional: %w[comment], + fields: ['name', 'value', 'comment'], + optional: ['comment'], match: %r{^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$}, to_line: proc { |h| # simple string and numeric values don't need to be enclosed in quotes diff --git a/metadata.json b/metadata.json index 97085c8279..b0cc4b86f3 100644 --- a/metadata.json +++ b/metadata.json @@ -75,7 +75,7 @@ "version_requirement": ">= 4.7.0 < 6.0.0" } ], - "pdk-version": "1.4.1", - "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git", - "template-ref": "1.4.1-0-g52adbbb" + "pdk-version": "1.5.0", + "template-url": "https://github.com/puppetlabs/pdk-templates", + "template-ref": "heads/master-0-g34e3266" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml new file mode 100644 index 0000000000..3248be5aa6 --- /dev/null +++ b/spec/default_facts.yml @@ -0,0 +1,8 @@ +# Use default_module_facts.yml for module specific facts. +# +# Facts specified here will override the values provided by rspec-puppet-facts. +--- +concat_basedir: "/tmp" +ipaddress: "172.16.254.254" +is_pe: false +macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index efd225b540..e117192684 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,4 @@ + require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' @@ -27,4 +28,9 @@ RSpec.configure do |c| c.default_facts = default_facts + c.before :each do + # set to strictest setting for testing + # by default Puppet runs at warning level + Puppet.settings[:strict] = :warning + end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 3332730532..4c66d6497b 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -8,7 +8,7 @@ run_puppet_install_helper install_ca_certs unless pe_install? -UNSUPPORTED_PLATFORMS = %w[AIX windows Solaris Suse].freeze +UNSUPPORTED_PLATFORMS = ['AIX', 'windows', 'Solaris', 'Suse'].freeze install_bolt_on(hosts) unless pe_install? install_module_on(hosts) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 6e9729476c..850cd88183 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -169,7 +169,7 @@ db: 'test', role: 'test', privilege: 'all', - object_name: %w[myschema mytable], + object_name: ['myschema', 'mytable'], object_type: 'table', } end @@ -193,7 +193,7 @@ db: 'test', role: 'test', privilege: 'all', - object_name: %w[myschema mytable], + object_name: ['myschema', 'mytable'], object_type: 'table', } end @@ -277,7 +277,7 @@ class {'postgresql::server':} db: 'test', role: 'test', privilege: 'all', - object_name: %w[myschema mytable oops], + object_name: ['myschema', 'mytable', 'oops'], object_type: 'table', } end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index bc53367553..93585bd919 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -57,7 +57,7 @@ describe 'with search_path array' do let(:attributes) do { - search_path: %w[schema1 schema2], + search_path: ['schema1', 'schema2'], } end diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index 8ac59f7bf1..40298b08a1 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -31,7 +31,7 @@ def | | physical | | | t | | | 0/ end let(:attributes) { {} } let(:instances) { provider.class.instances } - let(:expected) { %w[abc def] } + let(:expected) { ['abc', 'def'] } it 'lists instances #size' do expect(instances.size).to eq 2 diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index ff900224f1..d479df6dd7 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -32,7 +32,7 @@ psql_group: 'postgres', cwd: '/var/lib', refreshonly: :true, - search_path: %w[schema1 schema2], + search_path: ['schema1', 'schema2'], connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1' }, }.each do |attr, value| From 301e1d94f08aac3f1dde836061af935b5b92a31a Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Mon, 21 May 2018 10:24:59 +0100 Subject: [PATCH 0340/1000] Rubocop Fixes --- spec/spec_helper_acceptance.rb | 4 ++-- .../puppet/provider/postgresql_replication_slot/ruby_spec.rb | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 4c66d6497b..bce0da90f4 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -20,9 +20,9 @@ 'Qu@lity!' end +# Class String - unindent - Provide ability to remove indentation from strings, for the purpose of +# left justifying heredoc blocks. class String - # Provide ability to remove indentation from strings, for the purpose of - # left justifying heredoc blocks. def unindent gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') end diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index 40298b08a1..9b33b641cc 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -2,11 +2,13 @@ type = Puppet::Type.type(:postgresql_replication_slot) describe type.provider(:ruby) do + # class SuccessStatus class SuccessStatus def success? true end end + # class FailStatus class FailStatus def success? false From d76df676d8c898317aa9fb81d32a0098c7bf16ee Mon Sep 17 00:00:00 2001 From: Christopher Thorn Date: Mon, 21 May 2018 16:22:10 -0700 Subject: [PATCH 0341/1000] (maint) Update beaker-task_helper path --- spec/spec_helper_acceptance.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index bce0da90f4..607bf75800 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -3,7 +3,7 @@ require 'beaker-rspec/helpers/serverspec' require 'beaker/puppet_install_helper' require 'beaker/module_install_helper' -require 'beaker/task_helper' +require 'beaker-task_helper' run_puppet_install_helper install_ca_certs unless pe_install? From 1b2210c51499c463a233f3fa708fbfe0d480fca5 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 23 May 2018 15:45:58 -0700 Subject: [PATCH 0342/1000] (MODULES-5994) Add debian 9 --- metadata.json | 3 ++- spec/spec_helper_acceptance.rb | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index b0cc4b86f3..d1eb6994a7 100644 --- a/metadata.json +++ b/metadata.json @@ -58,7 +58,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "7", - "8" + "8", + "9" ] }, { diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 607bf75800..227836deb4 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -82,7 +82,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) end # net-tools required for netstat utility being used by be_listening - if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' + if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' || fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '9' pp = <<-EOS package { 'net-tools': ensure => installed } EOS From 6ed9641d93e8c7a148960666650d8f4349881152 Mon Sep 17 00:00:00 2001 From: John Florian Date: Sun, 27 May 2018 11:19:49 -0400 Subject: [PATCH 0343/1000] Add support for Fedora 28 Fedora 28 provides postgresql-10.4-1.fc28. Signed-off-by: John Florian --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 8fad0c524d..1cad6636b6 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -65,6 +65,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(28)$/ => '10.4', /^(26|27)$/ => '9.6', /^(24|25)$/ => '9.5', /^(22|23)$/ => '9.4', From e61579ff4af32769a21ab6a8a341a789fe135726 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 30 May 2018 10:24:51 +0100 Subject: [PATCH 0344/1000] [FM-6960] Removal of unsupported OS from postgresql --- metadata.json | 2 -- spec/unit/classes/client_spec.rb | 2 +- spec/unit/classes/globals_spec.rb | 10 +++++----- spec/unit/classes/lib/devel_spec.rb | 2 +- spec/unit/classes/lib/java_spec.rb | 4 ++-- spec/unit/classes/lib/perl_spec.rb | 2 +- spec/unit/classes/lib/python_spec.rb | 2 +- spec/unit/classes/params_spec.rb | 2 +- spec/unit/classes/repo_spec.rb | 8 ++++---- spec/unit/classes/server/contrib_spec.rb | 2 +- spec/unit/classes/server/plperl_spec.rb | 2 +- spec/unit/classes/server/postgis_spec.rb | 2 +- spec/unit/classes/server_spec.rb | 4 ++-- spec/unit/defines/server/database_grant_spec.rb | 2 +- spec/unit/defines/server/database_spec.rb | 2 +- spec/unit/defines/server/db_spec.rb | 2 +- spec/unit/defines/server/extension_spec.rb | 2 +- spec/unit/defines/server/grant_role_spec.rb | 2 +- spec/unit/defines/server/grant_spec.rb | 2 +- spec/unit/defines/server/pg_hba_rule_spec.rb | 2 +- spec/unit/defines/server/pg_ident_rule_spec.rb | 2 +- spec/unit/defines/server/reassign_owned_by_spec.rb | 2 +- spec/unit/defines/server/recovery_spec.rb | 2 +- spec/unit/defines/server/role_spec.rb | 2 +- spec/unit/defines/server/schema_spec.rb | 2 +- spec/unit/defines/server/table_grant_spec.rb | 2 +- spec/unit/defines/server/tablespace_spec.rb | 2 +- spec/unit/defines/validate_db_connection_spec.rb | 2 +- 28 files changed, 36 insertions(+), 38 deletions(-) diff --git a/metadata.json b/metadata.json index d1eb6994a7..be8530fd44 100644 --- a/metadata.json +++ b/metadata.json @@ -49,7 +49,6 @@ { "operatingsystem": "Scientific", "operatingsystemrelease": [ - "5", "6", "7" ] @@ -57,7 +56,6 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "7", "8", "9" ] diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 0ecdef8d74..b28d992d31 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index e3d87ce293..a5f47599cd 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -1,22 +1,22 @@ require 'spec_helper' describe 'postgresql::globals', type: :class do - context 'on a debian 6' do + context 'on a debian 8' do let(:facts) do { os: { family: 'Debian', name: 'Debian', release: { - full: '6.0', - major: '6', + full: '8.0', + major: '8', }, }, osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', lsbdistid: 'Debian', - lsbdistcodename: 'squeeze', + lsbdistcodename: 'jessie', } end diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 835bf51e0d..06b4cd7120 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 58ec2f8b85..45552932ac 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -6,13 +6,13 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end it { is_expected.to contain_package('postgresql-jdbc').with( - name: 'libpg-java', + name: 'libpostgresql-jdbc-java', ensure: 'present', tag: 'postgresql', ) diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/unit/classes/lib/perl_spec.rb index d8c8a59c84..deeb5e9593 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/unit/classes/lib/perl_spec.rb @@ -23,7 +23,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index bbf93b4f91..7710447348 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -23,7 +23,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end diff --git a/spec/unit/classes/params_spec.rb b/spec/unit/classes/params_spec.rb index 49dbb19c88..27b7195e08 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/unit/classes/params_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index f0660933df..1d8067d0c8 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -7,15 +7,15 @@ name: 'Debian', family: 'Debian', release: { - full: '6.0', - major: '6', + full: '8.0', + major: '8', }, }, osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', lsbdistid: 'Debian', - lsbdistcodename: 'squeeze', + lsbdistcodename: 'jessie', } end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index d118ca06f2..529357d7cd 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -9,7 +9,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index 90d7d2db09..c5614fe1af 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('plperl'), id: 'root', diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index b021bb3422..666d6a9fa2 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -9,7 +9,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 0667567670..f202b4fbf9 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -7,8 +7,8 @@ family: 'Debian', name: 'Debian', release: { - full: '6.0', - major: '6', + full: '8.0', + major: '8', }, }, osfamily: 'Debian', diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index d4c65b6fc2..f3cd003b59 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 9880bbc721..67aaa2b78d 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 9dd9ad4eb9..4ecb3b1b4e 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 84bd53de1d..b1f4358100 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -12,7 +12,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 6fbada8a0f..c92173b4cb 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -8,7 +8,7 @@ let(:facts) do { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' } diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 850cd88183..32bda6cf22 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 44b854c02a..4c3f977273 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('pg_hba'), id: 'root', diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index 68bdfb24e9..ece632292c 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('pg_ident'), id: 'root', diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index c5a1794e30..761c517279 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('reassign_owned_by'), id: 'root', diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index 25bc132dce..d814175928 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('recovery'), id: 'root', diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 3867eb40ba..ecf4abc208 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index a87f3dcca3..9cc0cac4b0 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('schema'), id: 'root', diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index 4314eb2fe1..804b4fa0c3 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('table_grant'), id: 'root', diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 7a3af76679..e702e2aa4e 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', kernel: 'Linux', concat_basedir: tmpfilename('tablespace'), id: 'root', diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index 243c5917f6..2534f9a9a6 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -5,7 +5,7 @@ { osfamily: 'Debian', operatingsystem: 'Debian', - operatingsystemrelease: '6.0', + operatingsystemrelease: '8.0', } end From 3a1ac81c5dd65e4068e57528f83d0a9ce049193e Mon Sep 17 00:00:00 2001 From: Andrey Novikov Date: Thu, 12 Jan 2017 18:48:42 +0300 Subject: [PATCH 0345/1000] (MODULES-4276) Fix creation of recovery.conf file when recovery configuration is not specified --- manifests/server/config.pp | 10 --------- manifests/server/recovery.pp | 9 ++++++++ spec/acceptance/server/recovery_spec.rb | 30 +++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 10 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index a2f2434485..b5f42ff5dd 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -161,16 +161,6 @@ } } - if ($manage_recovery_conf == true) { - concat { $recovery_conf_path: - owner => $user, - group => $group, - mode => '0640', - warn => true, - notify => Class['postgresql::server::reload'], - } - } - if $::osfamily == 'RedHat' { if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' { # Template uses: diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 22645b929a..97378b3f05 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -29,6 +29,15 @@ fail('postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.') } + concat { $target: + owner => $::postgresql::server::config::user, + group => $::postgresql::server::config::group, + force => true, # do not crash if there is no recovery conf file + mode => '0640', + warn => true, + notify => Class['postgresql::server::reload'], + } + # Create the recovery.conf content concat::fragment { 'recovery.conf': target => $target, diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 1ae5310ca0..2d3e880f55 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -38,6 +38,36 @@ class { 'postgresql::server': } end end + describe 'should not create recovery if recovery config not specified' do + after(:all) do + pp = <<-EOS.unindent + file { '/tmp/recovery.conf': + ensure => absent, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'does not add conf file' do + pp = <<-EOS.unindent + class { 'postgresql::globals': + recovery_conf_path => '/tmp/recovery.conf', + manage_recovery_conf => true, + } + + class { 'postgresql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file('/tmp/recovery.conf') do + it { is_expected.not_to be_file } + end + end + describe 'should not manage recovery' do pp = <<-MANIFEST.unindent class { 'postgresql::globals': From 5d0f2d80651dd7800ba16582b43269bb816a49ed Mon Sep 17 00:00:00 2001 From: Callum Loh Date: Thu, 7 Jun 2018 21:09:14 +1000 Subject: [PATCH 0346/1000] (MODULES-4276) Update for Ruby 1.9 hash syntax --- spec/acceptance/server/recovery_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 2d3e880f55..db20cce4d9 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -46,7 +46,7 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, catch_failures: true) end it 'does not add conf file' do @@ -59,8 +59,8 @@ class { 'postgresql::globals': class { 'postgresql::server': } EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) end describe file('/tmp/recovery.conf') do From 87e32f6c624c8dce1d8575fe72311d5b46a66685 Mon Sep 17 00:00:00 2001 From: Callum Loh Date: Tue, 19 Jun 2018 23:15:19 +1000 Subject: [PATCH 0347/1000] (MODULES-4276) Update readme re recovery.conf creation --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 15dfaefdbc..31c22416fb 100644 --- a/README.md +++ b/README.md @@ -1501,6 +1501,8 @@ Every parameter value is a string set in the template except `recovery_target_in A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). +Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. + The parameters are grouped into these three sections: ##### [Archive Recovery Parameters](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) From bc0c761b6af3f41e82936d6ba3d1ecf0afdbf6b7 Mon Sep 17 00:00:00 2001 From: Callum Loh Date: Wed, 20 Jun 2018 08:59:42 +1000 Subject: [PATCH 0348/1000] Fix typo in readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 31c22416fb..d705551daf 100644 --- a/README.md +++ b/README.md @@ -299,7 +299,7 @@ primary_conninfo = 'host=localhost port=5432' recovery_min_apply_delay = 0 ``` -Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. +Only the specified parameters are recognized in the template. The `recovery.conf` is only created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. ### Validate connectivity @@ -1501,7 +1501,7 @@ Every parameter value is a string set in the template except `recovery_target_in A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). -Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. +Only the specified parameters are recognized in the template. The `recovery.conf` is only created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. The parameters are grouped into these three sections: From 802d180cec2378f31ce137abd32443497bc96a8a Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Wed, 20 Jun 2018 14:13:04 +0100 Subject: [PATCH 0349/1000] Release prep 5.6.0 --- CHANGELOG.md | 24 +++++++++++++++++++++--- metadata.json | 2 +- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6770f3754c..c6b54957d9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,26 @@ -# Changelog +# Change log All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-05) +## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) (2018-06-20) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.5.0...5.6.0) + +### Changed + +- Fix creation of recovery.conf file when recovery configuration is not specified [\#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) + +### Added + +- Add compatibility for Fedora 28 [\#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) +- \(MODULES-5994\) Add debian 9 [\#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) +- Adding default Postgresql version for Ubuntu 18.04 [\#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) + +### Fixed + +- Fix quoting on schema owners [\#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) + +## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) @@ -1001,4 +1019,4 @@ Notable features: [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* \ No newline at end of file +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* diff --git a/metadata.json b/metadata.json index 23ad31b5ce..3d154d0795 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.5.0", + "version": "5.6.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From c30735f3713598c222908266b3e79686fd42198e Mon Sep 17 00:00:00 2001 From: Florian Florensa Date: Mon, 25 Jun 2018 11:51:19 +0200 Subject: [PATCH 0350/1000] Fix packages choice for ubuntu 17.10 --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 120826623e..a71253bbb8 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -96,7 +96,7 @@ /^(14.04)$/ => '9.3', /^(14.10|15.04|15.10)$/ => '9.4', /^(16.04|16.10)$/ => '9.5', - /^(17.04)$/ => '9.6', + /^(17.04|17.10)$/ => '9.6', /^(18.04)$/ => '10', default => undef, }, From 0bb583c6e865d8a1a3532d0319c232f4635751ab Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Tue, 3 Jul 2018 14:02:43 +0100 Subject: [PATCH 0351/1000] (MODULES-6542) - Adding SLES 11 & 12 to metadata --- metadata.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/metadata.json b/metadata.json index 97085c8279..0e73e04361 100644 --- a/metadata.json +++ b/metadata.json @@ -61,6 +61,13 @@ "8" ] }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "11 SP1", + "12" + ] + }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ From 0b8f676e5029061d7e886fd0928adbebc50bce06 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Wed, 4 Jul 2018 09:41:35 +0100 Subject: [PATCH 0352/1000] (maint) - Remove service pack --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 8615043f31..4add4803be 100644 --- a/metadata.json +++ b/metadata.json @@ -63,7 +63,7 @@ { "operatingsystem": "SLES", "operatingsystemrelease": [ - "11 SP1", + "11", "12" ] }, From e4ea0a80d6844b91d331e1c64b6f333e6a9528c0 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Mon, 16 Jul 2018 16:19:56 +0100 Subject: [PATCH 0353/1000] (MODULES-7460) - Updating grant table to include INSERT privileges --- manifests/server/grant.pp | 1 + spec/acceptance/server/grant_spec.rb | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 22e1040da7..42613fe933 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -248,6 +248,7 @@ /^ALL$/, /^ALL PRIVILEGES$/, /^DELETE$/, + /^INSERT$/, /^REFERENCES$/, /^SELECT$/, /^TRIGGER$/, diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index c53d5ff685..18e1cc163e 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -434,6 +434,32 @@ class { 'postgresql::server': } end end + it 'grant insert on single table test' do + begin + # postgres version + result = shell('psql --version') + version = result.stdout.match(%r{\s(\d\.\d)})[1] + + if version >= '9.0' + pp = pp_create_table + <<-EOS.unindent + postgresql::server::table_grant { 'INSERT priviledge to table': + privilege => 'INSERT', + table => 'test_tbl', + db => $db, + role => $user, + } + EOS + result = apply_manifest(pp, catch_failures: true) + expect(result.stdout).to match(%r{GRANT INSERT ON TABLE \"test_tbl\" TO \"psql_grant_priv_tester\"}) + + ## Check that the privilege was granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'INSERT')\"", user) do |r| + expect(r.stdout).to match(%r{t}) + end + end + end + end + it 'grant all on all tables to a user' do begin pp = pp_create_table + <<-EOS.unindent From d08c1152c4606187d736f8ac4b646ef440dc89e6 Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 17 Jul 2018 16:12:22 +0100 Subject: [PATCH 0354/1000] (MODULES-7479) Update postgresql to support Ubuntu 18.04 --- metadata.json | 3 ++- spec/acceptance/server/config_entry_spec.rb | 2 +- spec/acceptance/server/grant_spec.rb | 20 +++++++++---------- .../server/reassign_owned_by_spec.rb | 2 +- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/metadata.json b/metadata.json index 4add4803be..ee858c89bd 100644 --- a/metadata.json +++ b/metadata.json @@ -71,7 +71,8 @@ "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "14.04", - "16.04" + "16.04", + "18.04" ] } ], diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index c606a0d020..7e35bf831c 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -21,7 +21,7 @@ class { 'postgresql::server': # get postgresql version apply_manifest("class { 'postgresql::server': }") result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.3' it 'is expected to run idempotently' do diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 18e1cc163e..42f8b3da7f 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -94,7 +94,7 @@ class { 'postgresql::server': } # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '8.4.0' apply_manifest(pp_lang, catch_failures: true) @@ -104,7 +104,7 @@ class { 'postgresql::server': } it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '8.4.0' ## Check that the privilege was granted to the user @@ -121,7 +121,7 @@ class { 'postgresql::server': } # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '8.4.0' apply_manifest(pp_onlyif, catch_failures: true) @@ -179,7 +179,7 @@ class { 'postgresql::server': } shell('psql --version') end let(:version) do - result.stdout.match(%r{\s(\d\.\d)})[1] + result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] end before(:each) do @@ -266,7 +266,7 @@ class { 'postgresql::server': } shell('psql --version') end let(:version) do - result.stdout.match(%r{\s(\d\.\d)})[1] + result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] end before(:each) do @@ -351,7 +351,7 @@ class { 'postgresql::server': } # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' apply_manifest(pp, catch_failures: true) @@ -408,7 +408,7 @@ class { 'postgresql::server': } # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' apply_manifest(pp, catch_failures: true) @@ -438,7 +438,7 @@ class { 'postgresql::server': } begin # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' pp = pp_create_table + <<-EOS.unindent @@ -493,7 +493,7 @@ class { 'postgresql::server': } # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' apply_manifest(pp, catch_failures: true) @@ -529,7 +529,7 @@ class { 'postgresql::server': } # Test fail's on postgresql versions earlier than 9.1.24 # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.1.24' apply_manifest(pp_setup, catch_failures: true) diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 44eea11bc7..1f400cd8be 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -106,7 +106,7 @@ class { 'postgresql::server': } begin # postgres version result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) From a68d119e2d31b182d35b686ecdda842f85379393 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 18 Jul 2018 16:47:12 +0100 Subject: [PATCH 0355/1000] (MODULES-7479) Ensure net-tools is installed when testing on Ubuntu 18.04 and fix to dc_spec.rb to allow for comparisons of psql versions of 10 and higher --- spec/acceptance/db_spec.rb | 4 ++-- spec/spec_helper_acceptance.rb | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 76d3ce1cc9..d068251e4b 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -38,8 +38,8 @@ class { 'postgresql::server': end result = shell('psql --version') - version = result.stdout.match(%r{\s(\d\.\d)})[1] - comment_information_function = if version > '8.1' + version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] + comment_information_function = if version.to_f > 8.1 'shobj_description' else 'obj_description' diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 227836deb4..c4a982b98c 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -82,7 +82,9 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) end # net-tools required for netstat utility being used by be_listening - if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' || fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '9' + if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' || + fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '9' || + fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '18.04' pp = <<-EOS package { 'net-tools': ensure => installed } EOS From 8fb755b6a8e26ab404d0d2d2a9867b108e3b9f53 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Thu, 19 Jul 2018 12:22:18 +0100 Subject: [PATCH 0356/1000] (MODULES-7512) - 6.0.0 Release Prep --- CHANGELOG.md | 15 +++++++++++++++ metadata.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c6b54957d9..c67ee2bdcb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) (2018-07-19) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.6.0...5.7.0) + +### Added + +- \(MODULES-7479\) Update postgresql to support Ubuntu 18.04 [\#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) +- \(MODULES-6542\) - Adding SLES 11 & 12 to metadata [\#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) + +### Fixed + +- \(MODULES-7479\) Ensure net-tools is installed when testing on Ubuntu 18.04 [\#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) +- \(MODULES-7460\) - Updating grant table to include INSERT privileges [\#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) +- Fix packages choice for ubuntu 17.10 [\#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) + ## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) (2018-06-20) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.5.0...5.6.0) diff --git a/metadata.json b/metadata.json index ee858c89bd..4f41552e0a 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.6.0", + "version": "5.7.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From b34eeb3509b0c55e762d366a87e4a99049c1b751 Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Thu, 19 Jul 2018 14:56:20 -0700 Subject: [PATCH 0357/1000] (L10n) Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 9f4710c333..002d5a3157 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -754,6 +754,12 @@ PostgreSQL Pythonパッケージの名前。 #### postgresql::server +##### `config_entries` + +`postgresql::server::config_entry` のリソースを構築するハッシュを指定します。 + +デフォルト値: `{}` + ##### `createdb_path` **非推奨** `createdb`コマンドへのパスを指定します。 @@ -894,6 +900,12 @@ pg_ident.confファイルを上書きします。 `pg_hba.conf`ファイルへのパスを指定します。 +##### `pg_hba_rules` + +`postgresql::server::pg_hba_rule` のリソースを構築するハッシュを指定します。 + +デフォルト値: `{}` + ##### `pg_ident_conf_path` `pg_ident.conf`ファイルへのパスを指定します。 @@ -936,6 +948,12 @@ postgresユーザのパスワードを特定の値に設定します。デフォ デフォルト値: OSによって異なります。 +##### `roles` + +`postgresql::server::role` のリソースを構築するハッシュを指定します。 + +デフォルト値: `{}` + ##### `service_manage` Puppetがサービスを管理するかどうかを定義します。 @@ -1483,6 +1501,8 @@ PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し 全パラメータリストの詳細な説明は、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)にあります。 +テンプレートでは、指定されたパラメータのみが認識されます。`recovery.conf`は、少なくとも1つのパラメータが設定済みで、**かつ**、[manage_recovery_conf](#manage_recovery_conf)がtrueの場合のみ作成されます。 + パラメータは、次の3つのセクションにグループ分けされています。 ##### [アーカイブリカバリパラメータ](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) From cc1b05ed7e1e093e5ffb30e04f9cf761a3b88a3b Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Thu, 19 Jul 2018 14:58:25 -0700 Subject: [PATCH 0358/1000] (L10n) Updating translations for readmes/README_ja_JP.md From 6d165e76a8af99ccb0b911166012157b64979393 Mon Sep 17 00:00:00 2001 From: Mateusz Gozdek Date: Fri, 27 Jul 2018 11:53:25 +0200 Subject: [PATCH 0359/1000] metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 Changelog: https://forge.puppet.com/puppetlabs/apt/changelog#500-2018-07-18 This is to avoid warnings with dependencies. --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 4f41552e0a..d9295a3872 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 5.0.0" + "version_requirement": ">= 2.0.0 < 6.0.0" }, { "name": "puppetlabs/concat", From 6b2a26c77f273e5bf22b9069dc869cdd9c2a4b3e Mon Sep 17 00:00:00 2001 From: David Swan Date: Mon, 6 Aug 2018 11:45:40 +0100 Subject: [PATCH 0360/1000] (maint) - 5.8.0 Pre Release Also includes a pdk update made to allow use of the changelog generator. --- .gitignore | 1 + .pdkignore | 1 + .rubocop.yml | 3 ++ .sync.yml | 9 ++++++ .travis.yml | 16 +++++------ CHANGELOG.md | 11 ++++++++ Gemfile | 2 +- Rakefile | 69 +++++++++++++++++++++++++++++++++++++++++++++ metadata.json | 4 +-- spec/spec_helper.rb | 9 ++++++ 10 files changed, 114 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index 49bc2a4014..650022e58e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +.git/ .*.sw[op] .metadata .yardoc diff --git a/.pdkignore b/.pdkignore index 49bc2a4014..650022e58e 100644 --- a/.pdkignore +++ b/.pdkignore @@ -1,3 +1,4 @@ +.git/ .*.sw[op] .metadata .yardoc diff --git a/.rubocop.yml b/.rubocop.yml index 7ed6225c7d..54d1597aaa 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -71,6 +71,7 @@ RSpec/MessageSpies: Style/Documentation: Exclude: - lib/puppet/parser/functions/**/* + - spec/**/* Style/WordArray: EnforcedStyle: brackets Style/CollectionMethods: @@ -81,6 +82,8 @@ Style/StringMethods: Enabled: true Layout/EndOfLine: Enabled: false +Layout/IndentHeredoc: + Enabled: false Metrics/AbcSize: Enabled: false Metrics/BlockLength: diff --git a/.sync.yml b/.sync.yml index 6dd4f21391..9176c61ca7 100644 --- a/.sync.yml +++ b/.sync.yml @@ -30,6 +30,15 @@ Gemfile: from_env: BEAKER_HOSTGENERATOR_VERSION - gem: beaker-rspec from_env: BEAKER_RSPEC_VERSION + optional: + ':development': + - gem: 'github_changelog_generator' + git: 'https://github.com/skywinder/github-changelog-generator' + ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' + condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')" + +Rakefile: + changelog_user: puppetlabs appveyor.yml: delete: true diff --git a/.travis.yml b/.travis.yml index 76b202cef8..0ea4e0a606 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,7 +13,7 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.4.1 + - 2.4.4 env: global: - BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0" @@ -23,16 +23,16 @@ matrix: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 - rvm: 2.4.1 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply + rvm: 2.4.4 script: bundle exec rake beaker services: docker sudo: required - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 - rvm: 2.4.1 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply + rvm: 2.4.4 script: bundle exec rake beaker services: docker sudo: required @@ -45,9 +45,9 @@ matrix: rvm: 2.1.9 branches: only: - - master - - /^v\d/ - - release + - master + - /^v\d/ + - release notifications: email: false deploy: diff --git a/CHANGELOG.md b/CHANGELOG.md index c67ee2bdcb..f8fc2b1bca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) + +### Added + +- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [\#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) + ## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) (2018-07-19) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.6.0...5.7.0) @@ -1034,4 +1042,7 @@ Notable features: [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* + + \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* diff --git a/Gemfile b/Gemfile index a7ec8208c8..27a28c30f3 100644 --- a/Gemfile +++ b/Gemfile @@ -33,7 +33,7 @@ group :development do gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-blacksmith", '~> 3.4', require: false, platforms: [:ruby] + gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] diff --git a/Rakefile b/Rakefile index d4e36dadfd..335e3f1f3c 100644 --- a/Rakefile +++ b/Rakefile @@ -1,6 +1,75 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? +require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? + +def changelog_user + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = "puppetlabs" || JSON.load(File.read('metadata.json'))['author'] + raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator user:#{returnVal}" + returnVal +end + +def changelog_project + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = nil || JSON.load(File.read('metadata.json'))['name'] + raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator project:#{returnVal}" + returnVal +end + +def changelog_future_release + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = JSON.load(File.read('metadata.json'))['version'] + raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator future_release:#{returnVal}" + returnVal +end PuppetLint.configuration.send('disable_relative') +if Bundler.rubygems.find_name('github_changelog_generator').any? + GitHubChangelogGenerator::RakeTask.new :changelog do |config| + raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? + config.user = "#{changelog_user}" + config.project = "#{changelog_project}" + config.future_release = "#{changelog_future_release}" + config.exclude_labels = ['maintenance'] + config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." + config.add_pr_wo_labels = true + config.issues = false + config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" + config.configure_sections = { + "Changed" => { + "prefix" => "### Changed", + "labels" => ["backwards-incompatible"], + }, + "Added" => { + "prefix" => "### Added", + "labels" => ["feature", "enhancement"], + }, + "Fixed" => { + "prefix" => "### Fixed", + "labels" => ["bugfix"], + }, + } + end +else + desc 'Generate a Changelog from GitHub' + task :changelog do + raise <= Gem::Version.new('2.2.2')" +EOM + end +end + diff --git a/metadata.json b/metadata.json index d9295a3872..867d6bd83e 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.7.0", + "version": "5.8.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -84,5 +84,5 @@ ], "pdk-version": "1.5.0", "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-g34e3266" + "template-ref": "heads/master-0-g0657063" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e117192684..e69d11d8d5 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -34,3 +34,12 @@ Puppet.settings[:strict] = :warning end end + +def ensure_module_defined(module_name) + module_name.split('::').reduce(Object) do |last_module, next_module| + last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module) + last_module.const_get(next_module) + end +end + +# 'spec_overrides' from sync.yml will appear below this line From 2253dfd518098b6c0075d31cbc09ba488ef03a6b Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Wed, 8 Aug 2018 19:04:29 +0100 Subject: [PATCH 0361/1000] (MODULES-7626) - Update README Limitations section --- README.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/README.md b/README.md index d705551daf..7e81e8289c 100644 --- a/README.md +++ b/README.md @@ -1905,13 +1905,7 @@ The Postgresql module has an example task that allows a user to execute arbitary Works with versions of PostgreSQL from 8.1 through 9.5. -Currently, the postgresql module is tested on the following operating systems: - -* Debian 6.x, 7.x, 8.x. -* CentOS 5.x, 6.x, and 7.x. -* Ubuntu 10.04 and 12.04, 14.04. - -Other systems might be compatible, but are not being actively tested. +For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/metadata.json) ### Apt module support From e3930f893265bcadfd2835d1b0b17985987c0efd Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 21 Aug 2018 15:27:02 +0100 Subject: [PATCH 0362/1000] (MODULES-7658) use beaker3 in puppet-module-gems --- .sync.yml | 11 ----------- Gemfile | 5 ----- 2 files changed, 16 deletions(-) diff --git a/.sync.yml b/.sync.yml index 9176c61ca7..8215b0ab68 100644 --- a/.sync.yml +++ b/.sync.yml @@ -19,17 +19,6 @@ Gemfile: - mswin - mingw - x64_mingw - - gem: beaker - version: '~> 3.13' - from_env: BEAKER_VERSION - - gem: beaker-abs - from_env: BEAKER_ABS_VERSION - version: '~> 0.1' - - gem: beaker-pe - - gem: beaker-hostgenerator - from_env: BEAKER_HOSTGENERATOR_VERSION - - gem: beaker-rspec - from_env: BEAKER_RSPEC_VERSION optional: ':development': - gem: 'github_changelog_generator' diff --git a/Gemfile b/Gemfile index 27a28c30f3..b38f3982cd 100644 --- a/Gemfile +++ b/Gemfile @@ -38,11 +38,6 @@ end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 3.13') - gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') - gem "beaker-pe", require: false - gem "beaker-hostgenerator" - gem "beaker-rspec" end puppet_version = ENV['PUPPET_GEM_VERSION'] From 7613e080eeda721ae32a0de93f9e4076269a6fab Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Wed, 22 Aug 2018 14:54:38 +0100 Subject: [PATCH 0363/1000] pdksync_1.7.0-0-g57412ed --- .travis.yml | 6 +++--- Gemfile | 4 ++-- metadata.json | 4 ++-- spec/spec_helper.rb | 1 - 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0ea4e0a606..4208b9e749 100644 --- a/.travis.yml +++ b/.travis.yml @@ -45,9 +45,9 @@ matrix: rvm: 2.1.9 branches: only: - - master - - /^v\d/ - - release + - master + - /^v\d/ + - release notifications: email: false deploy: diff --git a/Gemfile b/Gemfile index b38f3982cd..05cb6e6f34 100644 --- a/Gemfile +++ b/Gemfile @@ -36,8 +36,8 @@ group :development do gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] + gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 867d6bd83e..f4d659167c 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 4.7.0 < 6.0.0" } ], - "pdk-version": "1.5.0", + "pdk-version": "1.7.0", "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-g0657063" + "template-ref": "1.7.0-0-g57412ed" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e69d11d8d5..5e721b7ff4 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,4 +1,3 @@ - require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' From e09adc1997b18d1a2eaf59d424153a7f5dbf7baa Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Thu, 23 Aug 2018 18:18:59 +0100 Subject: [PATCH 0364/1000] (MODULES-7705) - Bumping stdlib requirement to 6.0.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index f4d659167c..09708ca522 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 5.0.0" + "version_requirement": ">= 4.13.1 < 6.0.0" }, { "name": "puppetlabs/apt", From c18ca3aa52c4d499005e8a82ab4ef9163df25356 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Fri, 24 Aug 2018 14:45:38 +0100 Subject: [PATCH 0365/1000] Bump concat versoin --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 09708ca522..a56ad9f96c 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppetlabs/concat", - "version_requirement": ">= 1.1.0 < 5.0.0" + "version_requirement": ">= 1.1.0 < 6.0.0" } ], "operatingsystem_support": [ From c86da47360c6cca7a829883f3bc309f74ae1e647 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Fri, 24 Aug 2018 14:46:22 +0100 Subject: [PATCH 0366/1000] update apt dependency --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index a56ad9f96c..9cc62f7314 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 6.0.0" + "version_requirement": ">= 2.0.0 < 7.0.0" }, { "name": "puppetlabs/concat", From f909fc5da7d9f329a5a97050fe5f88829aa708ae Mon Sep 17 00:00:00 2001 From: tphoney Date: Thu, 30 Aug 2018 17:07:43 +0100 Subject: [PATCH 0367/1000] (MODULES-7658) use beaker4 in puppet-module-gems --- spec/spec_helper_acceptance.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index c4a982b98c..cd6c9e898e 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,3 +1,5 @@ +require 'beaker-pe' +require 'beaker-puppet' require 'puppet' require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' @@ -6,6 +8,7 @@ require 'beaker-task_helper' run_puppet_install_helper +configure_type_defaults_on(hosts) install_ca_certs unless pe_install? UNSUPPORTED_PLATFORMS = ['AIX', 'windows', 'Solaris', 'Suse'].freeze From 58e8f051953edd15b52e539f4d12fec2066382d5 Mon Sep 17 00:00:00 2001 From: Flavio Gurgel Date: Thu, 6 Sep 2018 16:31:46 +0200 Subject: [PATCH 0368/1000] Ignore .psqlrc so output is clean and doesn't break Puppet --- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- .../puppet/provider/postgresql_psql/ruby_spec.rb | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 45e7b077a2..39ed4e5772 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -13,7 +13,7 @@ def run_sql_command(sql) command = [resource[:psql_path]] command.push('-d', resource[:db]) if resource[:db] command.push('-p', resource[:port]) if resource[:port] - command.push('-t', '-c', '"' + sql.gsub('"', '\"') + '"') + command.push('-t', '-X', '-c', '"' + sql.gsub('"', '\"') + '"') environment = get_environment diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index bc53367553..c6620293d8 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -13,7 +13,7 @@ it 'executes with the given psql_path on the given DB' do expect(provider).to receive(:run_command).with(['psql', '-d', - attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', + attributes[:db], '-t', '-X', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -33,7 +33,7 @@ it 'executes with the given psql_path on the given DB' do expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], - '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], + '-d', attributes[:db], '-t', '-X', '-c', '"SELECT \'something\' as \"Custom column\""'], attributes[:psql_user], attributes[:psql_group], {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -47,7 +47,7 @@ end it 'executes with the given search_path' do - expect(provider).to receive(:run_command).with(['psql', '-t', '-c', + expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres', {}) @@ -62,7 +62,7 @@ end it 'executes with the given search_path' do - expect(provider).to receive(:run_command).with(['psql', '-t', '-c', + expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres', {}) @@ -77,7 +77,7 @@ it 'executes with the given port' do expect(provider).to receive(:run_command).with(['psql', '-p', '5555', - '-t', '-c', '"SELECT something"'], + '-t', '-X', '-c', '"SELECT something"'], 'postgres', 'postgres', {}) provider.run_sql_command('SELECT something') @@ -88,7 +88,7 @@ it 'executes with the given host' do expect(provider).to receive(:run_command).with(['psql', - '-t', '-c', + '-t', '-X', '-c', '"SELECT something"'], 'postgres', 'postgres', 'PGHOST' => '127.0.0.1') From 7430679459161c0f57aca4195c7644d49bcb7503 Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 6 Sep 2018 15:53:09 +0100 Subject: [PATCH 0369/1000] 5.9.0 Pre Release --- CHANGELOG.md | 13 +++++++++---- HISTORY.md | 2 +- metadata.json | 2 +- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f8fc2b1bca..d74c7e2dad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) (2018-09-06) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.8.0...5.9.0) + +### Added + +- pdksync - \(MODULES-7705\) - Bumping stdlib dependency from \< 5.0.0 to \< 6.0.0 [\#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) + ## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) @@ -64,7 +72,7 @@ All notable changes to this project will be documented in this file. The format - Documentation error, `reassign\_owned\_by` uses `\*\_role` not `\*\_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) -## Supported Release [5.3.0] +## 5.3.0 ### Summary Implements rubocop changes within the module, alongside other smaller changes. @@ -1042,7 +1050,4 @@ Notable features: [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* - - \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* diff --git a/HISTORY.md b/HISTORY.md index e688f91425..cd32fe9a24 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -1,4 +1,4 @@ -## Supported Release [5.3.0] +## 5.3.0 ### Summary Implements rubocop changes within the module, alongside other smaller changes. diff --git a/metadata.json b/metadata.json index 9cc62f7314..2df3cf7996 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.8.0", + "version": "5.9.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From c158929a04b45304f1d935de699a33e26a28badd Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 20 Sep 2018 12:49:22 +0100 Subject: [PATCH 0370/1000] (MODULES-7827) - Update to pre test logic for puppet 6 --- spec/spec_helper_acceptance.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index cd6c9e898e..52d32b141d 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -62,7 +62,7 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) # Configure all nodes in nodeset c.before :suite do - run_puppet_access_login(user: 'admin') if pe_install? && puppet_version =~ %r{(5\.\d\.\d)} + run_puppet_access_login(user: 'admin') if pe_install? && (Gem::Version.new(puppet_version) >= Gem::Version.new('5.0.0')) # Set up selinux if appropriate. if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' pp = <<-EOS From 3e2935755774e52c46884fa7c312b910465ea6a9 Mon Sep 17 00:00:00 2001 From: tphoney Date: Thu, 20 Sep 2018 16:33:43 +0100 Subject: [PATCH 0371/1000] (MODULES-6805) metadata.json shows support for puppet 6 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 2df3cf7996..425bc50f4f 100644 --- a/metadata.json +++ b/metadata.json @@ -79,7 +79,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 4.7.0 < 6.0.0" + "version_requirement": ">= 4.7.0 < 7.0.0" } ], "pdk-version": "1.7.0", From fb661124661fc6e568bfa7d0ba75d192c54b3978 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Mon, 24 Sep 2018 17:02:26 +0100 Subject: [PATCH 0372/1000] (FM-7392) - Puppet 6 Testing Changes --- .rubocop.yml | 4 ++++ .travis.yml | 15 +++++++++------ Gemfile | 22 +++++++--------------- metadata.json | 2 +- spec/default_facts.yml | 2 +- 5 files changed, 22 insertions(+), 23 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 54d1597aaa..f5a6c2a412 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -19,6 +19,10 @@ AllCops: Metrics/LineLength: Description: People have wide screens, use them. Max: 200 +GetText/DecorateString: + Description: We don't want to decorate test output. + Exclude: + - spec/* RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. diff --git a/.travis.yml b/.travis.yml index 4208b9e749..e861e357f3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,26 +13,26 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.4.4 + - 2.5.0 env: global: - - BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0" + - BEAKER_PUPPET_COLLECTION=puppet6 PUPPET_GEM_VERSION="~> 6.0" matrix: fast_finish: true include: - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply - rvm: 2.4.4 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply + rvm: 2.5.0 script: bundle exec rake beaker services: docker sudo: required - bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply - rvm: 2.4.4 + env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply + rvm: 2.5.0 script: bundle exec rake beaker services: docker sudo: required @@ -40,6 +40,9 @@ matrix: env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop" - env: CHECK=parallel_spec + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.4 - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec rvm: 2.1.9 diff --git a/Gemfile b/Gemfile index 05cb6e6f34..47fa24e654 100644 --- a/Gemfile +++ b/Gemfile @@ -1,22 +1,15 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' def location_for(place_or_version, fake_version = nil) - if place_or_version =~ %r{\A(git[:@][^#]*)#(.*)} - [fake_version, { git: Regexp.last_match(1), branch: Regexp.last_match(2), require: false }].compact - elsif place_or_version =~ %r{\Afile:\/\/(.*)} - ['>= 0', { path: File.expand_path(Regexp.last_match(1)), require: false }] - else - [place_or_version, { require: false }] - end -end + git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} + file_url_regex = %r{\Afile:\/\/(?.*)} -def gem_type(place_or_version) - if place_or_version =~ %r{\Agit[:@]} - :git - elsif !place_or_version.nil? && place_or_version.start_with?('file:') - :file + if place_or_version && (git_url = place_or_version.match(git_url_regex)) + [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact + elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) + ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] else - :gem + [place_or_version, { require: false }] end end @@ -41,7 +34,6 @@ group :system_tests do end puppet_version = ENV['PUPPET_GEM_VERSION'] -puppet_type = gem_type(puppet_version) facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 2df3cf7996..bb43314870 100644 --- a/metadata.json +++ b/metadata.json @@ -84,5 +84,5 @@ ], "pdk-version": "1.7.0", "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "1.7.0-0-g57412ed" + "template-ref": "heads/master-0-g8fc95db" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml index 3248be5aa6..e10d991db2 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,7 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -concat_basedir: "/tmp" +concat_basedir: "" ipaddress: "172.16.254.254" is_pe: false macaddress: "AA:AA:AA:AA:AA:AA" From bda50effc0d69e65e53e53de64c739726ebc8711 Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Tue, 25 Sep 2018 15:31:47 +0100 Subject: [PATCH 0373/1000] (MODULES-7852) - Fix Puppet 6 related failures --- .fixtures.yml | 6 ++++++ manifests/server/grant.pp | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.fixtures.yml b/.fixtures.yml index 5dbd5d048d..f639c3b9db 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -4,5 +4,11 @@ fixtures: stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" + yumrepo_core: + repo: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" + puppet_version: ">= 6.0.0" + augeas_core: + repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" + puppet_version: ">= 6.0.0" symlinks: postgresql: "#{source_dir}" diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 42613fe933..72b36a0251 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -2,7 +2,7 @@ define postgresql::server::grant ( String $role, String $db, - Optional[String] $privilege = undef, + String $privilege = '', Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, /(?i:^ALL TABLES IN SCHEMA$)/, From a50f381293b833eef9b1ba1a7553e33d75b29989 Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 27 Sep 2018 12:26:11 +0100 Subject: [PATCH 0374/1000] (MODULES-7918) - 5.10.0 Release Prep --- CHANGELOG.md | 8 ++++++++ metadata.json | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d74c7e2dad..f1d10e44b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) (2018-09-27) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.9.0...5.10.0) + +### Added + +- pdksync - \(MODULES-6805\) metadata.json shows support for puppet 6 [\#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) + ## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) (2018-09-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.8.0...5.9.0) diff --git a/metadata.json b/metadata.json index 87d97c8441..b9f763af9e 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.9.0", + "version": "5.10.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From dac781bac97bfd8aa2150e906d1da1f54e41a417 Mon Sep 17 00:00:00 2001 From: Sirak Date: Wed, 17 Oct 2018 13:57:40 +0200 Subject: [PATCH 0375/1000] Add postgis support for postgres 10 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index a71253bbb8..d10d4244af 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -145,6 +145,7 @@ '9.4' => '2.3', '9.5' => '2.3', '9.6' => '2.3', + '10' => '2.4', default => undef, } $globals_postgis_version = $postgis_version ? { From ff222882f19cb0c5ea4cf532ad465c9841ab004a Mon Sep 17 00:00:00 2001 From: James Stuart Date: Fri, 2 Nov 2018 12:23:30 +0000 Subject: [PATCH 0376/1000] strip quotes from roles in check of existing perms --- manifests/server/grant.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 72b36a0251..80e970f059 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -187,7 +187,7 @@ SELECT DISTINCT object_schema, object_name, - (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, + regexp_replace((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1],'\"','','g') AS grantee, regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split FROM ( SELECT n.nspname as object_schema, @@ -221,7 +221,7 @@ SELECT DISTINCT object_schema, object_name, - (regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1] AS grantee, + regexp_replace((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[1],'\"','','g') AS grantee, regexp_split_to_table((regexp_split_to_array(regexp_replace(privs,E'/.*',''),'='))[2],E'\\s*') AS privs_split FROM ( SELECT n.nspname as object_schema, From 6c55f23b1ee3639df8ea20c85511b7af01b6d8b8 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 7 Nov 2018 10:23:37 +0000 Subject: [PATCH 0377/1000] pdksync_heads/master-0-gabccfb1 --- metadata.json | 2 +- spec/spec_helper.rb | 24 ++++++++++++------------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/metadata.json b/metadata.json index b9f763af9e..952cbd8f1e 100644 --- a/metadata.json +++ b/metadata.json @@ -84,5 +84,5 @@ ], "pdk-version": "1.7.0", "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-g8fc95db" + "template-ref": "heads/master-0-gabccfb1" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 5e721b7ff4..a7281d5300 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,11 +1,7 @@ require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' -begin - require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) -rescue LoadError => loaderror - warn "Could not require spec_helper_local: #{loaderror.message}" -end +require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) include RspecPuppetFacts @@ -14,15 +10,19 @@ facterversion: Facter.version, } -default_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')) -default_module_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')) +default_fact_files = [ + File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), + File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), +] -if File.exist?(default_facts_path) && File.readable?(default_facts_path) - default_facts.merge!(YAML.safe_load(File.read(default_facts_path))) -end +default_fact_files.each do |f| + next unless File.exist?(f) && File.readable?(f) && File.size?(f) -if File.exist?(default_module_facts_path) && File.readable?(default_module_facts_path) - default_facts.merge!(YAML.safe_load(File.read(default_module_facts_path))) + begin + default_facts.merge!(YAML.safe_load(File.read(f))) + rescue => e + RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" + end end RSpec.configure do |c| From 9a052db405a7f81546101ef041bb32267f275509 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Tue, 20 Nov 2018 15:54:22 -0500 Subject: [PATCH 0378/1000] Add support for Fedora 29 Fedora 29 provides postgresql 10.6-1.fc29. --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index d10d4244af..27781f3491 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -65,6 +65,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(29)$/ => '10.6', /^(28)$/ => '10.4', /^(26|27)$/ => '9.6', /^(24|25)$/ => '9.5', From 1537d6f1178972c31826c087c5f01e9b2ddf494c Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Wed, 21 Nov 2018 12:31:19 +0000 Subject: [PATCH 0379/1000] (MODULES-8280) - Release Prep 5.11.0 --- CHANGELOG.md | 14 ++++++++++++++ metadata.json | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f1d10e44b3..397c8cc0ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) (2018-11-21) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.10.0...5.11.0) + +### Added + +- Add postgis support for postgres 10 [\#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) + +### Fixed + +- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) +- Ignore .psqlrc so output is clean and doesn't break Puppet [\#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) +- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [\#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) + ## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) (2018-09-27) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.9.0...5.10.0) diff --git a/metadata.json b/metadata.json index 952cbd8f1e..2dc2973460 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.10.0", + "version": "5.11.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From c360b8e2f0aa36c315d0c937a7501817126fe155 Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Mon, 17 Dec 2018 11:32:16 +0000 Subject: [PATCH 0380/1000] pdksync_heads/master-0-gbf720df --- .gitattributes | 2 +- .pdkignore | 13 +++++++++++++ .puppet-lint.rc | 0 .travis.yml | 7 +++---- Rakefile | 1 + metadata.json | 6 +++--- spec/default_facts.yml | 1 - spec/spec_helper.rb | 4 ++-- 8 files changed, 23 insertions(+), 11 deletions(-) create mode 100644 .puppet-lint.rc diff --git a/.gitattributes b/.gitattributes index 02d4646b9b..9032a014a0 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,5 +1,5 @@ -#This file is generated by ModuleSync, do not edit. *.rb eol=lf *.erb eol=lf *.pp eol=lf *.sh eol=lf +*.epp eol=lf diff --git a/.pdkignore b/.pdkignore index 650022e58e..b713b3b1f7 100644 --- a/.pdkignore +++ b/.pdkignore @@ -22,3 +22,16 @@ /convert_report.txt /update_report.txt .DS_Store +/appveyor.yml +/.fixtures.yml +/Gemfile +/.gitattributes +/.gitignore +/.gitlab-ci.yml +/.pdkignore +/Rakefile +/.rspec +/.rubocop.yml +/.travis.yml +/.yardopts +/spec/ diff --git a/.puppet-lint.rc b/.puppet-lint.rc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/.travis.yml b/.travis.yml index e861e357f3..11cc5a5d00 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,4 @@ --- -sudo: false dist: trusty language: ruby cache: bundler @@ -13,7 +12,7 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.0 + - 2.5.1 env: global: - BEAKER_PUPPET_COLLECTION=puppet6 PUPPET_GEM_VERSION="~> 6.0" @@ -24,7 +23,7 @@ matrix: bundler_args: dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply - rvm: 2.5.0 + rvm: 2.5.1 script: bundle exec rake beaker services: docker sudo: required @@ -32,7 +31,7 @@ matrix: bundler_args: dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply - rvm: 2.5.0 + rvm: 2.5.1 script: bundle exec rake beaker services: docker sudo: required diff --git a/Rakefile b/Rakefile index 335e3f1f3c..30c359cfda 100644 --- a/Rakefile +++ b/Rakefile @@ -2,6 +2,7 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? +require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" diff --git a/metadata.json b/metadata.json index 2dc2973460..2868143a4c 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 4.7.0 < 7.0.0" } ], - "pdk-version": "1.7.0", + "pdk-version": "1.8.0", "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-gabccfb1" -} + "template-ref": "heads/master-0-gbf720df" +} \ No newline at end of file diff --git a/spec/default_facts.yml b/spec/default_facts.yml index e10d991db2..ea1e4808e3 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,6 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -concat_basedir: "" ipaddress: "172.16.254.254" is_pe: false macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index a7281d5300..35654b3d2c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -36,8 +36,8 @@ def ensure_module_defined(module_name) module_name.split('::').reduce(Object) do |last_module, next_module| - last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module) - last_module.const_get(next_module) + last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) + last_module.const_get(next_module, false) end end From b230c09081d16c90d11189c695edcc1b733ea595 Mon Sep 17 00:00:00 2001 From: tphoney Date: Thu, 20 Dec 2018 10:09:32 +0000 Subject: [PATCH 0381/1000] (FM-7655) Fix rubygems-update for ruby < 2.3 --- .travis.yml | 4 ++-- metadata.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 11cc5a5d00..2404189c6d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,7 @@ cache: bundler before_install: - bundle -v - rm -f Gemfile.lock - - gem update --system + - gem update --system $RUBYGEMS_VERSION - gem --version - bundle -v script: @@ -43,7 +43,7 @@ matrix: env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec rvm: 2.4.4 - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec RUBYGEMS_VERSION=2.7.8 rvm: 2.1.9 branches: only: diff --git a/metadata.json b/metadata.json index 2868143a4c..e4d38224dd 100644 --- a/metadata.json +++ b/metadata.json @@ -83,6 +83,6 @@ } ], "pdk-version": "1.8.0", - "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-gbf720df" + "template-url": "https://github.com/puppetlabs/pdk-templates/", + "template-ref": "heads/master-0-g20af4c6" } \ No newline at end of file From 63dffe0287c1aa35f27b70f7eb0f93c33cb49886 Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Thu, 20 Dec 2018 11:42:48 -0800 Subject: [PATCH 0382/1000] (MODULES-8352) Don't use empty encoding string on initdb pgsql 11 no longer allows initdb with an empty encoding string. Only include the string when $encoding is set. --- manifests/server/initdb.pp | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 70bf9a7319..a5f558c96d 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -69,7 +69,7 @@ # We optionally add the locale switch if specified. Older versions of the # initdb command don't accept this switch. So if the user didn't pass the # parameter, lets not pass the switch at all. - $ic_base = "${initdb_path} --encoding '${encoding}' --pgdata '${datadir}'" + $ic_base = "${initdb_path} --pgdata '${datadir}'" $ic_xlog = $xlogdir ? { undef => $ic_base, default => "${ic_base} -X '${xlogdir}'" @@ -83,9 +83,15 @@ $require_before_initdb = [$datadir] } - $ic_locale = $locale ? { + # PostgreSQL 11 no longer allows empty encoding + $ic_encoding = $encoding ? { undef => $ic_xlog, - default => "${ic_xlog} --locale '${locale}'" + default => "${ic_xlog} --encoding '${encoding}'" + } + + $ic_locale = $locale ? { + undef => $ic_encoding, + default => "${ic_encoding} --locale '${locale}'" } $initdb_command = $data_checksums ? { From e94895417166d8fc70714f588589d7f220c802d1 Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Thu, 20 Dec 2018 13:01:44 -0800 Subject: [PATCH 0383/1000] (maint) remove inconsistent extra variable This just removes a variable that was confusing because of how inconsistently it was used, and didn't really appear to be adding much value anyway. --- manifests/server.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 2f2fe1506b..80e25a1475 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -63,8 +63,6 @@ #Deprecated $version = undef, ) inherits postgresql::params { - $pg = 'postgresql::server' - if $version != undef { warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') $_version = $version @@ -77,7 +75,9 @@ } # Reload has its own ordering, specified by other defines - class { "${pg}::reload": require => Class["${pg}::install"] } + class { 'postgresql::server::reload': + require => Class['postgresql::server::install'], + } contain postgresql::server::install contain postgresql::server::initdb From 780156a9d2ebd4c0fd1269d9e2a3b5e48808930e Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 3 Jan 2019 14:35:09 +0000 Subject: [PATCH 0384/1000] pdksync_heads/master-0-g9c815ea --- .travis.yml | 5 ++++- metadata.json | 6 +++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 2404189c6d..d01788de6d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,6 +3,9 @@ dist: trusty language: ruby cache: bundler before_install: + - if [ $BUNDLER_VERSION ]; then + gem install -v $BUNDLER_VERSION bundler --no-rdoc --no-ri; + fi - bundle -v - rm -f Gemfile.lock - gem update --system $RUBYGEMS_VERSION @@ -43,7 +46,7 @@ matrix: env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec rvm: 2.4.4 - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec RUBYGEMS_VERSION=2.7.8 + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec RUBYGEMS_VERSION=2.7.8 BUNDLER_VERSION=1.17.3 rvm: 2.1.9 branches: only: diff --git a/metadata.json b/metadata.json index e4d38224dd..ff01f97e71 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 4.7.0 < 7.0.0" } ], - "pdk-version": "1.8.0", + "pdk-version": "1.7.1", "template-url": "https://github.com/puppetlabs/pdk-templates/", - "template-ref": "heads/master-0-g20af4c6" -} \ No newline at end of file + "template-ref": "heads/master-0-g9c815ea" +} From 537f4422b7a2f52f65f214161c548f5c41739f71 Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 10 Jan 2019 15:34:44 +0000 Subject: [PATCH 0385/1000] pdksync_heads/master-0-g6814a87 --- .travis.yml | 6 ------ Gemfile | 3 ++- metadata.json | 2 +- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.travis.yml b/.travis.yml index d01788de6d..cc2ac0b13e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,9 +3,6 @@ dist: trusty language: ruby cache: bundler before_install: - - if [ $BUNDLER_VERSION ]; then - gem install -v $BUNDLER_VERSION bundler --no-rdoc --no-ri; - fi - bundle -v - rm -f Gemfile.lock - gem update --system $RUBYGEMS_VERSION @@ -45,9 +42,6 @@ matrix: - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec rvm: 2.4.4 - - - env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec RUBYGEMS_VERSION=2.7.8 BUNDLER_VERSION=1.17.3 - rvm: 2.1.9 branches: only: - master diff --git a/Gemfile b/Gemfile index 47fa24e654..b7d80c3e53 100644 --- a/Gemfile +++ b/Gemfile @@ -21,7 +21,8 @@ group :development do gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4') + gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] diff --git a/metadata.json b/metadata.json index ff01f97e71..04ba05f037 100644 --- a/metadata.json +++ b/metadata.json @@ -84,5 +84,5 @@ ], "pdk-version": "1.7.1", "template-url": "https://github.com/puppetlabs/pdk-templates/", - "template-ref": "heads/master-0-g9c815ea" + "template-ref": "heads/master-0-g6814a87" } From 95db843a80ece9303e2e84f46b002e43373f4aeb Mon Sep 17 00:00:00 2001 From: Olav Morken Date: Tue, 15 Jan 2019 08:56:17 +0100 Subject: [PATCH 0386/1000] (MODULES-3804) Fix sort order of pg_hba_rule entries The `$order`-parameter to `pg_hba_rule` can be either an integer or a string, but the corresponding `concat`-resource is configured to sort the entries using alphanumeric sort. The result is that a `pg_hba_rule` entry with `order => 2` sorts after an entry with `order => 10`. This is also a problem with the default `pg_hba_rule` entries, which uses numeric order values 1, 2, 3, 4, 100 and 101. These are sorted in the incorrect order (1, 100, 101, 2, 3, 4). Unfortunately, since string values are allowed in the `$order`-parameter, we cannot simply change the `concat`-resource to use numeric sort. This patch fixes this issue by zero-padding all integer values to three digits. E.g. 1 becomes `001`, and 10 becomes `010`. This should work well for integer values from 0 through 999, and works well with earlier versions of the module which used string values in that range for the `$order`-parameter. --- README.md | 6 ++ manifests/server/pg_hba_rule.pp | 9 +- spec/unit/defines/server/pg_hba_rule_spec.rb | 89 ++++++++++++++++++++ 3 files changed, 103 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7e81e8289c..4155a7773a 100644 --- a/README.md +++ b/README.md @@ -1400,6 +1400,12 @@ Specifies a way to uniquely identify this resource, but functionally does nothin Sets an order for placing the rule in `pg_hba.conf`. +This can be either a string or an integer. +If it is an integer, it will be converted to a string by zero-padding it to three digits. +E.g. `42` will be zero-padded to the string `'042'`. + +The `pg_hba_rule` fragments are sorted using the `alpha` sorting [order](https://forge.puppet.com/puppetlabs/concat/reference#order). + Default value: 150. #### `postgresql_version` diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index dce58a0ffb..c215c2f12a 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -32,6 +32,13 @@ fail('You must specify an address property when type is host based') } + if $order =~ Integer { + $_order = sprintf('%03d', $order) + } + else { + $_order = $order + } + $allowed_auth_methods = $postgresql_version ? { '10' => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], '9.6' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], @@ -55,7 +62,7 @@ concat::fragment { $fragname: target => $target, content => template('postgresql/pg_hba_rule.conf'), - order => $order, + order => $_order, } } } diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 4c3f977273..1637b42585 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -145,4 +145,93 @@ class { 'postgresql::server': } end end end + + context 'order' do + context 'default' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'local', + database: 'all', + user: 'all', + auth_method: 'ident', + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '150') + end + end + + context 'string' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'local', + database: 'all', + user: 'all', + auth_method: 'ident', + order: '12', + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '12') + end + end + + context 'short integer' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'local', + database: 'all', + user: 'all', + auth_method: 'ident', + order: 12, + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '012') + end + end + + context 'long integer' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'local', + database: 'all', + user: 'all', + auth_method: 'ident', + order: 1234, + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '1234') + end + end + end end From 0cc37d52f214e3d07825dfb273dd020666623856 Mon Sep 17 00:00:00 2001 From: lionce Date: Thu, 31 Jan 2019 12:15:52 +0200 Subject: [PATCH 0387/1000] pdksync_1.9.0-0-g7281db5 --- .puppet-lint.rc | 1 + metadata.json | 6 +++--- spec/spec_helper.rb | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.puppet-lint.rc b/.puppet-lint.rc index e69de29bb2..cc96ece051 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -0,0 +1 @@ +--relative diff --git a/metadata.json b/metadata.json index 04ba05f037..d56c7af464 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 4.7.0 < 7.0.0" } ], - "pdk-version": "1.7.1", + "pdk-version": "1.9.0", "template-url": "https://github.com/puppetlabs/pdk-templates/", - "template-ref": "heads/master-0-g6814a87" -} + "template-ref": "1.9.0-0-g7281db5" +} \ No newline at end of file diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 35654b3d2c..0d5efc0be2 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -32,6 +32,9 @@ # by default Puppet runs at warning level Puppet.settings[:strict] = :warning end + c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] + c.after(:suite) do + end end def ensure_module_defined(module_name) From d6fee1d153a7c116aaa29f96d340dd3834feee9e Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Thu, 31 Jan 2019 13:41:39 +0000 Subject: [PATCH 0388/1000] (MODULES-8553) Fix dependancy on apt by explicitly using 'puppetlabs-apt' as tag --- manifests/repo/apt_postgresql_org.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 1bbf62048a..86d2b40f8d 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -27,6 +27,6 @@ }, } - Apt::Source['apt.postgresql.org']->Package<|tag == 'postgresql'|> + Apt::Source['apt.postgresql.org']->Package<|tag == 'puppetlabs-postgresql'|> Class['Apt::Update'] -> Package<|tag == 'postgresql'|> } From 71c01573d2b63824cc14a875b4bf4e160eb3492a Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Fri, 1 Feb 2019 11:51:17 +0000 Subject: [PATCH 0389/1000] Release prep 5.12.0 --- CHANGELOG.md | 14 ++++++++++++++ metadata.json | 4 ++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 397c8cc0ef..8d50009a39 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-01-31) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.11.0...5.12.0) + +### Added + +- \(MODULES-3804\) Fix sort order of pg\_hba\_rule entries [\#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) + +### Fixed + +- \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) +- \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) +- pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) + ## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) (2018-11-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.10.0...5.11.0) diff --git a/metadata.json b/metadata.json index d56c7af464..3dd4660cdc 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.11.0", + "version": "5.12.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", @@ -85,4 +85,4 @@ "pdk-version": "1.9.0", "template-url": "https://github.com/puppetlabs/pdk-templates/", "template-ref": "1.9.0-0-g7281db5" -} \ No newline at end of file +} From facd625e2ad3c3b304cc330b1b071874f48a8e66 Mon Sep 17 00:00:00 2001 From: Helen Campbell Date: Tue, 5 Feb 2019 16:32:36 +0000 Subject: [PATCH 0390/1000] (MODULES-8553) Further cleanup for package tag issues --- manifests/client.pp | 2 +- manifests/lib/devel.pp | 2 +- manifests/lib/docs.pp | 2 +- manifests/lib/java.pp | 2 +- manifests/lib/perl.pp | 1 + manifests/lib/python.pp | 1 + manifests/repo/apt_postgresql_org.pp | 2 +- manifests/repo/yum_postgresql_org.pp | 2 +- manifests/server/contrib.pp | 2 +- manifests/server/extension.pp | 2 +- manifests/server/install.pp | 2 +- manifests/server/plperl.pp | 2 +- manifests/server/plpython.pp | 2 +- manifests/server/postgis.pp | 2 +- spec/unit/classes/client_spec.rb | 4 ++-- spec/unit/classes/lib/java_spec.rb | 6 +++--- spec/unit/classes/lib/pgdocs_spec.rb | 4 ++-- spec/unit/classes/server/contrib_spec.rb | 4 ++-- spec/unit/classes/server/plperl_spec.rb | 4 ++-- spec/unit/classes/server/plpython_spec.rb | 4 ++-- spec/unit/classes/server/postgis_spec.rb | 4 ++-- 21 files changed, 29 insertions(+), 27 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index 7e6da1c47b..ce41346e2e 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -10,7 +10,7 @@ package { 'postgresql-client': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index e6ff183a23..122f588cd0 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -13,7 +13,7 @@ package { 'postgresql-devel': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } if $link_pg_config { diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index f3c31ff647..8482e0393f 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -8,7 +8,7 @@ package { 'postgresql-docs': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index dc131d50fb..5a91e57964 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -8,7 +8,7 @@ package { 'postgresql-jdbc': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 67fd4a28fe..7ad9c8b83b 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -8,6 +8,7 @@ package { 'perl-DBD-Pg': ensure => $package_ensure, name => $package_name, + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 590727dc82..93c70e66aa 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -8,6 +8,7 @@ package { 'python-psycopg2': ensure => $package_ensure, name => $package_name, + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 86d2b40f8d..ffbfbd5db7 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -28,5 +28,5 @@ } Apt::Source['apt.postgresql.org']->Package<|tag == 'puppetlabs-postgresql'|> - Class['Apt::Update'] -> Package<|tag == 'postgresql'|> + Class['Apt::Update'] -> Package<|tag == 'puppetlabs-postgresql'|> } diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 1ee8c9acb3..e6ae6f56fa 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -32,5 +32,5 @@ proxy => $postgresql::repo::proxy, } - Yumrepo['yum.postgresql.org'] -> Package<|tag == 'postgresql'|> + Yumrepo['yum.postgresql.org'] -> Package<|tag == 'puppetlabs-postgresql'|> } diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 7e3426bc30..6c55bc1547 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -11,7 +11,7 @@ package { 'postgresql-contrib': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } anchor { 'postgresql::server::contrib::start': } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 9fb100c246..37ba56c2a7 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -87,7 +87,7 @@ ensure_packages($package_name, { ensure => $_package_ensure, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', require => $package_require, before => $package_before, }) diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 57fd0d35b2..057f686743 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -16,7 +16,7 @@ # This is searched for to create relationships with the package repos, be # careful about its removal - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } } diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index 53145dab9c..bb3bdbe1a0 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -7,7 +7,7 @@ package { 'postgresql-plperl': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } anchor { 'postgresql::server::plperl::start': } diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 892a95cc20..7d0a4638a4 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -7,7 +7,7 @@ package { 'postgresql-plpython': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } anchor { 'postgresql::server::plpython::start': } diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index a4e4321de5..1f45921a4c 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -7,7 +7,7 @@ package { 'postgresql-postgis': ensure => $package_ensure, name => $package_name, - tag => 'postgresql', + tag => 'puppetlabs-postgresql', } anchor { 'postgresql::server::postgis::start': } diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index b28d992d31..7084084011 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -22,7 +22,7 @@ it 'modifies package' do is_expected.to contain_package('postgresql-client').with(ensure: 'absent', name: 'mypackage', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end it 'has specified validate connexion' do @@ -35,7 +35,7 @@ describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-client').with(tag: 'postgresql') + is_expected.to contain_package('postgresql-client').with(tag: 'puppetlabs-postgresql') end end diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 45552932ac..8aed2ac522 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -14,7 +14,7 @@ is_expected.to contain_package('postgresql-jdbc').with( name: 'libpostgresql-jdbc-java', ensure: 'present', - tag: 'postgresql', + tag: 'puppetlabs-postgresql', ) } end @@ -32,7 +32,7 @@ is_expected.to contain_package('postgresql-jdbc').with( name: 'postgresql-jdbc', ensure: 'present', - tag: 'postgresql', + tag: 'puppetlabs-postgresql', ) } describe 'when parameters are supplied' do @@ -44,7 +44,7 @@ is_expected.to contain_package('postgresql-jdbc').with( name: 'somepackage', ensure: 'latest', - tag: 'postgresql', + tag: 'puppetlabs-postgresql', ) } end diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/unit/classes/lib/pgdocs_spec.rb index 878abaced7..b531e79423 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/unit/classes/lib/pgdocs_spec.rb @@ -14,7 +14,7 @@ is_expected.to contain_package('postgresql-docs').with( name: 'postgresql-docs', ensure: 'present', - tag: 'postgresql', + tag: 'puppetlabs-postgresql', ) } describe 'when parameters are supplied' do @@ -26,7 +26,7 @@ is_expected.to contain_package('postgresql-docs').with( name: 'somepackage', ensure: 'latest', - tag: 'postgresql', + tag: 'puppetlabs-postgresql', ) } end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index 529357d7cd..fc4c8ab4af 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -28,13 +28,13 @@ it 'creates package with correct params' do is_expected.to contain_package('postgresql-contrib').with(ensure: 'absent', name: 'mypackage', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-contrib').with(tag: 'postgresql') + is_expected.to contain_package('postgresql-contrib').with(tag: 'puppetlabs-postgresql') end end diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index c5614fe1af..721ebdbd3e 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -21,7 +21,7 @@ it { is_expected.to contain_class('postgresql::server::plperl') } it 'creates package' do is_expected.to contain_package('postgresql-plperl').with(ensure: 'present', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end @@ -37,7 +37,7 @@ it 'creates package with correct params' do is_expected.to contain_package('postgresql-plperl').with(ensure: 'absent', name: 'mypackage', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end end diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index ea879518e3..26f6bf9a34 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -22,7 +22,7 @@ it { is_expected.to contain_class('postgresql::server::plpython') } it 'creates package' do is_expected.to contain_package('postgresql-plpython').with(ensure: 'present', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end @@ -38,7 +38,7 @@ it 'creates package with correct params' do is_expected.to contain_package('postgresql-plpython').with(ensure: 'absent', name: 'mypackage', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end end diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index 666d6a9fa2..53cd48f011 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -28,13 +28,13 @@ it 'creates package with correct params' do is_expected.to contain_package('postgresql-postgis').with(ensure: 'absent', name: 'mypackage', - tag: 'postgresql') + tag: 'puppetlabs-postgresql') end end describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-postgis').with(tag: 'postgresql') + is_expected.to contain_package('postgresql-postgis').with(tag: 'puppetlabs-postgresql') end end end From db0838f696d8f47fa075d0822180def38993b27c Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 12 Feb 2019 17:31:02 +0000 Subject: [PATCH 0391/1000] (FM-7811) - Use postgresql 9.4 for SLES 11 sp4 Also enabling SLES testing --- manifests/globals.pp | 3 ++- spec/acceptance/z_alternative_pgdata_spec.rb | 6 ++++++ spec/spec_helper_acceptance.rb | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 27781f3491..82e8e81b14 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -116,7 +116,8 @@ }, 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { - /11\.[0-4]/ => '91', + /11\.[0-3]/ => '91', + /11\.4/ => '94', /12\.0/ => '93', /12\.[1-2]/ => '94', default => '96', diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index b893630982..f0a8eafbdf 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -9,6 +9,12 @@ end describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + before(:each) do + if fact('osfamily') == 'Suse' + skip "These test's currently do not work on SLES/Suse modules" + end + end + it 'on an alternative pgdata location' do pp = <<-MAIFEST #file { '/var/lib/pgsql': ensure => directory, } -> diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 52d32b141d..6444a06646 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -11,7 +11,7 @@ configure_type_defaults_on(hosts) install_ca_certs unless pe_install? -UNSUPPORTED_PLATFORMS = ['AIX', 'windows', 'Solaris', 'Suse'].freeze +UNSUPPORTED_PLATFORMS = ['AIX', 'windows', 'Solaris'].freeze install_bolt_on(hosts) unless pe_install? install_module_on(hosts) From 2861430a305c6d2554fa56b7b1d5bdae24731481 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Thu, 14 Feb 2019 11:13:39 +0000 Subject: [PATCH 0392/1000] (MODULES-8655) - Release Prep 5.12.1 --- CHANGELOG.md | 11 ++++++++++- metadata.json | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d50009a39..fa71aa0f7a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-01-31) +## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) (2019-02-14) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.0...5.12.1) + +### Fixed + +- \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) +- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) + +## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.11.0...5.12.0) diff --git a/metadata.json b/metadata.json index 3dd4660cdc..712aa5a7ab 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.12.0", + "version": "5.12.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From d19411b722b056bf9e0d27b09baa25b48047fe7b Mon Sep 17 00:00:00 2001 From: transifex-bot Date: Thu, 14 Feb 2019 09:27:18 -0800 Subject: [PATCH 0393/1000] (L10n) Updating translations for readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index 002d5a3157..f9c4f65307 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1400,6 +1400,12 @@ Array: ['schema_name', 'object_name'] `pg_hba.conf`にルールを配置する順序を設定します。 +文字列または整数を使用できます。 +整数の場合、ゼロパディングで3桁にして文字列に変換します。 +例えば`42`はゼロパディングされて文字列`'042'`になります。 + +`pg_hba_rule`フラグメントのソートでは、[順序]を`alpha`に設定します(https://forge.puppet.com/puppetlabs/concat/reference#order)。 + デフォルト値: 150。 #### `postgresql_version` @@ -1904,13 +1910,7 @@ Postgresqlモジュールにはサンプルタスクがあり、ユーザはデ PostgreSQLのバージョン8.1~9.5で動作します。 -現在、postgresqlモジュールは次のオペレーティングシステムでテスト済みです。 - -* Debian 6.x, 7.x, 8.x. -* CentOS 5.x、6.x、7.x。 -* Ubuntu 10.04および12.04、14.04。 - -その他のシステムとも互換性がある可能性がありますが、積極的なテストは行っておりません。 +サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/metadata.json)を参照してください。 ### Aptモジュールのサポート From 056eb166b947ae8e6ab94eae6b739d1267dee04d Mon Sep 17 00:00:00 2001 From: "Eric D. Helms" Date: Mon, 18 Feb 2019 15:56:34 -0500 Subject: [PATCH 0394/1000] Include EL8 version for config checks --- manifests/server/config.pp | 2 +- manifests/server/config_entry.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index b5f42ff5dd..60efcc7f44 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -132,7 +132,7 @@ # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7/) and ($::operatingsystem != 'Fedora') { + if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7|^8/) and ($::operatingsystem != 'Fedora') { file { '/etc/sysconfig/pgsql/postgresql': ensure => present, replace => false, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 5a4f83ab57..8fea4d7d18 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -112,7 +112,7 @@ } } if $::osfamily == 'RedHat' { - if ! ($::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora') { + if ! ($::operatingsystemrelease =~ /^7|^8/ or $::operatingsystem == 'Fedora') { if $name == 'port' { # We need to force postgresql to stop before updating the port # because puppet becomes confused and is unable to manage the From d13e9499323ff2b05ee74f1e97c74a92da49cbec Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 20 Feb 2019 16:57:16 +0000 Subject: [PATCH 0395/1000] (FM-7789) - PostgreSQL Test Cleanup --- .sync.yml | 14 +- lib/puppet/provider/postgresql_psql/ruby.rb | 25 +- .../postgresql_replication_slot/ruby.rb | 18 +- metadata.json | 4 +- spec/acceptance/00-utf8_encoding_spec.rb | 5 +- spec/acceptance/alternative_port_spec.rb | 3 +- spec/acceptance/db_spec.rb | 3 +- spec/acceptance/default_parameters_spec.rb | 3 +- spec/acceptance/overridden_settings_spec.rb | 3 +- .../postgresql_conn_validator_spec.rb | 6 +- spec/acceptance/postgresql_psql_spec.rb | 9 +- spec/acceptance/remote_access_spec.rb | 71 ------ spec/acceptance/server/config_entry_spec.rb | 17 +- spec/acceptance/server/grant_role_spec.rb | 75 +----- spec/acceptance/server/grant_spec.rb | 219 ++++-------------- .../server/reassign_owned_by_spec.rb | 12 +- spec/acceptance/server/recovery_spec.rb | 34 +-- spec/acceptance/server/schema_spec.rb | 3 +- spec/acceptance/z_alternative_pgdata_spec.rb | 3 +- spec/spec_helper.rb | 5 + spec/spec_helper_acceptance.rb | 18 +- spec/spec_helper_local.rb | 29 +++ .../postgresql_acls_to_resources_hash_spec.rb | 18 ++ spec/unit/functions/postgresql_escape_spec.rb | 6 + .../functions/postgresql_password_spec.rb | 4 + .../postgresql_replication_slot/ruby_spec.rb | 21 +- 26 files changed, 191 insertions(+), 437 deletions(-) delete mode 100644 spec/acceptance/remote_access_spec.rb diff --git a/.sync.yml b/.sync.yml index 8215b0ab68..5185cd5a26 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,4 +1,7 @@ --- +.gitlab-ci.yml: + unmanaged: true + .travis.yml: docker_sets: - set: docker/centos-7 @@ -9,6 +12,9 @@ branches: - release +appveyor.yml: + delete: true + Gemfile: required: ':system_tests': @@ -29,8 +35,6 @@ Gemfile: Rakefile: changelog_user: puppetlabs -appveyor.yml: - delete: true - -.gitlab-ci.yml: - unmanaged: true +spec/spec_helper.rb: + mock_with: ':rspec' + coverage_report: true diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 39ed4e5772..70cfb16b40 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -55,23 +55,12 @@ def get_environment # rubocop:disable Style/AccessorMethodName : Refactor does n def run_command(command, user, group, environment) command = command.join ' ' - if Puppet::PUPPETVERSION.to_f < 3.0 - require 'puppet/util/execution' - Puppet::Util::Execution.withenv environment do - Puppet::Util::SUIDManager.run_and_capture(command, user, group) - end - elsif Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util.withenv environment do - Puppet::Util::SUIDManager.run_and_capture(command, user, group) - end - else - output = Puppet::Util::Execution.execute(command, uid: user, - gid: group, - failonfail: false, - combine: true, - override_locale: true, - custom_environment: environment) - [output, $CHILD_STATUS.dup] - end + output = Puppet::Util::Execution.execute(command, uid: user, + gid: group, + failonfail: false, + combine: true, + override_locale: true, + custom_environment: environment) + [output, $CHILD_STATUS.dup] end end diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index b12003813b..c882ce4209 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -44,16 +44,12 @@ def self.run_sql_command(sql) end def self.run_command(command, user, group) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.run_and_capture(command, user, group) - else - output = Puppet::Util::Execution.execute(command, uid: user, - gid: group, - failonfail: false, - combine: true, - override_locale: true, - custom_environment: {}) - [output, $CHILD_STATUS.dup] - end + output = Puppet::Util::Execution.execute(command, uid: user, + gid: group, + failonfail: false, + combine: true, + override_locale: true, + custom_environment: {}) + [output, $CHILD_STATUS.dup] end end diff --git a/metadata.json b/metadata.json index 712aa5a7ab..45142b9c19 100644 --- a/metadata.json +++ b/metadata.json @@ -84,5 +84,5 @@ ], "pdk-version": "1.9.0", "template-url": "https://github.com/puppetlabs/pdk-templates/", - "template-ref": "1.9.0-0-g7281db5" -} + "template-ref": "heads/master-0-g615413e" +} \ No newline at end of file diff --git a/spec/acceptance/00-utf8_encoding_spec.rb b/spec/acceptance/00-utf8_encoding_spec.rb index e98762c905..5c177837d0 100644 --- a/spec/acceptance/00-utf8_encoding_spec.rb +++ b/spec/acceptance/00-utf8_encoding_spec.rb @@ -1,7 +1,5 @@ require 'spec_helper_acceptance' # rubocop:disable Style/FileName -# These tests are designed to ensure that the module, when ran with defaults, -# sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do pp = <<-MANIFEST class { 'postgresql::globals': @@ -11,8 +9,7 @@ class { 'postgresql::globals': class { 'postgresql::server': } MANIFEST it 'with defaults' do - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe port(5432) do diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 6bf56b7edc..646c659ecb 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -8,8 +8,7 @@ class { 'postgresql::server': port => '55433' } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe port(55433) do # rubocop:disable Style/NumericLiterals diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index d068251e4b..8d4740f144 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -20,8 +20,7 @@ class { 'postgresql::server': } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) # Verify that the postgres password works shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index eb132e4da9..c84b52c126 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -8,8 +8,7 @@ class { 'postgresql::server': } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe port(5432) do diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 0a76da4f96..04802215ec 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -31,8 +31,7 @@ class { 'postgresql::server': MANIFEST it 'with additional hiera entries' do - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe port(5432) do diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 1b718b238e..c002638dd5 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -34,8 +34,7 @@ class { 'postgresql::server': } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end it 'works with connect settings hash' do @@ -53,8 +52,7 @@ class { 'postgresql::server': } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end it 'fails gracefully' do diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 7f5ce79afa..04e942a281 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -38,8 +38,7 @@ class { 'postgresql::server': } -> } MANIFEST it 'does not run SQL when the unless query returns rows' do - apply_manifest(pp_three, catch_failures: true) - apply_manifest(pp_three, catch_changes: true) + idempotent_apply(default, pp_three) end pp_four = <<-MANIFEST @@ -69,8 +68,7 @@ class { 'postgresql::server': } -> } MANIFEST it 'does not run SQL when the unless query returns no rows' do - apply_manifest(pp_five, catch_failures: true) - apply_manifest(pp_five, catch_changes: true) + idempotent_apply(default, pp_five) end pp_six = <<-MANIFEST.unindent @@ -166,8 +164,7 @@ class { 'postgresql::server': } -> } MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, expect_changes: false) + idempotent_apply(default, pp) end end end diff --git a/spec/acceptance/remote_access_spec.rb b/spec/acceptance/remote_access_spec.rb deleted file mode 100644 index f801f375e4..0000000000 --- a/spec/acceptance/remote_access_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'remote-access', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before(:each) do - skip 'These tests require the spec/acceptance/nodesets/centos-64-x64-2-hosts nodeset' - end - - describe 'configuring multi-node postgresql' do - # Get the database's IP to connect to from the database - let(:database_ip_address) do - hosts_as('database').reduce({}) do |_memo, host| - fact_on host, 'ipaddress_eth1' - end - end - - hosts_as('database').each do |host| - pp_one = <<-MANIFEST - # Stop firewall so we can easily connect - service {'iptables': - ensure => 'stopped', - } - - class { 'postgresql::server': - ip_mask_allow_all_users => '0.0.0.0/0', - listen_addresses => '*', - } - - postgresql::server::db { 'puppet': - user => 'puppet', - password => postgresql_password('puppet', 'puppet'), - } - - postgresql::server::pg_hba_rule { 'allow full yolo access password': - type => 'host', - database => 'all', - user => 'all', - address => '0.0.0.0/0', - auth_method => 'password', - order => '002', - } - MANIFEST - it "should be able to configure a host as database on #{host}" do - apply_manifest_on(host, pp_one, catch_failures: true) - end - end - - hosts_as('client').each do |host| - pp_two = <<-MANIFEST - class { 'postgresql::client':} - - $connection_settings = { - 'PGUSER' => "puppet", - 'PGPASSWORD' => "puppet", - 'PGHOST' => "#{database_ip_address}", - 'PGPORT' => "5432", - 'PGDATABASE' => "puppet", - } - - postgresql_psql { 'run using connection_settings': - command => 'select 1', - psql_user => 'root', - psql_group => 'root', - connect_settings => $connection_settings, - } - MANIFEST - it "should be able to configure a host as client on #{host} and then access database" do - apply_manifest_on(host, pp_two, catch_failures: true) - end - end - end -end diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index 7e35bf831c..cbe40ffd06 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -1,17 +1,13 @@ require 'spec_helper_acceptance' describe 'postgresql::server::config_entry' do - let(:pp_setup) do - <<-MANIFEST - class { 'postgresql::server': - postgresql_conf_path => '/tmp/postgresql.conf', - } - MANIFEST - end - context 'unix_socket_directories' do let(:pp_test) do - pp_setup + <<-MANIFEST + <<-MANIFEST + class { 'postgresql::server': + postgresql_conf_path => '/tmp/postgresql.conf', + } + postgresql::server::config_entry { 'unix_socket_directories': value => '/var/socket/, /root/' } @@ -25,8 +21,7 @@ class { 'postgresql::server': if version >= '9.3' it 'is expected to run idempotently' do - apply_manifest(pp_test, catch_failures: true) - apply_manifest(pp_test, catch_changes: true) + idempotent_apply(default, pp_test) end it 'is expected to contain directories' do diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index b8da0ad8f0..09c2202647 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -65,60 +65,6 @@ class { 'postgresql::server': } MANIFEST end let(:pp_two) do - <<-MANIFEST.unindent - $db = #{db} - $user = #{user} - $group = #{group} - $password = #{password} - $version = '#{version}' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: - owner => $user, - require => Postgresql::Server::Role[$user], - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } - - # Create a role to grant to the user - postgresql::server::role { $group: - db => $db, - login => false, - require => Postgresql::Server::Database[$db], - } - - # Grant the role to the user - postgresql::server::grant_role { "grant_role ${group} to ${user}": - role => $user, - group => $group, - } - MANIFEST - end - let(:pp_three) do <<-MANIFEST $db = "#{db}" $user = "#{user}" @@ -178,7 +124,7 @@ class { 'postgresql::server': } } MANIFEST end - let(:pp_four) do + let(:pp_three) do <<-MANIFEST $db = "#{db}" $user = "#{user}" @@ -210,24 +156,15 @@ class { 'postgresql::server': } MANIFEST end - it 'grants a role to a user' do + it 'grants a role to a user/superuser' do begin - apply_manifest(pp_one, catch_failures: true) - apply_manifest(pp_one, catch_changes: true) + idempotent_apply(default, pp_one) ## Check that the role was granted to the user psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end - end - end - - it 'grants a role to a superuser' do - begin - apply_manifest(pp_two, catch_failures: true) - apply_manifest(pp_two, catch_changes: true) - ## Check that the role was granted to the user psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| # rubocop:disable Metrics/LineLength expect(r.stdout).to match(%r{\(1 row\)}) @@ -238,8 +175,8 @@ class { 'postgresql::server': } it 'revokes a role from a user' do begin - apply_manifest(pp_three, catch_failures: true) - apply_manifest(pp_three, expect_changes: true) + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, expect_changes: true) psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| expect(r.stdout).to match(%r{\(0 rows\)}) @@ -250,7 +187,7 @@ class { 'postgresql::server': } it 'does not grant permission to a nonexistent user' do begin - apply_manifest(pp_four, expect_failures: true) + apply_manifest(pp_three, expect_failures: true) psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| expect(r.stdout).to match(%r{\(0 rows\)}) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 42f8b3da7f..83cad76ab3 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,11 +1,15 @@ require 'spec_helper_acceptance' describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + let(:version) do + result = shell('psql --version') + result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] + end + let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } let(:password) { 'psql_grant_role_pw' } - let(:pp_install) { "class {'postgresql::server': }" } let(:pp_setup) do <<-MANIFEST.unindent $db = #{db} @@ -53,7 +57,7 @@ class { 'postgresql::server': } describe 'GRANT * ON LANGUAGE' do # testing grants on language requires a superuser let(:superuser) { 'postgres' } - let(:pp_lang) do + let(:pp) do pp_setup + <<-MANIFEST.unindent postgresql_psql { 'make sure plpgsql exists': command => 'CREATE LANGUAGE plpgsql', @@ -71,41 +75,19 @@ class { 'postgresql::server': } role => $user, db => $db, require => [ Postgresql_psql['make sure plpgsql exists'], - Postgresql::Server::Role[$user], ] - } - MANIFEST - end - let(:pp_onlyif) do - pp_setup + <<-MANIFEST.unindent - postgresql::server::grant { 'grant usage on BSql': - psql_user => '#{superuser}', - privilege => 'USAGE', - object_type => 'LANGUAGE', - object_name => 'bsql', - role => $user, - db => $db, + Postgresql::Server::Role[$user], ], onlyif_exists => true, - } + } MANIFEST end it 'is expected to run idempotently' do - apply_manifest(pp_install) - - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - if version >= '8.4.0' - apply_manifest(pp_lang, catch_failures: true) - apply_manifest(pp_lang, catch_changes: true) + idempotent_apply(default, pp) end end it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - if version >= '8.4.0' ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| @@ -114,26 +96,12 @@ class { 'postgresql::server': } end end end - - # test onlyif_exists function - it 'is expected to not GRANT USAGE ON (dummy)LANGUAGE BSql to ROLE' do - apply_manifest(pp_install) - - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - - if version >= '8.4.0' - apply_manifest(pp_onlyif, catch_failures: true) - apply_manifest(pp_onlyif, catch_changes: true) - end - end end end ### SEQUENCE grants context 'sequence' do - let(:pp_one) do + let(:pp) do pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequence': command => 'CREATE SEQUENCE test_seq', @@ -152,17 +120,6 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequence'], Postgresql::Server::Role[$user], ] } - MANIFEST - end - let(:pp_two) do - pp_setup + <<-MANIFEST.unindent - postgresql_psql { 'create test sequence': - command => 'CREATE SEQUENCE test_seq', - db => $db, - psql_user => $owner, - unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq'", - require => Postgresql::Server::Database[$db], - } postgresql::server::grant { 'grant update on test_seq': privilege => 'UPDATE', @@ -175,37 +132,17 @@ class { 'postgresql::server': } } MANIFEST end - let(:result) do - shell('psql --version') - end - let(:version) do - result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - end - - before(:each) do - apply_manifest(pp_install, catch_failures: true) - end - it 'grants usage on a sequence to a user' do + it 'grants usage/update on a sequence to a user' do begin if version >= '9.0' - apply_manifest(pp_one, catch_failures: true) - apply_manifest(pp_one, catch_changes: true) + idempotent_apply(default, pp) ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end - end - end - end - - it 'grants update on a sequence to a user' do - begin - if version >= '9.0' - apply_manifest(pp_two, catch_failures: true) - apply_manifest(pp_two, catch_changes: true) ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| @@ -218,7 +155,7 @@ class { 'postgresql::server': } end context 'all sequences' do - let(:pp_one) do + let(:pp) do pp_setup + <<-MANIFEST.unindent postgresql_psql { 'create test sequences': @@ -238,20 +175,8 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test sequences'], Postgresql::Server::Role[$user], ] } - MANIFEST - end - let(:pp_two) do - pp_setup + <<-MANIFEST.unindent - postgresql_psql { 'create test sequences': - command => 'CREATE SEQUENCE test_seq2; CREATE SEQUENCE test_seq3;', - db => $db, - psql_user => $owner, - unless => "SELECT 1 FROM information_schema.sequences WHERE sequence_name = 'test_seq2'", - require => Postgresql::Server::Database[$db], - } - - postgresql::server::grant { 'grant usage on all sequences': + postgresql::server::grant { 'grant update on all sequences': privilege => 'UPDATE', object_type => 'ALL SEQUENCES IN SCHEMA', object_name => 'public', @@ -262,37 +187,17 @@ class { 'postgresql::server': } } MANIFEST end - let(:result) do - shell('psql --version') - end - let(:version) do - result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - end - - before(:each) do - apply_manifest(pp_install, catch_failures: true) - end it 'grants usage on all sequences to a user' do begin if version >= '9.0' - apply_manifest(pp_one, catch_failures: true) - apply_manifest(pp_one, catch_changes: true) + idempotent_apply(default, pp) ## Check that the privileges were granted to the user, this check is not available on version < 9.0 psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') end - end - end - end - - it 'grants update on all sequences to a user' do - begin - if version >= '9.0' - apply_manifest(pp_two, catch_failures: true) - apply_manifest(pp_two, catch_changes: true) ## Check that the privileges were granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| @@ -331,6 +236,13 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test table'], Postgresql::Server::Role[$user], ] } + + postgresql::server::table_grant { 'INSERT priviledge to table': + privilege => 'INSERT', + table => 'test_tbl', + db => $db, + role => $user, + } EOS pp_revoke = pp_create_table + <<-EOS.unindent @@ -345,28 +257,33 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test table'], Postgresql::Server::Role[$user], ] } - EOS - - apply_manifest(pp_install, catch_failures: true) - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] + postgresql::server::table_grant { 'INSERT priviledge to table': + ensure => absent, + privilege => 'INSERT', + table => 'test_tbl', + db => $db, + role => $user, + } + EOS if version >= '9.0' - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) - ## Check that the privilege was granted to the user + ## Check that the SELECT privilege was granted to the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| expect(r.stdout).to match(%r{t}) expect(r.stderr).to eq('') end - apply_manifest(pp_revoke, catch_failures: true) - apply_manifest(pp_revoke, catch_changes: true) + ## Check that the INSERT privilege was granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'INSERT')\"", user) do |r| + expect(r.stdout).to match(%r{t}) + end - ## Check that the privilege was revoked from the user + idempotent_apply(default, pp_revoke) + + ## Check that the SELECT privilege was revoked from the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| expect(r.stdout).to match(%r{f}) expect(r.stderr).to eq('') @@ -404,15 +321,8 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp_install, catch_failures: true) - - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - if version >= '9.0' - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) ## Check that all privileges were granted to the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -421,8 +331,7 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - apply_manifest(pp_revoke, catch_failures: true) - apply_manifest(pp_revoke, catch_changes: true) + idempotent_apply(default, pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -434,32 +343,6 @@ class { 'postgresql::server': } end end - it 'grant insert on single table test' do - begin - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - - if version >= '9.0' - pp = pp_create_table + <<-EOS.unindent - postgresql::server::table_grant { 'INSERT priviledge to table': - privilege => 'INSERT', - table => 'test_tbl', - db => $db, - role => $user, - } - EOS - result = apply_manifest(pp, catch_failures: true) - expect(result.stdout).to match(%r{GRANT INSERT ON TABLE \"test_tbl\" TO \"psql_grant_priv_tester\"}) - - ## Check that the privilege was granted to the user - psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'INSERT')\"", user) do |r| - expect(r.stdout).to match(%r{t}) - end - end - end - end - it 'grant all on all tables to a user' do begin pp = pp_create_table + <<-EOS.unindent @@ -489,15 +372,8 @@ class { 'postgresql::server': } } EOS - apply_manifest(pp_install, catch_failures: true) - - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - if version >= '9.0' - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) ## Check that all privileges were granted to the user psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants @@ -508,8 +384,7 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - apply_manifest(pp_revoke, catch_failures: true) - apply_manifest(pp_revoke, catch_changes: true) + idempotent_apply(default, pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants @@ -526,11 +401,6 @@ class { 'postgresql::server': } describe 'REVOKE ... ON DATABASE...' do it 'do not fail on revoke connect from non-existant user' do begin - # Test fail's on postgresql versions earlier than 9.1.24 - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - if version >= '9.1.24' apply_manifest(pp_setup, catch_failures: true) pp = pp_setup + <<-EOS.unindent @@ -542,8 +412,7 @@ class { 'postgresql::server': } role => '#{user}_does_not_exist', } EOS - apply_manifest(pp, catch_changes: true) - apply_manifest(pp, catch_failures: true) + idempotent_apply(default, pp) end end end diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 1f400cd8be..115d97df59 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,6 +1,11 @@ require 'spec_helper_acceptance' describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + let(:version) do + result = shell('psql --version') + result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] + end + let(:db) { 'reassign_test' } let(:old_owner) { 'psql_reassign_old_owner' } let(:new_owner) { 'psql_reassign_new_owner' } @@ -104,15 +109,10 @@ class { 'postgresql::server': } it 'reassigns all objects to new_owner' do begin - # postgres version - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] if version >= '9.0' - apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) - apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, catch_failures: true) - apply_manifest(pp_setup + pp_db_no_owner + pp_reassign_owned_by, catch_changes: true) + idempotent_apply(default, pp_setup + pp_db_no_owner + pp_reassign_owned_by) ## Check that the ownership was transferred psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index db20cce4d9..2ef79ba425 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -27,8 +27,7 @@ class { 'postgresql::server': } } MANIFEST it 'adds conf file' do - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe file('/tmp/recovery.conf') do @@ -39,16 +38,6 @@ class { 'postgresql::server': } end describe 'should not create recovery if recovery config not specified' do - after(:all) do - pp = <<-EOS.unindent - file { '/tmp/recovery.conf': - ensure => absent, - } - EOS - - apply_manifest(pp, catch_failures: true) - end - it 'does not add conf file' do pp = <<-EOS.unindent class { 'postgresql::globals': @@ -59,26 +48,7 @@ class { 'postgresql::globals': class { 'postgresql::server': } EOS - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) - end - - describe file('/tmp/recovery.conf') do - it { is_expected.not_to be_file } - end - end - - describe 'should not manage recovery' do - pp = <<-MANIFEST.unindent - class { 'postgresql::globals': - manage_recovery_conf => false, - } - - class { 'postgresql::server': } - MANIFEST - it 'does not add conf file' do - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe file('/tmp/recovery.conf') do diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 41fcf0572f..2881b9d622 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -55,8 +55,7 @@ class { 'postgresql::server': } it 'creates a schema for a user' do begin - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) ## Check that the user can create a table in the database psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index f0a8eafbdf..f0af7bf333 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -23,8 +23,7 @@ class { 'postgresql::server': datadir => '/tmp/data', needs_initdb => true } MAIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, catch_changes: true) + idempotent_apply(default, pp) end describe file('/tmp/data') do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 0d5efc0be2..149ff0337a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,7 @@ +RSpec.configure do |c| + c.mock_with :rspec +end + require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' @@ -34,6 +38,7 @@ end c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] c.after(:suite) do + RSpec::Puppet::Coverage.report!(0) end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 6444a06646..ad74881f97 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -56,6 +56,20 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) shell("su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) end +def idempotent_apply(hosts, manifest, opts = {}, &block) + block_on hosts, opts do |host| + file_path = host.tmpfile('apply_manifest.pp') + create_remote_file(host, file_path, manifest + "\n") + + puppet_apply_opts = { :verbose => nil, 'detailed-exitcodes' => nil } + on_options = { acceptable_exit_codes: [0, 2] } + on host, puppet('apply', file_path, puppet_apply_opts), on_options, &block + puppet_apply_opts2 = { :verbose => nil, 'detailed-exitcodes' => nil } + on_options2 = { acceptable_exit_codes: [0] } + on host, puppet('apply', file_path, puppet_apply_opts2), on_options2, &block + end +end + RSpec.configure do |c| # Readable test descriptions c.formatter = :documentation @@ -86,8 +100,8 @@ def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) # net-tools required for netstat utility being used by be_listening if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' || - fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '9' || - fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '18.04' + fact('osfamily') == 'Debian' && (fact('operatingsystemmajrelease') == '9' || + fact('operatingsystemmajrelease') == '18.04') pp = <<-EOS package { 'net-tools': ensure => installed } EOS diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index e25a51b70a..bb02c5a232 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -7,6 +7,35 @@ end end +if ENV['COVERAGE'] == 'yes' + require 'simplecov' + require 'simplecov-console' + require 'codecov' + + SimpleCov.formatters = [ + SimpleCov::Formatter::HTMLFormatter, + SimpleCov::Formatter::Console, + SimpleCov::Formatter::Codecov, + ] + SimpleCov.start do + track_files 'lib/**/*.rb' + + add_filter '/spec' + + # do not track vendored files + add_filter '/vendor' + add_filter '/.vendor' + + # do not track gitignored files + # this adds about 4 seconds to the coverage check + # this could definitely be optimized + add_filter do |f| + # system returns true if exit status is 0, which with git-check-ignore means file is ignored + system("git check-ignore --quiet #{f.filename}") + end + end +end + # Convenience helper for returning parameters for a type from the # catalogue. def param(type, title, param) diff --git a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb b/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb index 76df663648..b38b244918 100644 --- a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb +++ b/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb @@ -68,6 +68,24 @@ end end + context 'error catching tests' do + it do + is_expected.to run.with_params(['test'], 'test').and_raise_error(%r{Wrong number of arguments}) + end + + it do + is_expected.to run.with_params('test', 'test', 100).and_raise_error(%r{first argument must be an array}) + end + + it do + is_expected.to run.with_params(['test'], 100, 'test').and_raise_error(%r{second argument must be a string}) + end + + it do + is_expected.to run.with_params(['test'], 'test', 1).and_raise_error(%r{does not have enough parts}) + end + end + it 'returns an empty hash when input is empty array' do is_expected.to run.with_params([], 'test', 100).and_return({}) end diff --git a/spec/unit/functions/postgresql_escape_spec.rb b/spec/unit/functions/postgresql_escape_spec.rb index 2edd38893a..b512c0cda9 100644 --- a/spec/unit/functions/postgresql_escape_spec.rb +++ b/spec/unit/functions/postgresql_escape_spec.rb @@ -18,4 +18,10 @@ .and_return('$a$foo$$a$') } end + describe 'postgresql_escape', type: :puppet_function do + it { + is_expected.to run.with_params(['foo'], ['foo']) + .and_raise_error(%r{Wrong number of arguments}) + } + end end diff --git a/spec/unit/functions/postgresql_password_spec.rb b/spec/unit/functions/postgresql_password_spec.rb index aef13ea885..446f93fb78 100644 --- a/spec/unit/functions/postgresql_password_spec.rb +++ b/spec/unit/functions/postgresql_password_spec.rb @@ -9,4 +9,8 @@ is_expected.to run.with_params('foo', 1234) .and_return('md539a0e1b308278a8de5e007cd1f795920') } + it { + is_expected.to run.with_params('foo') + .and_raise_error(%r{Wrong number of arguments}) + } end diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index 9b33b641cc..e5c6c1cbf8 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -29,7 +29,10 @@ def | | physical | | | t | | | 0/ context 'when listing instances' do before(:each) do - provider.class.expects(:run_command).with(['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], 'postgres', 'postgres').returns([sql_instances, nil]) + expect(provider.class).to receive(:run_command).with( # rubocop:disable RSpec/ExpectInHook + ['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], + 'postgres', 'postgres' + ).and_return([sql_instances, nil]) end let(:attributes) { {} } let(:instances) { provider.class.instances } @@ -50,10 +53,10 @@ def | | physical | | | t | | | 0/ context 'when creation works' do it 'calls psql and succeed' do - provider.class.expects(:run_command).with( + expect(provider.class).to receive(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], 'postgres', 'postgres' - ).returns([nil, success_status]) + ).and_return([nil, success_status]) expect { provider.create }.not_to raise_error end @@ -61,10 +64,10 @@ def | | physical | | | t | | | 0/ context 'when creation fails' do it 'calls psql and fail' do - provider.class.expects(:run_command).with( + expect(provider.class).to receive(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], 'postgres', 'postgres' - ).returns([nil, fail_status]) + ).and_return([nil, fail_status]) expect { provider.create }.to raise_error(Puppet::Error, %r{Failed to create replication slot standby:}) end @@ -76,10 +79,10 @@ def | | physical | | | t | | | 0/ context 'when destruction works' do it 'calls psql and succeed' do - provider.class.expects(:run_command).with( + expect(provider.class).to receive(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], 'postgres', 'postgres' - ).returns([nil, success_status]) + ).and_return([nil, success_status]) expect { provider.destroy }.not_to raise_error end @@ -87,10 +90,10 @@ def | | physical | | | t | | | 0/ context 'when destruction fails' do it 'calls psql and fail' do - provider.class.expects(:run_command).with( + expect(provider.class).to receive(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], 'postgres', 'postgres' - ).returns([nil, fail_status]) + ).and_return([nil, fail_status]) expect { provider.destroy }.to raise_error(Puppet::Error, %r{Failed to destroy replication slot standby:}) end From 37898c058ba71b6ad8b054cd9cccbe2ce4584cef Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 22 Feb 2019 15:49:21 +0000 Subject: [PATCH 0396/1000] (FM-7789) - ServerSpec Test Facts Implemented --- spec/acceptance/00-utf8_encoding_spec.rb | 2 +- spec/acceptance/alternative_port_spec.rb | 2 +- spec/acceptance/db_spec.rb | 2 +- spec/acceptance/default_parameters_spec.rb | 2 +- spec/acceptance/overridden_settings_spec.rb | 2 +- spec/acceptance/postgresql_conn_validator_spec.rb | 2 +- spec/acceptance/postgresql_psql_spec.rb | 2 +- spec/acceptance/server/grant_role_spec.rb | 4 ++-- spec/acceptance/server/grant_spec.rb | 2 +- spec/acceptance/server/reassign_owned_by_spec.rb | 2 +- spec/acceptance/server/recovery_spec.rb | 2 +- spec/acceptance/server/schema_spec.rb | 4 ++-- spec/acceptance/z_alternative_pgdata_spec.rb | 6 +++--- spec/spec_helper_acceptance.rb | 9 ++++----- 14 files changed, 21 insertions(+), 22 deletions(-) diff --git a/spec/acceptance/00-utf8_encoding_spec.rb b/spec/acceptance/00-utf8_encoding_spec.rb index 5c177837d0..cda9d9d31a 100644 --- a/spec/acceptance/00-utf8_encoding_spec.rb +++ b/spec/acceptance/00-utf8_encoding_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' # rubocop:disable Style/FileName -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do pp = <<-MANIFEST class { 'postgresql::globals': encoding => 'UTF8', diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 646c659ecb..9845c77e26 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,7 +2,7 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do it 'on an alternative port' do pp = <<-MANIFEST class { 'postgresql::server': port => '55433' } diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 8d4740f144..e32015fe0c 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do # rubocop:disable Metrics/LineLength it 'creates a database' do begin diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index c84b52c126..34ee73b39e 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do it 'with defaults' do pp = <<-MANIFEST class { 'postgresql::server': } diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 04802215ec..0288a99847 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran overrides, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do pp = <<-MANIFEST class { 'postgresql::server': roles => { diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index c002638dd5..87a167b664 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql_conn_validator', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql_conn_validator', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do let(:install_pp) do <<-MANIFEST class { 'postgresql::server': diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 04e942a281..09abad80f0 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql_psql', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql_psql', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do pp_one = <<-MANIFEST class { 'postgresql::server': } -> postgresql_psql { 'foobar': diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 09c2202647..d3414d1d36 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -1,12 +1,12 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant_role:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::grant_role:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do let(:db) { 'grant_role_test' } let(:user) { 'psql_grant_role_tester' } let(:group) { 'test_group' } let(:password) { 'psql_grant_role_pw' } let(:version) do - if fact('osfamily') == 'RedHat' && fact('operatingsystemrelease') =~ %r{5} + if os[:family] == 'redhat' && os[:release].start_with?('5') '8.1' end end diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 83cad76ab3..dac0d5cd06 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do let(:version) do result = shell('psql --version') result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 115d97df59..99ddac25dc 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do let(:version) do result = shell('psql --version') result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 2ef79ba425..8e257633e1 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::recovery', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::recovery', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do describe 'should manage recovery' do after(:all) do pp = <<-MANIFEST.unindent diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 2881b9d622..4ea332ccc5 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -1,8 +1,8 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::schema:', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server::schema:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do let(:version) do - if fact('osfamily') == 'RedHat' && fact('operatingsystemrelease') =~ %r{5} + if os[:family] == 'redhat' && os[:release].start_with?('5') '8.1' end end diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index f0af7bf333..929032146d 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -4,13 +4,13 @@ # location properly. # Allow postgresql to use /tmp/* as a datadir -if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' +if os[:family] == 'redhat' && fact('selinux') == 'true' shell 'setenforce 0' end -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do before(:each) do - if fact('osfamily') == 'Suse' + if os[:family] == 'sles' skip "These test's currently do not work on SLES/Suse modules" end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index ad74881f97..fce191bf87 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -11,7 +11,7 @@ configure_type_defaults_on(hosts) install_ca_certs unless pe_install? -UNSUPPORTED_PLATFORMS = ['AIX', 'windows', 'Solaris'].freeze +UNSUPPORTED_PLATFORMS = ['aix', 'windows', 'solaris'].freeze install_bolt_on(hosts) unless pe_install? install_module_on(hosts) @@ -78,7 +78,7 @@ def idempotent_apply(hosts, manifest, opts = {}, &block) c.before :suite do run_puppet_access_login(user: 'admin') if pe_install? && (Gem::Version.new(puppet_version) >= Gem::Version.new('5.0.0')) # Set up selinux if appropriate. - if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' + if os[:family] == 'redhat' && fact('selinux') == 'true' pp = <<-EOS if $::osfamily == 'RedHat' and $::selinux == 'true' { $semanage_package = $::operatingsystemmajrelease ? { @@ -99,9 +99,8 @@ def idempotent_apply(hosts, manifest, opts = {}, &block) end # net-tools required for netstat utility being used by be_listening - if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' || - fact('osfamily') == 'Debian' && (fact('operatingsystemmajrelease') == '9' || - fact('operatingsystemmajrelease') == '18.04') + if os[:family] == 'redhat' && os[:release].start_with?('7') || + os[:family] == 'debian' && os[:release].start_with?('9', '18.04') pp = <<-EOS package { 'net-tools': ensure => installed } EOS From c92db186ac2fe0e69dc81fcc68d276f7fc19910c Mon Sep 17 00:00:00 2001 From: Oleg Gizburg Date: Tue, 26 Feb 2019 19:07:43 +0300 Subject: [PATCH 0397/1000] change username/group/datadir defaults for FreeBSD old (9.4, 9.5) PostgreSQL packages on FreeBSD use other $user, $group and $datadir settings. Currently the latest version available is 11. Instead of listing new PostgreSQL versions for new settings swap old settings (9.4, 9.5) and default --- manifests/params.pp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 4f6d285c4c..cd5ab1be2e 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -205,16 +205,16 @@ 'FreeBSD': { case $version { - '96', '10': { - $user = pick($user, 'postgres') - $group = pick($group, 'postgres') - $datadir = pick($datadir, "/var/db/postgres/data${version}") - } - default: { + '94', '95': { $user = pick($user, 'pgsql') $group = pick($group, 'pgsql') $datadir = pick($datadir, '/usr/local/pgsql/data') } + default: { + $user = pick($user, 'postgres') + $group = pick($group, 'postgres') + $datadir = pick($datadir, "/var/db/postgres/data${version}") + } } $link_pg_config = true From 78cf28f14481537ca9d90dc289a198c2861a7fd9 Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Thu, 7 Mar 2019 12:43:24 +0000 Subject: [PATCH 0398/1000] (MODULES-8728) Remove .project from .gitignore --- .gitignore | 2 ++ .pdkignore | 2 ++ .puppet-lint.rc | 1 - .sync.yml | 4 ++++ Rakefile | 2 +- metadata.json | 6 +++--- spec/spec_helper.rb | 2 +- 7 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 650022e58e..88cf7a6c6e 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,5 @@ /convert_report.txt /update_report.txt .DS_Store +.vscode/ +.envrc diff --git a/.pdkignore b/.pdkignore index b713b3b1f7..2ec773abe2 100644 --- a/.pdkignore +++ b/.pdkignore @@ -22,6 +22,8 @@ /convert_report.txt /update_report.txt .DS_Store +.vscode/ +.envrc /appveyor.yml /.fixtures.yml /Gemfile diff --git a/.puppet-lint.rc b/.puppet-lint.rc index cc96ece051..e69de29bb2 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1 +0,0 @@ ---relative diff --git a/.sync.yml b/.sync.yml index 5185cd5a26..c78de75f3e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,4 +1,8 @@ --- +.gitignore: + required: + - ---.project + .gitlab-ci.yml: unmanaged: true diff --git a/Rakefile b/Rakefile index 30c359cfda..8707b5b636 100644 --- a/Rakefile +++ b/Rakefile @@ -22,7 +22,7 @@ end def changelog_future_release return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = JSON.load(File.read('metadata.json'))['version'] + returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator future_release:#{returnVal}" returnVal diff --git a/metadata.json b/metadata.json index 45142b9c19..f5d0b0fa96 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 4.7.0 < 7.0.0" } ], - "pdk-version": "1.9.0", - "template-url": "https://github.com/puppetlabs/pdk-templates/", - "template-ref": "heads/master-0-g615413e" + "pdk-version": "1.8.0", + "template-url": "https://github.com/puppetlabs/pdk-templates", + "template-ref": "heads/master-0-gfde5699" } \ No newline at end of file diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 149ff0337a..1f8b6b4bcb 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -23,7 +23,7 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f))) + default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) rescue => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end From a347ebd284719bde3269e960a308ee51bf932fe0 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Wed, 20 Mar 2019 14:04:24 -0400 Subject: [PATCH 0399/1000] Add Fedora 30 compatibility --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 82e8e81b14..09ae61a836 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -65,6 +65,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(30)$/ => '11.2', /^(29)$/ => '10.6', /^(28)$/ => '10.4', /^(26|27)$/ => '9.6', From aaa7dcf284bbc5f5f4344602601a58f483681f4a Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 10 Apr 2019 16:39:29 +0100 Subject: [PATCH 0400/1000] (MODULES-8444) - Raise lower Puppet bound --- metadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index f5d0b0fa96..774e009105 100644 --- a/metadata.json +++ b/metadata.json @@ -79,10 +79,10 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 4.7.0 < 7.0.0" + "version_requirement": ">= 5.5.10 < 7.0.0" } ], "pdk-version": "1.8.0", "template-url": "https://github.com/puppetlabs/pdk-templates", "template-ref": "heads/master-0-gfde5699" -} \ No newline at end of file +} From ac54306bf022800b57053949306218b9dd69853a Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Mon, 15 Apr 2019 10:34:14 +0100 Subject: [PATCH 0401/1000] pdksync - (maint) Update pdk-template to f778803 --- .gitignore | 2 +- .pdkignore | 4 +++- .puppet-lint.rc | 1 + .travis.yml | 34 +++++++++++++++++++++++----------- metadata.json | 6 +++--- 5 files changed, 31 insertions(+), 16 deletions(-) diff --git a/.gitignore b/.gitignore index 88cf7a6c6e..3f4e2e8494 100644 --- a/.gitignore +++ b/.gitignore @@ -22,5 +22,5 @@ /convert_report.txt /update_report.txt .DS_Store -.vscode/ .envrc +/inventory.yaml diff --git a/.pdkignore b/.pdkignore index 2ec773abe2..54d2cda3ab 100644 --- a/.pdkignore +++ b/.pdkignore @@ -22,8 +22,8 @@ /convert_report.txt /update_report.txt .DS_Store -.vscode/ .envrc +/inventory.yaml /appveyor.yml /.fixtures.yml /Gemfile @@ -32,8 +32,10 @@ /.gitlab-ci.yml /.pdkignore /Rakefile +/rakelib/ /.rspec /.rubocop.yml /.travis.yml /.yardopts /spec/ +/.vscode/ diff --git a/.puppet-lint.rc b/.puppet-lint.rc index e69de29bb2..cc96ece051 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -0,0 +1 @@ +--relative diff --git a/.travis.yml b/.travis.yml index cc2ac0b13e..9472d0381e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,4 @@ --- -dist: trusty language: ruby cache: bundler before_install: @@ -12,10 +11,14 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.1 -env: - global: - - BEAKER_PUPPET_COLLECTION=puppet6 PUPPET_GEM_VERSION="~> 6.0" + - 2.5.3 +stages: + - static + - spec + - acceptance + - + if: tag =~ ^v\d + name: deploy matrix: fast_finish: true include: @@ -23,25 +26,34 @@ matrix: bundler_args: dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply - rvm: 2.5.1 + rvm: 2.5.3 script: bundle exec rake beaker services: docker + stage: acceptance sudo: required - bundler_args: dist: trusty env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply - rvm: 2.5.1 + rvm: 2.5.3 script: bundle exec rake beaker services: docker + stage: acceptance sudo: required - - env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop" - - - env: CHECK=parallel_spec + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + stage: static - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.4 + rvm: 2.4.5 + stage: spec + - + env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + rvm: 2.5.3 + stage: spec + - + env: DEPLOY_TO_FORGE=yes + stage: deploy branches: only: - master diff --git a/metadata.json b/metadata.json index 774e009105..53408abc4c 100644 --- a/metadata.json +++ b/metadata.json @@ -82,7 +82,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.8.0", - "template-url": "https://github.com/puppetlabs/pdk-templates", - "template-ref": "heads/master-0-gfde5699" + "pdk-version": "1.10.0", + "template-url": "https://github.com/puppetlabs/pdk-templates#master", + "template-ref": "heads/master-0-gf778803" } From c1a8de3109c17ff9266c777d97e4499155bc4be0 Mon Sep 17 00:00:00 2001 From: Dennis Hoppe Date: Fri, 26 Apr 2019 11:03:31 +0200 Subject: [PATCH 0402/1000] Bump dependency, because of new major release --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 53408abc4c..52d769923d 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 7.0.0" + "version_requirement": ">= 2.0.0 < 8.0.0" }, { "name": "puppetlabs/concat", From 73dc8590ea4381b907cca44bba7a017a14e5b9e6 Mon Sep 17 00:00:00 2001 From: Robert Vincent Date: Thu, 2 May 2019 12:53:16 +0000 Subject: [PATCH 0403/1000] Support current version of puppetlabs/apt --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 53408abc4c..52d769923d 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 7.0.0" + "version_requirement": ">= 2.0.0 < 8.0.0" }, { "name": "puppetlabs/concat", From 550fa42b1dd134b22b73d68ddbbe1cfc07bf2d9c Mon Sep 17 00:00:00 2001 From: lionce Date: Fri, 3 May 2019 15:31:56 +0300 Subject: [PATCH 0404/1000] (MODULES-9017) - update metadata to support current version of stdlib and ibm_installation --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 52d769923d..95531ed19d 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 6.0.0" + "version_requirement": ">= 4.13.1 < 7.0.0" }, { "name": "puppetlabs/apt", From 153cd6a1fe2077b5086895a8a555303b2a2770bc Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 6 May 2019 14:28:40 +0300 Subject: [PATCH 0405/1000] Puppet Strings --- REFERENCE.md | 2668 +++++++++++++++++++++++++ manifests/client.pp | 16 +- manifests/globals.pp | 64 +- manifests/lib/devel.pp | 12 +- manifests/lib/docs.pp | 10 +- manifests/lib/java.pp | 9 +- manifests/lib/perl.pp | 9 +- manifests/lib/python.pp | 9 +- manifests/params.pp | 2 +- manifests/repo.pp | 2 +- manifests/server.pp | 65 +- manifests/server/config.pp | 2 +- manifests/server/config_entry.pp | 8 +- manifests/server/contrib.pp | 9 +- manifests/server/database.pp | 13 +- manifests/server/database_grant.pp | 11 +- manifests/server/db.pp | 17 +- manifests/server/extension.pp | 12 +- manifests/server/grant.pp | 15 +- manifests/server/grant_role.pp | 11 +- manifests/server/initdb.pp | 2 +- manifests/server/install.pp | 2 +- manifests/server/passwd.pp | 2 +- manifests/server/pg_hba_rule.pp | 16 +- manifests/server/pg_ident_rule.pp | 11 +- manifests/server/plperl.pp | 7 +- manifests/server/plpython.pp | 7 +- manifests/server/postgis.pp | 6 +- manifests/server/reassign_owned_by.pp | 13 +- manifests/server/recovery.pp | 20 +- manifests/server/reload.pp | 2 +- manifests/server/role.pp | 18 +- manifests/server/schema.pp | 22 +- manifests/server/service.pp | 2 +- manifests/server/table_grant.pp | 15 +- manifests/server/tablespace.pp | 8 +- manifests/validate_db_connection.pp | 18 +- 37 files changed, 3077 insertions(+), 58 deletions(-) create mode 100644 REFERENCE.md diff --git a/REFERENCE.md b/REFERENCE.md new file mode 100644 index 0000000000..b0729fed8f --- /dev/null +++ b/REFERENCE.md @@ -0,0 +1,2668 @@ +# Reference + + +## Table of Contents + +**Classes** + +_Public Classes_ + +* [`postgresql::client`](#postgresqlclient): Install client cli tool. +* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. +* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. +* [`postgresql::lib::docs`](#postgresqllibdocs): This class installs the postgresql-docs +* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. +* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. +* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. +* [`postgresql::repo::apt_postgresql_org`](#postgresqlrepoapt_postgresql_org): PRIVATE CLASS: do not use directly +* [`postgresql::repo::yum_postgresql_org`](#postgresqlrepoyum_postgresql_org): PRIVATE CLASS: do not use directly +* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server +* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. +* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. +* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. +* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. + +_Private Classes_ + +* `postgresql::params`: +* `postgresql::repo`: +* `postgresql::server::config`: +* `postgresql::server::initdb`: +* `postgresql::server::install`: +* `postgresql::server::passwd`: +* `postgresql::server::reload`: +* `postgresql::server::service`: + +**Defined types** + +* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. +* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. +* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. +* [`postgresql::server::db`](#postgresqlserverdb): @ summary Define for conveniently creating a role, database and assigning the correctpermissions. +* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. +* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. +* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. +* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. +* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. +* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. +* [`postgresql::server::schema`](#postgresqlserverschema): Create a new schema. +* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. +* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. +* [`postgresql::validate_db_connection`](#postgresqlvalidate_db_connection): This type validates that a successful postgres connection. + +**Resource types** + +* [`postgresql_conf`](#postgresql_conf): This type allows puppet to manage postgresql.conf parameters. +* [`postgresql_conn_validator`](#postgresql_conn_validator): Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to p +* [`postgresql_psql`](#postgresql_psql): An arbitrary tag for your own reference; the name of the message. +* [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Pos + +**Functions** + +* [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid +* [`postgresql_escape`](#postgresql_escape): Safely escapes a string using $$ using a random tag which should be consistent +* [`postgresql_password`](#postgresql_password): Returns the postgresql password hash from the clear text username / password. + +**Tasks** + +* [`sql`](#sql): Allows you to execute arbitary SQL + +## Classes + +### postgresql::client + +Install client cli tool. + +#### Parameters + +The following parameters are available in the `postgresql::client` class. + +##### `file_ensure` + +Data type: `Enum['file', 'absent']` + +Enum['file','absent']. + +Default value: 'file' + +##### `validcon_script_path` + +Data type: `Stdlib::Absolutepath` + +Optional. Absolute path for the postgresql connection validation script. + +Default value: $postgresql::params::validcon_script_path + +##### `package_name` + +Data type: `String[1]` + +String. Client package name. + +Default value: $postgresql::params::client_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::globals + +Class for setting cross-class global overrides. + +#### Parameters + +The following parameters are available in the `postgresql::globals` class. + +##### `client_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `server_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `contrib_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `devel_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `java_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `docs_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `perl_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `plperl_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `plpython_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `python_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgis_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_provider` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_status` + +Data type: `Any` + + + +Default value: `undef` + +##### `default_database` + +Data type: `Any` + + + +Default value: `undef` + +##### `validcon_script_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `initdb_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `createdb_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `pg_hba_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `pg_ident_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgresql_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `default_connect_settings` + +Data type: `Any` + + + +Default value: {} + +##### `pg_hba_conf_defaults` + +Data type: `Any` + + + +Default value: `undef` + +##### `datadir` + +Data type: `Any` + + + +Default value: `undef` + +##### `confdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `bindir` + +Data type: `Any` + + + +Default value: `undef` + +##### `xlogdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `logdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `log_line_prefix` + +Data type: `Any` + + + +Default value: `undef` + +##### `user` + +Data type: `Any` + + + +Default value: `undef` + +##### `group` + +Data type: `Any` + + + +Default value: `undef` + +##### `version` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgis_version` + +Data type: `Any` + + + +Default value: `undef` + +##### `repo_proxy` + +Data type: `Any` + + + +Default value: `undef` + +##### `repo_baseurl` + +Data type: `Any` + + + +Default value: `undef` + +##### `needs_initdb` + +Data type: `Any` + + + +Default value: `undef` + +##### `encoding` + +Data type: `Any` + + + +Default value: `undef` + +##### `locale` + +Data type: `Any` + + + +Default value: `undef` + +##### `data_checksums` + +Data type: `Any` + + + +Default value: `undef` + +##### `timezone` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_pg_hba_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_pg_ident_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_recovery_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_package_repo` + +Data type: `Any` + + + +Default value: `undef` + +##### `module_workdir` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::lib::devel + +This class installs postgresql development libraries. + +#### Parameters + +The following parameters are available in the `postgresql::lib::devel` class. + +##### `package_name` + +Data type: `String` + +String. + +Default value: $postgresql::params::devel_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +##### `link_pg_config` + +Data type: `Boolean` + +Boolean. + +Default value: $postgresql::params::link_pg_config + +### postgresql::lib::docs + +This class installs the postgresql-docs + +#### Parameters + +The following parameters are available in the `postgresql::lib::docs` class. + +##### `package_name` + +Data type: `String` + +String. + +Default value: $postgresql::params::docs_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::lib::java + +This class installs the postgresql jdbc connector. + +#### Parameters + +The following parameters are available in the `postgresql::lib::java` class. + +##### `package_name` + +Data type: `String` + +String. + +Default value: $postgresql::params::java_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::lib::perl + +This class installs the perl libs for postgresql. + +#### Parameters + +The following parameters are available in the `postgresql::lib::perl` class. + +##### `package_name` + +Data type: `String` + +String. + +Default value: $postgresql::params::perl_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::lib::python + +This class installs the python libs for postgresql. + +#### Parameters + +The following parameters are available in the `postgresql::lib::python` class. + +##### `package_name` + +Data type: `String[1]` + +String. + +Default value: $postgresql::params::python_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::repo::apt_postgresql_org + +PRIVATE CLASS: do not use directly + +### postgresql::repo::yum_postgresql_org + +PRIVATE CLASS: do not use directly + +### postgresql::server + +This installs a PostgreSQL server + +#### Parameters + +The following parameters are available in the `postgresql::server` class. + +##### `postgres_password` + +Data type: `Any` + + + +Default value: `undef` + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::server_package_name + +##### `package_ensure` + +Data type: `Any` + + + +Default value: $postgresql::params::package_ensure + +##### `plperl_package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::plperl_package_name + +##### `plpython_package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::plpython_package_name + +##### `service_ensure` + +Data type: `Any` + + + +Default value: $postgresql::params::service_ensure + +##### `service_enable` + +Data type: `Any` + + + +Default value: $postgresql::params::service_enable + +##### `service_manage` + +Data type: `Any` + + + +Default value: $postgresql::params::service_manage + +##### `service_name` + +Data type: `Any` + + + +Default value: $postgresql::params::service_name + +##### `service_restart_on_change` + +Data type: `Any` + + + +Default value: $postgresql::params::service_restart_on_change + +##### `service_provider` + +Data type: `Any` + + + +Default value: $postgresql::params::service_provider + +##### `service_reload` + +Data type: `Any` + + + +Default value: $postgresql::params::service_reload + +##### `service_status` + +Data type: `Any` + + + +Default value: $postgresql::params::service_status + +##### `default_database` + +Data type: `Any` + + + +Default value: $postgresql::params::default_database + +##### `default_connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::globals::default_connect_settings + +##### `listen_addresses` + +Data type: `Any` + + + +Default value: $postgresql::params::listen_addresses + +##### `port` + +Data type: `Any` + + + +Default value: $postgresql::params::port + +##### `ip_mask_deny_postgres_user` + +Data type: `Any` + + + +Default value: $postgresql::params::ip_mask_deny_postgres_user + +##### `ip_mask_allow_all_users` + +Data type: `Any` + + + +Default value: $postgresql::params::ip_mask_allow_all_users + +##### `ipv4acls` + +Data type: `Any` + + + +Default value: $postgresql::params::ipv4acls + +##### `ipv6acls` + +Data type: `Any` + + + +Default value: $postgresql::params::ipv6acls + +##### `initdb_path` + +Data type: `Any` + + + +Default value: $postgresql::params::initdb_path + +##### `createdb_path` + +Data type: `Any` + + + +Default value: $postgresql::params::createdb_path + +##### `psql_path` + +Data type: `Any` + + + +Default value: $postgresql::params::psql_path + +##### `pg_hba_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_hba_conf_path + +##### `pg_ident_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_ident_conf_path + +##### `postgresql_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::postgresql_conf_path + +##### `recovery_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::recovery_conf_path + +##### `datadir` + +Data type: `Any` + + + +Default value: $postgresql::params::datadir + +##### `xlogdir` + +Data type: `Any` + + + +Default value: $postgresql::params::xlogdir + +##### `logdir` + +Data type: `Any` + + + +Default value: $postgresql::params::logdir + +##### `log_line_prefix` + +Data type: `Any` + + + +Default value: $postgresql::params::log_line_prefix + +##### `pg_hba_conf_defaults` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_hba_conf_defaults + +##### `user` + +Data type: `Any` + + + +Default value: $postgresql::params::user + +##### `group` + +Data type: `Any` + + + +Default value: $postgresql::params::group + +##### `needs_initdb` + +Data type: `Any` + + + +Default value: $postgresql::params::needs_initdb + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::params::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::params::locale + +##### `data_checksums` + +Data type: `Any` + + + +Default value: $postgresql::params::data_checksums + +##### `timezone` + +Data type: `Any` + + + +Default value: $postgresql::params::timezone + +##### `manage_pg_hba_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_pg_hba_conf + +##### `manage_pg_ident_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_pg_ident_conf + +##### `manage_recovery_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_recovery_conf + +##### `module_workdir` + +Data type: `Any` + + + +Default value: $postgresql::params::module_workdir + +##### `roles` + +Data type: `Hash[String, Hash]` + + + +Default value: {} + +##### `config_entries` + +Data type: `Hash[String, Any]` + + + +Default value: {} + +##### `pg_hba_rules` + +Data type: `Hash[String, Hash]` + + + +Default value: {} + +##### `version` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::contrib + +Install the contrib postgresql packaging. + +#### Parameters + +The following parameters are available in the `postgresql::server::contrib` class. + +##### `package_name` + +Data type: `String` + +String. + +Default value: $postgresql::params::contrib_package_name + +##### `package_ensure` + +Data type: `String[1]` + +String. Defaults to 'present'. + +Default value: 'present' + +### postgresql::server::plperl + +This class installs the PL/Perl procedural language for postgresql. + +#### Parameters + +The following parameters are available in the `postgresql::server::plperl` class. + +##### `package_ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::server::plperl_package_name + +### postgresql::server::plpython + +This class installs the PL/Python procedural language for postgresql. + +#### Parameters + +The following parameters are available in the `postgresql::server::plpython` class. + +##### `package_ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::server::plpython_package_name + +### postgresql::server::postgis + +Install the postgis postgresql packaging. + +#### Parameters + +The following parameters are available in the `postgresql::server::postgis` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::postgis_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +## Defined types + +### postgresql::server::config_entry + +Manage a postgresql.conf entry. + +#### Parameters + +The following parameters are available in the `postgresql::server::config_entry` defined type. + +##### `ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `value` + +Data type: `Any` + + + +Default value: `undef` + +##### `path` + +Data type: `Any` + +Boolean. Defaults to false. + +Default value: `false` + +### postgresql::server::database + +Define for creating a database. + +#### Parameters + +The following parameters are available in the `postgresql::server::database` defined type. + +##### `comment` + +Data type: `Any` + + + +Default value: `undef` + +##### `dbname` + +Data type: `Any` + + + +Default value: $title + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `tablespace` + +Data type: `Any` + + + +Default value: `undef` + +##### `template` + +Data type: `Any` + + + +Default value: 'template0' + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::server::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::server::locale + +##### `istemplate` + +Data type: `Any` + + + +Default value: `false` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::database_grant + +Manage a database grant. + +#### Parameters + +The following parameters are available in the `postgresql::server::database_grant` defined type. + +##### `privilege` + +Data type: `Any` + + + +##### `db` + +Data type: `Any` + + + +##### `role` + +Data type: `Any` + + + +##### `ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_user` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::db + +@ summary Define for conveniently creating a role, database and assigning the correctpermissions. + +#### Parameters + +The following parameters are available in the `postgresql::server::db` defined type. + +##### `user` + +Data type: `Any` + + + +##### `password` + +Data type: `Any` + + + +##### `comment` + +Data type: `Any` + + + +Default value: `undef` + +##### `dbname` + +Data type: `Any` + + + +Default value: $title + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::server::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::server::locale + +##### `grant` + +Data type: `Any` + + + +Default value: 'ALL' + +##### `tablespace` + +Data type: `Any` + + + +Default value: `undef` + +##### `template` + +Data type: `Any` + + + +Default value: 'template0' + +##### `istemplate` + +Data type: `Any` + + + +Default value: `false` + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::extension + +Activate an extension on a postgresql database. + +#### Parameters + +The following parameters are available in the `postgresql::server::extension` defined type. + +##### `database` + +Data type: `Any` + + + +##### `extension` + +Data type: `Any` + + + +Default value: $name + +##### `schema` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `version` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `package_ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::grant + +Define for granting permissions to roles. + +#### Parameters + +The following parameters are available in the `postgresql::server::grant` defined type. + +##### `role` + +Data type: `String` + + + +##### `db` + +Data type: `String` + + + +##### `privilege` + +Data type: `String` + + + +Default value: '' + +##### `object_type` + +Data type: `Pattern[#/(?i:^COLUMN$)/, + /(?i:^ALL SEQUENCES IN SCHEMA$)/, + /(?i:^ALL TABLES IN SCHEMA$)/, + /(?i:^DATABASE$)/, + #/(?i:^FOREIGN DATA WRAPPER$)/, + #/(?i:^FOREIGN SERVER$)/, + #/(?i:^FUNCTION$)/, + /(?i:^LANGUAGE$)/, + #/(?i:^PROCEDURAL LANGUAGE$)/, + /(?i:^TABLE$)/, + #/(?i:^TABLESPACE$)/, + /(?i:^SCHEMA$)/, + /(?i:^SEQUENCE$)/ + #/(?i:^VIEW$)/ + ]` + + + +Default value: 'database' + +##### `object_name` + +Data type: `Optional[Variant[ + Array[String,2,2], + String[1]] + ]` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `String` + + + +Default value: $postgresql::server::default_database + +##### `psql_user` + +Data type: `String` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Integer` + + + +Default value: $postgresql::server::port + +##### `onlyif_exists` + +Data type: `Boolean` + + + +Default value: `false` + +##### `connect_settings` + +Data type: `Hash` + + + +Default value: $postgresql::server::default_connect_settings + +##### `ensure` + +Data type: `Enum['present', + 'absent' + ]` + + + +Default value: 'present' + +### postgresql::server::grant_role + +Define for granting membership to a role. + +#### Parameters + +The following parameters are available in the `postgresql::server::grant_role` defined type. + +##### `group` + +Data type: `String[1]` + + + +##### `role` + +Data type: `String[1]` + + + +Default value: $name + +##### `ensure` + +Data type: `Enum['present', 'absent']` + + + +Default value: 'present' + +##### `psql_db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `psql_user` + +Data type: `Any` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Any` + + + +Default value: $postgresql::server::port + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::pg_hba_rule + +This resource manages an individual rule that applies to the file defined in target. + +#### Parameters + +The following parameters are available in the `postgresql::server::pg_hba_rule` defined type. + +##### `type` + +Data type: `Enum['local', 'host', 'hostssl', 'hostnossl']` + +Enum['local','host','hostssl','hostnossl']. + +##### `database` + +Data type: `String` + + + +##### `user` + +Data type: `String` + + + +##### `auth_method` + +Data type: `String` + + + +##### `address` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `description` + +Data type: `String` + + + +Default value: 'none' + +##### `auth_option` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `order` + +Data type: `Variant[String, Integer]` + + + +Default value: 150 + +##### `target` + +Data type: `Stdlib::Absolutepath` + + + +Default value: $postgresql::server::pg_hba_conf_path + +##### `postgresql_version` + +Data type: `String` + + + +Default value: $postgresql::server::_version + +### postgresql::server::pg_ident_rule + +This resource manages an individual rule that applies to the file defined in target. + +#### Parameters + +The following parameters are available in the `postgresql::server::pg_ident_rule` defined type. + +##### `map_name` + +Data type: `Any` + + + +##### `system_username` + +Data type: `Any` + + + +##### `database_username` + +Data type: `Any` + + + +##### `description` + +Data type: `Any` + + + +Default value: 'none' + +##### `order` + +Data type: `Any` + + + +Default value: '150' + +##### `target` + +Data type: `Any` + + + +Default value: $postgresql::server::pg_ident_conf_path + +### postgresql::server::reassign_owned_by + +Define for reassigning the ownership of objects within a database. + +* **Note** This enables us to force the a particular ownership for objects within a database + +#### Parameters + +The following parameters are available in the `postgresql::server::reassign_owned_by` defined type. + +##### `old_role` + +Data type: `String` + + + +##### `new_role` + +Data type: `String` + + + +##### `db` + +Data type: `String` + + + +##### `psql_user` + +Data type: `String` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Integer` + + + +Default value: $postgresql::server::port + +##### `connect_settings` + +Data type: `Hash` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::recovery + +This resource manages the parameters that applies to the recovery.conf template. + +#### Parameters + +The following parameters are available in the `postgresql::server::recovery` defined type. + +##### `restore_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `archive_cleanup_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_end_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_time` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_xid` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_inclusive` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_timeline` + +Data type: `Any` + + + +Default value: `undef` + +##### `pause_at_recovery_target` + +Data type: `Any` + + + +Default value: `undef` + +##### `standby_mode` + +Data type: `Any` + + + +Default value: `undef` + +##### `primary_conninfo` + +Data type: `Any` + + + +Default value: `undef` + +##### `primary_slot_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `trigger_file` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_min_apply_delay` + +Data type: `Any` + + + +Default value: `undef` + +##### `target` + +Data type: `Any` + + + +Default value: $postgresql::server::recovery_conf_path + +### postgresql::server::role + +Define for creating a database role. + +#### Parameters + +The following parameters are available in the `postgresql::server::role` defined type. + +##### `update_password` + +Data type: `Any` + + + +Default value: `true` + +##### `password_hash` + +Data type: `Any` + + + +Default value: `false` + +##### `createdb` + +Data type: `Any` + + + +Default value: `false` + +##### `createrole` + +Data type: `Any` + + + +Default value: `false` + +##### `db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `port` + +Data type: `Any` + + + +Default value: `undef` + +##### `login` + +Data type: `Any` + + + +Default value: `true` + +##### `inherit` + +Data type: `Any` + + + +Default value: `true` + +##### `superuser` + +Data type: `Any` + + + +Default value: `false` + +##### `replication` + +Data type: `Any` + + + +Default value: `false` + +##### `connection_limit` + +Data type: `Any` + + + +Default value: '-1' + +##### `username` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +##### `ensure` + +Data type: `Enum['present', 'absent']` + + + +Default value: 'present' + +### postgresql::server::schema + +Create a new schema. + +* **Note** The database must exist and the PostgreSQL user should have enough privileges + +#### Examples + +##### + +```puppet +postgresql::server::schema {'private': + db => 'template1', +} +``` + +#### Parameters + +The following parameters are available in the `postgresql::server::schema` defined type. + +##### `db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `schema` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::table_grant + +This resource wraps the grant resource to manage table grants specifically. + +#### Parameters + +The following parameters are available in the `postgresql::server::table_grant` defined type. + +##### `privilege` + +Data type: `Any` + + + +##### `table` + +Data type: `Any` + + + +##### `db` + +Data type: `Any` + + + +##### `role` + +Data type: `Any` + + + +##### `ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `port` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_user` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +##### `onlyif_exists` + +Data type: `Any` + + + +Default value: `false` + +### postgresql::server::tablespace + +This module creates tablespace. + +#### Parameters + +The following parameters are available in the `postgresql::server::tablespace` defined type. + +##### `location` + +Data type: `Any` + + + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `spcname` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::validate_db_connection + +This validated if the postgres connection can be established +between the node on which this resource is run and a specified postgres +instance (host/port/user/password/database name). + +#### Parameters + +The following parameters are available in the `postgresql::validate_db_connection` defined type. + +##### `database_host` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_password` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_username` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_port` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +##### `run_as` + +Data type: `Any` + + + +Default value: `undef` + +##### `sleep` + +Data type: `Any` + + + +Default value: 2 + +##### `tries` + +Data type: `Any` + + + +Default value: 10 + +##### `create_db_first` + +Data type: `Any` + + + +Default value: `true` + +## Resource types + +### postgresql_conf + +This type allows puppet to manage postgresql.conf parameters. + +#### Properties + +The following properties are available in the `postgresql_conf` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +##### `value` + +The value to set for this parameter. + +##### `target` + +The path to postgresql.conf + +#### Parameters + +The following parameters are available in the `postgresql_conf` type. + +##### `name` + +Valid values: %r{^[\w\.]+$} + +namevar + +The postgresql parameter name to manage. + +### postgresql_conn_validator + +Verify that a connection can be successfully established between a node +and the PostgreSQL server. Its primary use is as a precondition to +prevent configuration changes from being applied if the PostgreSQL +server cannot be reached, but it could potentially be used for other +purposes such as monitoring. + +#### Properties + +The following properties are available in the `postgresql_conn_validator` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +#### Parameters + +The following parameters are available in the `postgresql_conn_validator` type. + +##### `name` + +namevar + +An arbitrary name used as the identity of the resource. + +##### `db_name` + +The name of the database you are trying to validate a connection with. + +##### `db_username` + +A user that has access to the target PostgreSQL database. + +##### `db_password` + +The password required to access the target PostgreSQL database. + +##### `host` + +The DNS name or IP address of the server where PostgreSQL should be running. + +##### `port` + +The port that the PostgreSQL server should be listening on. + +##### `connect_settings` + +Hash of environment variables for connection to a db. + +##### `sleep` + +The length of sleep time between connection tries. + +Default value: 2 + +##### `tries` + +The number of tries to validate the connection to the target PostgreSQL database. + +Default value: 10 + +##### `psql_path` + +Path to the psql command. + +##### `run_as` + +System user that will run the psql command. + +##### `command` + +Command to run against target database. + +Default value: SELECT 1 + +### postgresql_psql + +An arbitrary tag for your own reference; the name of the message. + +#### Properties + +The following properties are available in the `postgresql_psql` type. + +##### `command` + +The SQL command to execute via psql. + +#### Parameters + +The following parameters are available in the `postgresql_psql` type. + +##### `name` + +namevar + +An arbitrary tag for your own reference; the name of the message. + +##### `unless` + + + +##### `onlyif` + + + +##### `connect_settings` + +Connection settings that will be used when connecting to postgres + +##### `db` + +The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings + +##### `port` + +The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. + +##### `search_path` + +The schema search path to use when executing the SQL command + +##### `psql_path` + +The path to psql executable. + +Default value: psql + +##### `psql_user` + +The system user account under which the psql command should be executed. + +Default value: postgres + +##### `psql_group` + +The system user group account under which the psql command should be executed. + +Default value: postgres + +##### `cwd` + +The working directory under which the psql command should be executed. + +Default value: /tmp + +##### `environment` + +Any additional environment variables you want to set for a +SQL command. Multiple environment variables should be +specified as an array. + +##### `refreshonly` + +Valid values: `true`, `false` + +If 'true', then the SQL will only be executed via a notify/subscribe event. + +Default value: `false` + +### postgresql_replication_slot + +Manages Postgresql replication slots. + +This type allows to create and destroy replication slots +to register warm standby replication on a Postgresql +master server. + +#### Properties + +The following properties are available in the `postgresql_replication_slot` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +#### Parameters + +The following parameters are available in the `postgresql_replication_slot` type. + +##### `name` + +Valid values: %r{^[a-z0-9_]+$} + +namevar + +The name of the slot to create. Must be a valid replication slot name. + +## Functions + +### postgresql_acls_to_resources_hash + +Type: Ruby 3.x API + +This internal function translates the ipv(4|6)acls format into a resource +suitable for create_resources. It is not intended to be used outside of the +postgresql internal classes/defined resources. + +This function accepts an array of strings that are pg_hba.conf rules. It +will return a hash that can be fed into create_resources to create multiple +individual pg_hba_rule resources. + +The second parameter is an identifier that will be included in the namevar +to provide uniqueness. It must be a string. + +The third parameter is an order offset, so you can start the order at an +arbitrary starting point. + +#### `postgresql_acls_to_resources_hash()` + +This internal function translates the ipv(4|6)acls format into a resource +suitable for create_resources. It is not intended to be used outside of the +postgresql internal classes/defined resources. + +This function accepts an array of strings that are pg_hba.conf rules. It +will return a hash that can be fed into create_resources to create multiple +individual pg_hba_rule resources. + +The second parameter is an identifier that will be included in the namevar +to provide uniqueness. It must be a string. + +The third parameter is an order offset, so you can start the order at an +arbitrary starting point. + +Returns: `Any` + +### postgresql_escape + +Type: Ruby 3.x API + +Safely escapes a string using $$ using a random tag which should be consistent + +#### `postgresql_escape()` + +Safely escapes a string using $$ using a random tag which should be consistent + +Returns: `Any` + +### postgresql_password + +Type: Ruby 3.x API + +Returns the postgresql password hash from the clear text username / password. + +#### `postgresql_password()` + +Returns the postgresql password hash from the clear text username / password. + +Returns: `Any` + +## Tasks + +### sql + +Allows you to execute arbitary SQL + +**Supports noop?** false + +#### Parameters + +##### `database` + +Data type: `Optional[String[1]]` + +Database to connect to + +##### `host` + +Data type: `Optional[String[1]]` + +Hostname to connect to + +##### `password` + +Data type: `Optional[String[1]]` + +The password + +##### `port` + +Data type: `Optional[String[1]]` + +The port + +##### `sql` + +Data type: `String[1]` + +The SQL you want to execute + +##### `user` + +Data type: `Optional[String[1]]` + +The user + diff --git a/manifests/client.pp b/manifests/client.pp index ce41346e2e..d0c807b6c8 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,4 +1,18 @@ -# Install client cli tool. See README.md for more details. +# @summary Install client cli tool. +# +# @param file_ensure +# Enum['file','absent']. +# +# @param validcon_script_path +# Optional. Absolute path for the postgresql connection validation script. +# +# @param package_name +# String. Client package name. +# +# @param package_ensure +# String. Defaults to 'present'. +# +# class postgresql::client ( Enum['file', 'absent'] $file_ensure = 'file', Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, diff --git a/manifests/globals.pp b/manifests/globals.pp index 09ae61a836..fb7f550e67 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,5 +1,65 @@ -# Class for setting cross-class global overrides. See README.md for more -# details. +# @summary Class for setting cross-class global overrides. +# +# @param client_package_name +# @param server_package_name +# @param contrib_package_name +# @param devel_package_name +# @param java_package_name +# @param docs_package_name +# @param perl_package_name +# @param plperl_package_name +# @param plpython_package_name +# @param python_package_name +# @param postgis_package_name +# +# @param service_name +# @param service_provider +# @param service_status +# @param default_database +# +# @param validcon_script_path +# +# @param initdb_path +# @param createdb_path +# @param psql_path +# @param pg_hba_conf_path +# @param pg_ident_conf_path +# @param postgresql_conf_path +# @param recovery_conf_path +# @param default_connect_settings +# +# @param pg_hba_conf_defaults +# +# @param datadir +# @param confdir +# @param bindir +# @param xlogdir +# @param logdir +# @param log_line_prefix +# +# @param user +# @param group +# +# @param version +# @param postgis_version +# @param repo_proxy +# @param repo_baseurl +# +# @param needs_initdb +# +# @param encoding +# @param locale +# @param data_checksums +# @param timezone +# +# @param manage_pg_hba_conf +# @param manage_pg_ident_conf +# @param manage_recovery_conf +# +# @param manage_package_repo +# @param module_workdir +# +# class postgresql::globals ( $client_package_name = undef, $server_package_name = undef, diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 122f588cd0..139e60574f 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,5 +1,13 @@ -# This class installs postgresql development libraries. See README.md for more -# details. +# @summary This class installs postgresql development libraries. +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# @param link_pg_config +# Boolean. +# +# class postgresql::lib::devel( String $package_name = $postgresql::params::devel_package_name, String[1] $package_ensure = 'present', diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 8482e0393f..06caf36117 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,5 +1,11 @@ -# This class installs the postgresql-docs See README.md for more -# details. +# @summary This class installs the postgresql-docs +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# +# class postgresql::lib::docs ( String $package_name = $postgresql::params::docs_package_name, String[1] $package_ensure = 'present', diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index 5a91e57964..d4d4c1a327 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -1,5 +1,10 @@ -# This class installs the postgresql jdbc connector. See README.md for more -# details. +# @summary This class installs the postgresql jdbc connector. +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# class postgresql::lib::java ( String $package_name = $postgresql::params::java_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 7ad9c8b83b..88f4aba360 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -1,5 +1,10 @@ -# This class installs the perl libs for postgresql. See README.md for more -# details. +# @summary This class installs the perl libs for postgresql. +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# class postgresql::lib::perl( String $package_name = $postgresql::params::perl_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 93c70e66aa..2564bb2dff 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -1,5 +1,10 @@ -# This class installs the python libs for postgresql. See README.md for more -# details. +# @summary This class installs the python libs for postgresql. +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# class postgresql::lib::python( String[1] $package_name = $postgresql::params::python_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/params.pp b/manifests/params.pp index cd5ab1be2e..0ec661fd0a 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not use directly +# @api private class postgresql::params inherits postgresql::globals { $version = $postgresql::globals::globals_version $postgis_version = $postgresql::globals::globals_postgis_version diff --git a/manifests/repo.pp b/manifests/repo.pp index 5ec63c7d1b..db00943a60 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not use directly +# @api private class postgresql::repo ( $version = undef, $proxy = undef, diff --git a/manifests/server.pp b/manifests/server.pp index 80e25a1475..fb6dbe89b5 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,4 +1,67 @@ -# This installs a PostgreSQL server. See README.md for more details. +# @summary This installs a PostgreSQL server +# +# @param postgres_password +# @param package_name +# @param package_ensure +# +# @param plperl_package_name +# @param plpython_package_name +# +# @param service_ensure +# @param service_enable +# @param service_manage +# @param service_name +# @param service_restart_on_change +# @param service_provider +# @param service_reload +# @param service_status +# @param default_database +# @param default_connect_settings +# @param listen_addresses +# @param port +# @param ip_mask_deny_postgres_user +# @param ip_mask_allow_all_users +# @param ipv4acls +# @param ipv6acls +# +# @param initdb_path +# @param createdb_path +# @param psql_path +# @param pg_hba_conf_path +# @param pg_ident_conf_path +# @param postgresql_conf_path +# @param recovery_conf_path +# +# @param datadir +# @param xlogdir +# @param logdir +# +# @param log_line_prefix +# +# @param pg_hba_conf_defaults +# +# @param user +# @param group +# +# @param needs_initdb +# +# @param encoding +# @param locale +# @param data_checksums +# @param timezone +# +# @param manage_pg_hba_conf +# @param manage_pg_ident_conf +# @param manage_recovery_conf +# @param module_workdir +# +# @param roles +# @param config_entries +# @param pg_hba_rules +# +# @param version +# +# class postgresql::server ( $postgres_password = undef, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 60efcc7f44..b47f189e70 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not call directly +# @api private class postgresql::server::config { $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 8fea4d7d18..bec57012c2 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -1,4 +1,10 @@ -# Manage a postgresql.conf entry. See README.md for more details. +# @summary Manage a postgresql.conf entry. +# +# @param ensure +# @param value +# @param path +# Boolean. Defaults to false. +# define postgresql::server::config_entry ( $ensure = 'present', $value = undef, diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 6c55bc1547..72975720c9 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,4 +1,11 @@ -# Install the contrib postgresql packaging. See README.md for more details. +# @summary Install the contrib postgresql packaging. +# +# @param package_name +# String. +# @param package_ensure +# String. Defaults to 'present'. +# +# class postgresql::server::contrib ( String $package_name = $postgresql::params::contrib_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 057bc46be6..e930b79bc9 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -1,4 +1,15 @@ -# Define for creating a database. See README.md for more details. +# @summary Define for creating a database. +# +# @param comment +# @param dbname +# @param owner +# @param tablespace +# @param template +# @param encoding +# @param locale +# @param istemplate +# @param connect_settings +# define postgresql::server::database( $comment = undef, $dbname = $title, diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 34a69533e5..aa2ed2ea2c 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -1,4 +1,13 @@ -# Manage a database grant. See README.md for more details. +# @summary Manage a database grant. +# +# @param privilege +# @param db +# @param role +# @param ensure +# @param psql_db +# @param psql_user +# @param connect_settings +# define postgresql::server::database_grant( $privilege, $db, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 9b20928e36..f2c105192d 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,5 +1,18 @@ -# Define for conveniently creating a role, database and assigning the correct -# permissions. See README.md for more details. +# @ summary Define for conveniently creating a role, database and assigning the correctpermissions. +# +# @param user +# @param password +# @param comment +# @param dbname +# @param encoding +# @param locale +# @param grant +# @param tablespace +# @param template +# @param istemplate +# @param owner +# +# define postgresql::server::db ( $user, $password, diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 37ba56c2a7..6943c92114 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -1,4 +1,14 @@ -# Activate an extension on a postgresql database +# @summary Activate an extension on a postgresql database. +# +# @param database +# @param extension +# @param schema +# @param version +# @param ensure +# @param package_name +# @param package_ensure +# @param connect_settings +# define postgresql::server::extension ( $database, $extension = $name, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 80e970f059..c2afb82bcd 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -1,4 +1,17 @@ -# Define for granting permissions to roles. See README.md for more details. +# @summary Define for granting permissions to roles. +# +# @param role +# @param db +# @param privilege +# @param object_type +# @param object_name +# @param psql_db +# @param psql_user +# @param port +# @param onlyif_exists +# @param connect_settings +# @param ensure +# define postgresql::server::grant ( String $role, String $db, diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 601fd69c5a..6439282d41 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -1,4 +1,13 @@ -# Define for granting membership to a role. See README.md for more information +# @summary Define for granting membership to a role. +# +# @param group +# @param role +# @param ensure +# @param psql_db +# @param psql_user +# @param port +# @param connect_settings +# define postgresql::server::grant_role ( String[1] $group, String[1] $role = $name, diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index a5f558c96d..80d5e2cc26 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not call directly +# @api private class postgresql::server::initdb { $needs_initdb = $postgresql::server::needs_initdb $initdb_path = $postgresql::server::initdb_path diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 057f686743..666596bf45 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not call directly +# @api private class postgresql::server::install { $package_ensure = $postgresql::server::package_ensure $package_name = $postgresql::server::package_name diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index bb922eea10..a9477fd0f3 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not call directly +# @api private class postgresql::server::passwd { $postgres_password = $postgresql::server::postgres_password $user = $postgresql::server::user diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index c215c2f12a..07ff5bdba5 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,5 +1,17 @@ -# This resource manages an individual rule that applies to the file defined in -# $target. See README.md for more details. +# @summary This resource manages an individual rule that applies to the file defined in target. +# +# @param type +# Enum['local','host','hostssl','hostnossl']. +# @param database +# @param user +# @param auth_method +# @param address +# @param description +# @param auth_option +# @param order +# @param target +# @param postgresql_version +# define postgresql::server::pg_hba_rule( Enum['local', 'host', 'hostssl', 'hostnossl'] $type, String $database, diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 3e9cdcd351..508ae8ef29 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -1,5 +1,12 @@ -# This resource manages an individual rule that applies to the file defined in -# $target. See README.md for more details. +# @summary This resource manages an individual rule that applies to the file defined in target. +# +# @param map_name +# @param system_username +# @param database_username +# @param description +# @param order +# @param target +# define postgresql::server::pg_ident_rule( $map_name, $system_username, diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index bb3bdbe1a0..ba311c31d2 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -1,5 +1,8 @@ -# This class installs the PL/Perl procedural language for postgresql. See -# README.md for more details. +# @summary This class installs the PL/Perl procedural language for postgresql. +# +# @param package_ensure +# @param package_name +# class postgresql::server::plperl( $package_ensure = 'present', $package_name = $postgresql::server::plperl_package_name diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 7d0a4638a4..c560229137 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -1,5 +1,8 @@ -# This class installs the PL/Python procedural language for postgresql. See -# README.md for more details. +# @summary This class installs the PL/Python procedural language for postgresql. +# +# @param package_ensure +# @param package_name +# class postgresql::server::plpython( $package_ensure = 'present', $package_name = $postgresql::server::plpython_package_name, diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 1f45921a4c..5d3a2db5d3 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -1,4 +1,8 @@ -# Install the postgis postgresql packaging. See README.md for more details. +# @summary Install the postgis postgresql packaging. +# +# @param package_name +# @param package_ensure +# class postgresql::server::postgis ( String $package_name = $postgresql::params::postgis_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index d4d6f5b088..e307174333 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -1,5 +1,14 @@ -# Define for reassigning the ownership of objects within a database. See README.md for more details. -# This enables us to force the a particular ownership for objects within a database +# @summary Define for reassigning the ownership of objects within a database. +# @note +# This enables us to force the a particular ownership for objects within a database +# +# @param old_role +# @param new_role +# @param db +# @param psql_user +# @param port +# @param connect_settings +# define postgresql::server::reassign_owned_by ( String $old_role, String $new_role, diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 97378b3f05..daba2a65f0 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -1,4 +1,22 @@ -# This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. +# @summary This resource manages the parameters that applies to the recovery.conf template. +# +# @param restore_command +# @param archive_cleanup_command +# @param recovery_end_command +# @param recovery_target_name +# @param recovery_target_time +# @param recovery_target_xid +# @param recovery_target_inclusive +# @param recovery_target +# @param recovery_target_timeline +# @param pause_at_recovery_target +# @param standby_mode +# @param primary_conninfo +# @param primary_slot_name +# @param trigger_file +# @param recovery_min_apply_delay +# @param target +# define postgresql::server::recovery( $restore_command = undef, $archive_cleanup_command = undef, diff --git a/manifests/server/reload.pp b/manifests/server/reload.pp index 47f270452e..0b17272c62 100644 --- a/manifests/server/reload.pp +++ b/manifests/server/reload.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not use directly +# @api private class postgresql::server::reload { $service_name = $postgresql::server::service_name $service_status = $postgresql::server::service_status diff --git a/manifests/server/role.pp b/manifests/server/role.pp index c8db8b334c..d995198d5b 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -1,4 +1,20 @@ -# Define for creating a database role. See README.md for more information +# @summary Define for creating a database role. +# +# @param update_password +# @param password_hash +# @param createdb +# @param createrole +# @param db +# @param port +# @param login +# @param inherit +# @param superuser +# @param replication +# @param connection_limit +# @param username +# @param connect_settings +# @param ensure +# define postgresql::server::role( $update_password = true, $password_hash = false, diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 8b727b15c5..4fdd2e03d6 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -1,16 +1,20 @@ -# = Type: postgresql::server::schema +# @summary +# Create a new schema. # -# Create a new schema. See README.md for more details. +# @note +# The database must exist and the PostgreSQL user should have enough privileges # -# == Requires: +# @param db +# @param owner +# @param schema +# @param connect_settings # -# The database must exist and the PostgreSQL user should have enough privileges +# +# @example +# postgresql::server::schema {'private': +# db => 'template1', +# } # -# == Sample Usage: -# -# postgresql::server::schema {'private': -# db => 'template1', -# } # define postgresql::server::schema( $db = $postgresql::server::default_database, diff --git a/manifests/server/service.pp b/manifests/server/service.pp index b421325fe5..fa264a02e8 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not call directly +# @api private class postgresql::server::service { $service_ensure = $postgresql::server::service_ensure $service_enable = $postgresql::server::service_enable diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index dd70aeb8f4..37578bb8c0 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -1,5 +1,16 @@ -# This resource wraps the grant resource to manage table grants specifically. -# See README.md for more details. +# @summary This resource wraps the grant resource to manage table grants specifically. +# +# @param privilege +# @param table +# @param db +# @param role +# @param ensure +# @param port +# @param psql_db +# @param psql_user +# @param connect_settings +# @param onlyif_exists +# define postgresql::server::table_grant( $privilege, $table, diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 35dd8b7bc6..1e12cf82bc 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -1,4 +1,10 @@ -# This module creates tablespace. See README.md for more details. +# @summary This module creates tablespace. +# +# @param location +# @param owner +# @param spcname +# @param connect_settings +# define postgresql::server::tablespace( $location, $owner = undef, diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 10e5ecccdd..642fff2ed3 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -1,8 +1,22 @@ -# This type validates that a successful postgres connection can be established +# @summary This type validates that a successful postgres connection. +# +# @note +# This validated if the postgres connection can be established # between the node on which this resource is run and a specified postgres # instance (host/port/user/password/database name). # -# See README.md for more details. +# +# @param database_host +# @param database_name +# @param database_password +# @param database_username +# @param database_port +# @param connect_settings +# @param run_as +# @param sleep +# @param tries +# @param create_db_first +# define postgresql::validate_db_connection( $database_host = undef, $database_name = undef, From 79d9f21eb43d89fd9ff9809b00a395f173193ae3 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 7 May 2019 10:28:32 +0300 Subject: [PATCH 0406/1000] Update functions documentation --- REFERENCE.md | 20 +++++++++---------- .../postgresql_acls_to_resources_hash.rb | 2 +- .../parser/functions/postgresql_escape.rb | 2 +- .../parser/functions/postgresql_password.rb | 2 +- lib/puppet/provider/postgresql_psql/ruby.rb | 1 + lib/puppet/type/postgresql_psql.rb | 4 ++-- 6 files changed, 15 insertions(+), 16 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index b0729fed8f..7be4028e46 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -62,8 +62,8 @@ _Private Classes_ **Functions** * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid -* [`postgresql_escape`](#postgresql_escape): Safely escapes a string using $$ using a random tag which should be consistent -* [`postgresql_password`](#postgresql_password): Returns the postgresql password hash from the clear text username / password. +* [`postgresql_escape`](#postgresql_escape): +* [`postgresql_password`](#postgresql_password): **Tasks** @@ -2568,7 +2568,6 @@ This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outside of the postgresql internal classes/defined resources. -This function accepts an array of strings that are pg_hba.conf rules. It will return a hash that can be fed into create_resources to create multiple individual pg_hba_rule resources. @@ -2584,7 +2583,6 @@ This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outside of the postgresql internal classes/defined resources. -This function accepts an array of strings that are pg_hba.conf rules. It will return a hash that can be fed into create_resources to create multiple individual pg_hba_rule resources. @@ -2594,31 +2592,31 @@ to provide uniqueness. It must be a string. The third parameter is an order offset, so you can start the order at an arbitrary starting point. -Returns: `Any` +Returns: `Any` This function accepts an array of strings that are pg_hba.conf rules. It ### postgresql_escape Type: Ruby 3.x API -Safely escapes a string using $$ using a random tag which should be consistent +The postgresql_escape function. #### `postgresql_escape()` -Safely escapes a string using $$ using a random tag which should be consistent +The postgresql_escape function. -Returns: `Any` +Returns: `Any` Safely escapes a string using $$ using a random tag which should be consistent ### postgresql_password Type: Ruby 3.x API -Returns the postgresql password hash from the clear text username / password. +The postgresql_password function. #### `postgresql_password()` -Returns the postgresql password hash from the clear text username / password. +The postgresql_password function. -Returns: `Any` +Returns: `Any` Returns the postgresql password hash from the clear text username / password. ## Tasks diff --git a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb index e9112caa6a..86a2d6005a 100644 --- a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb @@ -5,7 +5,7 @@ module Puppet::Parser::Functions suitable for create_resources. It is not intended to be used outside of the postgresql internal classes/defined resources. - This function accepts an array of strings that are pg_hba.conf rules. It + @return This function accepts an array of strings that are pg_hba.conf rules. It will return a hash that can be fed into create_resources to create multiple individual pg_hba_rule resources. diff --git a/lib/puppet/parser/functions/postgresql_escape.rb b/lib/puppet/parser/functions/postgresql_escape.rb index 49d6d7e2dd..f78bcea1bd 100644 --- a/lib/puppet/parser/functions/postgresql_escape.rb +++ b/lib/puppet/parser/functions/postgresql_escape.rb @@ -3,7 +3,7 @@ # postgresql_escape.rb module Puppet::Parser::Functions newfunction(:postgresql_escape, type: :rvalue, doc: <<-EOS - Safely escapes a string using $$ using a random tag which should be consistent + @return Safely escapes a string using $$ using a random tag which should be consistent EOS ) do |args| diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb index e53e5f94f9..b787fe5c45 100644 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ b/lib/puppet/parser/functions/postgresql_password.rb @@ -4,7 +4,7 @@ # postgresql_password.rb module Puppet::Parser::Functions newfunction(:postgresql_password, type: :rvalue, doc: <<-EOS - Returns the postgresql password hash from the clear text username / password. + @return Returns the postgresql password hash from the clear text username / password. EOS ) do |args| diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 70cfb16b40..5c58faa9de 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -63,4 +63,5 @@ def run_command(command, user, group, environment) custom_environment: environment) [output, $CHILD_STATUS.dup] end + end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index a96ea78b03..c50066709b 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -26,7 +26,7 @@ def sync end newparam(:unless) do - desc 'An optional SQL command to execute prior to the main :command; ' \ + Desc 'An optional SQL command to execute prior to the main :command; ' \ 'this is generally intended to be used for idempotency, to check ' \ 'for the existence of an object in the database to determine whether ' \ 'or not the main SQL command needs to be executed at all.' @@ -45,7 +45,7 @@ def matches(value) end newparam(:onlyif) do - desc 'An optional SQL command to execute prior to the main :command; ' \ + Desc 'An optional SQL command to execute prior to the main :command; ' \ 'this is generally intended to be used for idempotency, to check ' \ 'for the existence of an object in the database to determine whether ' \ 'or not the main SQL command needs to be executed at all.' From 926bb7c49cfa6ec13a78001e3a9e666ffcc29687 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 7 May 2019 12:19:51 +0300 Subject: [PATCH 0407/1000] Fix providers documentation --- REFERENCE.md | 6 +++--- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- lib/puppet/provider/postgresql_replication_slot/ruby.rb | 2 +- lib/puppet/type/postgresql_conn_validator.rb | 1 + lib/puppet/type/postgresql_psql.rb | 8 ++++++-- 5 files changed, 12 insertions(+), 7 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 7be4028e46..cb0fb14740 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2378,7 +2378,7 @@ The following properties are available in the `postgresql_conn_validator` type. Valid values: present, absent -The basic property that the resource should be in. +Ensure connection validation Default value: present @@ -2466,11 +2466,11 @@ An arbitrary tag for your own reference; the name of the message. ##### `unless` - +Optional SQL command to execute before the main command ##### `onlyif` - +Optional SQL command executed before the main command - return true if matching row found ##### `connect_settings` diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 5c58faa9de..dfad4cdf64 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -1,4 +1,5 @@ Puppet::Type.type(:postgresql_psql).provide(:ruby) do + desc 'Postgres psql provider' def run_unless_sql_command(sql) # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', # which makes it easier to parse and process the output. @@ -63,5 +64,4 @@ def run_command(command, user, group, environment) custom_environment: environment) [output, $CHILD_STATUS.dup] end - end diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index c882ce4209..d163f40375 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -1,5 +1,5 @@ Puppet::Type.type(:postgresql_replication_slot).provide(:ruby) do - # For confinement + desc 'For confinement' commands psql: 'psql' def self.instances diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb index 8a07c6c0de..adb70538e3 100644 --- a/lib/puppet/type/postgresql_conn_validator.rb +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -6,6 +6,7 @@ purposes such as monitoring." ensurable do + desc 'Ensure connection validation' defaultvalues defaultto :present end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index c50066709b..320f678455 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -26,7 +26,9 @@ def sync end newparam(:unless) do - Desc 'An optional SQL command to execute prior to the main :command; ' \ + desc 'Optional SQL command to execute before the main command' + + desc 'An optional SQL command to execute prior to the main :command; ' \ 'this is generally intended to be used for idempotency, to check ' \ 'for the existence of an object in the database to determine whether ' \ 'or not the main SQL command needs to be executed at all.' @@ -45,7 +47,9 @@ def matches(value) end newparam(:onlyif) do - Desc 'An optional SQL command to execute prior to the main :command; ' \ + desc 'Optional SQL command executed before the main command - return true if matching row found' + + desc 'An optional SQL command to execute prior to the main :command; ' \ 'this is generally intended to be used for idempotency, to check ' \ 'for the existence of an object in the database to determine whether ' \ 'or not the main SQL command needs to be executed at all.' From fedfdc5666fe156f0f0e0ff2c1a39c2582960b60 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 7 May 2019 12:39:59 +0300 Subject: [PATCH 0408/1000] Update README --- README.md | 1591 +---------------------------------------------------- 1 file changed, 1 insertion(+), 1590 deletions(-) diff --git a/README.md b/README.md index 4155a7773a..61056a977e 100644 --- a/README.md +++ b/README.md @@ -16,11 +16,6 @@ * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pg_identconf) * [Validate connectivity](#validate-connectivity) 4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [Classes](#classes) - * [Defined Types](#defined-types) - * [Types](#types) - * [Functions](#functions) - * [Tasks](#tasks) 5. [Limitations - OS compatibility, etc.](#limitations) 6. [Development - Guide for contributing to the module](#development) * [Contributors - List of module contributors](#contributors) @@ -321,1591 +316,7 @@ exec { 'rake db:migrate': ## Reference -The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings. - -**Classes:** - -* [postgresql::client](#postgresqlclient) -* [postgresql::globals](#postgresqlglobals) -* [postgresql::lib::devel](#postgresqllibdevel) -* [postgresql::lib::java](#postgresqllibjava) -* [postgresql::lib::perl](#postgresqllibperl) -* [postgresql::lib::python](#postgresqllibpython) -* [postgresql::server](#postgresqlserver) -* [postgresql::server::plperl](#postgresqlserverplperl) -* [postgresql::server::contrib](#postgresqlservercontrib) -* [postgresql::server::postgis](#postgresqlserverpostgis) - -**Defined Types:** - -* [postgresql::server::config_entry](#postgresqlserverconfig_entry) -* [postgresql::server::database](#postgresqlserverdatabase) -* [postgresql::server::database_grant](#postgresqlserverdatabase_grant) -* [postgresql::server::db](#postgresqlserverdb) -* [postgresql::server::extension](#postgresqlserverextension) -* [postgresql::server::grant](#postgresqlservergrant) -* [postgresql::server::grant_role](#postgresqlservergrant_role) -* [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) -* [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) -* [postgresql::server::reassign_owned_by](#postgresqlserverreassign_owned_by) -* [postgresql::server::recovery](#postgresqlserverrecovery) -* [postgresql::server::role](#postgresqlserverrole) -* [postgresql::server::schema](#postgresqlserverschema) -* [postgresql::server::table_grant](#postgresqlservertable_grant) -* [postgresql::server::tablespace](#postgresqlservertablespace) - -**Types:** - -* [postgresql_psql](#custom-resource-postgresql_psql) -* [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) -* [postgresql_conf](#custom-resource-postgresql_conf) -* [postgresql_conn_validator](#custom-resource-postgresql_conn_validator) - -**Functions:** - -* [postgresql_password](#function-postgresql_password) -* [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) - -**Tasks:** - -* [`sql`](#tasks) - -### Classes - -#### postgresql::client - -Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. - ->**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. - -##### `package_ensure` - -Whether the PostgreSQL client package resource should be present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -##### `package_name` - -Sets the name of the PostgreSQL client package. - -Default value: 'file'. - -#### postgresql::lib::docs - -Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. - -**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. - -##### `package_name` - -Specifies the name of the PostgreSQL docs package. - -##### `package_ensure` - -Whether the PostgreSQL docs package resource should be present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -#### postgresql::globals - -**Note:** Most server-specific defaults should be overridden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`. - -##### `bindir` - -Overrides the default PostgreSQL binaries directory for the target platform. - -Default value: OS dependent. - -##### `client_package_name` - -Overrides the default PostgreSQL client package name. - -Default value: OS dependent. - -##### `confdir` - -Overrides the default PostgreSQL configuration directory for the target platform. - -Default value: OS dependent. - -##### `contrib_package_name` - -Overrides the default PostgreSQL contrib package name. - -Default value: OS dependent. - -##### `createdb_path` - -**Deprecated.** Path to the `createdb` command. - -Default value: '${bindir}/createdb'. - -##### `datadir` - -Overrides the default PostgreSQL data directory for the target platform. - -Default value: OS dependent. - -**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems). - -**Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original. - -##### `data_checksums` - -Optional. - -Data type: Boolean. - -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. - -Valid values: `true` or `false`. - -Default: initdb's default (`false`). - -**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. - -##### `default_database` - -Specifies the name of the default database to connect with. - -Default value: 'postgres' (for most systems). - -##### `devel_package_name` - -Overrides the default PostgreSQL devel package name. - -Default value: OS dependent. - -##### `docs_package_name` - -Optional. - -Overrides the default PostgreSQL docs package name. - -Default value: OS dependent. - -##### `encoding` - -Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. - -Default value: Dependent on the operating system's default encoding. - -##### `group` - -Overrides the default postgres user group to be used for related files in the file system. - -Default value: 'postgres'. - -##### `initdb_path` - -Path to the `initdb` command. - -##### `java_package_name` - -Overrides the default PostgreSQL java package name. - -Default value: OS dependent. - -##### `locale` - -Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well. - -Default value: `undef`, which is effectively 'C'. - -**On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** - -##### `timezone` - -Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. - -##### `logdir` - -Overrides the default PostgreSQL log directory. - -Default value: initdb's default path. - -##### `manage_package_repo` - -Sets up official PostgreSQL repositories on your host if set to `true`. - -Default value: `false`. - -##### `module_workdir` - -Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. - -Default value: '/tmp'. - -##### `needs_initdb` - -Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. - -Default value: OS dependent. - -##### `perl_package_name` - -Overrides the default PostgreSQL Perl package name. - -Default value: OS dependent. - -##### `pg_hba_conf_defaults` - -Disables the defaults supplied with the module for `pg_hba.conf` if set to `false`. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations. - -Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`. - -##### `pg_hba_conf_path` - -Specifies the path to your `pg_hba.conf` file. - -Default value: '${confdir}/pg_hba.conf'. - -##### `pg_ident_conf_path` - -Specifies the path to your `pg_ident.conf` file. - -Default value: '${confdir}/pg_ident.conf'. - -##### `plperl_package_name` - -Overrides the default PostgreSQL PL/Perl package name. - -Default value: OS dependent. - -##### `plpython_package_name` - -Overrides the default PostgreSQL PL/Python package name. - -Default value: OS dependent. - -##### `postgis_version` - -Defines the version of PostGIS to install, if you install PostGIS. - -Default value: The lowest available with the version of PostgreSQL to be installed. - -##### `postgresql_conf_path` - -Sets the path to your `postgresql.conf` file. - -Default value: '${confdir}/postgresql.conf'. - -##### `psql_path` - -Sets the path to the `psql` command. - -##### `python_package_name` - -Overrides the default PostgreSQL Python package name. - -Default value: OS dependent. - -##### `recovery_conf_path` - -Path to your `recovery.conf` file. - -##### `repo_proxy` - -Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. - -Debian is currently not supported. - -##### `repo_baseurl` - -Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. - -Default value: The official PostgreSQL repository. - -##### `server_package_name` - -Overrides the default PostgreSQL server package name. - -Default value: OS dependent. - -##### `service_name` - -Overrides the default PostgreSQL service name. - -Default value: OS dependent. - -##### `service_provider` - -Overrides the default PostgreSQL service provider. - -Default value: OS dependent. - -##### `service_status` - -Overrides the default status check command for your PostgreSQL service. - -Default value: OS dependent. - -##### `user` - -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. - -Default value: 'postgres'. - -##### `version` - -The version of PostgreSQL to install and manage. - -Default value: OS system default. - -##### `xlogdir` - -Overrides the default PostgreSQL xlog directory. - -Default value: initdb's default path. - -#### postgresql::lib::devel - -Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). - -##### `link_pg_config` - -If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior. - -Valid values: `true`, `false`. - -Default value: `true`. - -##### `package_ensure` - -Overrides the 'ensure' parameter during package installation. - -Default value: 'present'. - -##### `package_name` - -Overrides the default package name for the distribution you are installing to. - -Default value: 'postgresql-devel' or 'postgresql-devel' depending on your distro. - -#### postgresql::lib::java - -Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install. - -**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version. - -##### `package_ensure` - -Specifies whether the package is present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -##### `package_name` - -Specifies the name of the PostgreSQL java package. - -#### postgresql::lib::perl - -Installs the PostgreSQL Perl libraries. - -##### `package_ensure` - -Specifies whether the package is present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -##### `package_name` - -Specifies the name of the PostgreSQL perl package to install. - -#### postgresql::server::plpython - -Installs the PL/Python procedural language for PostgreSQL. - -##### `package_name` - -Specifies the name of the postgresql PL/Python package. - -##### `package_ensure` - -Specifies whether the package is present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -#### postgresql::lib::python - -Installs PostgreSQL Python libraries. - -##### `package_ensure` - -Specifies whether the package is present. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -##### `package_name` - -The name of the PostgreSQL Python package. - -#### postgresql::server - -##### `config_entries` - -Specifies a hash from which to generate `postgresql::server::config_entry` resources. - -Default value: `{}` - -##### `createdb_path` - -**Deprecated.** Specifies the path to the `createdb` command. - -Default value: '${bindir}/createdb'. - -##### `data_checksums` - -Optional. - -Data type: Boolean. - -Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. - -Valid values: `true` or `false`. - -Default value: initdb's default (`false`). - -**Warning:** This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. - -##### `default_database` - -Specifies the name of the default database to connect with. On most systems this is 'postgres'. - -##### `default_connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as `postgresql::server::role`. - -##### `encoding` - -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well. - -Default value: `undef`. - -##### `group` - -Overrides the default postgres user group to be used for related files in the file system. - -Default value: OS dependent default. - -##### `initdb_path` - -Specifies the path to the `initdb` command. - -Default value: '${bindir}/initdb'. - -##### `ipv4acls` - -Lists strings for access control for connection method, users, databases, IPv4 addresses; - -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. - -##### `ipv6acls` - -Lists strings for access control for connection method, users, databases, IPv6 addresses. - -see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information. - -##### `ip_mask_allow_all_users` - -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. - -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. - -Default value: '127.0.0.1/32'. - -##### `ip_mask_deny_postgres_user` - -Specifies the IP mask from which remote connections should be denied for the postgres superuser. - -Default value: '0.0.0.0/0', which denies any remote connection. - -##### `locale` - -Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module. - -Default value: `undef`, which is effectively 'C'. - -**On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.** - -##### `manage_pg_hba_conf` - -Whether to manage the `pg_hba.conf`. - -If set to `true`, Puppet overwrites this file. - -If set to `false`, Puppet does not modify the file. - -Valid values: `true`, `false`. - -Default value: `true` - -##### `manage_pg_ident_conf` - -Overwrites the pg_ident.conf file. - -If set to `true`, Puppet overwrites the file. - -If set to `false`, Puppet does not modify the file. - -Valid values: `true`, `false`. - -Default value: `true`. - -##### `manage_recovery_conf` - -Specifies whether or not manage the `recovery.conf`. - -If set to `true`, Puppet overwrites this file. - -Valid values: `true`, `false`. - -Default value: `false`. - -##### `needs_initdb` - -Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started. - -Default value: OS dependent. - -##### `package_ensure` - -Passes a value through to the `package` resource when creating the server instance. - -Default value: `undef`. - -##### `package_name` - -Specifies the name of the package to use for installing the server software. - -Default value: OS dependent. - -##### `pg_hba_conf_defaults` - -If `false`, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. - -##### `pg_hba_conf_path` - -Specifies the path to your `pg_hba.conf` file. - -##### `pg_hba_rules` - -Specifies a hash from which to generate `postgresql::server::pg_hba_rule` resources. - -Default value: `{}` - -##### `pg_ident_conf_path` - -Specifies the path to your `pg_ident.conf` file. - -Default value: '${confdir}/pg_ident.conf'. - -##### `plperl_package_name` - -Sets the default package name for the PL/Perl extension. - -Default value: OS dependent. - -##### `plpython_package_name` - -Sets the default package name for the PL/Python extension. - -Default value: OS dependent. - -##### `port` - -Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. - -Default value: 5432. Meaning the Postgres server listens on TCP port 5432. - -##### `postgres_password` - -Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called `postgres` and no password. - -Default value: `undef`. - -##### `postgresql_conf_path` - -Specifies the path to your `postgresql.conf` file. - -Default value: '${confdir}/postgresql.conf'. - -##### `psql_path` - -Specifies the path to the `psql` command. - -Default value: OS dependent. - -##### `roles` - -Specifies a hash from which to generate `postgresql::server::role` resources. - -Default value: `{}` - -##### `service_manage` - -Defines whether or not Puppet should manage the service. - -Default value: `true`. - -##### `service_name` - -Overrides the default PostgreSQL service name. - -Default value: OS dependent. - -##### `service_provider` - -Overrides the default PostgreSQL service provider. - -Default value: `undef`. - -##### `service_reload` - -Overrides the default reload command for your PostgreSQL service. - -Default value: OS dependent. - -##### `service_restart_on_change` - -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. - -Default value: `true`. - -##### `service_status` - -Overrides the default status check command for your PostgreSQL service. - -Default value: OS dependent. - -##### `user` - -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. - -Default value: 'postgres'. - -#### postgresql::server::contrib - -Installs the PostgreSQL contrib package. - -##### `package_ensure` - -Sets the ensure parameter passed on to PostgreSQL contrib package resource. - -##### `package_name` - -The name of the PostgreSQL contrib package. - -#### postgresql::server::plperl - -Installs the PL/Perl procedural language for postgresql. - -##### `package_ensure` - -The ensure parameter passed on to PostgreSQL PL/Perl package resource. - -##### `package_name` - -The name of the PostgreSQL PL/Perl package. - -#### postgresql::server::postgis - -Installs the PostgreSQL postgis packages. - -### Defined Types - -#### postgresql::server::config_entry - -Modifies your `postgresql.conf` configuration file. - -Each resource maps to a line inside the file, for example: - -```puppet -postgresql::server::config_entry { 'check_function_bodies': - value => 'off', -} -``` - -##### `ensure` - -Removes an entry if set to 'absent'. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -##### `value` - -Defines the value for the setting. - -#### postgresql::server::db - -Creates a local database, user, and assigns necessary permissions. - -##### `comment` - -Defines a comment to be stored about the database using the PostgreSQL COMMENT command. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `dbname` - -Sets the name of the database to be created. - -Default value: the namevar. - -##### `encoding` - -Overrides the character set during creation of the database. - -Default value: The default defined during installation. - -##### `grant` - -Specifies the permissions to grant during creation. - -Default value: 'ALL'. - -##### `istemplate` - -Specifies that the database is a template, if set to `true`. - -Default value: `false`. - -##### `locale` - -Overrides the locale during creation of the database. - -Default value: The default defined during installation. - -##### `owner` - -Sets a user as the owner of the database. - -Default value: '$user' variable set in `postgresql::server` or `postgresql::globals`. - -##### `password` - -**Required** Sets the password for the created user. - -##### `tablespace` - -Defines the name of the tablespace to allocate the created database to. - -Default value: PostgreSQL default. - -##### `template` - -Specifies the name of the template database from which to build this database. - -Defaults value: `template0`. - -##### `user` - -User to create and assign access to the database upon creation. Mandatory. - -#### postgresql::server::database - -Creates a database with no users and no permissions. - -##### `dbname` - -Sets the name of the database. - -Defaults value: The namevar. - -##### `encoding` - -Overrides the character set during creation of the database. - -Default value: The default defined during installation. - -##### `istemplate` - -Defines the database as a template if set to `true`. - -Default value: `false`. - -##### `locale` - -Overrides the locale during creation of the database. - -Default value: The default defined during installation. - -##### `owner` - -Sets name of the database owner. - -Default value: The '$user' variable set in `postgresql::server` or `postgresql::globals`. - -##### `tablespace` - -Sets tablespace for where to create this database. - -Default value: The default defined during installation. - -##### `template` - -Specifies the name of the template database from which to build this database. - -Default value: 'template0'. - -#### postgresql::server::database_grant - -Manages grant-based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. - -##### `ensure` - -Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. - -Valid values: 'present', 'absent'. -* 'present' to grant the privilege -* 'absent' to revoke the privilege - -Default value: 'present'. - -#### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `db` - -Specifies the database to which you are granting access. - -##### `privilege` - -Specifies comma-separated list of privileges to grant. - -Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. - -##### `psql_db` - -Defines the database to execute the grant against. - -**This should not ordinarily be changed from the default** - -Default value: 'postgres'. - -##### `psql_user` - -Specifies the OS user for running `psql`. - -Default value: The default user for the module, usually 'postgres'. - -##### `role` - -Specifies the role or user whom you are granting access to. - -#### postgresql::server::extension - -Manages a PostgreSQL extension. - -##### `database` - -Specifies the database on which to activate the extension. - -##### `schema` - -Specifies the schema on which to activate the extension. - -##### `ensure` - -Specifies whether to activate or deactivate the extension. - -Valid options: 'present' or 'absent'. - -#### `extension` - -Specifies the extension to activate. If left blank, uses the name of the resource. - -#### `version` - -Specifies the version of the extension which the database uses. -When an extension package is updated, this does not automatically change the effective version in each database. - -This needs be updated using the PostgreSQL-specific SQL `ALTER EXTENSION...` - -`version` may be set to `latest`, in which case the SQL `ALTER EXTENSION "extension" UPDATE` is applied to this database (only). - -`version` may be set to a specific version, in which case the extension is updated using `ALTER EXTENSION "extension" UPDATE TO 'version'` - -eg. If extension is set to `postgis` and version is set to `2.3.3`, this will apply the SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'` to this database only. - -`version` may be omitted, in which case no `ALTER EXTENSION...` SQL is applied, and the version will be left unchanged. - -##### `package_name` - -Specifies a package to install prior to activating the extension. - -##### `package_ensure` - -Overrides default package deletion behavior. - -By default, the package specified with `package_name` is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the `ensure` value for the package. - -#### postgresql::server::grant - -Manages grant-based access privileges for roles. See [PostgreSQL documentation for `grant`](http://www.postgresql.org/docs/current/static/sql-grant.html) for more information. - -##### `ensure` - -Specifies whether to grant or revoke the privilege. Default is to grant the privilege. - -Valid values: 'present', 'absent'. -* 'present' to grant the privilege -* 'absent' to revoke the privilege - -Default value: 'present'. - -##### `db` - -Specifies the database to which you are granting access. - -##### `object_type` - -Specifies the type of object to which you are granting privileges. - -Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. - -##### `object_name` - -Specifies name of `object_type` to which to grant access, can be either a string or a two element array. - -String: 'object_name' -Array: ['schema_name', 'object_name'] - -##### `port` - -Port to use when connecting. - -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. - -##### `privilege` - -Specifies the privilege to grant. - -Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. - -##### `psql_db` - -Specifies the database to execute the grant against. - -**This should not ordinarily be changed from the default** - -Default value: 'postgres'. - -##### `psql_user` - -Sets the OS user to run `psql`. - -Default value: the default user for the module, usually 'postgres'. - -##### `role` - -Specifies the role or user whom you are granting access to. - -#### postgresql::server::grant_role - -Allows you to assign a role to a (group) role. See [PostgreSQL documentation for `Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html) for more information. - -##### `group` - -Specifies the group role to which you are assigning a role. - -##### `role` - -Specifies the role you want to assign to a group. If left blank, uses the name of the resource. - -##### `ensure` - -Specifies whether to grant or revoke the membership. - -Valid options: 'present' or 'absent'. - -Default value: 'present'. - -##### `port` - -Port to use when connecting. - -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. - -##### `psql_db` - -Specifies the database to execute the grant against. - -**This should not ordinarily be changed from the default** - -Default value: 'postgres'. - -##### `psql_user` - -Sets the OS user to run `psql`. - -Default value: the default user for the module, usually `postgres`. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -#### postgresql::server::pg_hba_rule - -Allows you to create an access rule for `pg_hba.conf`. For more details see the [usage example](#create-an-access-rule-for-pghba.conf) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html). - -##### `address` - -Sets a CIDR based address for this rule matching when the type is not 'local'. - -##### `auth_method` - -Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL `pg_hba.conf` documentation. - -##### `auth_option` - -For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. - -##### `database` - -Sets a comma-separated list of databases that this rule matches. - -##### `description` - -Defines a longer description for this rule, if required. This description is placed in the comments above the rule in `pg_hba.conf`. - -Default value: 'none'. - -Specifies a way to uniquely identify this resource, but functionally does nothing. - -##### `order` - -Sets an order for placing the rule in `pg_hba.conf`. - -This can be either a string or an integer. -If it is an integer, it will be converted to a string by zero-padding it to three digits. -E.g. `42` will be zero-padded to the string `'042'`. - -The `pg_hba_rule` fragments are sorted using the `alpha` sorting [order](https://forge.puppet.com/puppetlabs/concat/reference#order). - -Default value: 150. - -#### `postgresql_version` - -Manages `pg_hba.conf` without managing the entire PostgreSQL instance. - -Default value: the version set in `postgresql::server`. - -##### `target` - -Provides the target for the rule, and is generally an internal only property. - -**Use with caution.** - -##### `type` - -Sets the type of rule. - -Valid options: 'local', 'host', 'hostssl' or 'hostnossl'. - -##### `user` - -Sets a comma-separated list of users that this rule matches. - - -#### postgresql::server::pg_ident_rule - -Allows you to create user name maps for `pg_ident.conf`. For more details see the [usage example](#create-user-name-maps-for-pgidentconf) above and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). - -##### `database_username` - -Specifies the user name of the database user. The `system_username` is mapped to this user name. - -##### `description` - -Sets a longer description for this rule if required. This description is placed in the comments above the rule in `pg_ident.conf`. - -Default value: 'none'. - -##### `map_name` - -Sets the name of the user map that is used to refer to this mapping in `pg_hba.conf`. - -##### `order` - -Defines an order for placing the mapping in `pg_ident.conf`. - -Default value: 150. - -##### `system_username` - -Specifies the operating system user name (the user name used to connect to the database). - -##### `target` - -Provides the target for the rule and is generally an internal only property. - -**Use with caution.** - -#### postgresql::server::reassign_owned_by - -Runs the PostgreSQL command 'REASSIGN OWNED' on a database, to transfer the ownership of existing objects between database roles - -##### `db` - -Specifies the database to which the 'REASSIGN OWNED' will be applied - -##### `old_role` - -Specifies the role or user who is the current owner of the objects in the specified db - -##### `new_role` - -Specifies the role or user who will be the new owner of these objects - -##### `psql_user` - -Specifies the OS user for running `psql`. - -Default value: The default user for the module, usually 'postgres'. - -##### `port` - -Port to use when connecting. - -Default value: `undef`, which generally defaults to port 5432 depending on your PostgreSQL packaging. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -#### postgresql::server::recovery - -Allows you to create the content for `recovery.conf`. For more details see the [usage example](#create-recovery-configuration) and the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). - -Every parameter value is a string set in the template except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. - -A detailed description of all listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/recovery-config.html). - -Only the specified parameters are recognized in the template. The `recovery.conf` is only created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true. - -The parameters are grouped into these three sections: - -##### [Archive Recovery Parameters](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) - -* `restore_command` -* `archive_cleanup_command` -* `recovery_end_command` - -##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) -* `recovery_target_name` -* `recovery_target_time` -* `recovery_target_xid` -* `recovery_target_inclusive` -* `recovery_target` -* `recovery_target_timeline` -* `pause_at_recovery_target` - -##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) -* `standby_mode`: Can be specified with the string ('on'/'off'), or by using a Boolean value (`true`/`false`). -* `primary_conninfo` -* `primary_slot_name` -* `trigger_file` -* `recovery_min_apply_delay` - -##### `target` -Provides the target for the rule, and is generally an internal only property. - -**Use with caution.** - -#### postgresql::server::role -Creates or drops a role or user in PostgreSQL. - -##### `ensure` - -Specify whether to create or drop the role. - -Specifying 'present' creates the role. -Specifying 'absent' drops the role. - -Default value: 'present'. - -##### `connection_limit` -Specifies how many concurrent connections the role can make. - -Default value: '-1', meaning no limit. - -##### `connect_settings` -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `createdb` -Specifies whether to grant the ability to create new databases with this role. - -Default value: `false`. - -##### `createrole` -Specifies whether to grant the ability to create new roles with this role. - -Default value: `false`. - -##### `inherit` -Specifies whether to grant inherit capability for the new role. - -Default value: `true`. - -##### `login` -Specifies whether to grant login capability for the new role. - -Default value: `true`. - -##### `password_hash` -Sets the hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: - -##### `update_password` -If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. - -```puppet -postgresql::server::role { 'myusername': - password_hash => postgresql_password('myusername', 'mypassword'), -} -``` - -##### `replication` - -Provides provides replication capabilities for this role if set to `true`. - -Default value: `false`. - -##### `superuser` - -Specifies whether to grant super user capability for the new role. - -Default value: `false`. - -##### `username` - -Defines the username of the role to create. - -Default value: the namevar. - -#### postgresql::server::schema - -Creates a schema. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `db` - -Required. - -Sets the name of the database in which to create this schema. - -##### `owner` - -Sets the default owner of the schema. - -##### `schema` - -Sets the name of the schema. - -Default value: the namevar. - -#### postgresql::server::table_grant - -Manages grant-based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. - -##### `ensure` - -Specifies whether to grant or revoke the privilege. Default is to grant the privilege. - -Valid values: 'present', 'absent'. -* 'present' to grant the privilege -* 'absent' to revoke the privilege - -Default value: 'present'. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `db` - -Specifies which database the table is in. - -##### `privilege` - -Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. - -##### `psql_db` - -Specifies the database to execute the grant against. - -This should not ordinarily be changed from the default. - -Default value: 'postgres'. - -##### `psql_user` - -Specifies the OS user for running `psql`. - -Default value: The default user for the module, usually 'postgres'. - -##### `role` - -Specifies the role or user to whom you are granting access. - -##### `table` - -Specifies the table to which you are granting access. - -#### postgresql::server::tablespace - -Creates a tablespace. If necessary, also creates the location and assigns the same permissions as the PostgreSQL server. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: Connects to the local Postgres instance. - -##### `location` - -Specifies the path to locate this tablespace. - -##### `owner` - -Specifies the default owner of the tablespace. - -##### `spcname` - -Specifies the name of the tablespace. - -Default value: the namevar. - -### Types - -#### postgresql_psql - -Enables Puppet to run psql statements. - -##### `command` - -Required. - -Specifies the SQL command to execute via psql. - -##### `cwd` - -Specifies the working directory under which the psql command should be executed. - -Default value: '/tmp'. - -##### `db` - -Specifies the name of the database to execute the SQL command against. - -##### `environment` - -Specifies any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. - -##### `name` - -Sets an arbitrary tag for your own reference; the name of the message. This is the namevar. - -##### `onlyif` - -Sets an optional SQL command to execute prior to the main command. This is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. - -##### `port` - -Specifies the port of the database server to execute the SQL command against. - -##### `psql_group` - -Specifies the system user group account under which the psql command should be executed. - -Default value: 'postgres'. - -##### `psql_path` - -Specifies the path to psql executable. - -Default value: 'psql'. - -##### `psql_user` - -Specifies the system user account under which the psql command should be executed. - -Default value: 'postgres'. - -##### `refreshonly` - -Specifies whether to execute the SQL only if there is a notify or subscribe event. - -Valid values: `true`, `false`. - -Default value: `false`. - -##### `search_path` - -Defines the schema search path to use when executing the SQL command. - -##### `unless` - -The inverse of `onlyif`. - -#### postgresql_conf - -Allows Puppet to manage `postgresql.conf` parameters. - -##### `name` - -Specifies the PostgreSQL parameter name to manage. - -This is the namevar. - -##### `target` - -Specifies the path to `postgresql.conf`. - -Default value: '/etc/postgresql.conf'. - -##### `value` - -Specifies the value to set for this parameter. - -#### postgresql_replication_slot - -Allows you to create and destroy replication slots to register warm standby replication on a PostgreSQL master server. - -##### `name` - -Specifies the name of the slot to create. Must be a valid replication slot name. - -This is the namevar. - -##### `ensure` - -Required. - -Specifies the action to create or destroy named slot. - -Valid values: 'present', 'absent'. - -Default value: 'present'. - -#### postgresql_conn_validator - -Validate the connection to a local or remote PostgreSQL database using this type. - -##### `connect_settings` - -Specifies a hash of environment variables used when connecting to a remote server. This is an alternative to providing individual parameters (`host`, etc). If provided, the individual parameters take precedence. - -Default value: {} - -##### `db_name` - -Specifies the name of the database you wish to test. - -Default value: '' - -##### `db_password` - -Specifies the password to connect with. Can be left blank if `.pgpass` is being used, otherwise not recommended. - -Default value: '' - -##### `db_username` - -Specifies the username to connect with. - -Default value: '' - -When using a Unix socket and ident auth, this is the user you are running as. - -##### `command` - -This is the command run against the target database to verify connectivity. - -Default value: 'SELECT 1' - -##### `host` - -Sets the hostname of the database you wish to test. - -Default value: '', which generally uses the designated local Unix socket. - -**If the host is remote you must provide a username.** - -##### `port` - -Defines the port to use when connecting. - -Default value: '' - -##### `run_as` - -Specifies the user to run the `psql` command as. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. Not needed for remote testing. - -##### `sleep` - -Sets the number of seconds to sleep for before trying again after a failure. - -##### `tries` - -Sets the number of attempts after failure before giving up and failing the resource. - -### Functions - -#### postgresql_password - -Generates a PostgreSQL encrypted password, use `postgresql_password`. Call it from the command line and then copy and paste the encrypted password into your manifest: - -```shell -puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' -``` - -Alternatively, you can call this from your production manifests, but the manifests will then contain a clear text version of your passwords. - -#### postgresql_acls_to_resources_hash(acl_array, id, order_offset) - -This internal function converts a list of `pg_hba.conf` based ACLs (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. - -**This function should only be used internally by the module**. - -### Tasks - -The Postgresql module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. - +For information on the classes and types, see the [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/REFERENCE.md) ## Limitations From 5a94c12f3adbd83cd38a0c7cbf7286635c95a525 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 7 May 2019 14:44:10 +0300 Subject: [PATCH 0409/1000] Update parameter descriptions --- REFERENCE.md | 429 ++++++++++++++------------ manifests/client.pp | 11 +- manifests/globals.pp | 102 +++--- manifests/lib/devel.pp | 2 +- manifests/lib/docs.pp | 9 +- manifests/lib/java.pp | 7 +- manifests/lib/perl.pp | 4 +- manifests/lib/python.pp | 4 +- manifests/server.pp | 86 +++--- manifests/server/config_entry.pp | 5 +- manifests/server/contrib.pp | 4 +- manifests/server/database.pp | 14 +- manifests/server/database_grant.pp | 14 +- manifests/server/db.pp | 22 +- manifests/server/extension.pp | 22 +- manifests/server/grant.pp | 18 +- manifests/server/grant_role.pp | 14 +- manifests/server/pg_hba_rule.pp | 20 +- manifests/server/pg_ident_rule.pp | 12 +- manifests/server/plperl.pp | 4 +- manifests/server/plpython.pp | 4 +- manifests/server/reassign_owned_by.pp | 12 +- manifests/server/recovery.pp | 10 +- manifests/server/role.pp | 24 +- manifests/server/schema.pp | 6 +- manifests/server/table_grant.pp | 16 +- manifests/server/tablespace.pp | 6 +- 27 files changed, 478 insertions(+), 403 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index cb0fb14740..4520ecd0ad 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -7,10 +7,10 @@ _Public Classes_ -* [`postgresql::client`](#postgresqlclient): Install client cli tool. +* [`postgresql::client`](#postgresqlclient): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. * [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. * [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. -* [`postgresql::lib::docs`](#postgresqllibdocs): This class installs the postgresql-docs +* [`postgresql::lib::docs`](#postgresqllibdocs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. * [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. * [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. * [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. @@ -73,7 +73,9 @@ _Private Classes_ ### postgresql::client -Install client cli tool. +Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. + +* **Note** Make sure to add any necessary yum or apt repositories if specifying a custom version. #### Parameters @@ -99,7 +101,7 @@ Default value: $postgresql::params::validcon_script_path Data type: `String[1]` -String. Client package name. +String. Sets the name of the PostgreSQL client package. Default value: $postgresql::params::client_package_name @@ -107,13 +109,16 @@ Default value: $postgresql::params::client_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent']. Default value: 'present' ### postgresql::globals -Class for setting cross-class global overrides. +Debian is currently not supported. + +* **Note** Most server-specific defaults should be overridden in the postgresql::server class. +This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. #### Parameters @@ -123,7 +128,7 @@ The following parameters are available in the `postgresql::globals` class. Data type: `Any` - +Overrides the default PostgreSQL client package name. Default value: `undef` @@ -131,7 +136,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL server package name. Default value: `undef` @@ -139,7 +144,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL contrib package name. Default value: `undef` @@ -147,7 +152,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL devel package name. Default value: `undef` @@ -155,7 +160,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL java package name. Default value: `undef` @@ -163,7 +168,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL docs package name. Default value: `undef` @@ -171,7 +176,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL Perl package name. Default value: `undef` @@ -179,7 +184,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL PL/Perl package name. Default value: `undef` @@ -187,7 +192,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL PL/Python package name. Default value: `undef` @@ -195,7 +200,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL Python package name. Default value: `undef` @@ -203,7 +208,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL PostGIS package name. Default value: `undef` @@ -211,7 +216,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL service name. Default value: `undef` @@ -219,7 +224,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL service provider. Default value: `undef` @@ -227,7 +232,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default status check command for your PostgreSQL service. Default value: `undef` @@ -235,7 +240,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the default database to connect with. Default value: `undef` @@ -251,7 +256,7 @@ Default value: `undef` Data type: `Any` - +Path to the initdb command. Default value: `undef` @@ -259,7 +264,7 @@ Default value: `undef` Data type: `Any` - +Deprecated. Path to the createdb command. Default value: `undef` @@ -267,7 +272,7 @@ Default value: `undef` Data type: `Any` - +Sets the path to the psql command. Default value: `undef` @@ -275,7 +280,7 @@ Default value: `undef` Data type: `Any` - +Specifies the path to your pg_hba.conf file. Default value: `undef` @@ -283,7 +288,7 @@ Default value: `undef` Data type: `Any` - +Specifies the path to your pg_ident.conf file. Default value: `undef` @@ -291,7 +296,7 @@ Default value: `undef` Data type: `Any` - +Sets the path to your postgresql.conf file. Default value: `undef` @@ -299,7 +304,7 @@ Default value: `undef` Data type: `Any` - +Path to your recovery.conf file. Default value: `undef` @@ -315,7 +320,7 @@ Default value: {} Data type: `Any` - +Disables the defaults supplied with the module for pg_hba.conf if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic psql operations. Default value: `undef` @@ -323,7 +328,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL data directory for the target platform. Default value: `undef` @@ -331,7 +336,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL configuration directory for the target platform. Default value: `undef` @@ -339,7 +344,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL binaries directory for the target platform. Default value: `undef` @@ -347,7 +352,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL xlog directory. Default value: `undef` @@ -355,7 +360,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL log directory. Default value: `undef` @@ -363,7 +368,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL log prefix. Default value: `undef` @@ -371,7 +376,8 @@ Default value: `undef` Data type: `Any` - +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +Default value: 'postgres'. Default value: `undef` @@ -379,7 +385,7 @@ Default value: `undef` Data type: `Any` - +Overrides the default postgres user group to be used for related files in the file system. Default value: `undef` @@ -387,7 +393,7 @@ Default value: `undef` Data type: `Any` - +The version of PostgreSQL to install and manage. Default value: `undef` @@ -395,7 +401,7 @@ Default value: `undef` Data type: `Any` - +Defines the version of PostGIS to install, if you install PostGIS. Default value: `undef` @@ -403,7 +409,7 @@ Default value: `undef` Data type: `Any` - +Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. Default value: `undef` @@ -411,7 +417,7 @@ Default value: `undef` Data type: `Any` - +Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. Default value: `undef` @@ -419,7 +425,7 @@ Default value: `undef` Data type: `Any` - +Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. Default value: `undef` @@ -427,7 +433,7 @@ Default value: `undef` Data type: `Any` - +Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: `undef` @@ -435,7 +441,7 @@ Default value: `undef` Data type: `Any` - +Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: `undef` @@ -443,7 +449,8 @@ Default value: `undef` Data type: `Any` - +Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. Default value: `undef` @@ -451,7 +458,7 @@ Default value: `undef` Data type: `Any` - +Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. Default value: `undef` @@ -483,7 +490,7 @@ Default value: `undef` Data type: `Any` - +Sets up official PostgreSQL repositories on your host if set to true. Default value: `undef` @@ -491,7 +498,7 @@ Default value: `undef` Data type: `Any` - +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `undef` @@ -523,13 +530,15 @@ Default value: 'present' Data type: `Boolean` -Boolean. +Boolean. If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. Default value: $postgresql::params::link_pg_config ### postgresql::lib::docs -This class installs the postgresql-docs +Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. + +* **Note** Make sure to add any necessary yum or apt repositories if specifying a custom version. #### Parameters @@ -539,7 +548,7 @@ The following parameters are available in the `postgresql::lib::docs` class. Data type: `String` -String. +String. Specifies the name of the PostgreSQL docs package. Default value: $postgresql::params::docs_package_name @@ -547,7 +556,7 @@ Default value: $postgresql::params::docs_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent']. Whether the PostgreSQL docs package resource should be present. Default value: 'present' @@ -555,6 +564,8 @@ Default value: 'present' This class installs the postgresql jdbc connector. +* **Note** Make sure to add any necessary yum or apt repositories if specifying a custom version. + #### Parameters The following parameters are available in the `postgresql::lib::java` class. @@ -563,7 +574,7 @@ The following parameters are available in the `postgresql::lib::java` class. Data type: `String` -String. +String. Specifies the name of the PostgreSQL java package. Default value: $postgresql::params::java_package_name @@ -571,7 +582,7 @@ Default value: $postgresql::params::java_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent']. Specifies whether the package is present. Default value: 'present' @@ -587,7 +598,7 @@ The following parameters are available in the `postgresql::lib::perl` class. Data type: `String` -String. +String. Specifies the name of the PostgreSQL perl package to install. Default value: $postgresql::params::perl_package_name @@ -595,7 +606,7 @@ Default value: $postgresql::params::perl_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent']. Default value: 'present' @@ -611,7 +622,7 @@ The following parameters are available in the `postgresql::lib::python` class. Data type: `String[1]` -String. +String. The name of the PostgreSQL Python package. Default value: $postgresql::params::python_package_name @@ -619,7 +630,7 @@ Default value: $postgresql::params::python_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent'] Default value: 'present' @@ -643,7 +654,7 @@ The following parameters are available in the `postgresql::server` class. Data type: `Any` - +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. Default value: `undef` @@ -651,7 +662,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the package to use for installing the server software. Default value: $postgresql::params::server_package_name @@ -659,7 +670,7 @@ Default value: $postgresql::params::server_package_name Data type: `Any` - +Passes a value through to the package resource when creating the server instance. Default value: $postgresql::params::package_ensure @@ -667,7 +678,7 @@ Default value: $postgresql::params::package_ensure Data type: `Any` - +Sets the default package name for the PL/Perl extension. Default value: $postgresql::params::plperl_package_name @@ -675,7 +686,7 @@ Default value: $postgresql::params::plperl_package_name Data type: `Any` - +Sets the default package name for the PL/Python extension. Default value: $postgresql::params::plpython_package_name @@ -699,7 +710,7 @@ Default value: $postgresql::params::service_enable Data type: `Any` - +Defines whether or not Puppet should manage the service. Default value: $postgresql::params::service_manage @@ -707,7 +718,7 @@ Default value: $postgresql::params::service_manage Data type: `Any` - +Overrides the default PostgreSQL service name. Default value: $postgresql::params::service_name @@ -715,7 +726,7 @@ Default value: $postgresql::params::service_name Data type: `Any` - +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default value: $postgresql::params::service_restart_on_change @@ -723,7 +734,7 @@ Default value: $postgresql::params::service_restart_on_change Data type: `Any` - +Overrides the default PostgreSQL service provider. Default value: $postgresql::params::service_provider @@ -731,7 +742,7 @@ Default value: $postgresql::params::service_provider Data type: `Any` - +Overrides the default reload command for your PostgreSQL service. Default value: $postgresql::params::service_reload @@ -739,7 +750,7 @@ Default value: $postgresql::params::service_reload Data type: `Any` - +Overrides the default status check command for your PostgreSQL service. Default value: $postgresql::params::service_status @@ -747,7 +758,7 @@ Default value: $postgresql::params::service_status Data type: `Any` - +Specifies the name of the default database to connect with. On most systems this is 'postgres'. Default value: $postgresql::params::default_database @@ -755,7 +766,7 @@ Default value: $postgresql::params::default_database Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. Default value: $postgresql::globals::default_connect_settings @@ -771,7 +782,8 @@ Default value: $postgresql::params::listen_addresses Data type: `Any` - +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: $postgresql::params::port @@ -779,7 +791,8 @@ Default value: $postgresql::params::port Data type: `Any` - +Specifies the IP mask from which remote connections should be denied for the postgres superuser. +Default value: '0.0.0.0/0', which denies any remote connection. Default value: $postgresql::params::ip_mask_deny_postgres_user @@ -787,7 +800,9 @@ Default value: $postgresql::params::ip_mask_deny_postgres_user Data type: `Any` - +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Default value: '127.0.0.1/32'. Default value: $postgresql::params::ip_mask_allow_all_users @@ -795,7 +810,7 @@ Default value: $postgresql::params::ip_mask_allow_all_users Data type: `Any` - +Lists strings for access control for connection method, users, databases, IPv4 addresses; Default value: $postgresql::params::ipv4acls @@ -803,7 +818,7 @@ Default value: $postgresql::params::ipv4acls Data type: `Any` - +Lists strings for access control for connection method, users, databases, IPv6 addresses. Default value: $postgresql::params::ipv6acls @@ -811,7 +826,7 @@ Default value: $postgresql::params::ipv6acls Data type: `Any` - +Specifies the path to the initdb command. Default value: $postgresql::params::initdb_path @@ -819,7 +834,7 @@ Default value: $postgresql::params::initdb_path Data type: `Any` - +Deprecated. Specifies the path to the createdb command. Default value: $postgresql::params::createdb_path @@ -827,7 +842,7 @@ Default value: $postgresql::params::createdb_path Data type: `Any` - +Specifies the path to the psql command. Default value: $postgresql::params::psql_path @@ -835,7 +850,7 @@ Default value: $postgresql::params::psql_path Data type: `Any` - +Specifies the path to your pg_hba.conf file. Default value: $postgresql::params::pg_hba_conf_path @@ -843,7 +858,7 @@ Default value: $postgresql::params::pg_hba_conf_path Data type: `Any` - +Specifies the path to your pg_ident.conf file. Default value: $postgresql::params::pg_ident_conf_path @@ -851,7 +866,7 @@ Default value: $postgresql::params::pg_ident_conf_path Data type: `Any` - +Specifies the path to your postgresql.conf file. Default value: $postgresql::params::postgresql_conf_path @@ -899,7 +914,7 @@ Default value: $postgresql::params::log_line_prefix Data type: `Any` - +If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. Default value: $postgresql::params::pg_hba_conf_defaults @@ -907,7 +922,7 @@ Default value: $postgresql::params::pg_hba_conf_defaults Data type: `Any` - +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default value: $postgresql::params::user @@ -915,7 +930,7 @@ Default value: $postgresql::params::user Data type: `Any` - +Overrides the default postgres user group to be used for related files in the file system. Default value: $postgresql::params::group @@ -923,7 +938,7 @@ Default value: $postgresql::params::group Data type: `Any` - +Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. Default value: $postgresql::params::needs_initdb @@ -931,7 +946,7 @@ Default value: $postgresql::params::needs_initdb Data type: `Any` - +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: $postgresql::params::encoding @@ -939,7 +954,7 @@ Default value: $postgresql::params::encoding Data type: `Any` - +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. Default value: $postgresql::params::locale @@ -947,7 +962,8 @@ Default value: $postgresql::params::locale Data type: `Any` - +Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. Default value: $postgresql::params::data_checksums @@ -963,7 +979,7 @@ Default value: $postgresql::params::timezone Data type: `Any` - +Boolean. Whether to manage the pg_hba.conf. Default value: $postgresql::params::manage_pg_hba_conf @@ -971,7 +987,7 @@ Default value: $postgresql::params::manage_pg_hba_conf Data type: `Any` - +Boolean. Overwrites the pg_ident.conf file. Default value: $postgresql::params::manage_pg_ident_conf @@ -979,7 +995,7 @@ Default value: $postgresql::params::manage_pg_ident_conf Data type: `Any` - +Boolean. Specifies whether or not manage the recovery.conf. Default value: $postgresql::params::manage_recovery_conf @@ -995,7 +1011,7 @@ Default value: $postgresql::params::module_workdir Data type: `Hash[String, Hash]` - +Specifies a hash from which to generate postgresql::server::role resources. Default value: {} @@ -1003,7 +1019,7 @@ Default value: {} Data type: `Hash[String, Any]` - +Specifies a hash from which to generate postgresql::server::config_entry resources. Default value: {} @@ -1011,7 +1027,7 @@ Default value: {} Data type: `Hash[String, Hash]` - +Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. Default value: {} @@ -1035,7 +1051,7 @@ The following parameters are available in the `postgresql::server::contrib` clas Data type: `String` -String. +String. The name of the PostgreSQL contrib package. Default value: $postgresql::params::contrib_package_name @@ -1043,7 +1059,7 @@ Default value: $postgresql::params::contrib_package_name Data type: `String[1]` -String. Defaults to 'present'. +Enum['present','absent']. Defaults to 'present'. Default value: 'present' @@ -1059,7 +1075,7 @@ The following parameters are available in the `postgresql::server::plperl` class Data type: `Any` - +The ensure parameter passed on to PostgreSQL PL/Perl package resource. Default value: 'present' @@ -1067,7 +1083,7 @@ Default value: 'present' Data type: `Any` - +The name of the PostgreSQL PL/Perl package. Default value: $postgresql::server::plperl_package_name @@ -1083,7 +1099,7 @@ The following parameters are available in the `postgresql::server::plpython` cla Data type: `Any` - +Enum['present','absent']. Specifies whether the package is present. Default value: 'present' @@ -1091,7 +1107,7 @@ Default value: 'present' Data type: `Any` - +Specifies the name of the postgresql PL/Python package. Default value: $postgresql::server::plpython_package_name @@ -1133,7 +1149,7 @@ The following parameters are available in the `postgresql::server::config_entry` Data type: `Any` - +Removes an entry if set to 'absent'. Default value: 'present' @@ -1141,7 +1157,7 @@ Default value: 'present' Data type: `Any` - +Defines the value for the setting. Default value: `undef` @@ -1149,7 +1165,7 @@ Default value: `undef` Data type: `Any` -Boolean. Defaults to false. + Default value: `false` @@ -1173,7 +1189,7 @@ Default value: `undef` Data type: `Any` - +Sets the name of the database. Default value: $title @@ -1181,7 +1197,7 @@ Default value: $title Data type: `Any` - +Sets name of the database owner. Default value: `undef` @@ -1189,7 +1205,7 @@ Default value: `undef` Data type: `Any` - +Sets tablespace for where to create this database. Default value: `undef` @@ -1197,7 +1213,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the template database from which to build this database. Default value: 'template0'. Default value: 'template0' @@ -1205,7 +1221,7 @@ Default value: 'template0' Data type: `Any` - +Overrides the character set during creation of the database. Default value: $postgresql::server::encoding @@ -1213,7 +1229,7 @@ Default value: $postgresql::server::encoding Data type: `Any` - +Overrides the locale during creation of the database. Default value: $postgresql::server::locale @@ -1221,7 +1237,7 @@ Default value: $postgresql::server::locale Data type: `Any` - +Defines the database as a template if set to true. Default value: `false` @@ -1245,25 +1261,25 @@ The following parameters are available in the `postgresql::server::database_gran Data type: `Any` - +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. ##### `db` Data type: `Any` - +Specifies the database to which you are granting access. ##### `role` Data type: `Any` - +Specifies the role or user whom you are granting access to. ##### `ensure` Data type: `Any` - +Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. Default value: `undef` @@ -1271,7 +1287,7 @@ Default value: `undef` Data type: `Any` - +Defines the database to execute the grant against. This should not ordinarily be changed from the default Default value: `undef` @@ -1279,7 +1295,7 @@ Default value: `undef` Data type: `Any` - +Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. Default value: `undef` @@ -1287,7 +1303,7 @@ Default value: `undef` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: `undef` @@ -1303,19 +1319,19 @@ The following parameters are available in the `postgresql::server::db` defined t Data type: `Any` - +User to create and assign access to the database upon creation. Mandatory. ##### `password` Data type: `Any` - +Required Sets the password for the created user. ##### `comment` Data type: `Any` - +Defines a comment to be stored about the database using the PostgreSQL COMMENT command. Default value: `undef` @@ -1323,7 +1339,7 @@ Default value: `undef` Data type: `Any` - +Sets the name of the database to be created. Default value: $title @@ -1331,7 +1347,7 @@ Default value: $title Data type: `Any` - +Overrides the character set during creation of the database. Default value: $postgresql::server::encoding @@ -1339,7 +1355,7 @@ Default value: $postgresql::server::encoding Data type: `Any` - +Overrides the locale during creation of the database. Default value: $postgresql::server::locale @@ -1347,7 +1363,7 @@ Default value: $postgresql::server::locale Data type: `Any` - +Specifies the permissions to grant during creation. Default value: 'ALL'. Default value: 'ALL' @@ -1355,7 +1371,7 @@ Default value: 'ALL' Data type: `Any` - +Defines the name of the tablespace to allocate the created database to. Default value: `undef` @@ -1363,7 +1379,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the template database from which to build this database. Defaults value: template0. Default value: 'template0' @@ -1371,7 +1387,7 @@ Default value: 'template0' Data type: `Any` - +Specifies that the database is a template, if set to true. Default value: `false` @@ -1379,7 +1395,7 @@ Default value: `false` Data type: `Any` - +Sets a user as the owner of the database. Default value: `undef` @@ -1395,13 +1411,13 @@ The following parameters are available in the `postgresql::server::extension` de Data type: `Any` - +Specifies the database on which to activate the extension. ##### `extension` Data type: `Any` - +Specifies the extension to activate. If left blank, uses the name of the resource. Default value: $name @@ -1409,7 +1425,7 @@ Default value: $name Data type: `Optional[String[1]]` - +Specifies the schema on which to activate the extension. Default value: `undef` @@ -1417,7 +1433,12 @@ Default value: `undef` Data type: `Optional[String[1]]` - +Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change the effective version in each database. +This needs be updated using the PostgreSQL-specific SQL ALTER EXTENSION... +version may be set to latest, in which case the SQL ALTER EXTENSION "extension" UPDATE is applied to this database (only). +version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' +eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. +version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. Default value: `undef` @@ -1425,7 +1446,7 @@ Default value: `undef` Data type: `String[1]` - +Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. Default value: 'present' @@ -1433,7 +1454,7 @@ Default value: 'present' Data type: `Any` - +Specifies a package to install prior to activating the extension. Default value: `undef` @@ -1441,7 +1462,7 @@ Default value: `undef` Data type: `Any` - +Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. Default value: `undef` @@ -1465,19 +1486,19 @@ The following parameters are available in the `postgresql::server::grant` define Data type: `String` - +Specifies the role or user whom you are granting access to. ##### `db` Data type: `String` - +Specifies the database to which you are granting access. ##### `privilege` Data type: `String` - +Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. Default value: '' @@ -1499,7 +1520,7 @@ Data type: `Pattern[#/(?i:^COLUMN$)/, #/(?i:^VIEW$)/ ]` - +Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. Default value: 'database' @@ -1510,7 +1531,7 @@ Data type: `Optional[Variant[ String[1]] ]` - +Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] Default value: `undef` @@ -1518,7 +1539,7 @@ Default value: `undef` Data type: `String` - +Specifies the database to execute the grant against. This should not ordinarily be changed from the default Default value: $postgresql::server::default_database @@ -1526,7 +1547,7 @@ Default value: $postgresql::server::default_database Data type: `String` - +Sets the OS user to run psql. Default value: $postgresql::server::user @@ -1534,7 +1555,7 @@ Default value: $postgresql::server::user Data type: `Integer` - +Port to use when connecting. Default value: $postgresql::server::port @@ -1560,7 +1581,7 @@ Data type: `Enum['present', 'absent' ]` - +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. Default value: 'present' @@ -1576,13 +1597,13 @@ The following parameters are available in the `postgresql::server::grant_role` d Data type: `String[1]` - +Specifies the group role to which you are assigning a role. ##### `role` Data type: `String[1]` - +Specifies the role you want to assign to a group. If left blank, uses the name of the resource. Default value: $name @@ -1590,7 +1611,7 @@ Default value: $name Data type: `Enum['present', 'absent']` - +Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'. Default value: 'present' @@ -1598,7 +1619,7 @@ Default value: 'present' Data type: `Any` - +Specifies the database to execute the grant against. This should not ordinarily be changed from the default Default value: $postgresql::server::default_database @@ -1606,7 +1627,7 @@ Default value: $postgresql::server::default_database Data type: `Any` - +Sets the OS user to run psql. Default value: $postgresql::server::user @@ -1614,7 +1635,7 @@ Default value: $postgresql::server::user Data type: `Any` - +Port to use when connecting. Default value: $postgresql::server::port @@ -1622,7 +1643,7 @@ Default value: $postgresql::server::port Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -1638,31 +1659,32 @@ The following parameters are available in the `postgresql::server::pg_hba_rule` Data type: `Enum['local', 'host', 'hostssl', 'hostnossl']` +Sets the type of rule. Enum['local','host','hostssl','hostnossl']. ##### `database` Data type: `String` - +Sets a comma-separated list of databases that this rule matches. ##### `user` Data type: `String` - +Sets a comma-separated list of users that this rule matches. ##### `auth_method` Data type: `String` - +Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. ##### `address` Data type: `Optional[String]` - +Sets a CIDR based address for this rule matching when the type is not 'local'. Default value: `undef` @@ -1670,7 +1692,7 @@ Default value: `undef` Data type: `String` - +Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. Default value: 'none' @@ -1678,7 +1700,7 @@ Default value: 'none' Data type: `Optional[String]` - +For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. Default value: `undef` @@ -1686,7 +1708,7 @@ Default value: `undef` Data type: `Variant[String, Integer]` - +Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. Default value: 150 @@ -1694,7 +1716,7 @@ Default value: 150 Data type: `Stdlib::Absolutepath` - +Provides the target for the rule, and is generally an internal only property. Use with caution. Default value: $postgresql::server::pg_hba_conf_path @@ -1702,7 +1724,7 @@ Default value: $postgresql::server::pg_hba_conf_path Data type: `String` - +Manages pg_hba.conf without managing the entire PostgreSQL instance. Default value: $postgresql::server::_version @@ -1718,25 +1740,25 @@ The following parameters are available in the `postgresql::server::pg_ident_rule Data type: `Any` - +Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. ##### `system_username` Data type: `Any` - +Specifies the operating system user name (the user name used to connect to the database). ##### `database_username` Data type: `Any` - +Specifies the user name of the database user. The system_username is mapped to this user name. ##### `description` Data type: `Any` - +Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. Default value: 'none' @@ -1744,7 +1766,7 @@ Default value: 'none' Data type: `Any` - +Defines an order for placing the mapping in pg_ident.conf. Default value: 150. Default value: '150' @@ -1752,7 +1774,7 @@ Default value: '150' Data type: `Any` - +Provides the target for the rule and is generally an internal only property. Use with caution. Default value: $postgresql::server::pg_ident_conf_path @@ -1770,25 +1792,25 @@ The following parameters are available in the `postgresql::server::reassign_owne Data type: `String` - +Specifies the role or user who is the current owner of the objects in the specified db ##### `new_role` Data type: `String` - +Specifies the role or user who will be the new owner of these objects ##### `db` Data type: `String` - +Specifies the database to which the 'REASSIGN OWNED' will be applied ##### `psql_user` Data type: `String` - +Specifies the OS user for running psql. Default value: $postgresql::server::user @@ -1796,7 +1818,7 @@ Default value: $postgresql::server::user Data type: `Integer` - +Port to use when connecting. Default value: $postgresql::server::port @@ -1804,7 +1826,7 @@ Default value: $postgresql::server::port Data type: `Hash` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -1812,6 +1834,11 @@ Default value: $postgresql::server::default_connect_settings This resource manages the parameters that applies to the recovery.conf template. +* **Note** Allows you to create the content for recovery.conf. For more details see the usage example and the PostgreSQL documentation. +Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and recovery_min_apply_delay. +A detailed description of all listed parameters can be found in the PostgreSQL documentation. +Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true. + #### Parameters The following parameters are available in the `postgresql::server::recovery` defined type. @@ -1900,7 +1927,7 @@ Default value: `undef` Data type: `Any` - +Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). Default value: `undef` @@ -1940,7 +1967,7 @@ Default value: `undef` Data type: `Any` - +Provides the target for the rule, and is generally an internal only property. Use with caution. Default value: $postgresql::server::recovery_conf_path @@ -1956,7 +1983,7 @@ The following parameters are available in the `postgresql::server::role` defined Data type: `Any` - +If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. Default value: `true` @@ -1964,7 +1991,7 @@ Default value: `true` Data type: `Any` - +Sets the hash to use during password creation. Default value: `false` @@ -1972,7 +1999,7 @@ Default value: `false` Data type: `Any` - +Specifies whether to grant the ability to create new databases with this role. Default value: `false` @@ -1980,7 +2007,7 @@ Default value: `false` Data type: `Any` - +Specifies whether to grant the ability to create new roles with this role. Default value: `false` @@ -2004,7 +2031,7 @@ Default value: `undef` Data type: `Any` - +Specifies whether to grant login capability for the new role. Default value: `true` @@ -2012,7 +2039,7 @@ Default value: `true` Data type: `Any` - +Specifies whether to grant inherit capability for the new role. Default value: `true` @@ -2020,7 +2047,7 @@ Default value: `true` Data type: `Any` - +Specifies whether to grant super user capability for the new role. Default value: `false` @@ -2028,7 +2055,7 @@ Default value: `false` Data type: `Any` - +Provides provides replication capabilities for this role if set to true. Default value: `false` @@ -2036,7 +2063,7 @@ Default value: `false` Data type: `Any` - +Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. Default value: '-1' @@ -2044,7 +2071,7 @@ Default value: '-1' Data type: `Any` - +Defines the username of the role to create. Default value: $title @@ -2052,7 +2079,7 @@ Default value: $title Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -2060,7 +2087,7 @@ Default value: $postgresql::server::default_connect_settings Data type: `Enum['present', 'absent']` - +Specify whether to create or drop the role. Specifying 'present' creates the role. Specifying 'absent' drops the role. Default value: 'present' @@ -2088,7 +2115,7 @@ The following parameters are available in the `postgresql::server::schema` defin Data type: `Any` - +Required. Sets the name of the database in which to create this schema. Default value: $postgresql::server::default_database @@ -2096,7 +2123,7 @@ Default value: $postgresql::server::default_database Data type: `Any` - +Sets the default owner of the schema. Default value: `undef` @@ -2104,7 +2131,7 @@ Default value: `undef` Data type: `Any` - +Sets the name of the schema. Default value: $title @@ -2128,31 +2155,31 @@ The following parameters are available in the `postgresql::server::table_grant` Data type: `Any` - +Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. ##### `table` Data type: `Any` - +Specifies the table to which you are granting access. ##### `db` Data type: `Any` - +Specifies which database the table is in. ##### `role` Data type: `Any` - +Specifies the role or user to whom you are granting access. ##### `ensure` Data type: `Any` - +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Default value: `undef` @@ -2168,7 +2195,7 @@ Default value: `undef` Data type: `Any` - +Specifies the database to execute the grant against. This should not ordinarily be changed from the default. Default value: `undef` @@ -2176,7 +2203,7 @@ Default value: `undef` Data type: `Any` - +Specifies the OS user for running psql. Default value: `undef` @@ -2184,7 +2211,7 @@ Default value: `undef` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: `undef` @@ -2208,13 +2235,13 @@ The following parameters are available in the `postgresql::server::tablespace` d Data type: `Any` - +Specifies the path to locate this tablespace. ##### `owner` Data type: `Any` - +Specifies the default owner of the tablespace. Default value: `undef` @@ -2222,7 +2249,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the tablespace. Default value: $title diff --git a/manifests/client.pp b/manifests/client.pp index d0c807b6c8..add450f3de 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,4 +1,7 @@ -# @summary Install client cli tool. +# @summary Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. +# +# @note +# Make sure to add any necessary yum or apt repositories if specifying a custom version. # # @param file_ensure # Enum['file','absent']. @@ -7,10 +10,10 @@ # Optional. Absolute path for the postgresql connection validation script. # # @param package_name -# String. Client package name. +# String. Sets the name of the PostgreSQL client package. # -# @param package_ensure -# String. Defaults to 'present'. +# @param package_ensure +# Enum['present','absent']. # # class postgresql::client ( diff --git a/manifests/globals.pp b/manifests/globals.pp index fb7f550e67..93097986c1 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,63 +1,79 @@ # @summary Class for setting cross-class global overrides. # -# @param client_package_name -# @param server_package_name -# @param contrib_package_name -# @param devel_package_name -# @param java_package_name -# @param docs_package_name -# @param perl_package_name -# @param plperl_package_name -# @param plpython_package_name -# @param python_package_name -# @param postgis_package_name -# -# @param service_name -# @param service_provider -# @param service_status -# @param default_database +# @note +# Most server-specific defaults should be overridden in the postgresql::server class. +# This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. +# +# +# @param client_package_name Overrides the default PostgreSQL client package name. +# @param server_package_name Overrides the default PostgreSQL server package name. +# @param contrib_package_name Overrides the default PostgreSQL contrib package name. +# @param devel_package_name Overrides the default PostgreSQL devel package name. +# @param java_package_name Overrides the default PostgreSQL java package name. +# @param docs_package_name Overrides the default PostgreSQL docs package name. +# @param perl_package_name Overrides the default PostgreSQL Perl package name. +# @param plperl_package_name Overrides the default PostgreSQL PL/Perl package name. +# @param plpython_package_name Overrides the default PostgreSQL PL/Python package name. +# @param python_package_name Overrides the default PostgreSQL Python package name. +# @param postgis_package_name Overrides the default PostgreSQL PostGIS package name. +# +# @param service_name Overrides the default PostgreSQL service name. +# @param service_provider Overrides the default PostgreSQL service provider. +# @param service_status Overrides the default status check command for your PostgreSQL service. +# @param default_database Specifies the name of the default database to connect with. # # @param validcon_script_path # -# @param initdb_path -# @param createdb_path -# @param psql_path -# @param pg_hba_conf_path -# @param pg_ident_conf_path -# @param postgresql_conf_path -# @param recovery_conf_path +# @param initdb_path Path to the initdb command. +# @param createdb_path Deprecated. Path to the createdb command. +# @param psql_path Sets the path to the psql command. +# @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. +# @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. +# @param postgresql_conf_path Sets the path to your postgresql.conf file. +# @param recovery_conf_path Path to your recovery.conf file. # @param default_connect_settings # -# @param pg_hba_conf_defaults +# @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic psql operations. +# +# @param datadir Overrides the default PostgreSQL data directory for the target platform. +# +# @note Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). +# @note Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original +# +# @param confdir Overrides the default PostgreSQL configuration directory for the target platform. +# @param bindir Overrides the default PostgreSQL binaries directory for the target platform. +# @param xlogdir Overrides the default PostgreSQL xlog directory. +# @param logdir Overrides the default PostgreSQL log directory. +# @param log_line_prefix Overrides the default PostgreSQL log prefix. # -# @param datadir -# @param confdir -# @param bindir -# @param xlogdir -# @param logdir -# @param log_line_prefix +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# Default value: 'postgres'. +# @param group Overrides the default postgres user group to be used for related files in the file system. # -# @param user -# @param group +# @param version The version of PostgreSQL to install and manage. +# @param postgis_version Defines the version of PostGIS to install, if you install PostGIS. +# @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. +# Debian is currently not supported. # -# @param version -# @param postgis_version -# @param repo_proxy -# @param repo_baseurl +# @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. # -# @param needs_initdb +# @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. # -# @param encoding -# @param locale -# @param data_checksums -# @param timezone +# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param locale Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @note On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. +# @param data_checksums +# Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +# +# @param timezone Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # # @param manage_pg_hba_conf # @param manage_pg_ident_conf # @param manage_recovery_conf # -# @param manage_package_repo -# @param module_workdir +# @param manage_package_repo Sets up official PostgreSQL repositories on your host if set to true. +# @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. # # class postgresql::globals ( diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 139e60574f..103a1f7a93 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -5,7 +5,7 @@ # @param package_ensure # String. Defaults to 'present'. # @param link_pg_config -# Boolean. +# Boolean. If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. # # class postgresql::lib::devel( diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 06caf36117..a8c78bc85f 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,9 +1,12 @@ -# @summary This class installs the postgresql-docs +# @summary Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +# +# @note +# Make sure to add any necessary yum or apt repositories if specifying a custom version. # # @param package_name -# String. +# String. Specifies the name of the PostgreSQL docs package. # @param package_ensure -# String. Defaults to 'present'. +# Enum['present','absent']. Whether the PostgreSQL docs package resource should be present. # # class postgresql::lib::docs ( diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index d4d4c1a327..1893684453 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -1,9 +1,12 @@ # @summary This class installs the postgresql jdbc connector. # +# @note +# Make sure to add any necessary yum or apt repositories if specifying a custom version. +# # @param package_name -# String. +# String. Specifies the name of the PostgreSQL java package. # @param package_ensure -# String. Defaults to 'present'. +# Enum['present','absent']. Specifies whether the package is present. # class postgresql::lib::java ( String $package_name = $postgresql::params::java_package_name, diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 88f4aba360..77111b6395 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -1,9 +1,9 @@ # @summary This class installs the perl libs for postgresql. # # @param package_name -# String. +# String. Specifies the name of the PostgreSQL perl package to install. # @param package_ensure -# String. Defaults to 'present'. +# Enum['present','absent']. # class postgresql::lib::perl( String $package_name = $postgresql::params::perl_package_name, diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 2564bb2dff..c72aab7bd8 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -1,9 +1,9 @@ # @summary This class installs the python libs for postgresql. # # @param package_name -# String. +# String. The name of the PostgreSQL Python package. # @param package_ensure -# String. Defaults to 'present'. +# Enum['present','absent'] # class postgresql::lib::python( String[1] $package_name = $postgresql::params::python_package_name, diff --git a/manifests/server.pp b/manifests/server.pp index fb6dbe89b5..b363fc735d 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,35 +1,43 @@ # @summary This installs a PostgreSQL server # -# @param postgres_password -# @param package_name -# @param package_ensure +# @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. +# @param package_name Specifies the name of the package to use for installing the server software. +# @param package_ensure Passes a value through to the package resource when creating the server instance. # -# @param plperl_package_name -# @param plpython_package_name +# @param plperl_package_name Sets the default package name for the PL/Perl extension. +# @param plpython_package_name Sets the default package name for the PL/Python extension. # # @param service_ensure # @param service_enable -# @param service_manage -# @param service_name -# @param service_restart_on_change -# @param service_provider -# @param service_reload -# @param service_status -# @param default_database -# @param default_connect_settings +# @param service_manage Defines whether or not Puppet should manage the service. +# @param service_name Overrides the default PostgreSQL service name. +# @param service_restart_on_change Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. +# @param service_provider Overrides the default PostgreSQL service provider. +# @param service_reload Overrides the default reload command for your PostgreSQL service. +# @param service_status Overrides the default status check command for your PostgreSQL service. +# @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. +# @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +# # @param listen_addresses -# @param port -# @param ip_mask_deny_postgres_user -# @param ip_mask_allow_all_users -# @param ipv4acls -# @param ipv6acls -# -# @param initdb_path -# @param createdb_path -# @param psql_path -# @param pg_hba_conf_path -# @param pg_ident_conf_path -# @param postgresql_conf_path +# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +# +# @param ip_mask_deny_postgres_user Specifies the IP mask from which remote connections should be denied for the postgres superuser. +# Default value: '0.0.0.0/0', which denies any remote connection. +# +# @param ip_mask_allow_all_users Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +# Default value: '127.0.0.1/32'. +# +# @param ipv4acls Lists strings for access control for connection method, users, databases, IPv4 addresses; +# @param ipv6acls Lists strings for access control for connection method, users, databases, IPv6 addresses. +# +# @param initdb_path Specifies the path to the initdb command. +# @param createdb_path Deprecated. Specifies the path to the createdb command. +# @param psql_path Specifies the path to the psql command. +# @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. +# @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. +# @param postgresql_conf_path Specifies the path to your postgresql.conf file. # @param recovery_conf_path # # @param datadir @@ -38,26 +46,28 @@ # # @param log_line_prefix # -# @param pg_hba_conf_defaults +# @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +# +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. # -# @param user -# @param group +# @param needs_initdb Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. # -# @param needs_initdb +# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param locale Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. +# @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. # -# @param encoding -# @param locale -# @param data_checksums # @param timezone # -# @param manage_pg_hba_conf -# @param manage_pg_ident_conf -# @param manage_recovery_conf +# @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. +# @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. +# @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. # @param module_workdir # -# @param roles -# @param config_entries -# @param pg_hba_rules +# @param roles Specifies a hash from which to generate postgresql::server::role resources. +# @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. +# @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. # # @param version # diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index bec57012c2..3d95a00475 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -1,9 +1,8 @@ # @summary Manage a postgresql.conf entry. # -# @param ensure -# @param value +# @param ensure Removes an entry if set to 'absent'. +# @param value Defines the value for the setting. # @param path -# Boolean. Defaults to false. # define postgresql::server::config_entry ( $ensure = 'present', diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 72975720c9..778491f82a 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,9 +1,9 @@ # @summary Install the contrib postgresql packaging. # # @param package_name -# String. +# String. The name of the PostgreSQL contrib package. # @param package_ensure -# String. Defaults to 'present'. +# Enum['present','absent']. Defaults to 'present'. # # class postgresql::server::contrib ( diff --git a/manifests/server/database.pp b/manifests/server/database.pp index e930b79bc9..5d60e17d8f 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -1,13 +1,13 @@ # @summary Define for creating a database. # # @param comment -# @param dbname -# @param owner -# @param tablespace -# @param template -# @param encoding -# @param locale -# @param istemplate +# @param dbname Sets the name of the database. +# @param owner Sets name of the database owner. +# @param tablespace Sets tablespace for where to create this database. +# @param template Specifies the name of the template database from which to build this database. Default value: 'template0'. +# @param encoding Overrides the character set during creation of the database. +# @param locale Overrides the locale during creation of the database. +# @param istemplate Defines the database as a template if set to true. # @param connect_settings # define postgresql::server::database( diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index aa2ed2ea2c..a8a3f86201 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -1,12 +1,12 @@ # @summary Manage a database grant. # -# @param privilege -# @param db -# @param role -# @param ensure -# @param psql_db -# @param psql_user -# @param connect_settings +# @param privilege Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. +# @param db Specifies the database to which you are granting access. +# @param role Specifies the role or user whom you are granting access to. +# @param ensure Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. +# @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default +# @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # define postgresql::server::database_grant( $privilege, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index f2c105192d..c624fb5592 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,16 +1,16 @@ # @ summary Define for conveniently creating a role, database and assigning the correctpermissions. # -# @param user -# @param password -# @param comment -# @param dbname -# @param encoding -# @param locale -# @param grant -# @param tablespace -# @param template -# @param istemplate -# @param owner +# @param user User to create and assign access to the database upon creation. Mandatory. +# @param password Required Sets the password for the created user. +# @param comment Defines a comment to be stored about the database using the PostgreSQL COMMENT command. +# @param dbname Sets the name of the database to be created. +# @param encoding Overrides the character set during creation of the database. +# @param locale Overrides the locale during creation of the database. +# @param grant Specifies the permissions to grant during creation. Default value: 'ALL'. +# @param tablespace Defines the name of the tablespace to allocate the created database to. +# @param template Specifies the name of the template database from which to build this database. Defaults value: template0. +# @param istemplate Specifies that the database is a template, if set to true. +# @param owner Sets a user as the owner of the database. # # define postgresql::server::db ( diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 6943c92114..d9b494b292 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -1,13 +1,19 @@ # @summary Activate an extension on a postgresql database. # -# @param database -# @param extension -# @param schema -# @param version -# @param ensure -# @param package_name -# @param package_ensure -# @param connect_settings +# @param database Specifies the database on which to activate the extension. +# @param extension Specifies the extension to activate. If left blank, uses the name of the resource. +# @param schema Specifies the schema on which to activate the extension. +# @param version Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change the effective version in each database. +# This needs be updated using the PostgreSQL-specific SQL ALTER EXTENSION... +# version may be set to latest, in which case the SQL ALTER EXTENSION "extension" UPDATE is applied to this database (only). +# version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' +# eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. +# version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. +# +# @param ensure Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. +# @param package_name Specifies a package to install prior to activating the extension. +# @param package_ensure Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. +# @param connect_settings # define postgresql::server::extension ( $database, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index c2afb82bcd..a6a4f098db 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -1,16 +1,16 @@ # @summary Define for granting permissions to roles. # -# @param role -# @param db -# @param privilege -# @param object_type -# @param object_name -# @param psql_db -# @param psql_user -# @param port +# @param role Specifies the role or user whom you are granting access to. +# @param db Specifies the database to which you are granting access. +# @param privilege Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. +# @param object_type Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. +# @param object_name Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] +# @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default +# @param psql_user Sets the OS user to run psql. +# @param port Port to use when connecting. # @param onlyif_exists # @param connect_settings -# @param ensure +# @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. # define postgresql::server::grant ( String $role, diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 6439282d41..60fdec1016 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -1,12 +1,12 @@ # @summary Define for granting membership to a role. # -# @param group -# @param role -# @param ensure -# @param psql_db -# @param psql_user -# @param port -# @param connect_settings +# @param group Specifies the group role to which you are assigning a role. +# @param role Specifies the role you want to assign to a group. If left blank, uses the name of the resource. +# @param ensure Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'. +# @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default +# @param psql_user Sets the OS user to run psql. +# @param port Port to use when connecting. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # define postgresql::server::grant_role ( String[1] $group, diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 07ff5bdba5..db14e877f0 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,16 +1,16 @@ # @summary This resource manages an individual rule that applies to the file defined in target. # -# @param type +# @param type Sets the type of rule. # Enum['local','host','hostssl','hostnossl']. -# @param database -# @param user -# @param auth_method -# @param address -# @param description -# @param auth_option -# @param order -# @param target -# @param postgresql_version +# @param database Sets a comma-separated list of databases that this rule matches. +# @param user Sets a comma-separated list of users that this rule matches. +# @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. +# @param address Sets a CIDR based address for this rule matching when the type is not 'local'. +# @param description Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. +# @param auth_option For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. +# @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. +# @param target Provides the target for the rule, and is generally an internal only property. Use with caution. +# @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. # define postgresql::server::pg_hba_rule( Enum['local', 'host', 'hostssl', 'hostnossl'] $type, diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 508ae8ef29..4fdb75c9f0 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -1,11 +1,11 @@ # @summary This resource manages an individual rule that applies to the file defined in target. # -# @param map_name -# @param system_username -# @param database_username -# @param description -# @param order -# @param target +# @param map_name Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. +# @param system_username Specifies the operating system user name (the user name used to connect to the database). +# @param database_username Specifies the user name of the database user. The system_username is mapped to this user name. +# @param description Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. +# @param order Defines an order for placing the mapping in pg_ident.conf. Default value: 150. +# @param target Provides the target for the rule and is generally an internal only property. Use with caution. # define postgresql::server::pg_ident_rule( $map_name, diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index ba311c31d2..59502bbf9e 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -1,7 +1,7 @@ # @summary This class installs the PL/Perl procedural language for postgresql. # -# @param package_ensure -# @param package_name +# @param package_ensure The ensure parameter passed on to PostgreSQL PL/Perl package resource. +# @param package_name The name of the PostgreSQL PL/Perl package. # class postgresql::server::plperl( $package_ensure = 'present', diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index c560229137..ecdc087ab2 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -1,7 +1,9 @@ # @summary This class installs the PL/Python procedural language for postgresql. # -# @param package_ensure +# @param package_ensure +# Enum['present','absent']. Specifies whether the package is present. # @param package_name +# Specifies the name of the postgresql PL/Python package. # class postgresql::server::plpython( $package_ensure = 'present', diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index e307174333..a35800aed7 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -2,12 +2,12 @@ # @note # This enables us to force the a particular ownership for objects within a database # -# @param old_role -# @param new_role -# @param db -# @param psql_user -# @param port -# @param connect_settings +# @param old_role Specifies the role or user who is the current owner of the objects in the specified db +# @param new_role Specifies the role or user who will be the new owner of these objects +# @param db Specifies the database to which the 'REASSIGN OWNED' will be applied +# @param psql_user Specifies the OS user for running psql. +# @param port Port to use when connecting. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # define postgresql::server::reassign_owned_by ( String $old_role, diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index daba2a65f0..2e3e3a29f3 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -1,5 +1,11 @@ # @summary This resource manages the parameters that applies to the recovery.conf template. # +# @note +# Allows you to create the content for recovery.conf. For more details see the usage example and the PostgreSQL documentation. +# Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and recovery_min_apply_delay. +# A detailed description of all listed parameters can be found in the PostgreSQL documentation. +# Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true. +# # @param restore_command # @param archive_cleanup_command # @param recovery_end_command @@ -10,12 +16,12 @@ # @param recovery_target # @param recovery_target_timeline # @param pause_at_recovery_target -# @param standby_mode +# @param standby_mode Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). # @param primary_conninfo # @param primary_slot_name # @param trigger_file # @param recovery_min_apply_delay -# @param target +# @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # define postgresql::server::recovery( $restore_command = undef, diff --git a/manifests/server/role.pp b/manifests/server/role.pp index d995198d5b..4e6d5308c0 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -1,19 +1,19 @@ # @summary Define for creating a database role. # -# @param update_password -# @param password_hash -# @param createdb -# @param createrole +# @param update_password If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. +# @param password_hash Sets the hash to use during password creation. +# @param createdb Specifies whether to grant the ability to create new databases with this role. +# @param createrole Specifies whether to grant the ability to create new roles with this role. # @param db # @param port -# @param login -# @param inherit -# @param superuser -# @param replication -# @param connection_limit -# @param username -# @param connect_settings -# @param ensure +# @param login Specifies whether to grant login capability for the new role. +# @param inherit Specifies whether to grant inherit capability for the new role. +# @param superuser Specifies whether to grant super user capability for the new role. +# @param replication Provides provides replication capabilities for this role if set to true. +# @param connection_limit Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. +# @param username Defines the username of the role to create. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param ensure Specify whether to create or drop the role. Specifying 'present' creates the role. Specifying 'absent' drops the role. # define postgresql::server::role( $update_password = true, diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 4fdd2e03d6..3681bec999 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -4,9 +4,9 @@ # @note # The database must exist and the PostgreSQL user should have enough privileges # -# @param db -# @param owner -# @param schema +# @param db Required. Sets the name of the database in which to create this schema. +# @param owner Sets the default owner of the schema. +# @param schema Sets the name of the schema. # @param connect_settings # # diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 37578bb8c0..58af37e68d 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -1,14 +1,14 @@ # @summary This resource wraps the grant resource to manage table grants specifically. # -# @param privilege -# @param table -# @param db -# @param role -# @param ensure +# @param privilege Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. +# @param table Specifies the table to which you are granting access. +# @param db Specifies which database the table is in. +# @param role Specifies the role or user to whom you are granting access. +# @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. # @param port -# @param psql_db -# @param psql_user -# @param connect_settings +# @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default. +# @param psql_user Specifies the OS user for running psql. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists # define postgresql::server::table_grant( diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 1e12cf82bc..afe0e9c99f 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -1,8 +1,8 @@ # @summary This module creates tablespace. # -# @param location -# @param owner -# @param spcname +# @param location Specifies the path to locate this tablespace. +# @param owner Specifies the default owner of the tablespace. +# @param spcname Specifies the name of the tablespace. # @param connect_settings # define postgresql::server::tablespace( From 330e537c748feff36fb8f32f573865f1047d0a99 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 7 May 2019 16:07:34 +0300 Subject: [PATCH 0410/1000] Fix after review --- REFERENCE.md | 43 +++++++++++++++------------ lib/puppet/type/postgresql_psql.rb | 24 +++++++-------- manifests/client.pp | 5 ---- manifests/globals.pp | 11 ++++--- manifests/server/contrib.pp | 4 +-- manifests/server/database.pp | 5 ++-- manifests/server/database_grant.pp | 1 - manifests/server/db.pp | 2 -- manifests/server/extension.pp | 3 +- manifests/server/grant.pp | 1 - manifests/server/grant_role.pp | 1 - manifests/server/pg_hba_rule.pp | 1 - manifests/server/pg_ident_rule.pp | 1 - manifests/server/plperl.pp | 1 - manifests/server/plpython.pp | 1 - manifests/server/postgis.pp | 5 ++-- manifests/server/reassign_owned_by.pp | 1 - manifests/server/recovery.pp | 3 +- manifests/server/role.pp | 5 ++-- manifests/server/schema.pp | 6 +--- manifests/server/table_grant.pp | 3 +- manifests/server/tablespace.pp | 3 +- 22 files changed, 53 insertions(+), 77 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 4520ecd0ad..2cf72321c7 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -248,7 +248,7 @@ Default value: `undef` Data type: `Any` - +Scipt path for the connection validation check. Default value: `undef` @@ -312,7 +312,7 @@ Default value: `undef` Data type: `Any` - +Default connection settings. Default value: {} @@ -377,7 +377,6 @@ Default value: `undef` Data type: `Any` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: 'postgres'. Default value: `undef` @@ -466,7 +465,7 @@ Default value: `undef` Data type: `Any` - +Allow Puppet to manage the pg_hba.conf file. Default value: `undef` @@ -474,7 +473,7 @@ Default value: `undef` Data type: `Any` - +Allow Puppet to manage the pg_ident.conf file. Default value: `undef` @@ -482,7 +481,7 @@ Default value: `undef` Data type: `Any` - +Allow Puppet to manage the recovery.conf file. Default value: `undef` @@ -1059,7 +1058,7 @@ Default value: $postgresql::params::contrib_package_name Data type: `String[1]` -Enum['present','absent']. Defaults to 'present'. +Enum['present','absent']. Default value: 'present' @@ -1123,7 +1122,7 @@ The following parameters are available in the `postgresql::server::postgis` clas Data type: `String` - +Sets the package name. Default value: $postgresql::params::postgis_package_name @@ -1131,7 +1130,7 @@ Default value: $postgresql::params::postgis_package_name Data type: `String[1]` - +Specifies if the package is present or not. Default value: 'present' @@ -1181,7 +1180,7 @@ The following parameters are available in the `postgresql::server::database` def Data type: `Any` - +Sets a comment on the database. Default value: `undef` @@ -1245,7 +1244,7 @@ Default value: `false` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -1470,7 +1469,7 @@ Default value: `undef` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -2015,7 +2014,7 @@ Default value: `false` Data type: `Any` - +Database used to connect to. Default value: $postgresql::server::default_database @@ -2023,7 +2022,7 @@ Default value: $postgresql::server::default_database Data type: `Any` - +Port to use when connecting. Default value: `undef` @@ -2139,7 +2138,7 @@ Default value: $title Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -2187,7 +2186,7 @@ Default value: `undef` Data type: `Any` - +Port to use when connecting. Default value: `undef` @@ -2257,7 +2256,7 @@ Default value: $title Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -2493,11 +2492,17 @@ An arbitrary tag for your own reference; the name of the message. ##### `unless` -Optional SQL command to execute before the main command +An optional SQL command to execute prior to the main :command; +this is generally intended to be used for idempotency, to check +for the existence of an object in the database to determine whether +or not the main SQL command needs to be executed at all.' ##### `onlyif` -Optional SQL command executed before the main command - return true if matching row found +An optional SQL command to execute prior to the main :command; +this is generally intended to be used for idempotency, to check +for the existence of an object in the database to determine whether +or not the main SQL command needs to be executed at all. ##### `connect_settings` diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 320f678455..715c4ce7d0 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -26,12 +26,12 @@ def sync end newparam(:unless) do - desc 'Optional SQL command to execute before the main command' - - desc 'An optional SQL command to execute prior to the main :command; ' \ - 'this is generally intended to be used for idempotency, to check ' \ - 'for the existence of an object in the database to determine whether ' \ - 'or not the main SQL command needs to be executed at all.' + desc <<-DOC + An optional SQL command to execute prior to the main :command; + this is generally intended to be used for idempotency, to check + for the existence of an object in the database to determine whether + or not the main SQL command needs to be executed at all.' + DOC # Return true if a matching row is found def matches(value) @@ -47,12 +47,12 @@ def matches(value) end newparam(:onlyif) do - desc 'Optional SQL command executed before the main command - return true if matching row found' - - desc 'An optional SQL command to execute prior to the main :command; ' \ - 'this is generally intended to be used for idempotency, to check ' \ - 'for the existence of an object in the database to determine whether ' \ - 'or not the main SQL command needs to be executed at all.' + desc <<-DOC + An optional SQL command to execute prior to the main :command; + this is generally intended to be used for idempotency, to check + for the existence of an object in the database to determine whether + or not the main SQL command needs to be executed at all. + DOC # Return true if a matching row is found def matches(value) diff --git a/manifests/client.pp b/manifests/client.pp index add450f3de..230ae6dc6d 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -5,17 +5,12 @@ # # @param file_ensure # Enum['file','absent']. -# # @param validcon_script_path # Optional. Absolute path for the postgresql connection validation script. -# # @param package_name # String. Sets the name of the PostgreSQL client package. -# # @param package_ensure # Enum['present','absent']. -# -# class postgresql::client ( Enum['file', 'absent'] $file_ensure = 'file', Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, diff --git a/manifests/globals.pp b/manifests/globals.pp index 93097986c1..f4e50538dd 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -22,7 +22,7 @@ # @param service_status Overrides the default status check command for your PostgreSQL service. # @param default_database Specifies the name of the default database to connect with. # -# @param validcon_script_path +# @param validcon_script_path Scipt path for the connection validation check. # # @param initdb_path Path to the initdb command. # @param createdb_path Deprecated. Path to the createdb command. @@ -31,7 +31,7 @@ # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. # @param postgresql_conf_path Sets the path to your postgresql.conf file. # @param recovery_conf_path Path to your recovery.conf file. -# @param default_connect_settings +# @param default_connect_settings Default connection settings. # # @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic psql operations. # @@ -47,7 +47,6 @@ # @param log_line_prefix Overrides the default PostgreSQL log prefix. # # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -# Default value: 'postgres'. # @param group Overrides the default postgres user group to be used for related files in the file system. # # @param version The version of PostgreSQL to install and manage. @@ -68,9 +67,9 @@ # # @param timezone Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # -# @param manage_pg_hba_conf -# @param manage_pg_ident_conf -# @param manage_recovery_conf +# @param manage_pg_hba_conf Allow Puppet to manage the pg_hba.conf file. +# @param manage_pg_ident_conf Allow Puppet to manage the pg_ident.conf file. +# @param manage_recovery_conf Allow Puppet to manage the recovery.conf file. # # @param manage_package_repo Sets up official PostgreSQL repositories on your host if set to true. # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 778491f82a..ad111120ad 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -3,9 +3,7 @@ # @param package_name # String. The name of the PostgreSQL contrib package. # @param package_ensure -# Enum['present','absent']. Defaults to 'present'. -# -# +# Enum['present','absent']. class postgresql::server::contrib ( String $package_name = $postgresql::params::contrib_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 5d60e17d8f..f38a4b90a9 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -1,6 +1,6 @@ # @summary Define for creating a database. # -# @param comment +# @param comment Sets a comment on the database. # @param dbname Sets the name of the database. # @param owner Sets name of the database owner. # @param tablespace Sets tablespace for where to create this database. @@ -8,8 +8,7 @@ # @param encoding Overrides the character set during creation of the database. # @param locale Overrides the locale during creation of the database. # @param istemplate Defines the database as a template if set to true. -# @param connect_settings -# +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::database( $comment = undef, $dbname = $title, diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index a8a3f86201..373fa77bb2 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -7,7 +7,6 @@ # @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# define postgresql::server::database_grant( $privilege, $db, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index c624fb5592..dba5c52283 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -11,8 +11,6 @@ # @param template Specifies the name of the template database from which to build this database. Defaults value: template0. # @param istemplate Specifies that the database is a template, if set to true. # @param owner Sets a user as the owner of the database. -# -# define postgresql::server::db ( $user, $password, diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index d9b494b292..8b9c1c8f7c 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -13,8 +13,7 @@ # @param ensure Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. # @param package_name Specifies a package to install prior to activating the extension. # @param package_ensure Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. -# @param connect_settings -# +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::extension ( $database, $extension = $name, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index a6a4f098db..107a623acc 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -11,7 +11,6 @@ # @param onlyif_exists # @param connect_settings # @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. -# define postgresql::server::grant ( String $role, String $db, diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 60fdec1016..f5d674e52b 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -7,7 +7,6 @@ # @param psql_user Sets the OS user to run psql. # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# define postgresql::server::grant_role ( String[1] $group, String[1] $role = $name, diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index db14e877f0..0307099952 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -11,7 +11,6 @@ # @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. -# define postgresql::server::pg_hba_rule( Enum['local', 'host', 'hostssl', 'hostnossl'] $type, String $database, diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 4fdb75c9f0..3d8ce7fff3 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -6,7 +6,6 @@ # @param description Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. # @param order Defines an order for placing the mapping in pg_ident.conf. Default value: 150. # @param target Provides the target for the rule and is generally an internal only property. Use with caution. -# define postgresql::server::pg_ident_rule( $map_name, $system_username, diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index 59502bbf9e..c54a6dd664 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -2,7 +2,6 @@ # # @param package_ensure The ensure parameter passed on to PostgreSQL PL/Perl package resource. # @param package_name The name of the PostgreSQL PL/Perl package. -# class postgresql::server::plperl( $package_ensure = 'present', $package_name = $postgresql::server::plperl_package_name diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index ecdc087ab2..2ac9ca521f 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -4,7 +4,6 @@ # Enum['present','absent']. Specifies whether the package is present. # @param package_name # Specifies the name of the postgresql PL/Python package. -# class postgresql::server::plpython( $package_ensure = 'present', $package_name = $postgresql::server::plpython_package_name, diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 5d3a2db5d3..364c3edfda 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -1,8 +1,7 @@ # @summary Install the postgis postgresql packaging. # -# @param package_name -# @param package_ensure -# +# @param package_name Sets the package name. +# @param package_ensure Specifies if the package is present or not. class postgresql::server::postgis ( String $package_name = $postgresql::params::postgis_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index a35800aed7..df187e65ec 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -8,7 +8,6 @@ # @param psql_user Specifies the OS user for running psql. # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# define postgresql::server::reassign_owned_by ( String $old_role, String $new_role, diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 2e3e3a29f3..1e5895a033 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -9,7 +9,7 @@ # @param restore_command # @param archive_cleanup_command # @param recovery_end_command -# @param recovery_target_name +# @param recovery_target_name # @param recovery_target_time # @param recovery_target_xid # @param recovery_target_inclusive @@ -22,7 +22,6 @@ # @param trigger_file # @param recovery_min_apply_delay # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. -# define postgresql::server::recovery( $restore_command = undef, $archive_cleanup_command = undef, diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 4e6d5308c0..be4d9d0e42 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -4,8 +4,8 @@ # @param password_hash Sets the hash to use during password creation. # @param createdb Specifies whether to grant the ability to create new databases with this role. # @param createrole Specifies whether to grant the ability to create new roles with this role. -# @param db -# @param port +# @param db Database used to connect to. +# @param port Port to use when connecting. # @param login Specifies whether to grant login capability for the new role. # @param inherit Specifies whether to grant inherit capability for the new role. # @param superuser Specifies whether to grant super user capability for the new role. @@ -14,7 +14,6 @@ # @param username Defines the username of the role to create. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param ensure Specify whether to create or drop the role. Specifying 'present' creates the role. Specifying 'absent' drops the role. -# define postgresql::server::role( $update_password = true, $password_hash = false, diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 3681bec999..98503a3009 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -7,15 +7,11 @@ # @param db Required. Sets the name of the database in which to create this schema. # @param owner Sets the default owner of the schema. # @param schema Sets the name of the schema. -# @param connect_settings -# -# +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @example # postgresql::server::schema {'private': # db => 'template1', # } -# -# define postgresql::server::schema( $db = $postgresql::server::default_database, $owner = undef, diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 58af37e68d..5e5e40a443 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -5,12 +5,11 @@ # @param db Specifies which database the table is in. # @param role Specifies the role or user to whom you are granting access. # @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. -# @param port +# @param port Port to use when connecting. # @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default. # @param psql_user Specifies the OS user for running psql. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists -# define postgresql::server::table_grant( $privilege, $table, diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index afe0e9c99f..a379a63bde 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -3,8 +3,7 @@ # @param location Specifies the path to locate this tablespace. # @param owner Specifies the default owner of the tablespace. # @param spcname Specifies the name of the tablespace. -# @param connect_settings -# +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::tablespace( $location, $owner = undef, From d43efbb21f24e64a31490d23e5f8200651a94f10 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Wed, 8 May 2019 10:11:43 +0300 Subject: [PATCH 0411/1000] Fix missing descriptions --- REFERENCE.md | 98 +++++++++---------- .../parser/functions/postgresql_escape.rb | 1 + .../parser/functions/postgresql_password.rb | 1 + lib/puppet/type/postgresql_conn_validator.rb | 8 +- .../type/postgresql_replication_slot.rb | 5 +- manifests/client.pp | 6 +- manifests/lib/devel.pp | 6 +- manifests/lib/docs.pp | 4 +- manifests/lib/java.pp | 4 +- manifests/lib/perl.pp | 4 +- manifests/lib/python.pp | 4 +- manifests/repo/apt_postgresql_org.pp | 2 +- manifests/repo/yum_postgresql_org.pp | 2 +- manifests/server.pp | 22 ++--- manifests/server/config_entry.pp | 2 +- manifests/server/contrib.pp | 4 +- manifests/server/db.pp | 2 +- manifests/server/grant.pp | 4 +- manifests/server/plpython.pp | 2 +- manifests/server/table_grant.pp | 2 +- 20 files changed, 90 insertions(+), 93 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 2cf72321c7..53de0a04cb 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -14,8 +14,6 @@ _Public Classes_ * [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. * [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. * [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. -* [`postgresql::repo::apt_postgresql_org`](#postgresqlrepoapt_postgresql_org): PRIVATE CLASS: do not use directly -* [`postgresql::repo::yum_postgresql_org`](#postgresqlrepoyum_postgresql_org): PRIVATE CLASS: do not use directly * [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server * [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. * [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. @@ -26,6 +24,8 @@ _Private Classes_ * `postgresql::params`: * `postgresql::repo`: +* `postgresql::repo::apt_postgresql_org`: +* `postgresql::repo::yum_postgresql_org`: * `postgresql::server::config`: * `postgresql::server::initdb`: * `postgresql::server::install`: @@ -38,7 +38,7 @@ _Private Classes_ * [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. * [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. * [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. -* [`postgresql::server::db`](#postgresqlserverdb): @ summary Define for conveniently creating a role, database and assigning the correctpermissions. +* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correctpermissions. * [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. * [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. * [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. @@ -55,15 +55,15 @@ _Private Classes_ **Resource types** * [`postgresql_conf`](#postgresql_conf): This type allows puppet to manage postgresql.conf parameters. -* [`postgresql_conn_validator`](#postgresql_conn_validator): Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to p +* [`postgresql_conn_validator`](#postgresql_conn_validator): Verify if a connection can be successfully established * [`postgresql_psql`](#postgresql_psql): An arbitrary tag for your own reference; the name of the message. -* [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Pos +* [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. **Functions** * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid -* [`postgresql_escape`](#postgresql_escape): -* [`postgresql_password`](#postgresql_password): +* [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag +* [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password **Tasks** @@ -85,7 +85,7 @@ The following parameters are available in the `postgresql::client` class. Data type: `Enum['file', 'absent']` -Enum['file','absent']. +Ensure the connection validation script is present Default value: 'file' @@ -101,7 +101,7 @@ Default value: $postgresql::params::validcon_script_path Data type: `String[1]` -String. Sets the name of the PostgreSQL client package. +Sets the name of the PostgreSQL client package. Default value: $postgresql::params::client_package_name @@ -109,7 +109,7 @@ Default value: $postgresql::params::client_package_name Data type: `String[1]` -Enum['present','absent']. +Ensure the client package is installed Default value: 'present' @@ -513,7 +513,7 @@ The following parameters are available in the `postgresql::lib::devel` class. Data type: `String` -String. +Override devel package name Default value: $postgresql::params::devel_package_name @@ -521,7 +521,7 @@ Default value: $postgresql::params::devel_package_name Data type: `String[1]` -String. Defaults to 'present'. +Ensure the development libraries are installed Default value: 'present' @@ -529,7 +529,7 @@ Default value: 'present' Data type: `Boolean` -Boolean. If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. +If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. Default value: $postgresql::params::link_pg_config @@ -547,7 +547,7 @@ The following parameters are available in the `postgresql::lib::docs` class. Data type: `String` -String. Specifies the name of the PostgreSQL docs package. +Specifies the name of the PostgreSQL docs package. Default value: $postgresql::params::docs_package_name @@ -555,7 +555,7 @@ Default value: $postgresql::params::docs_package_name Data type: `String[1]` -Enum['present','absent']. Whether the PostgreSQL docs package resource should be present. +Whether the PostgreSQL docs package resource should be present. Default value: 'present' @@ -573,7 +573,7 @@ The following parameters are available in the `postgresql::lib::java` class. Data type: `String` -String. Specifies the name of the PostgreSQL java package. +Specifies the name of the PostgreSQL java package. Default value: $postgresql::params::java_package_name @@ -581,7 +581,7 @@ Default value: $postgresql::params::java_package_name Data type: `String[1]` -Enum['present','absent']. Specifies whether the package is present. +Specifies whether the package is present. Default value: 'present' @@ -597,7 +597,7 @@ The following parameters are available in the `postgresql::lib::perl` class. Data type: `String` -String. Specifies the name of the PostgreSQL perl package to install. +Specifies the name of the PostgreSQL perl package to install. Default value: $postgresql::params::perl_package_name @@ -605,7 +605,7 @@ Default value: $postgresql::params::perl_package_name Data type: `String[1]` -Enum['present','absent']. +Ensure the perl libs for postgresql are installed. Default value: 'present' @@ -621,7 +621,7 @@ The following parameters are available in the `postgresql::lib::python` class. Data type: `String[1]` -String. The name of the PostgreSQL Python package. +The name of the PostgreSQL Python package. Default value: $postgresql::params::python_package_name @@ -629,18 +629,10 @@ Default value: $postgresql::params::python_package_name Data type: `String[1]` -Enum['present','absent'] +Ensure the python libs for postgresql are installed. Default value: 'present' -### postgresql::repo::apt_postgresql_org - -PRIVATE CLASS: do not use directly - -### postgresql::repo::yum_postgresql_org - -PRIVATE CLASS: do not use directly - ### postgresql::server This installs a PostgreSQL server @@ -693,7 +685,7 @@ Default value: $postgresql::params::plpython_package_name Data type: `Any` - +Ensure service is installed Default value: $postgresql::params::service_ensure @@ -701,7 +693,7 @@ Default value: $postgresql::params::service_ensure Data type: `Any` - +Enable the PostgreSQL service Default value: $postgresql::params::service_enable @@ -773,7 +765,7 @@ Default value: $postgresql::globals::default_connect_settings Data type: `Any` - +Address list on which the PostgreSQL service will listen Default value: $postgresql::params::listen_addresses @@ -873,7 +865,7 @@ Default value: $postgresql::params::postgresql_conf_path Data type: `Any` - +Specifies the path to your recovery.conf file. Default value: $postgresql::params::recovery_conf_path @@ -881,7 +873,7 @@ Default value: $postgresql::params::recovery_conf_path Data type: `Any` - +PostgreSQL data directory Default value: $postgresql::params::datadir @@ -889,7 +881,7 @@ Default value: $postgresql::params::datadir Data type: `Any` - +PostgreSQL xlog directory Default value: $postgresql::params::xlogdir @@ -897,7 +889,7 @@ Default value: $postgresql::params::xlogdir Data type: `Any` - +PostgreSQL log directory Default value: $postgresql::params::logdir @@ -905,7 +897,7 @@ Default value: $postgresql::params::logdir Data type: `Any` - +PostgreSQL log line prefix Default value: $postgresql::params::log_line_prefix @@ -970,7 +962,7 @@ Default value: $postgresql::params::data_checksums Data type: `Any` - +Set timezone for the PostgreSQL instance Default value: $postgresql::params::timezone @@ -1002,7 +994,7 @@ Default value: $postgresql::params::manage_recovery_conf Data type: `Any` - +Working directory for the PostgreSQL module Default value: $postgresql::params::module_workdir @@ -1034,7 +1026,7 @@ Default value: {} Data type: `Any` - +Sets PostgreSQL version Default value: `undef` @@ -1050,7 +1042,7 @@ The following parameters are available in the `postgresql::server::contrib` clas Data type: `String` -String. The name of the PostgreSQL contrib package. +The name of the PostgreSQL contrib package. Default value: $postgresql::params::contrib_package_name @@ -1058,7 +1050,7 @@ Default value: $postgresql::params::contrib_package_name Data type: `String[1]` -Enum['present','absent']. +Ensure the contrib package is installed. Default value: 'present' @@ -1098,7 +1090,7 @@ The following parameters are available in the `postgresql::server::plpython` cla Data type: `Any` -Enum['present','absent']. Specifies whether the package is present. +Specifies whether the package is present. Default value: 'present' @@ -1164,7 +1156,7 @@ Default value: `undef` Data type: `Any` - +Path for postgresql.conf Default value: `false` @@ -1308,7 +1300,7 @@ Default value: `undef` ### postgresql::server::db -@ summary Define for conveniently creating a role, database and assigning the correctpermissions. +Define for conveniently creating a role, database and assigning the correctpermissions. #### Parameters @@ -1562,7 +1554,7 @@ Default value: $postgresql::server::port Data type: `Boolean` - +Create grant only if doesn't exist Default value: `false` @@ -1570,7 +1562,7 @@ Default value: `false` Data type: `Hash` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: $postgresql::server::default_connect_settings @@ -2218,7 +2210,7 @@ Default value: `undef` Data type: `Any` - +Create grant only if it doesn't exist. Default value: `false` @@ -2560,8 +2552,6 @@ Default value: `false` ### postgresql_replication_slot -Manages Postgresql replication slots. - This type allows to create and destroy replication slots to register warm standby replication on a Postgresql master server. @@ -2630,11 +2620,11 @@ Returns: `Any` This function accepts an array of strings that are pg_hba.conf ru Type: Ruby 3.x API -The postgresql_escape function. +This function safely escapes a string using a consistent random tag #### `postgresql_escape()` -The postgresql_escape function. +This function safely escapes a string using a consistent random tag Returns: `Any` Safely escapes a string using $$ using a random tag which should be consistent @@ -2642,11 +2632,11 @@ Returns: `Any` Safely escapes a string using $$ using a random tag which should Type: Ruby 3.x API -The postgresql_password function. +This function returns the postgresql password hash from the clear text username / password #### `postgresql_password()` -The postgresql_password function. +This function returns the postgresql password hash from the clear text username / password Returns: `Any` Returns the postgresql password hash from the clear text username / password. diff --git a/lib/puppet/parser/functions/postgresql_escape.rb b/lib/puppet/parser/functions/postgresql_escape.rb index f78bcea1bd..f7e6f33add 100644 --- a/lib/puppet/parser/functions/postgresql_escape.rb +++ b/lib/puppet/parser/functions/postgresql_escape.rb @@ -3,6 +3,7 @@ # postgresql_escape.rb module Puppet::Parser::Functions newfunction(:postgresql_escape, type: :rvalue, doc: <<-EOS + This function safely escapes a string using a consistent random tag @return Safely escapes a string using $$ using a random tag which should be consistent EOS ) do |args| diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb index b787fe5c45..d32791a5ec 100644 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ b/lib/puppet/parser/functions/postgresql_password.rb @@ -4,6 +4,7 @@ # postgresql_password.rb module Puppet::Parser::Functions newfunction(:postgresql_password, type: :rvalue, doc: <<-EOS + This function returns the postgresql password hash from the clear text username / password @return Returns the postgresql password hash from the clear text username / password. EOS ) do |args| diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb index adb70538e3..e617e351c3 100644 --- a/lib/puppet/type/postgresql_conn_validator.rb +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -1,9 +1,13 @@ Puppet::Type.newtype(:postgresql_conn_validator) do - @doc = "Verify that a connection can be successfully established between a node + @doc = <<-EOS + @summary Verify if a connection can be successfully established + + Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to prevent configuration changes from being applied if the PostgreSQL server cannot be reached, but it could potentially be used for other - purposes such as monitoring." + purposes such as monitoring. + EOS ensurable do desc 'Ensure connection validation' diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index c489cc3d77..bfca4a754f 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -1,10 +1,11 @@ Puppet::Type.newtype(:postgresql_replication_slot) do - @doc = "Manages Postgresql replication slots. + @doc = <<-EOS +@summary Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Postgresql master server. -" +EOS ensurable diff --git a/manifests/client.pp b/manifests/client.pp index 230ae6dc6d..2235f68a09 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -4,13 +4,13 @@ # Make sure to add any necessary yum or apt repositories if specifying a custom version. # # @param file_ensure -# Enum['file','absent']. +# Ensure the connection validation script is present # @param validcon_script_path # Optional. Absolute path for the postgresql connection validation script. # @param package_name -# String. Sets the name of the PostgreSQL client package. +# Sets the name of the PostgreSQL client package. # @param package_ensure -# Enum['present','absent']. +# Ensure the client package is installed class postgresql::client ( Enum['file', 'absent'] $file_ensure = 'file', Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 103a1f7a93..ee37509be6 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,11 +1,11 @@ # @summary This class installs postgresql development libraries. # # @param package_name -# String. +# Override devel package name # @param package_ensure -# String. Defaults to 'present'. +# Ensure the development libraries are installed # @param link_pg_config -# Boolean. If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. +# If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. # # class postgresql::lib::devel( diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index a8c78bc85f..b3bd138e4e 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -4,9 +4,9 @@ # Make sure to add any necessary yum or apt repositories if specifying a custom version. # # @param package_name -# String. Specifies the name of the PostgreSQL docs package. +# Specifies the name of the PostgreSQL docs package. # @param package_ensure -# Enum['present','absent']. Whether the PostgreSQL docs package resource should be present. +# Whether the PostgreSQL docs package resource should be present. # # class postgresql::lib::docs ( diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index 1893684453..3fa98e1d9b 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -4,9 +4,9 @@ # Make sure to add any necessary yum or apt repositories if specifying a custom version. # # @param package_name -# String. Specifies the name of the PostgreSQL java package. +# Specifies the name of the PostgreSQL java package. # @param package_ensure -# Enum['present','absent']. Specifies whether the package is present. +# Specifies whether the package is present. # class postgresql::lib::java ( String $package_name = $postgresql::params::java_package_name, diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 77111b6395..782ddeeabe 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -1,9 +1,9 @@ # @summary This class installs the perl libs for postgresql. # # @param package_name -# String. Specifies the name of the PostgreSQL perl package to install. +# Specifies the name of the PostgreSQL perl package to install. # @param package_ensure -# Enum['present','absent']. +# Ensure the perl libs for postgresql are installed. # class postgresql::lib::perl( String $package_name = $postgresql::params::perl_package_name, diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index c72aab7bd8..7f7f0a868b 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -1,9 +1,9 @@ # @summary This class installs the python libs for postgresql. # # @param package_name -# String. The name of the PostgreSQL Python package. +# The name of the PostgreSQL Python package. # @param package_ensure -# Enum['present','absent'] +# Ensure the python libs for postgresql are installed. # class postgresql::lib::python( String[1] $package_name = $postgresql::params::python_package_name, diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index ffbfbd5db7..794abbaea2 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not use directly +# @api private class postgresql::repo::apt_postgresql_org inherits postgresql::repo { include ::apt diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index e6ae6f56fa..499dca2424 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -1,4 +1,4 @@ -# PRIVATE CLASS: do not use directly +# @api private class postgresql::repo::yum_postgresql_org inherits postgresql::repo { $version_parts = split($postgresql::repo::version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" diff --git a/manifests/server.pp b/manifests/server.pp index b363fc735d..c67480081d 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -7,8 +7,8 @@ # @param plperl_package_name Sets the default package name for the PL/Perl extension. # @param plpython_package_name Sets the default package name for the PL/Python extension. # -# @param service_ensure -# @param service_enable +# @param service_ensure Ensure service is installed +# @param service_enable Enable the PostgreSQL service # @param service_manage Defines whether or not Puppet should manage the service. # @param service_name Overrides the default PostgreSQL service name. # @param service_restart_on_change Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. @@ -18,7 +18,7 @@ # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. # @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # -# @param listen_addresses +# @param listen_addresses Address list on which the PostgreSQL service will listen # @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # @@ -38,13 +38,13 @@ # @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. # @param postgresql_conf_path Specifies the path to your postgresql.conf file. -# @param recovery_conf_path +# @param recovery_conf_path Specifies the path to your recovery.conf file. # -# @param datadir -# @param xlogdir -# @param logdir +# @param datadir PostgreSQL data directory +# @param xlogdir PostgreSQL xlog directory +# @param logdir PostgreSQL log directory # -# @param log_line_prefix +# @param log_line_prefix PostgreSQL log line prefix # # @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. # @@ -58,18 +58,18 @@ # @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. # -# @param timezone +# @param timezone Set timezone for the PostgreSQL instance # # @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. # @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. # @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. -# @param module_workdir +# @param module_workdir Working directory for the PostgreSQL module # # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. # -# @param version +# @param version Sets PostgreSQL version # # class postgresql::server ( diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 3d95a00475..6b86f5f831 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -2,7 +2,7 @@ # # @param ensure Removes an entry if set to 'absent'. # @param value Defines the value for the setting. -# @param path +# @param path Path for postgresql.conf # define postgresql::server::config_entry ( $ensure = 'present', diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index ad111120ad..466a898069 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -1,9 +1,9 @@ # @summary Install the contrib postgresql packaging. # # @param package_name -# String. The name of the PostgreSQL contrib package. +# The name of the PostgreSQL contrib package. # @param package_ensure -# Enum['present','absent']. +# Ensure the contrib package is installed. class postgresql::server::contrib ( String $package_name = $postgresql::params::contrib_package_name, String[1] $package_ensure = 'present' diff --git a/manifests/server/db.pp b/manifests/server/db.pp index dba5c52283..98aa8797e6 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,4 +1,4 @@ -# @ summary Define for conveniently creating a role, database and assigning the correctpermissions. +# @summary Define for conveniently creating a role, database and assigning the correctpermissions. # # @param user User to create and assign access to the database upon creation. Mandatory. # @param password Required Sets the password for the created user. diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 107a623acc..00a64950d4 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -8,8 +8,8 @@ # @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Sets the OS user to run psql. # @param port Port to use when connecting. -# @param onlyif_exists -# @param connect_settings +# @param onlyif_exists Create grant only if doesn't exist +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. define postgresql::server::grant ( String $role, diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 2ac9ca521f..5ca7ed26df 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -1,7 +1,7 @@ # @summary This class installs the PL/Python procedural language for postgresql. # # @param package_ensure -# Enum['present','absent']. Specifies whether the package is present. +# Specifies whether the package is present. # @param package_name # Specifies the name of the postgresql PL/Python package. class postgresql::server::plpython( diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 5e5e40a443..ec60bd2197 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -9,7 +9,7 @@ # @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default. # @param psql_user Specifies the OS user for running psql. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# @param onlyif_exists +# @param onlyif_exists Create grant only if it doesn't exist. define postgresql::server::table_grant( $privilege, $table, From 4bb668d40835ff5db20f73d33df5816daf6c0999 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Wed, 8 May 2019 12:25:04 +0300 Subject: [PATCH 0412/1000] Add description for recovery and validation --- REFERENCE.md | 50 ++++++++++++++--------------- manifests/server/recovery.pp | 30 ++++++++--------- manifests/validate_db_connection.pp | 20 ++++++------ 3 files changed, 50 insertions(+), 50 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 53de0a04cb..b91a86834d 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1838,7 +1838,7 @@ The following parameters are available in the `postgresql::server::recovery` def Data type: `Any` - +The shell command to execute to retrieve an archived segment of the WAL file series. Default value: `undef` @@ -1846,7 +1846,7 @@ Default value: `undef` Data type: `Any` - +This optional parameter specifies a shell command that will be executed at every restartpoint. Default value: `undef` @@ -1854,7 +1854,7 @@ Default value: `undef` Data type: `Any` - +This parameter specifies a shell command that will be executed once only at the end of recovery. Default value: `undef` @@ -1862,7 +1862,7 @@ Default value: `undef` Data type: `Any` - +This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. Default value: `undef` @@ -1870,7 +1870,7 @@ Default value: `undef` Data type: `Any` - +This parameter specifies the time stamp up to which recovery will proceed. Default value: `undef` @@ -1878,7 +1878,7 @@ Default value: `undef` Data type: `Any` - +This parameter specifies the transaction ID up to which recovery will proceed. Default value: `undef` @@ -1886,7 +1886,7 @@ Default value: `undef` Data type: `Any` - +Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). Default value: `undef` @@ -1894,7 +1894,7 @@ Default value: `undef` Data type: `Any` - +This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. Default value: `undef` @@ -1902,7 +1902,7 @@ Default value: `undef` Data type: `Any` - +Specifies recovering into a particular timeline. Default value: `undef` @@ -1910,7 +1910,7 @@ Default value: `undef` Data type: `Any` - +Specifies whether recovery should pause when the recovery target is reached. Default value: `undef` @@ -1918,7 +1918,7 @@ Default value: `undef` Data type: `Any` -Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). +Specifies whether to start the PostgreSQL server as a standby. Default value: `undef` @@ -1926,7 +1926,7 @@ Default value: `undef` Data type: `Any` - +Specifies a connection string to be used for the standby server to connect with the primary. Default value: `undef` @@ -1934,7 +1934,7 @@ Default value: `undef` Data type: `Any` - +Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. Default value: `undef` @@ -1942,7 +1942,7 @@ Default value: `undef` Data type: `Any` - +Specifies a trigger file whose presence ends recovery in the standby. Default value: `undef` @@ -1950,7 +1950,7 @@ Default value: `undef` Data type: `Any` - +This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. Default value: `undef` @@ -2266,7 +2266,7 @@ The following parameters are available in the `postgresql::validate_db_connectio Data type: `Any` - +Database host address Default value: `undef` @@ -2274,7 +2274,7 @@ Default value: `undef` Data type: `Any` - +Specifies the name of the database you wish to test. Default value: `undef` @@ -2282,7 +2282,7 @@ Default value: `undef` Data type: `Any` - +Specifies the password to connect with. Default value: `undef` @@ -2290,7 +2290,7 @@ Default value: `undef` Data type: `Any` - +Specifies the username to connect with. Default value: `undef` @@ -2298,7 +2298,7 @@ Default value: `undef` Data type: `Any` - +Defines the port to use when connecting. Default value: `undef` @@ -2306,7 +2306,7 @@ Default value: `undef` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Default value: `undef` @@ -2314,7 +2314,7 @@ Default value: `undef` Data type: `Any` - +Specifies the user to run the psql command as. Default value: `undef` @@ -2322,7 +2322,7 @@ Default value: `undef` Data type: `Any` - +Sets the number of seconds to sleep for before trying again after a failure. Default value: 2 @@ -2330,7 +2330,7 @@ Default value: 2 Data type: `Any` - +Sets the number of attempts after failure before giving up and failing the resource. Default value: 10 @@ -2338,7 +2338,7 @@ Default value: 10 Data type: `Any` - +Creates the database when obtaining a successful connection. Default value: `true` diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 1e5895a033..eae8777051 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -6,21 +6,21 @@ # A detailed description of all listed parameters can be found in the PostgreSQL documentation. # Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true. # -# @param restore_command -# @param archive_cleanup_command -# @param recovery_end_command -# @param recovery_target_name -# @param recovery_target_time -# @param recovery_target_xid -# @param recovery_target_inclusive -# @param recovery_target -# @param recovery_target_timeline -# @param pause_at_recovery_target -# @param standby_mode Can be specified with the string ('on'/'off'), or by using a Boolean value (true/false). -# @param primary_conninfo -# @param primary_slot_name -# @param trigger_file -# @param recovery_min_apply_delay +# @param restore_command The shell command to execute to retrieve an archived segment of the WAL file series. +# @param archive_cleanup_command This optional parameter specifies a shell command that will be executed at every restartpoint. +# @param recovery_end_command This parameter specifies a shell command that will be executed once only at the end of recovery. +# @param recovery_target_name This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. +# @param recovery_target_time This parameter specifies the time stamp up to which recovery will proceed. +# @param recovery_target_xid This parameter specifies the transaction ID up to which recovery will proceed. +# @param recovery_target_inclusive Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). +# @param recovery_target This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. +# @param recovery_target_timeline Specifies recovering into a particular timeline. +# @param pause_at_recovery_target Specifies whether recovery should pause when the recovery target is reached. +# @param standby_mode Specifies whether to start the PostgreSQL server as a standby. +# @param primary_conninfo Specifies a connection string to be used for the standby server to connect with the primary. +# @param primary_slot_name Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. +# @param trigger_file Specifies a trigger file whose presence ends recovery in the standby. +# @param recovery_min_apply_delay This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. define postgresql::server::recovery( $restore_command = undef, diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 642fff2ed3..990c5f1d1f 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -6,16 +6,16 @@ # instance (host/port/user/password/database name). # # -# @param database_host -# @param database_name -# @param database_password -# @param database_username -# @param database_port -# @param connect_settings -# @param run_as -# @param sleep -# @param tries -# @param create_db_first +# @param database_host Database host address +# @param database_name Specifies the name of the database you wish to test. +# @param database_password Specifies the password to connect with. +# @param database_username Specifies the username to connect with. +# @param database_port Defines the port to use when connecting. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param run_as Specifies the user to run the psql command as. +# @param sleep Sets the number of seconds to sleep for before trying again after a failure. +# @param tries Sets the number of attempts after failure before giving up and failing the resource. +# @param create_db_first Creates the database when obtaining a successful connection. # define postgresql::validate_db_connection( $database_host = undef, From f22ad329f02b389691da9f7fff294014df2736e8 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Wed, 8 May 2019 12:47:41 +0300 Subject: [PATCH 0413/1000] Fix --- REFERENCE.md | 21 ++++++++++++++------- manifests/globals.pp | 31 ++++++++++++++++++------------- 2 files changed, 32 insertions(+), 20 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index b91a86834d..3b291ca179 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -115,7 +115,7 @@ Default value: 'present' ### postgresql::globals -Debian is currently not supported. +Class for setting cross-class global overrides. * **Note** Most server-specific defaults should be overridden in the postgresql::server class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. @@ -320,7 +320,7 @@ Default value: {} Data type: `Any` -Disables the defaults supplied with the module for pg_hba.conf if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic psql operations. +Disables the defaults supplied with the module for pg_hba.conf if set to false. Default value: `undef` @@ -329,6 +329,10 @@ Default value: `undef` Data type: `Any` Overrides the default PostgreSQL data directory for the target platform. +Changing the datadir after installation causes the server to come to a full stop before making the change. +For Red Hat systems, the data directory must be labeled appropriately for SELinux. +On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). +Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original Default value: `undef` @@ -408,7 +412,7 @@ Default value: `undef` Data type: `Any` -Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. +Sets the proxy option for the official PostgreSQL yum-repositories only. Default value: `undef` @@ -432,7 +436,8 @@ Default value: `undef` Data type: `Any` -Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. +On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: `undef` @@ -440,7 +445,9 @@ Default value: `undef` Data type: `Any` -Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +Sets the default database locale for all databases created with this module. +On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. Default value: `undef` @@ -448,8 +455,8 @@ Default value: `undef` Data type: `Any` -Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Warning: This option is used during initialization by initdb, and cannot be changed later. Default value: `undef` diff --git a/manifests/globals.pp b/manifests/globals.pp index f4e50538dd..13401663b0 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -33,12 +33,14 @@ # @param recovery_conf_path Path to your recovery.conf file. # @param default_connect_settings Default connection settings. # -# @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic psql operations. -# -# @param datadir Overrides the default PostgreSQL data directory for the target platform. -# -# @note Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). -# @note Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original +# @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. +# +# @param datadir +# Overrides the default PostgreSQL data directory for the target platform. +# Changing the datadir after installation causes the server to come to a full stop before making the change. +# For Red Hat systems, the data directory must be labeled appropriately for SELinux. +# On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). +# Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original # # @param confdir Overrides the default PostgreSQL configuration directory for the target platform. # @param bindir Overrides the default PostgreSQL binaries directory for the target platform. @@ -51,19 +53,22 @@ # # @param version The version of PostgreSQL to install and manage. # @param postgis_version Defines the version of PostGIS to install, if you install PostGIS. -# @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity. -# Debian is currently not supported. +# @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. # # @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. # # @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. # -# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -# @param locale Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -# @note On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. +# @param encoding +# Sets the default encoding for all databases created with this module. +# On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param locale +# Sets the default database locale for all databases created with this module. +# On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. # @param data_checksums -# Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +# Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# Warning: This option is used during initialization by initdb, and cannot be changed later. # # @param timezone Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # From f610470263db38caa9d46c41a1b27eac9a201ab2 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 14 May 2019 10:59:37 +0300 Subject: [PATCH 0414/1000] release prep 6.0.0 --- CHANGELOG.md | 19 +++++++++++++++++++ metadata.json | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fa71aa0f7a..719fbc4e77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) (2019-05-14) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) + +### Changed + +- pdksync - \(MODULES-8444\) - Raise lower Puppet bound [\#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) +- \(maint\) remove inconsistent extra variable [\#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) + +### Added + +- Add Fedora 30 compatibility [\#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) +- Include EL8 version for config checks [\#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) + +### Fixed + +- Support current version of puppetlabs/apt. [\#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) +- change username/group/datadir defaults for FreeBSD [\#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) + ## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) (2019-02-14) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.0...5.12.1) diff --git a/metadata.json b/metadata.json index 95531ed19d..278387a6e6 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "5.12.1", + "version": "6.0.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 32020adeab9f924086c0c59c6755af65a877461a Mon Sep 17 00:00:00 2001 From: lionce Date: Thu, 16 May 2019 13:58:03 +0300 Subject: [PATCH 0415/1000] MODULES-9120 - update metadata to support concat version 6.0.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 278387a6e6..682dcc82d7 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppetlabs/concat", - "version_requirement": ">= 1.1.0 < 6.0.0" + "version_requirement": ">= 1.1.0 < 7.0.0" } ], "operatingsystem_support": [ From 451a339140c811413613c0fce44fedbf6eb2345c Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Tue, 21 May 2019 10:22:30 +0100 Subject: [PATCH 0416/1000] (FM-8031) Add RedHat 8 support --- manifests/globals.pp | 1 + metadata.json | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 13401663b0..7329701541 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -158,6 +158,7 @@ }, 'Amazon' => '9.2', default => $::operatingsystemrelease ? { + /^8\./ => '10', /^7\./ => '9.2', /^6\./ => '8.4', /^5\./ => '8.1', diff --git a/metadata.json b/metadata.json index 682dcc82d7..22d5919a49 100644 --- a/metadata.json +++ b/metadata.json @@ -27,7 +27,8 @@ "operatingsystemrelease": [ "5", "6", - "7" + "7", + "8" ] }, { From bd0790b4e982eadda72b5a492ab6b9d72abd5378 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Tue, 4 Jun 2019 11:58:18 +0100 Subject: [PATCH 0417/1000] (MODULES-9219) - Release Prep 6.1.0 --- CHANGELOG.md | 8 ++++++++ metadata.json | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 719fbc4e77..5aa9c6eed3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.0.0...v6.1.0) + +### Added + +- \(FM-8031\) Add RedHat 8 support [\#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) + ## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) (2019-05-14) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) diff --git a/metadata.json b/metadata.json index 22d5919a49..646f064768 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.0.0", + "version": "6.1.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 743d5026ade26fbf83b72c52459fb56312d46c1a Mon Sep 17 00:00:00 2001 From: tphoney Date: Fri, 17 May 2019 13:43:28 +0100 Subject: [PATCH 0418/1000] (FM-7500) conversion to use litmus --- .fixtures.yml | 13 +- .rubocop.yml | 6 +- .sync.yml | 18 +- .travis.yml | 150 +- .vscode/extensions.json | 6 + Gemfile | 23 +- "REFERENCE.md\342\200\202" | 2736 +++++++++++++++++ Rakefile | 3 +- distelli-manifest.yml | 25 + metadata.json | 4 +- provision.yaml | 22 + spec/acceptance/00-utf8_encoding_spec.rb | 30 - spec/acceptance/alternative_port_spec.rb | 7 +- spec/acceptance/db_spec.rb | 36 +- spec/acceptance/default_parameters_spec.rb | 5 +- spec/acceptance/overridden_settings_spec.rb | 29 +- .../postgresql_conn_validator_spec.rb | 4 +- spec/acceptance/postgresql_psql_spec.rb | 6 +- spec/acceptance/server/config_entry_spec.rb | 18 +- spec/acceptance/server/grant_role_spec.rb | 2 +- spec/acceptance/server/grant_spec.rb | 43 +- .../server/reassign_owned_by_spec.rb | 11 +- spec/acceptance/server/recovery_spec.rb | 4 +- spec/acceptance/server/schema_spec.rb | 2 +- spec/acceptance/sql_task_spec.rb | 7 +- spec/acceptance/utf8_encoding_spec.rb | 23 + spec/acceptance/z_alternative_pgdata_spec.rb | 7 +- spec/spec_helper.rb | 2 + spec/spec_helper_acceptance.rb | 172 +- spec/spec_helper_acceptance_local.rb | 45 + 30 files changed, 3153 insertions(+), 306 deletions(-) create mode 100644 .vscode/extensions.json create mode 100644 "REFERENCE.md\342\200\202" create mode 100644 distelli-manifest.yml create mode 100644 provision.yaml delete mode 100644 spec/acceptance/00-utf8_encoding_spec.rb create mode 100644 spec/acceptance/utf8_encoding_spec.rb create mode 100644 spec/spec_helper_acceptance_local.rb diff --git a/.fixtures.yml b/.fixtures.yml index f639c3b9db..8381746a03 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,14 +1,17 @@ fixtures: repositories: apt: "https://github.com/puppetlabs/puppetlabs-apt.git" - stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" - firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" + augeas_core: + repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" + puppet_version: ">= 6.0.0" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" + facts: 'git://github.com/puppetlabs/puppetlabs-facts.git' + firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" + provision: "git://github.com/puppetlabs/provision.git" + puppet_agent: 'git://github.com/puppetlabs/puppetlabs-puppet_agent.git' + stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: repo: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" puppet_version: ">= 6.0.0" - augeas_core: - repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" - puppet_version: ">= 6.0.0" symlinks: postgresql: "#{source_dir}" diff --git a/.rubocop.yml b/.rubocop.yml index f5a6c2a412..b46c85991f 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,5 +1,7 @@ --- -require: rubocop-rspec +require: +- rubocop-rspec +- rubocop-i18n AllCops: DisplayCopNames: true TargetRubyVersion: '2.1' @@ -19,6 +21,8 @@ AllCops: Metrics/LineLength: Description: People have wide screens, use them. Max: 200 +GetText: + Enabled: false GetText/DecorateString: Description: We don't want to decorate test output. Exclude: diff --git a/.sync.yml b/.sync.yml index c78de75f3e..6a3e6b6520 100644 --- a/.sync.yml +++ b/.sync.yml @@ -7,14 +7,7 @@ unmanaged: true .travis.yml: - docker_sets: - - set: docker/centos-7 - - set: docker/ubuntu-14.04 - docker_defaults: - bundler_args: "" - secure: "" - branches: - - release + unmanaged: true appveyor.yml: delete: true @@ -29,6 +22,14 @@ Gemfile: - mswin - mingw - x64_mingw + ':development': + - gem: 'puppet_litmus' + platforms: + - ruby + - mswin + - mingw + - x64_mingw + condition: "ENV['PUPPET_GEM_VERSION'].nil? or ENV['PUPPET_GEM_VERSION'] !~ %r{ 5}" optional: ':development': - gem: 'github_changelog_generator' @@ -38,6 +39,7 @@ Gemfile: Rakefile: changelog_user: puppetlabs + use_litmus_tasks: true spec/spec_helper.rb: mock_with: ':rspec' diff --git a/.travis.yml b/.travis.yml index 9472d0381e..d740ab025f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,4 +1,5 @@ --- +dist: trusty language: ruby cache: bundler before_install: @@ -12,48 +13,149 @@ script: bundler_args: --without system_tests rvm: - 2.5.3 -stages: - - static - - spec - - acceptance - - - if: tag =~ ^v\d - name: deploy +env: + global: + - PUPPET_GEM_VERSION="~> 6.0" matrix: fast_finish: true include: - - bundler_args: + bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply + env: PLATFORMS=debian_puppet5 rvm: 2.5.3 - script: bundle exec rake beaker + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel services: docker - stage: acceptance sudo: required - - bundler_args: + bundler_args: dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply + env: PLATFORMS=debian_puppet6 rvm: 2.5.3 - script: bundle exec rake beaker + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel services: docker - stage: acceptance sudo: required - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" - stage: static + bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 - stage: spec + bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet6 + rvm: 2.5.3 + before_script: + - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - time bundle exec rake 'litmus:install_agent[puppet6]' + - time bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required - - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet6 rvm: 2.5.3 - stage: spec + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required - - env: DEPLOY_TO_FORGE=yes - stage: deploy + bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop" + - + env: CHECK=parallel_spec + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 branches: only: - master diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000000..6177782746 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,6 @@ +{ + "recommendations": [ + "jpogran.puppet-vscode", + "rebornix.Ruby" + ] +} diff --git a/Gemfile b/Gemfile index b7d80c3e53..0349605dfe 100644 --- a/Gemfile +++ b/Gemfile @@ -17,17 +17,18 @@ ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') + gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "puppet-module-posix-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet_litmus", require: false, platforms: [:ruby, :mswin, :mingw, :x64_mingw] if ENV['PUPPET_GEM_VERSION'].nil? or ENV['PUPPET_GEM_VERSION'] !~ %r{ 5} + gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] diff --git "a/REFERENCE.md\342\200\202" "b/REFERENCE.md\342\200\202" new file mode 100644 index 0000000000..83c98582a4 --- /dev/null +++ "b/REFERENCE.md\342\200\202" @@ -0,0 +1,2736 @@ +# Reference + + +## Table of Contents + +**Classes** + +* [`postgresql::client`](#postgresqlclient): Install client cli tool. See README.md for more details. +* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. See README.md for more details. +* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. See README.md for more details. +* [`postgresql::lib::docs`](#postgresqllibdocs): This class installs the postgresql-docs See README.md for more details. +* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. See README.md for more details. +* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. See README.md for more details. +* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. See README.md for more details. +* [`postgresql::params`](#postgresqlparams): PRIVATE CLASS: do not use directly +* [`postgresql::repo`](#postgresqlrepo): PRIVATE CLASS: do not use directly +* [`postgresql::repo::apt_postgresql_org`](#postgresqlrepoapt_postgresql_org): PRIVATE CLASS: do not use directly +* [`postgresql::repo::yum_postgresql_org`](#postgresqlrepoyum_postgresql_org): PRIVATE CLASS: do not use directly +* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server. See README.md for more details. +* [`postgresql::server::config`](#postgresqlserverconfig): PRIVATE CLASS: do not call directly +* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. See README.md for more details. +* [`postgresql::server::initdb`](#postgresqlserverinitdb): PRIVATE CLASS: do not call directly +* [`postgresql::server::install`](#postgresqlserverinstall): PRIVATE CLASS: do not call directly +* [`postgresql::server::passwd`](#postgresqlserverpasswd): PRIVATE CLASS: do not call directly +* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. See README.md for more details. +* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. See README.md for more details. +* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. See README.md for more details. +* [`postgresql::server::reload`](#postgresqlserverreload): PRIVATE CLASS: do not use directly +* [`postgresql::server::service`](#postgresqlserverservice): PRIVATE CLASS: do not call directly + +**Defined types** + +* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. See README.md for more details. +* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. See README.md for more details. +* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. See README.md for more details. +* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correct permissions. See README.md for more details. +* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database +* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. See README.md for more details. +* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. See README.md for more information +* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in $target. See README.md for more details. +* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in $target. See README.md for more details. +* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. See README.md for more details. This enables us to force the a particular +* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. +* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. See README.md for more information +* [`postgresql::server::schema`](#postgresqlserverschema): = Type: postgresql::server::schema Create a new schema. See README.md for more details. == Requires: The database must exist and the Postg +* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. See README.md for more details. +* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. See README.md for more details. +* [`postgresql::validate_db_connection`](#postgresqlvalidate_db_connection): This type validates that a successful postgres connection can be established between the node on which this resource is run and a specified p + +**Resource types** + +* [`postgresql_conf`](#postgresql_conf): This type allows puppet to manage postgresql.conf parameters. +* [`postgresql_conn_validator`](#postgresql_conn_validator): Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to p +* [`postgresql_psql`](#postgresql_psql): An arbitrary tag for your own reference; the name of the message. +* [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Pos + +**Functions** + +* [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid +* [`postgresql_escape`](#postgresql_escape): Safely escapes a string using $$ using a random tag which should be consistent +* [`postgresql_password`](#postgresql_password): Returns the postgresql password hash from the clear text username / password. + +**Tasks** + +* [`sql`](#sql): Allows you to execute arbitary SQL + +## Classes + +### postgresql::client + +Install client cli tool. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::client` class. + +##### `file_ensure` + +Data type: `Enum['file', 'absent']` + + + +Default value: 'file' + +##### `validcon_script_path` + +Data type: `Stdlib::Absolutepath` + + + +Default value: $postgresql::params::validcon_script_path + +##### `package_name` + +Data type: `String[1]` + + + +Default value: $postgresql::params::client_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::globals + +Class for setting cross-class global overrides. See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::globals` class. + +##### `client_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `server_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `contrib_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `devel_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `java_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `docs_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `perl_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `plperl_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `plpython_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `python_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgis_package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_provider` + +Data type: `Any` + + + +Default value: `undef` + +##### `service_status` + +Data type: `Any` + + + +Default value: `undef` + +##### `default_database` + +Data type: `Any` + + + +Default value: `undef` + +##### `validcon_script_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `initdb_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `createdb_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `pg_hba_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `pg_ident_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgresql_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_conf_path` + +Data type: `Any` + + + +Default value: `undef` + +##### `default_connect_settings` + +Data type: `Any` + + + +Default value: {} + +##### `pg_hba_conf_defaults` + +Data type: `Any` + + + +Default value: `undef` + +##### `datadir` + +Data type: `Any` + + + +Default value: `undef` + +##### `confdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `bindir` + +Data type: `Any` + + + +Default value: `undef` + +##### `xlogdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `logdir` + +Data type: `Any` + + + +Default value: `undef` + +##### `log_line_prefix` + +Data type: `Any` + + + +Default value: `undef` + +##### `user` + +Data type: `Any` + + + +Default value: `undef` + +##### `group` + +Data type: `Any` + + + +Default value: `undef` + +##### `version` + +Data type: `Any` + + + +Default value: `undef` + +##### `postgis_version` + +Data type: `Any` + + + +Default value: `undef` + +##### `repo_proxy` + +Data type: `Any` + + + +Default value: `undef` + +##### `repo_baseurl` + +Data type: `Any` + + + +Default value: `undef` + +##### `needs_initdb` + +Data type: `Any` + + + +Default value: `undef` + +##### `encoding` + +Data type: `Any` + + + +Default value: `undef` + +##### `locale` + +Data type: `Any` + + + +Default value: `undef` + +##### `data_checksums` + +Data type: `Any` + + + +Default value: `undef` + +##### `timezone` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_pg_hba_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_pg_ident_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_recovery_conf` + +Data type: `Any` + + + +Default value: `undef` + +##### `manage_package_repo` + +Data type: `Any` + + + +Default value: `undef` + +##### `module_workdir` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::lib::devel + +This class installs postgresql development libraries. See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::lib::devel` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::devel_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +##### `link_pg_config` + +Data type: `Boolean` + + + +Default value: $postgresql::params::link_pg_config + +### postgresql::lib::docs + +This class installs the postgresql-docs See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::lib::docs` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::docs_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::lib::java + +This class installs the postgresql jdbc connector. See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::lib::java` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::java_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::lib::perl + +This class installs the perl libs for postgresql. See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::lib::perl` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::perl_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::lib::python + +This class installs the python libs for postgresql. See README.md for more +details. + +#### Parameters + +The following parameters are available in the `postgresql::lib::python` class. + +##### `package_name` + +Data type: `String[1]` + + + +Default value: $postgresql::params::python_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::params + +PRIVATE CLASS: do not use directly + +### postgresql::repo + +PRIVATE CLASS: do not use directly + +#### Parameters + +The following parameters are available in the `postgresql::repo` class. + +##### `version` + +Data type: `Any` + + + +Default value: `undef` + +##### `proxy` + +Data type: `Any` + + + +Default value: `undef` + +##### `baseurl` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::repo::apt_postgresql_org + +PRIVATE CLASS: do not use directly + +### postgresql::repo::yum_postgresql_org + +PRIVATE CLASS: do not use directly + +### postgresql::server + +This installs a PostgreSQL server. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server` class. + +##### `postgres_password` + +Data type: `Any` + + + +Default value: `undef` + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::server_package_name + +##### `package_ensure` + +Data type: `Any` + + + +Default value: $postgresql::params::package_ensure + +##### `plperl_package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::plperl_package_name + +##### `plpython_package_name` + +Data type: `Any` + + + +Default value: $postgresql::params::plpython_package_name + +##### `service_ensure` + +Data type: `Any` + + + +Default value: $postgresql::params::service_ensure + +##### `service_enable` + +Data type: `Any` + + + +Default value: $postgresql::params::service_enable + +##### `service_manage` + +Data type: `Any` + + + +Default value: $postgresql::params::service_manage + +##### `service_name` + +Data type: `Any` + + + +Default value: $postgresql::params::service_name + +##### `service_restart_on_change` + +Data type: `Any` + + + +Default value: $postgresql::params::service_restart_on_change + +##### `service_provider` + +Data type: `Any` + + + +Default value: $postgresql::params::service_provider + +##### `service_reload` + +Data type: `Any` + + + +Default value: $postgresql::params::service_reload + +##### `service_status` + +Data type: `Any` + + + +Default value: $postgresql::params::service_status + +##### `default_database` + +Data type: `Any` + + + +Default value: $postgresql::params::default_database + +##### `default_connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::globals::default_connect_settings + +##### `listen_addresses` + +Data type: `Any` + + + +Default value: $postgresql::params::listen_addresses + +##### `port` + +Data type: `Any` + + + +Default value: $postgresql::params::port + +##### `ip_mask_deny_postgres_user` + +Data type: `Any` + + + +Default value: $postgresql::params::ip_mask_deny_postgres_user + +##### `ip_mask_allow_all_users` + +Data type: `Any` + + + +Default value: $postgresql::params::ip_mask_allow_all_users + +##### `ipv4acls` + +Data type: `Any` + + + +Default value: $postgresql::params::ipv4acls + +##### `ipv6acls` + +Data type: `Any` + + + +Default value: $postgresql::params::ipv6acls + +##### `initdb_path` + +Data type: `Any` + + + +Default value: $postgresql::params::initdb_path + +##### `createdb_path` + +Data type: `Any` + + + +Default value: $postgresql::params::createdb_path + +##### `psql_path` + +Data type: `Any` + + + +Default value: $postgresql::params::psql_path + +##### `pg_hba_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_hba_conf_path + +##### `pg_ident_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_ident_conf_path + +##### `postgresql_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::postgresql_conf_path + +##### `recovery_conf_path` + +Data type: `Any` + + + +Default value: $postgresql::params::recovery_conf_path + +##### `datadir` + +Data type: `Any` + + + +Default value: $postgresql::params::datadir + +##### `xlogdir` + +Data type: `Any` + + + +Default value: $postgresql::params::xlogdir + +##### `logdir` + +Data type: `Any` + + + +Default value: $postgresql::params::logdir + +##### `log_line_prefix` + +Data type: `Any` + + + +Default value: $postgresql::params::log_line_prefix + +##### `pg_hba_conf_defaults` + +Data type: `Any` + + + +Default value: $postgresql::params::pg_hba_conf_defaults + +##### `user` + +Data type: `Any` + + + +Default value: $postgresql::params::user + +##### `group` + +Data type: `Any` + + + +Default value: $postgresql::params::group + +##### `needs_initdb` + +Data type: `Any` + + + +Default value: $postgresql::params::needs_initdb + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::params::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::params::locale + +##### `data_checksums` + +Data type: `Any` + + + +Default value: $postgresql::params::data_checksums + +##### `timezone` + +Data type: `Any` + + + +Default value: $postgresql::params::timezone + +##### `manage_pg_hba_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_pg_hba_conf + +##### `manage_pg_ident_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_pg_ident_conf + +##### `manage_recovery_conf` + +Data type: `Any` + + + +Default value: $postgresql::params::manage_recovery_conf + +##### `module_workdir` + +Data type: `Any` + + + +Default value: $postgresql::params::module_workdir + +##### `roles` + +Data type: `Hash[String, Hash]` + + + +Default value: {} + +##### `config_entries` + +Data type: `Hash[String, Any]` + + + +Default value: {} + +##### `pg_hba_rules` + +Data type: `Hash[String, Hash]` + + + +Default value: {} + +##### `version` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::config + +PRIVATE CLASS: do not call directly + +### postgresql::server::contrib + +Install the contrib postgresql packaging. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::contrib` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::contrib_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::server::initdb + +PRIVATE CLASS: do not call directly + +### postgresql::server::install + +PRIVATE CLASS: do not call directly + +### postgresql::server::passwd + +PRIVATE CLASS: do not call directly + +### postgresql::server::plperl + +This class installs the PL/Perl procedural language for postgresql. See +README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::plperl` class. + +##### `package_ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::server::plperl_package_name + +### postgresql::server::plpython + +This class installs the PL/Python procedural language for postgresql. See +README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::plpython` class. + +##### `package_ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: $postgresql::server::plpython_package_name + +### postgresql::server::postgis + +Install the postgis postgresql packaging. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::postgis` class. + +##### `package_name` + +Data type: `String` + + + +Default value: $postgresql::params::postgis_package_name + +##### `package_ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +### postgresql::server::reload + +PRIVATE CLASS: do not use directly + +### postgresql::server::service + +PRIVATE CLASS: do not call directly + +## Defined types + +### postgresql::server::config_entry + +Manage a postgresql.conf entry. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::config_entry` defined type. + +##### `ensure` + +Data type: `Any` + + + +Default value: 'present' + +##### `value` + +Data type: `Any` + + + +Default value: `undef` + +##### `path` + +Data type: `Any` + + + +Default value: `false` + +### postgresql::server::database + +Define for creating a database. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::database` defined type. + +##### `comment` + +Data type: `Any` + + + +Default value: `undef` + +##### `dbname` + +Data type: `Any` + + + +Default value: $title + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `tablespace` + +Data type: `Any` + + + +Default value: `undef` + +##### `template` + +Data type: `Any` + + + +Default value: 'template0' + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::server::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::server::locale + +##### `istemplate` + +Data type: `Any` + + + +Default value: `false` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::database_grant + +Manage a database grant. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::database_grant` defined type. + +##### `privilege` + +Data type: `Any` + + + +##### `db` + +Data type: `Any` + + + +##### `role` + +Data type: `Any` + + + +##### `ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_user` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::db + +Define for conveniently creating a role, database and assigning the correct +permissions. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::db` defined type. + +##### `user` + +Data type: `Any` + + + +##### `password` + +Data type: `Any` + + + +##### `comment` + +Data type: `Any` + + + +Default value: `undef` + +##### `dbname` + +Data type: `Any` + + + +Default value: $title + +##### `encoding` + +Data type: `Any` + + + +Default value: $postgresql::server::encoding + +##### `locale` + +Data type: `Any` + + + +Default value: $postgresql::server::locale + +##### `grant` + +Data type: `Any` + + + +Default value: 'ALL' + +##### `tablespace` + +Data type: `Any` + + + +Default value: `undef` + +##### `template` + +Data type: `Any` + + + +Default value: 'template0' + +##### `istemplate` + +Data type: `Any` + + + +Default value: `false` + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +### postgresql::server::extension + +Activate an extension on a postgresql database + +#### Parameters + +The following parameters are available in the `postgresql::server::extension` defined type. + +##### `database` + +Data type: `Any` + + + +##### `extension` + +Data type: `Any` + + + +Default value: $name + +##### `schema` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `version` + +Data type: `Optional[String[1]]` + + + +Default value: `undef` + +##### `ensure` + +Data type: `String[1]` + + + +Default value: 'present' + +##### `package_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `package_ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::grant + +Define for granting permissions to roles. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::grant` defined type. + +##### `role` + +Data type: `String` + + + +##### `db` + +Data type: `String` + + + +##### `privilege` + +Data type: `String` + + + +Default value: '' + +##### `object_type` + +Data type: `Pattern[#/(?i:^COLUMN$)/, + /(?i:^ALL SEQUENCES IN SCHEMA$)/, + /(?i:^ALL TABLES IN SCHEMA$)/, + /(?i:^DATABASE$)/, + #/(?i:^FOREIGN DATA WRAPPER$)/, + #/(?i:^FOREIGN SERVER$)/, + #/(?i:^FUNCTION$)/, + /(?i:^LANGUAGE$)/, + #/(?i:^PROCEDURAL LANGUAGE$)/, + /(?i:^TABLE$)/, + #/(?i:^TABLESPACE$)/, + /(?i:^SCHEMA$)/, + /(?i:^SEQUENCE$)/ + #/(?i:^VIEW$)/ + ]` + + + +Default value: 'database' + +##### `object_name` + +Data type: `Optional[Variant[ + Array[String,2,2], + String[1]] + ]` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `String` + + + +Default value: $postgresql::server::default_database + +##### `psql_user` + +Data type: `String` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Integer` + + + +Default value: $postgresql::server::port + +##### `onlyif_exists` + +Data type: `Boolean` + + + +Default value: `false` + +##### `connect_settings` + +Data type: `Hash` + + + +Default value: $postgresql::server::default_connect_settings + +##### `ensure` + +Data type: `Enum['present', + 'absent' + ]` + + + +Default value: 'present' + +### postgresql::server::grant_role + +Define for granting membership to a role. See README.md for more information + +#### Parameters + +The following parameters are available in the `postgresql::server::grant_role` defined type. + +##### `group` + +Data type: `String[1]` + + + +##### `role` + +Data type: `String[1]` + + + +Default value: $name + +##### `ensure` + +Data type: `Enum['present', 'absent']` + + + +Default value: 'present' + +##### `psql_db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `psql_user` + +Data type: `Any` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Any` + + + +Default value: $postgresql::server::port + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::pg_hba_rule + +This resource manages an individual rule that applies to the file defined in +$target. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::pg_hba_rule` defined type. + +##### `type` + +Data type: `Enum['local', 'host', 'hostssl', 'hostnossl']` + + + +##### `database` + +Data type: `String` + + + +##### `user` + +Data type: `String` + + + +##### `auth_method` + +Data type: `String` + + + +##### `address` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `description` + +Data type: `String` + + + +Default value: 'none' + +##### `auth_option` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `order` + +Data type: `Variant[String, Integer]` + + + +Default value: 150 + +##### `target` + +Data type: `Stdlib::Absolutepath` + + + +Default value: $postgresql::server::pg_hba_conf_path + +##### `postgresql_version` + +Data type: `String` + + + +Default value: $postgresql::server::_version + +### postgresql::server::pg_ident_rule + +This resource manages an individual rule that applies to the file defined in +$target. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::pg_ident_rule` defined type. + +##### `map_name` + +Data type: `Any` + + + +##### `system_username` + +Data type: `Any` + + + +##### `database_username` + +Data type: `Any` + + + +##### `description` + +Data type: `Any` + + + +Default value: 'none' + +##### `order` + +Data type: `Any` + + + +Default value: '150' + +##### `target` + +Data type: `Any` + + + +Default value: $postgresql::server::pg_ident_conf_path + +### postgresql::server::reassign_owned_by + +Define for reassigning the ownership of objects within a database. See README.md for more details. +This enables us to force the a particular ownership for objects within a database + +#### Parameters + +The following parameters are available in the `postgresql::server::reassign_owned_by` defined type. + +##### `old_role` + +Data type: `String` + + + +##### `new_role` + +Data type: `String` + + + +##### `db` + +Data type: `String` + + + +##### `psql_user` + +Data type: `String` + + + +Default value: $postgresql::server::user + +##### `port` + +Data type: `Integer` + + + +Default value: $postgresql::server::port + +##### `connect_settings` + +Data type: `Hash` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::recovery + +This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::recovery` defined type. + +##### `restore_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `archive_cleanup_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_end_command` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_time` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_xid` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_inclusive` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_target_timeline` + +Data type: `Any` + + + +Default value: `undef` + +##### `pause_at_recovery_target` + +Data type: `Any` + + + +Default value: `undef` + +##### `standby_mode` + +Data type: `Any` + + + +Default value: `undef` + +##### `primary_conninfo` + +Data type: `Any` + + + +Default value: `undef` + +##### `primary_slot_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `trigger_file` + +Data type: `Any` + + + +Default value: `undef` + +##### `recovery_min_apply_delay` + +Data type: `Any` + + + +Default value: `undef` + +##### `target` + +Data type: `Any` + + + +Default value: $postgresql::server::recovery_conf_path + +### postgresql::server::role + +Define for creating a database role. See README.md for more information + +#### Parameters + +The following parameters are available in the `postgresql::server::role` defined type. + +##### `update_password` + +Data type: `Any` + + + +Default value: `true` + +##### `password_hash` + +Data type: `Any` + + + +Default value: `false` + +##### `createdb` + +Data type: `Any` + + + +Default value: `false` + +##### `createrole` + +Data type: `Any` + + + +Default value: `false` + +##### `db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `port` + +Data type: `Any` + + + +Default value: `undef` + +##### `login` + +Data type: `Any` + + + +Default value: `true` + +##### `inherit` + +Data type: `Any` + + + +Default value: `true` + +##### `superuser` + +Data type: `Any` + + + +Default value: `false` + +##### `replication` + +Data type: `Any` + + + +Default value: `false` + +##### `connection_limit` + +Data type: `Any` + + + +Default value: '-1' + +##### `username` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +##### `ensure` + +Data type: `Enum['present', 'absent']` + + + +Default value: 'present' + +### postgresql::server::schema + += Type: postgresql::server::schema + +Create a new schema. See README.md for more details. + +== Requires: + +The database must exist and the PostgreSQL user should have enough privileges + +== Sample Usage: + +postgresql::server::schema {'private': + db => 'template1', +} + +#### Parameters + +The following parameters are available in the `postgresql::server::schema` defined type. + +##### `db` + +Data type: `Any` + + + +Default value: $postgresql::server::default_database + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `schema` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::server::table_grant + +This resource wraps the grant resource to manage table grants specifically. +See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::table_grant` defined type. + +##### `privilege` + +Data type: `Any` + + + +##### `table` + +Data type: `Any` + + + +##### `db` + +Data type: `Any` + + + +##### `role` + +Data type: `Any` + + + +##### `ensure` + +Data type: `Any` + + + +Default value: `undef` + +##### `port` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_db` + +Data type: `Any` + + + +Default value: `undef` + +##### `psql_user` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +##### `onlyif_exists` + +Data type: `Any` + + + +Default value: `false` + +### postgresql::server::tablespace + +This module creates tablespace. See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::server::tablespace` defined type. + +##### `location` + +Data type: `Any` + + + +##### `owner` + +Data type: `Any` + + + +Default value: `undef` + +##### `spcname` + +Data type: `Any` + + + +Default value: $title + +##### `connect_settings` + +Data type: `Any` + + + +Default value: $postgresql::server::default_connect_settings + +### postgresql::validate_db_connection + +This type validates that a successful postgres connection can be established +between the node on which this resource is run and a specified postgres +instance (host/port/user/password/database name). + +See README.md for more details. + +#### Parameters + +The following parameters are available in the `postgresql::validate_db_connection` defined type. + +##### `database_host` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_name` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_password` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_username` + +Data type: `Any` + + + +Default value: `undef` + +##### `database_port` + +Data type: `Any` + + + +Default value: `undef` + +##### `connect_settings` + +Data type: `Any` + + + +Default value: `undef` + +##### `run_as` + +Data type: `Any` + + + +Default value: `undef` + +##### `sleep` + +Data type: `Any` + + + +Default value: 2 + +##### `tries` + +Data type: `Any` + + + +Default value: 10 + +##### `create_db_first` + +Data type: `Any` + + + +Default value: `true` + +## Resource types + +### postgresql_conf + +This type allows puppet to manage postgresql.conf parameters. + +#### Properties + +The following properties are available in the `postgresql_conf` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +##### `value` + +The value to set for this parameter. + +##### `target` + +The path to postgresql.conf + +#### Parameters + +The following parameters are available in the `postgresql_conf` type. + +##### `name` + +Valid values: %r{^[\w\.]+$} + +namevar + +The postgresql parameter name to manage. + +### postgresql_conn_validator + +Verify that a connection can be successfully established between a node +and the PostgreSQL server. Its primary use is as a precondition to +prevent configuration changes from being applied if the PostgreSQL +server cannot be reached, but it could potentially be used for other +purposes such as monitoring. + +#### Properties + +The following properties are available in the `postgresql_conn_validator` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +#### Parameters + +The following parameters are available in the `postgresql_conn_validator` type. + +##### `name` + +namevar + +An arbitrary name used as the identity of the resource. + +##### `db_name` + +The name of the database you are trying to validate a connection with. + +##### `db_username` + +A user that has access to the target PostgreSQL database. + +##### `db_password` + +The password required to access the target PostgreSQL database. + +##### `host` + +The DNS name or IP address of the server where PostgreSQL should be running. + +##### `port` + +The port that the PostgreSQL server should be listening on. + +##### `connect_settings` + +Hash of environment variables for connection to a db. + +##### `sleep` + +The length of sleep time between connection tries. + +Default value: 2 + +##### `tries` + +The number of tries to validate the connection to the target PostgreSQL database. + +Default value: 10 + +##### `psql_path` + +Path to the psql command. + +##### `run_as` + +System user that will run the psql command. + +##### `command` + +Command to run against target database. + +Default value: SELECT 1 + +### postgresql_psql + +An arbitrary tag for your own reference; the name of the message. + +#### Properties + +The following properties are available in the `postgresql_psql` type. + +##### `command` + +The SQL command to execute via psql. + +#### Parameters + +The following parameters are available in the `postgresql_psql` type. + +##### `name` + +namevar + +An arbitrary tag for your own reference; the name of the message. + +##### `unless` + + + +##### `onlyif` + + + +##### `connect_settings` + +Connection settings that will be used when connecting to postgres + +##### `db` + +The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings + +##### `port` + +The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. + +##### `search_path` + +The schema search path to use when executing the SQL command + +##### `psql_path` + +The path to psql executable. + +Default value: psql + +##### `psql_user` + +The system user account under which the psql command should be executed. + +Default value: postgres + +##### `psql_group` + +The system user group account under which the psql command should be executed. + +Default value: postgres + +##### `cwd` + +The working directory under which the psql command should be executed. + +Default value: /tmp + +##### `environment` + +Any additional environment variables you want to set for a +SQL command. Multiple environment variables should be +specified as an array. + +##### `refreshonly` + +Valid values: `true`, `false` + +If 'true', then the SQL will only be executed via a notify/subscribe event. + +Default value: `false` + +### postgresql_replication_slot + +Manages Postgresql replication slots. + +This type allows to create and destroy replication slots +to register warm standby replication on a Postgresql +master server. + +#### Properties + +The following properties are available in the `postgresql_replication_slot` type. + +##### `ensure` + +Valid values: present, absent + +The basic property that the resource should be in. + +Default value: present + +#### Parameters + +The following parameters are available in the `postgresql_replication_slot` type. + +##### `name` + +Valid values: %r{^[a-z0-9_]+$} + +namevar + +The name of the slot to create. Must be a valid replication slot name. + +## Functions + +### postgresql_acls_to_resources_hash + +Type: Ruby 3.x API + +This internal function translates the ipv(4|6)acls format into a resource +suitable for create_resources. It is not intended to be used outside of the +postgresql internal classes/defined resources. + +This function accepts an array of strings that are pg_hba.conf rules. It +will return a hash that can be fed into create_resources to create multiple +individual pg_hba_rule resources. + +The second parameter is an identifier that will be included in the namevar +to provide uniqueness. It must be a string. + +The third parameter is an order offset, so you can start the order at an +arbitrary starting point. + +#### `postgresql_acls_to_resources_hash()` + +This internal function translates the ipv(4|6)acls format into a resource +suitable for create_resources. It is not intended to be used outside of the +postgresql internal classes/defined resources. + +This function accepts an array of strings that are pg_hba.conf rules. It +will return a hash that can be fed into create_resources to create multiple +individual pg_hba_rule resources. + +The second parameter is an identifier that will be included in the namevar +to provide uniqueness. It must be a string. + +The third parameter is an order offset, so you can start the order at an +arbitrary starting point. + +Returns: `Any` + +### postgresql_escape + +Type: Ruby 3.x API + +Safely escapes a string using $$ using a random tag which should be consistent + +#### `postgresql_escape()` + +Safely escapes a string using $$ using a random tag which should be consistent + +Returns: `Any` + +### postgresql_password + +Type: Ruby 3.x API + +Returns the postgresql password hash from the clear text username / password. + +#### `postgresql_password()` + +Returns the postgresql password hash from the clear text username / password. + +Returns: `Any` + +## Tasks + +### sql + +Allows you to execute arbitary SQL + +**Supports noop?** false + +#### Parameters + +##### `database` + +Data type: `Optional[String[1]]` + +Database to connect to + +##### `host` + +Data type: `Optional[String[1]]` + +Hostname to connect to + +##### `password` + +Data type: `Optional[String[1]]` + +The password + +##### `port` + +Data type: `Optional[String[1]]` + +The port + +##### `sql` + +Data type: `String[1]` + +The SQL you want to execute + +##### `user` + +Data type: `Optional[String[1]]` + +The user + diff --git a/Rakefile b/Rakefile index 8707b5b636..19d583df72 100644 --- a/Rakefile +++ b/Rakefile @@ -1,3 +1,4 @@ +require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? @@ -14,7 +15,7 @@ end def changelog_project return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['name'] + returnVal = nil || JSON.load(File.read('metadata.json'))['source'].match(%r{.*/([^/]*)})[1] raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator project:#{returnVal}" returnVal diff --git a/distelli-manifest.yml b/distelli-manifest.yml new file mode 100644 index 0000000000..b7cc65445d --- /dev/null +++ b/distelli-manifest.yml @@ -0,0 +1,25 @@ +team-modules/puppetlabs-postgresql: + PreBuild: + - source /opt/rh/rh-ruby25/enable + - echo "--- LETS update BUNDLER ---" + - bundle install --path vendor/bundle --jobs 3 + Build: + - echo "--- PROVISIONING ---" + - source /opt/rh/rh-ruby25/enable + - bundle exec rake litmus:provision_list[release_checks] + - cat inventory.yaml + - echo "--- AGENT INSTALLATION ---" + - bundle exec rake litmus:install_agent + - echo "--- MODULE INSTALLATION ---" + - bundle exec rake litmus:install_module + - echo "--- TESTS RUNNING ---" + - bundle exec rake litmus:acceptance:parallel + AfterBuildSuccess: + - source /opt/rh/rh-ruby25/enable + - bundle exec rake litmus:tear_down + AfterBuildFailure: + - source /opt/rh/rh-ruby25/enable + - bundle exec rake litmus:tear_down + CommitData: + - RepoType: Git + - RepoPath: . diff --git a/metadata.json b/metadata.json index 22d5919a49..26204dca50 100644 --- a/metadata.json +++ b/metadata.json @@ -84,6 +84,6 @@ } ], "pdk-version": "1.10.0", - "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-gf778803" + "template-url": "https://github.com/puppetlabs/pdk-templates/#master", + "template-ref": "heads/master-0-g7827fc2" } diff --git a/provision.yaml b/provision.yaml new file mode 100644 index 0000000000..0fc7aa17ae --- /dev/null +++ b/provision.yaml @@ -0,0 +1,22 @@ +--- +default: + provisioner: docker + images: ['waffleimage/centos7'] +waffle_debian: + provisioner: docker + images: ['waffleimage/debian8', 'waffleimage/debian9'] +waffle_ubuntu: + provisioner: docker + images: ['waffleimage/ubuntu14.04', 'waffleimage/ubuntu16.04', 'waffleimage/ubuntu18.04'] +waffle_centos6: + provisioner: docker + images: ['waffleimage/centos6'] +waffle_scientificlinux6: + provisioner: docker + images: ['waffleimage/scientificlinux6'] +waffle_el7: + provisioner: docker + images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] +release_checks: + provisioner: vmpooler + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] diff --git a/spec/acceptance/00-utf8_encoding_spec.rb b/spec/acceptance/00-utf8_encoding_spec.rb deleted file mode 100644 index cda9d9d31a..0000000000 --- a/spec/acceptance/00-utf8_encoding_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper_acceptance' # rubocop:disable Style/FileName - -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do - pp = <<-MANIFEST - class { 'postgresql::globals': - encoding => 'UTF8', - locale => 'en_NG', - } -> - class { 'postgresql::server': } - MANIFEST - it 'with defaults' do - idempotent_apply(default, pp) - end - - describe port(5432) do - it { is_expected.to be_listening } - end - - it 'can connect with psql' do - psql('--command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(%r{List of databases}) - end - end - - it 'must set UTF8 as template1 encoding' do - psql('--command="SELECT pg_encoding_to_char(encoding) FROM pg_database WHERE datname=\'template1\'"') do |r| - expect(r.stdout).to match(%r{UTF8}) - end - end -end diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 9845c77e26..374f745e87 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -3,15 +3,18 @@ # These tests ensure that postgres can change itself to an alternative port # properly. describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do + before(:all) do + install_iproute2 + end it 'on an alternative port' do pp = <<-MANIFEST class { 'postgresql::server': port => '55433' } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end - describe port(55433) do # rubocop:disable Style/NumericLiterals + describe port(55_433) do it { is_expected.to be_listening } end diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index e32015fe0c..38714b6577 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,10 +1,9 @@ require 'spec_helper_acceptance' describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do - # rubocop:disable Metrics/LineLength it 'creates a database' do begin - tmpdir = default.tmpdir('postgresql') + tmpdir = run_shell('mktemp').stdout pp = <<-MANIFEST class { 'postgresql::server': postgres_password => 'space password', @@ -20,35 +19,28 @@ class { 'postgresql::server': } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) # Verify that the postgres password works - shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") - shell('chmod 600 /root/.pgpass') - shell("psql -U postgres -h localhost --command='\\l'") + run_shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") + run_shell('chmod 600 /root/.pgpass') + run_shell("psql -U postgres -h localhost --command='\\l'") - psql('--command="select datname from pg_database" "postgresql-test-db"') do |r| - expect(r.stdout).to match(%r{postgresql-test-db}) - expect(r.stderr).to eq('') - end + result = psql('--command="select datname from pg_database" "postgresql-test-db"') + expect(result.stdout).to match(%r{postgresql-test-db}) + expect(result.stderr).to eq('') - psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - end - - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - comment_information_function = if version.to_f > 8.1 + result = psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') + expect(result.stdout).to match(%r{\(1 row\)}) + comment_information_function = if Gem::Version.new(postgresql_version) > Gem::Version.new('8.1') 'shobj_description' else 'obj_description' end - psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - end + result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Metrics/LineLength + expect(result.stdout).to match(%r{\(1 row\)}) ensure - psql('--command=\'drop database "postgresql-test-db" postgres\'') - psql('--command="DROP USER test"') + psql('--command=\'drop database "postgresql-test-db"\'') end end end diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index 34ee73b39e..a7ebe09e5f 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -3,12 +3,15 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do + before(:all) do + install_iproute2 + end it 'with defaults' do pp = <<-MANIFEST class { 'postgresql::server': } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end describe port(5432) do diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 0288a99847..95c3cdda9e 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -3,7 +3,12 @@ # These tests are designed to ensure that the module, when ran overrides, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do - pp = <<-MANIFEST + before(:all) do + install_iproute2 + end + + let(:pp) do + <<-MANIFEST class { 'postgresql::server': roles => { 'testusername' => { @@ -29,24 +34,12 @@ class { 'postgresql::server': owner => 'testusername', } MANIFEST - - it 'with additional hiera entries' do - idempotent_apply(default, pp) end - describe port(5432) do - it { is_expected.to be_listening } - end - - it 'can connect with psql' do - psql('--command="\l" postgres', 'postgres') do |r| - expect(r.stdout).to match(%r{List of databases}) - end - end - - it 'can connect with psql as testusername' do - shell('PGPASSWORD=supersecret psql -U testusername -h localhost --command="\l"') do |r| - expect(r.stdout).to match(%r{List of databases}) - end + it 'with additional hiera entries' do + idempotent_apply(pp) + expect(port(5432)).to be_listening + expect(psql('--command="\l" postgres', 'postgres').stdout).to match(%r{List of databases}) + expect(run_shell('PGPASSWORD=supersecret psql -U testusername -h localhost --command="\l"').stdout).to match 'List of databases' end end diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 87a167b664..625402c4bc 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -34,7 +34,7 @@ class { 'postgresql::server': } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end it 'works with connect settings hash' do @@ -52,7 +52,7 @@ class { 'postgresql::server': } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end it 'fails gracefully' do diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 09abad80f0..ab3cd9dd81 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -38,7 +38,7 @@ class { 'postgresql::server': } -> } MANIFEST it 'does not run SQL when the unless query returns rows' do - idempotent_apply(default, pp_three) + idempotent_apply(pp_three) end pp_four = <<-MANIFEST @@ -68,7 +68,7 @@ class { 'postgresql::server': } -> } MANIFEST it 'does not run SQL when the unless query returns no rows' do - idempotent_apply(default, pp_five) + idempotent_apply(pp_five) end pp_six = <<-MANIFEST.unindent @@ -164,7 +164,7 @@ class { 'postgresql::server': } -> } MANIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end end end diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index cbe40ffd06..35e22fa98c 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -14,21 +14,9 @@ class { 'postgresql::server': MANIFEST end - # get postgresql version - apply_manifest("class { 'postgresql::server': }") - result = shell('psql --version') - version = result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - - if version >= '9.3' - it 'is expected to run idempotently' do - idempotent_apply(default, pp_test) - end - - it 'is expected to contain directories' do - shell('cat /tmp/postgresql.conf') do |output| - expect(output.stdout).to contain("unix_socket_directories = '/var/socket/, /root/'") - end - end + it 'is expected to run idempotently' do + idempotent_apply(pp_test) + expect(run_shell('cat /tmp/postgresql.conf').stdout).to match "unix_socket_directories = '/var/socket/, /root/'" end end end diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index d3414d1d36..1ba992295a 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -158,7 +158,7 @@ class { 'postgresql::server': } it 'grants a role to a user/superuser' do begin - idempotent_apply(default, pp_one) + idempotent_apply(pp_one) ## Check that the role was granted to the user psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index dac0d5cd06..914991bc1e 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,11 +1,6 @@ require 'spec_helper_acceptance' describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do - let(:version) do - result = shell('psql --version') - result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - end - let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } @@ -82,13 +77,13 @@ class { 'postgresql::server': } end it 'is expected to run idempotently' do - if version >= '8.4.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') + idempotent_apply(pp) end end it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - if version >= '8.4.0' + if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| expect(r.stdout).to match(%r{\(1 row\)}) @@ -135,8 +130,8 @@ class { 'postgresql::server': } it 'grants usage/update on a sequence to a user' do begin - if version >= '9.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) ## Check that the privilege was granted to the user psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| @@ -190,10 +185,10 @@ class { 'postgresql::server': } it 'grants usage on all sequences to a user' do begin - if version >= '9.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) - ## Check that the privileges were granted to the user, this check is not available on version < 9.0 + ## Check that the privileges were granted to the user, this check is not available on postgresql_version < 9.0 psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| expect(r.stdout).to match(%r{\(1 row\)}) expect(r.stderr).to eq('') @@ -267,8 +262,8 @@ class { 'postgresql::server': } } EOS - if version >= '9.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) ## Check that the SELECT privilege was granted to the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -281,7 +276,7 @@ class { 'postgresql::server': } expect(r.stdout).to match(%r{t}) end - idempotent_apply(default, pp_revoke) + idempotent_apply(pp_revoke) ## Check that the SELECT privilege was revoked from the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -321,8 +316,8 @@ class { 'postgresql::server': } } EOS - if version >= '9.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) ## Check that all privileges were granted to the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -331,7 +326,7 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - idempotent_apply(default, pp_revoke) + idempotent_apply(pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -372,8 +367,8 @@ class { 'postgresql::server': } } EOS - if version >= '9.0' - idempotent_apply(default, pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) ## Check that all privileges were granted to the user psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants @@ -384,7 +379,7 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - idempotent_apply(default, pp_revoke) + idempotent_apply(pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants @@ -401,7 +396,7 @@ class { 'postgresql::server': } describe 'REVOKE ... ON DATABASE...' do it 'do not fail on revoke connect from non-existant user' do begin - if version >= '9.1.24' + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.1.24') apply_manifest(pp_setup, catch_failures: true) pp = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke connect on db from norole': @@ -412,7 +407,7 @@ class { 'postgresql::server': } role => '#{user}_does_not_exist', } EOS - idempotent_apply(default, pp) + idempotent_apply(pp) end end end diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 99ddac25dc..d2be33a4eb 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,11 +1,6 @@ require 'spec_helper_acceptance' describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do - let(:version) do - result = shell('psql --version') - result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] - end - let(:db) { 'reassign_test' } let(:old_owner) { 'psql_reassign_old_owner' } let(:new_owner) { 'psql_reassign_new_owner' } @@ -109,10 +104,10 @@ class { 'postgresql::server': } it 'reassigns all objects to new_owner' do begin - if version >= '9.0' + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) - idempotent_apply(default, pp_setup + pp_db_no_owner + pp_reassign_owned_by) + idempotent_apply(pp_setup + pp_db_no_owner + pp_reassign_owned_by) ## Check that the ownership was transferred psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| @@ -123,7 +118,7 @@ class { 'postgresql::server': } expect(r.stdout).to match(%r{test_seq.#{new_owner}}) expect(r.stderr).to eq('') end - if version >= '9.3' + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.3') psql("-d #{db} --tuples-only --no-align --command=\"SELECT pg_get_userbyid(datdba) FROM pg_database WHERE datname = current_database()\"", superuser) do |r| expect(r.stdout).to match(%r{#{new_owner}}) expect(r.stderr).to eq('') diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 8e257633e1..3533641062 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -27,7 +27,7 @@ class { 'postgresql::server': } } MANIFEST it 'adds conf file' do - idempotent_apply(default, pp) + idempotent_apply(pp) end describe file('/tmp/recovery.conf') do @@ -48,7 +48,7 @@ class { 'postgresql::globals': class { 'postgresql::server': } EOS - idempotent_apply(default, pp) + idempotent_apply(pp) end describe file('/tmp/recovery.conf') do diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 4ea332ccc5..7391ffc300 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -55,7 +55,7 @@ class { 'postgresql::server': } it 'creates a schema for a user' do begin - idempotent_apply(default, pp) + idempotent_apply(pp) ## Check that the user can create a table in the database psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb index 2cc4618f7e..52ebfd4e16 100644 --- a/spec/acceptance/sql_task_spec.rb +++ b/spec/acceptance/sql_task_spec.rb @@ -1,7 +1,7 @@ # run a test task require 'spec_helper_acceptance' -describe 'postgresql task', if: puppet_version =~ %r{(5\.\d\.\d)} && !pe_install? do +describe 'postgresql task' do describe 'sql task' do pp = <<-MANIFEST class { 'postgresql::server': } -> @@ -17,8 +17,9 @@ class { 'postgresql::server': } -> it 'execute some sql' do # equates to 'psql -c "SELECT table_name FROM information_schema.tables WHERE table_schema = 'information_schema';" --password --host localhost --dbname=spec1 --username root1' - result = run_task(task_name: 'postgresql::sql', params: 'sql="SELECT count(table_name) FROM information_schema.tables;" host=localhost user=root1 password=password user=root1 database=spec1') - expect_multiple_regexes(result: result, regexes: [%r{count}, %r{1 row}, %r{Job completed. 1/1 nodes succeeded|Ran on 1 node}]) + result = run_bolt_task('postgresql::sql', 'sql' => 'SELECT count(table_name) FROM information_schema.tables;', 'host' => 'localhost', + 'user' => 'root1', 'password' => 'password', 'database' => 'spec1') + expect(result.stdout).to contain(%r{(1 row)}) end end end diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb new file mode 100644 index 0000000000..7543569e56 --- /dev/null +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper_acceptance' + +describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do + before(:all) do + install_iproute2 + end + let(:pp) do + <<-MANIFEST + class { 'postgresql::globals': + encoding => 'UTF8', + locale => 'en_NG', + } -> + class { 'postgresql::server': } + MANIFEST + end + + it 'with defaults' do + idempotent_apply(pp) + expect(port(5432)).to be_listening + expect(psql('--command="\l" postgres', 'postgres').stdout).to match(%r{List of databases}) + expect(psql('--command="SELECT pg_encoding_to_char(encoding) FROM pg_database WHERE datname=\'template1\'"').stdout).to match(%r{UTF8}) + end +end diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index 929032146d..7575826ed3 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -3,11 +3,6 @@ # These tests ensure that postgres can change itself to an alternative pgdata # location properly. -# Allow postgresql to use /tmp/* as a datadir -if os[:family] == 'redhat' && fact('selinux') == 'true' - shell 'setenforce 0' -end - describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do before(:each) do if os[:family] == 'sles' @@ -23,7 +18,7 @@ class { 'postgresql::server': datadir => '/tmp/data', needs_initdb => true } MAIFEST - idempotent_apply(default, pp) + idempotent_apply(pp) end describe file('/tmp/data') do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 1f8b6b4bcb..9ee4373705 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -42,6 +42,8 @@ end end +# Ensures that a module is defined +# @param module_name Name of the module def ensure_module_defined(module_name) module_name.split('::').reduce(Object) do |last_module, next_module| last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index fce191bf87..745d46e1b0 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,119 +1,59 @@ -require 'beaker-pe' -require 'beaker-puppet' -require 'puppet' -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' -require 'beaker/puppet_install_helper' -require 'beaker/module_install_helper' -require 'beaker-task_helper' - -run_puppet_install_helper -configure_type_defaults_on(hosts) -install_ca_certs unless pe_install? - -UNSUPPORTED_PLATFORMS = ['aix', 'windows', 'solaris'].freeze - -install_bolt_on(hosts) unless pe_install? -install_module_on(hosts) -install_module_dependencies_on(hosts) - -DEFAULT_PASSWORD = if default[:hypervisor] == 'vagrant' - 'vagrant' - elsif default[:hypervisor] == 'vcloud' - 'Qu@lity!' - end - -# Class String - unindent - Provide ability to remove indentation from strings, for the purpose of -# left justifying heredoc blocks. -class String - def unindent - gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') - end -end - -def shellescape(str) - str = str.to_s - - # An empty argument will be skipped, so return empty quotes. - return "''" if str.empty? - - str = str.dup - - # Treat multibyte characters as is. It is caller's responsibility - # to encode the string in the right encoding for the shell - # environment. - str.gsub!(%r{([^A-Za-z0-9_\-.,:\/@\n])}, '\\\\\\1') - - # A LF cannot be escaped with a backslash because a backslash + LF - # combo is regarded as line continuation and simply ignored. - str.gsub!(%r{\n}, "'\n'") - - str -end - -def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) - psql = "psql #{psql_cmd}" - shell("su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) -end - -def idempotent_apply(hosts, manifest, opts = {}, &block) - block_on hosts, opts do |host| - file_path = host.tmpfile('apply_manifest.pp') - create_remote_file(host, file_path, manifest + "\n") - - puppet_apply_opts = { :verbose => nil, 'detailed-exitcodes' => nil } - on_options = { acceptable_exit_codes: [0, 2] } - on host, puppet('apply', file_path, puppet_apply_opts), on_options, &block - puppet_apply_opts2 = { :verbose => nil, 'detailed-exitcodes' => nil } - on_options2 = { acceptable_exit_codes: [0] } - on host, puppet('apply', file_path, puppet_apply_opts2), on_options2, &block +# frozen_string_literal: true + +require 'serverspec' +require 'puppet_litmus' +require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) +include PuppetLitmus + +if ENV['TARGET_HOST'].nil? || ENV['TARGET_HOST'] == 'localhost' + puts 'Running tests against this machine !' + if Gem.win_platform? + set :backend, :cmd + else + set :backend, :exec end -end - -RSpec.configure do |c| - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - run_puppet_access_login(user: 'admin') if pe_install? && (Gem::Version.new(puppet_version) >= Gem::Version.new('5.0.0')) - # Set up selinux if appropriate. - if os[:family] == 'redhat' && fact('selinux') == 'true' - pp = <<-EOS - if $::osfamily == 'RedHat' and $::selinux == 'true' { - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - - package { $semanage_package: ensure => installed } - exec { 'set_postgres': - command => 'semanage port -a -t postgresql_port_t -p tcp 5433', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - subscribe => Package[$semanage_package], - } - } - EOS - - apply_manifest_on(agents, pp, catch_failures: false) - end - - # net-tools required for netstat utility being used by be_listening - if os[:family] == 'redhat' && os[:release].start_with?('7') || - os[:family] == 'debian' && os[:release].start_with?('9', '18.04') - pp = <<-EOS - package { 'net-tools': ensure => installed } - EOS - - apply_manifest_on(agents, pp, catch_failures: false) - end - - hosts.each do |host| - on host, 'chmod 755 /root' - next unless fact_on(host, 'osfamily') == 'Debian' - on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" - on host, '/usr/sbin/locale-gen' - on host, '/usr/sbin/update-locale' - end +else + # load inventory + inventory_hash = inventory_hash_from_inventory_file + node_config = config_from_node(inventory_hash, ENV['TARGET_HOST']) + + if target_in_group(inventory_hash, ENV['TARGET_HOST'], 'docker_nodes') + host = ENV['TARGET_HOST'] + set :backend, :docker + set :docker_container, host + elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'ssh_nodes') + set :backend, :ssh + options = Net::SSH::Config.for(host) + options[:user] = node_config.dig('ssh', 'user') unless node_config.dig('ssh', 'user').nil? + options[:port] = node_config.dig('ssh', 'port') unless node_config.dig('ssh', 'port').nil? + options[:keys] = node_config.dig('ssh', 'private-key') unless node_config.dig('ssh', 'private-key').nil? + options[:password] = node_config.dig('ssh', 'password') unless node_config.dig('ssh', 'password').nil? + options[:verify_host_key] = Net::SSH::Verifiers::Null.new unless node_config.dig('ssh', 'host-key-check').nil? + host = if ENV['TARGET_HOST'].include?(':') + ENV['TARGET_HOST'].split(':').first + else + ENV['TARGET_HOST'] + end + set :host, options[:host_name] || host + set :ssh_options, options + set :request_pty, true + elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'winrm_nodes') + require 'winrm' + + set :backend, :winrm + set :os, family: 'windows' + user = node_config.dig('winrm', 'user') unless node_config.dig('winrm', 'user').nil? + pass = node_config.dig('winrm', 'password') unless node_config.dig('winrm', 'password').nil? + endpoint = "http://#{ENV['TARGET_HOST']}:5985/wsman" + + opts = { + user: user, + password: pass, + endpoint: endpoint, + operation_timeout: 300, + } + + winrm = WinRM::Connection.new opts + Specinfra.configuration.winrm = winrm end end diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb new file mode 100644 index 0000000000..1f0ac7cc3b --- /dev/null +++ b/spec/spec_helper_acceptance_local.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +UNSUPPORTED_PLATFORMS = ['aix', 'windows', 'solaris'].freeze +class String + def unindent + gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') + end +end + +def install_iproute2 + pp = <<-MANIFEST + package { 'iproute2': ensure => installed } + MANIFEST + apply_manifest(pp) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') +end + +def postgresql_version + result = run_shell('psql --version') + result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] +end + +def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) + psql = "psql #{psql_cmd}" + run_shell("cd /tmp; su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) +end + +def shellescape(str) + str = str.to_s + + # An empty argument will be skipped, so return empty quotes. + return "''" if str.empty? + + str = str.dup + + # Treat multibyte characters as is. It is caller's responsibility + # to encode the string in the right encoding for the shell + # environment. + str.gsub!(%r{([^A-Za-z0-9_\-.,:\/@\n])}, '\\\\\\1') + + # A LF cannot be escaped with a backslash because a backslash + LF + # combo is regarded as line continuation and simply ignored. + str.gsub!(%r{\n}, "'\n'") + + str +end From f729b709339026d897d08b02a464468cd8389d51 Mon Sep 17 00:00:00 2001 From: Eimhin Laverty Date: Wed, 5 Jun 2019 14:38:58 +0100 Subject: [PATCH 0419/1000] (FM-8031) Add RedHat 8 to CI --- provision.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provision.yaml b/provision.yaml index 0fc7aa17ae..0ba947b693 100644 --- a/provision.yaml +++ b/provision.yaml @@ -19,4 +19,4 @@ waffle_el7: images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] release_checks: provisioner: vmpooler - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 20d5b1aed6cd9d2d67381ffbcb7e6e417d0cef59 Mon Sep 17 00:00:00 2001 From: Mike Surato Date: Thu, 13 Jun 2019 10:35:56 -0400 Subject: [PATCH 0420/1000] Adding SLES 15 Adding SLES 15 to the supported list. The only change from SLES 12 appears to be the version of PostgreSQL that is included. To wit, on my system zypper se postgresql returns: S | Name | Summary | Type --+------------------------------+-------------------------------------------------------------------------+----------- | freeradius-server-postgresql | Postgresql support for freeradius | package | libQt5Sql5-postgresql | Qt 5 PostgreSQL plugin | package | postgresql | Basic Clients and Utilities for PostgreSQL | package | postgresql-contrib | Contributed Extensions and Additions to PostgreSQL | package | postgresql-devel | PostgreSQL development header files and libraries | package | postgresql-docs | HTML Documentation for PostgreSQL | package | postgresql-plperl | The PL/Tcl, PL/Perl, and PL/Python procedural languages for PostgreSQL | package | postgresql-plpython | The PL/Python Procedural Languages for PostgreSQL | package | postgresql-pltcl | PL/Tcl Procedural Language for PostgreSQL | package | postgresql-server | The Programs Needed to Create and Run a PostgreSQL Server | package | postgresql10 | Basic Clients and Utilities for PostgreSQL | package | postgresql10 | Basic Clients and Utilities for PostgreSQL | srcpackage | postgresql10-contrib | Contributed Extensions and Additions to PostgreSQL | package | postgresql10-devel | PostgreSQL development header files and libraries | package | postgresql10-docs | HTML Documentation for PostgreSQL | package | postgresql10-plperl | The PL/Tcl, PL/Perl, and PL/Python procedural languages for PostgreSQL | package | postgresql10-plpython | The PL/Python Procedural Languages for PostgreSQL | package | postgresql10-pltcl | PL/Tcl Procedural Language for PostgreSQL | package | postgresql10-server | The Programs Needed to Create and Run a PostgreSQL Server | package --- manifests/globals.pp | 1 + metadata.json | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 7329701541..5e8a485fd0 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -202,6 +202,7 @@ /11\.4/ => '94', /12\.0/ => '93', /12\.[1-2]/ => '94', + /15\.0/ => '10', default => '96', }, 'OpenSuSE' => $::operatingsystemrelease ? { diff --git a/metadata.json b/metadata.json index dd99bbea49..0704c0f817 100644 --- a/metadata.json +++ b/metadata.json @@ -65,7 +65,8 @@ "operatingsystem": "SLES", "operatingsystemrelease": [ "11", - "12" + "12", + "15" ] }, { From 5d5759b960e7ceb8fea924101c0f99b39450b9e5 Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 25 Jun 2019 14:25:48 +0100 Subject: [PATCH 0421/1000] (FM-7709) pdksync and remove beaker --- .rubocop.yml | 2 +- .sync.yml | 18 ------------------ Gemfile | 5 ----- metadata.json | 2 +- 4 files changed, 2 insertions(+), 25 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index b46c85991f..3cd2b0e5a9 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -26,7 +26,7 @@ GetText: GetText/DecorateString: Description: We don't want to decorate test output. Exclude: - - spec/* + - spec/**/* RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. diff --git a/.sync.yml b/.sync.yml index 6a3e6b6520..a4f15176c8 100644 --- a/.sync.yml +++ b/.sync.yml @@ -13,23 +13,6 @@ appveyor.yml: delete: true Gemfile: - required: - ':system_tests': - - gem: 'puppet-module-posix-system-r#{minor_version}' - platforms: ruby - - gem: 'puppet-module-win-system-r#{minor_version}' - platforms: - - mswin - - mingw - - x64_mingw - ':development': - - gem: 'puppet_litmus' - platforms: - - ruby - - mswin - - mingw - - x64_mingw - condition: "ENV['PUPPET_GEM_VERSION'].nil? or ENV['PUPPET_GEM_VERSION'] !~ %r{ 5}" optional: ':development': - gem: 'github_changelog_generator' @@ -39,7 +22,6 @@ Gemfile: Rakefile: changelog_user: puppetlabs - use_litmus_tasks: true spec/spec_helper.rb: mock_with: ':rspec' diff --git a/Gemfile b/Gemfile index 0349605dfe..030b78b733 100644 --- a/Gemfile +++ b/Gemfile @@ -27,13 +27,8 @@ group :development do gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet_litmus", require: false, platforms: [:ruby, :mswin, :mingw, :x64_mingw] if ENV['PUPPET_GEM_VERSION'].nil? or ENV['PUPPET_GEM_VERSION'] !~ %r{ 5} gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end -group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] -end puppet_version = ENV['PUPPET_GEM_VERSION'] facter_version = ENV['FACTER_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 0704c0f817..9148590488 100644 --- a/metadata.json +++ b/metadata.json @@ -86,5 +86,5 @@ ], "pdk-version": "1.10.0", "template-url": "https://github.com/puppetlabs/pdk-templates/#master", - "template-ref": "heads/master-0-g7827fc2" + "template-ref": "heads/master-0-g2b33205" } From 685386e34feea928347eabaefa17f2717e25ed90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Wed, 3 Jul 2019 15:10:20 +0200 Subject: [PATCH 0422/1000] Allow datadir/logdir/xlogdir to be managed outside --- manifests/globals.pp | 49 +++++++++++++++----------- manifests/params.pp | 4 +++ manifests/server.pp | 12 +++++-- manifests/server/initdb.pp | 72 ++++++++++++++++++++++++++++---------- 4 files changed, 96 insertions(+), 41 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5e8a485fd0..a0cec24926 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,11 +1,11 @@ # @summary Class for setting cross-class global overrides. # # @note -# Most server-specific defaults should be overridden in the postgresql::server class. +# Most server-specific defaults should be overridden in the postgresql::server class. # This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. # # -# @param client_package_name Overrides the default PostgreSQL client package name. +# @param client_package_name Overrides the default PostgreSQL client package name. # @param server_package_name Overrides the default PostgreSQL server package name. # @param contrib_package_name Overrides the default PostgreSQL contrib package name. # @param devel_package_name Overrides the default PostgreSQL devel package name. @@ -15,7 +15,7 @@ # @param plperl_package_name Overrides the default PostgreSQL PL/Perl package name. # @param plpython_package_name Overrides the default PostgreSQL PL/Python package name. # @param python_package_name Overrides the default PostgreSQL Python package name. -# @param postgis_package_name Overrides the default PostgreSQL PostGIS package name. +# @param postgis_package_name Overrides the default PostgreSQL PostGIS package name. # # @param service_name Overrides the default PostgreSQL service name. # @param service_provider Overrides the default PostgreSQL service provider. @@ -31,51 +31,55 @@ # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. # @param postgresql_conf_path Sets the path to your postgresql.conf file. # @param recovery_conf_path Path to your recovery.conf file. -# @param default_connect_settings Default connection settings. +# @param default_connect_settings Default connection settings. # -# @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. +# @param pg_hba_conf_defaults Disables the defaults supplied with the module for pg_hba.conf if set to false. # -# @param datadir +# @param datadir # Overrides the default PostgreSQL data directory for the target platform. -# Changing the datadir after installation causes the server to come to a full stop before making the change. -# For Red Hat systems, the data directory must be labeled appropriately for SELinux. +# Changing the datadir after installation causes the server to come to a full stop before making the change. +# For Red Hat systems, the data directory must be labeled appropriately for SELinux. # On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). # Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original -# -# @param confdir Overrides the default PostgreSQL configuration directory for the target platform. +# +# @param confdir Overrides the default PostgreSQL configuration directory for the target platform. # @param bindir Overrides the default PostgreSQL binaries directory for the target platform. -# @param xlogdir Overrides the default PostgreSQL xlog directory. +# @param xlogdir Overrides the default PostgreSQL xlog directory. # @param logdir Overrides the default PostgreSQL log directory. -# @param log_line_prefix Overrides the default PostgreSQL log prefix. +# @param log_line_prefix Overrides the default PostgreSQL log prefix. # # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # -# @param version The version of PostgreSQL to install and manage. -# @param postgis_version Defines the version of PostGIS to install, if you install PostGIS. -# @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. +# @param version The version of PostgreSQL to install and manage. +# @param postgis_version Defines the version of PostGIS to install, if you install PostGIS. +# @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. # # @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. # -# @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. +# @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. # -# @param encoding -# Sets the default encoding for all databases created with this module. +# @param encoding +# Sets the default encoding for all databases created with this module. # On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -# @param locale +# @param locale # Sets the default database locale for all databases created with this module. # On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. # On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. -# @param data_checksums +# @param data_checksums # Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # Warning: This option is used during initialization by initdb, and cannot be changed later. -# +# # @param timezone Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # # @param manage_pg_hba_conf Allow Puppet to manage the pg_hba.conf file. # @param manage_pg_ident_conf Allow Puppet to manage the pg_ident.conf file. # @param manage_recovery_conf Allow Puppet to manage the recovery.conf file. # +# @param manage_datadir Set to false if you have file{ $datadir: } already defined +# @param manage_logdir Set to false if you have file{ $logdir: } already defined +# @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined +# # @param manage_package_repo Sets up official PostgreSQL repositories on your host if set to true. # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. # @@ -117,6 +121,9 @@ $xlogdir = undef, $logdir = undef, $log_line_prefix = undef, + $manage_datadir = undef, + $manage_logdir = undef, + $manage_xlogdir = undef, $user = undef, $group = undef, diff --git a/manifests/params.pp b/manifests/params.pp index 0ec661fd0a..0d0c7af2b3 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -24,6 +24,10 @@ $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') + $manage_datadir = true + $manage_logdir = true + $manage_xlogdir = true + # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $::osfamily { 'RedHat', 'Linux': { diff --git a/manifests/server.pp b/manifests/server.pp index c67480081d..06f7a04a65 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -63,13 +63,17 @@ # @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. # @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. # @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. -# @param module_workdir Working directory for the PostgreSQL module +# @param module_workdir Working directory for the PostgreSQL module +# +# @param manage_datadir Set to false if you have file{ $datadir: } already defined +# @param manage_logdir Set to false if you have file{ $logdir: } already defined +# @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined # # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. # -# @param version Sets PostgreSQL version +# @param version Sets PostgreSQL version # # class postgresql::server ( @@ -129,6 +133,10 @@ $manage_recovery_conf = $postgresql::params::manage_recovery_conf, $module_workdir = $postgresql::params::module_workdir, + $manage_datadir = $postgresql::params::manage_datadir, + $manage_logdir = $postgresql::params::manage_logdir, + $manage_xlogdir = $postgresql::params::manage_xlogdir, + Hash[String, Hash] $roles = {}, Hash[String, Any] $config_entries = {}, Hash[String, Hash] $pg_hba_rules = {}, diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 80d5e2cc26..a89436aad4 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -5,6 +5,9 @@ $datadir = $postgresql::server::datadir $xlogdir = $postgresql::server::xlogdir $logdir = $postgresql::server::logdir + $manage_datadir = $postgresql::server::manage_datadir + $manage_logdir = $postgresql::server::manage_logdir + $manage_xlogdir = $postgresql::server::manage_xlogdir $encoding = $postgresql::server::encoding $locale = $postgresql::server::locale $data_checksums = $postgresql::server::data_checksums @@ -33,33 +36,66 @@ $logdir_type = undef } - # Make sure the data directory exists, and has the correct permissions. - file { $datadir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seltype => $seltype, - } - - if($xlogdir) { - # Make sure the xlog directory exists, and has the correct permissions. - file { $xlogdir: + if($manage_datadir) { + # Make sure the data directory exists, and has the correct permissions. + file { "postgresql_${datadir}": ensure => directory, + path => $datadir, owner => $user, group => $group, mode => '0700', seltype => $seltype, } - } - - if($logdir) { - # Make sure the log directory exists, and has the correct permissions. - file { $logdir: + } else { + # change already defined datadir + File <| title == $datadir |> { ensure => directory, owner => $user, group => $group, - seltype => $logdir_type, + mode => '0700', + seltype => $seltype, + } + } + + if($xlogdir) { + if($manage_xlogdir) { + # Make sure the xlog directory exists, and has the correct permissions. + file { $xlogdir: + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } else { + # change already defined xlogdir + File <| title == $xlogdir |> { + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } + } + + if($logdir) { + if($manage_logdir) { + # Make sure the log directory exists, and has the correct permissions. + file { $logdir: + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, + } + } else { + # change already defined logdir + File <| title == $logdir |> { + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, + } } } From 2746e74085a5ceaf2bbab752f949f41b906433c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Wed, 3 Jul 2019 15:26:25 +0200 Subject: [PATCH 0423/1000] Removes test settings --- manifests/server/initdb.pp | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index a89436aad4..a73186db5b 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -38,16 +38,15 @@ if($manage_datadir) { # Make sure the data directory exists, and has the correct permissions. - file { "postgresql_${datadir}": + file { $datadir: ensure => directory, - path => $datadir, owner => $user, group => $group, mode => '0700', seltype => $seltype, } } else { - # change already defined datadir + # changes an already defined datadir File <| title == $datadir |> { ensure => directory, owner => $user, @@ -68,7 +67,7 @@ seltype => $seltype, } } else { - # change already defined xlogdir + # changes an already defined xlogdir File <| title == $xlogdir |> { ensure => directory, owner => $user, @@ -89,7 +88,7 @@ seltype => $logdir_type, } } else { - # change already defined logdir + # changes an already defined logdir File <| title == $logdir |> { ensure => directory, owner => $user, From ac2387e774ee8809582d307e00bd6e6df89b2fcc Mon Sep 17 00:00:00 2001 From: George Hansper Date: Thu, 4 Jul 2019 16:28:49 +1000 Subject: [PATCH 0424/1000] fix postgresql::server::grant for ALL TABLES IN SCHEMA --- manifests/server/grant.pp | 25 +++++++++---------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 00a64950d4..6790c6822d 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -314,28 +314,21 @@ if $_privilege == 'ALL' or $_privilege == 'ALL PRIVILEGES' { # GRANT ALL $custom_unless = "SELECT 1 WHERE NOT EXISTS - ( SELECT 1 FROM pg_catalog.pg_tables AS t, - (VALUES ('SELECT'), ('UPDATE'), ('INSERT'), ('DELETE'), ('TRIGGER'), ('REFERENCES'), ('TRUNCATE')) AS p(privilege_type) - WHERE t.schemaname = '${schema}' - AND NOT EXISTS ( - SELECT 1 FROM information_schema.role_table_grants AS g - WHERE g.grantee = '${role}' - AND g.table_schema = '${schema}' - AND g.privilege_type = p.privilege_type - ) + ( SELECT 1 FROM + ( SELECT t.tablename,count(privilege_type) AS priv_count FROM pg_catalog.pg_tables AS t + LEFT JOIN information_schema.role_table_grants AS g ON t.tablename = g.table_name AND g.grantee = '${role}' AND g.table_schema = '${schema}' + WHERE t.schemaname = '${schema}' AND + ( g.grantee = '${role}' AND privilege_type IN ('SELECT','UPDATE','INSERT','DELETE','TRIGGER','REFERENCES','TRUNCATE') OR privilege_type IS NULL ) + GROUP BY t.tablename + ) AS j WHERE j.priv_count < 7 )" } else { # GRANT $_privilege $custom_unless = "SELECT 1 WHERE NOT EXISTS ( SELECT 1 FROM pg_catalog.pg_tables AS t - WHERE t.schemaname = '${schema}' - AND NOT EXISTS ( - SELECT 1 FROM information_schema.role_table_grants AS g - WHERE g.grantee = '${role}' - AND g.table_schema = '${schema}' - AND g.privilege_type = '${_privilege}' - ) + LEFT JOIN information_schema.role_table_grants AS g ON t.tablename = g.table_name AND g.grantee = '${role}' AND g.table_schema = '${schema}' AND g.privilege_type = '${_privilege}' + WHERE t.schemaname = '${schema}' AND g.table_name IS NULL )" } } else { From 595d044b8919b6cc1dc6cc032e1a60641d6a2088 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Thu, 4 Jul 2019 10:02:32 +0200 Subject: [PATCH 0425/1000] Adds option to server:tablespace --- manifests/server/tablespace.pp | 35 ++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index a379a63bde..43ce30ba41 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -1,11 +1,13 @@ -# @summary This module creates tablespace. +# @summary This module creates tablespace. # # @param location Specifies the path to locate this tablespace. +# @param manage_location Set to false if you have file{ $location: } already defined # @param owner Specifies the default owner of the tablespace. # @param spcname Specifies the name of the tablespace. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::tablespace( $location, + $manage_location = true, $owner = undef, $spcname = $title, $connect_settings = $postgresql::server::default_connect_settings, @@ -31,15 +33,28 @@ cwd => $module_workdir, } - file { $location: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seluser => 'system_u', - selrole => 'object_r', - seltype => 'postgresql_db_t', - require => Class['postgresql::server'], + if($manage_location) { + file { $location: + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seluser => 'system_u', + selrole => 'object_r', + seltype => 'postgresql_db_t', + require => Class['postgresql::server'], + } + } else { + File <| title == $location |> { + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seluser => 'system_u', + selrole => 'object_r', + seltype => 'postgresql_db_t', + require => Class['postgresql::server'], + } } postgresql_psql { "CREATE TABLESPACE \"${spcname}\"": From 37f855ef2cec884d2784d864efbbab0c2753aec6 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 8 Jul 2019 22:37:23 +0200 Subject: [PATCH 0426/1000] Set Debian Buster version default to 11 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5e8a485fd0..6709cf21b4 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -171,6 +171,7 @@ /^(wheezy|7\.)/ => '9.1', /^(jessie|8\.)/ => '9.4', /^(stretch|9\.)/ => '9.6', + /^(buster|10\.)/ => '11', default => undef, }, 'Ubuntu' => $::operatingsystemrelease ? { From 6808ddcd14919a024b478b67dafd0c155854eeb2 Mon Sep 17 00:00:00 2001 From: lionce Date: Tue, 16 Jul 2019 10:06:30 +0300 Subject: [PATCH 0427/1000] pdksync_heads/master-0-gb096033 --- metadata.json | 4 ++-- spec/spec_helper.rb | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 9148590488..78aa428fff 100644 --- a/metadata.json +++ b/metadata.json @@ -84,7 +84,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.10.0", + "pdk-version": "1.11.1", "template-url": "https://github.com/puppetlabs/pdk-templates/#master", - "template-ref": "heads/master-0-g2b33205" + "template-ref": "heads/master-0-gb096033" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9ee4373705..c09e0024da 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -29,6 +29,11 @@ end end +# read default_facts and merge them over what is provided by facterdb +default_facts.each do |fact, value| + add_custom_fact fact, value +end + RSpec.configure do |c| c.default_facts = default_facts c.before :each do From 2dc19dc86741c45e822b262d075b998693f0d7b3 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Fri, 12 Jul 2019 14:44:00 +1000 Subject: [PATCH 0428/1000] fix postgresql::server::grant for ALL TABLES IN SCHEMA - update tests --- spec/acceptance/server/grant_spec.rb | 40 ++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 11 deletions(-) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 914991bc1e..a927cd9431 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -215,6 +215,19 @@ class { 'postgresql::server': } unless => "SELECT table_name FROM information_schema.tables WHERE table_name = 'test_tbl'", require => Postgresql::Server::Database[$db], } + postgresql_psql { 'create test table 2': + command => 'CREATE TABLE test_tbl2 (col1 integer)', + db => $db, + psql_user => $owner, + unless => "SELECT table_name FROM information_schema.tables WHERE table_name = 'test_tbl2'", + require => Postgresql::Server::Database[$db], + } + postgresql_psql { "grant all on table test_tbl2 to ${user}": + command => "GRANT ALL ON TABLE test_tbl2 TO ${user}", + db => $db, + unless => "SELECT 1 FROM information_schema.role_table_grants WHERE table_name = 'test_tbl2' AND grantee = '${user}' HAVING count(*)>=7", + require => [ Postgresql::Server::Database[$db], Postgresql_psql['create test table 2'], Postgresql::Server::Role[$user] ], + } EOS end @@ -229,7 +242,8 @@ class { 'postgresql::server': } db => $db, role => $user, require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + Postgresql::Server::Role[$user], + Postgresql_psql["grant all on table test_tbl2 to ${user}"] ] } postgresql::server::table_grant { 'INSERT priviledge to table': @@ -263,7 +277,7 @@ class { 'postgresql::server': } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + apply_manifest(pp, expect_changes: true) ## Check that the SELECT privilege was granted to the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -276,7 +290,7 @@ class { 'postgresql::server': } expect(r.stdout).to match(%r{t}) end - idempotent_apply(pp_revoke) + apply_manifest(pp_revoke, expect_changes: true) ## Check that the SELECT privilege was revoked from the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -298,7 +312,8 @@ class { 'postgresql::server': } db => $db, role => $user, require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + Postgresql::Server::Role[$user], + Postgresql_psql["grant all on table test_tbl2 to ${user}"] ] } EOS @@ -317,20 +332,22 @@ class { 'postgresql::server': } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + apply_manifest(pp, expect_changes: true) ## Check that all privileges were granted to the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants - WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| - expect(r.stdout).to match(%r{test_tbl[ |]*UPDATE\s*\(1 row\)}) + WHERE grantee = '#{user}' AND table_schema = 'public' AND privilege_type='UPDATE'\"", user) do |r| + expect(r.stdout).to match(%r{test_tbl[ |]*UPDATE}) + expect(r.stdout).to match(%r{test_tbl2[ |]*UPDATE}) + expect(r.stdout).to match(%r{\(2 rows\)}) expect(r.stderr).to eq('') end - idempotent_apply(pp_revoke) + apply_manifest(pp_revoke, expect_changes: true) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants - WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| + WHERE grantee = '#{user}' AND table_schema = 'public' AND privilege_type='UPDATE'\"", user) do |r| expect(r.stdout).to match(%r{\(0 rows\)}) expect(r.stderr).to eq('') end @@ -368,7 +385,7 @@ class { 'postgresql::server': } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + apply_manifest(pp, expect_changes: true) ## Check that all privileges were granted to the user psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants @@ -376,10 +393,11 @@ class { 'postgresql::server': } AND privilege_type IN ('SELECT','UPDATE','INSERT','DELETE','TRIGGER','REFERENCES','TRUNCATE') GROUP BY table_name\"", user) do |r| expect(r.stdout).to match(%r{test_tbl[ |]*7$}) + expect(r.stdout).to match(%r{test_tbl2[ |]*7$}) expect(r.stderr).to eq('') end - idempotent_apply(pp_revoke) + apply_manifest(pp_revoke, expect_changes: true) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants From 64aa375969e9fbb6551e3f27b958e70a69a21b96 Mon Sep 17 00:00:00 2001 From: Bert Date: Fri, 2 Aug 2019 09:51:06 +0200 Subject: [PATCH 0429/1000] no equal sign needed --- manifests/server/database.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index f38a4b90a9..b0268f00e9 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -76,7 +76,7 @@ $tablespace_option = $tablespace ? { undef => '', - default => "TABLESPACE = \"${tablespace}\"", + default => "TABLESPACE \"${tablespace}\"", } if $createdb_path != undef { From e719f2f1fa2d70d4c4360013f6d8be94cc5e3f29 Mon Sep 17 00:00:00 2001 From: George Hansper Date: Tue, 6 Aug 2019 09:02:32 +1000 Subject: [PATCH 0430/1000] restore idempotent_apply(pp), but split into 2 stages --- spec/acceptance/server/grant_spec.rb | 55 +++++++++++++++------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index a927cd9431..c37db4170c 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -225,6 +225,7 @@ class { 'postgresql::server': } postgresql_psql { "grant all on table test_tbl2 to ${user}": command => "GRANT ALL ON TABLE test_tbl2 TO ${user}", db => $db, + psql_user => $owner, unless => "SELECT 1 FROM information_schema.role_table_grants WHERE table_name = 'test_tbl2' AND grantee = '${user}' HAVING count(*)>=7", require => [ Postgresql::Server::Database[$db], Postgresql_psql['create test table 2'], Postgresql::Server::Role[$user] ], } @@ -233,7 +234,7 @@ class { 'postgresql::server': } it 'grant select on a table to a user' do begin - pp = pp_create_table + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant select on test_tbl': privilege => 'SELECT', @@ -241,9 +242,7 @@ class { 'postgresql::server': } object_name => 'test_tbl', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], - Postgresql_psql["grant all on table test_tbl2 to ${user}"] ] + require => [ Postgresql::Server::Role[$user] ], } postgresql::server::table_grant { 'INSERT priviledge to table': @@ -251,10 +250,11 @@ class { 'postgresql::server': } table => 'test_tbl', db => $db, role => $user, + require => [ Postgresql::Server::Role[$user] ], } EOS - pp_revoke = pp_create_table + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke select on test_tbl': ensure => absent, @@ -263,8 +263,7 @@ class { 'postgresql::server': } object_name => 'test_tbl', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + require => [ Postgresql::Server::Role[$user] ], } postgresql::server::table_grant { 'INSERT priviledge to table': @@ -273,11 +272,13 @@ class { 'postgresql::server': } table => 'test_tbl', db => $db, role => $user, + require => [ Postgresql::Server::Role[$user] ], } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - apply_manifest(pp, expect_changes: true) + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) ## Check that the SELECT privilege was granted to the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -290,7 +291,8 @@ class { 'postgresql::server': } expect(r.stdout).to match(%r{t}) end - apply_manifest(pp_revoke, expect_changes: true) + idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) ## Check that the SELECT privilege was revoked from the user psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| @@ -303,7 +305,7 @@ class { 'postgresql::server': } it 'grant update on all tables to a user' do begin - pp = pp_create_table + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant update on all tables': privilege => 'UPDATE', @@ -311,13 +313,11 @@ class { 'postgresql::server': } object_name => 'public', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], - Postgresql_psql["grant all on table test_tbl2 to ${user}"] ] + require => [ Postgresql::Server::Role[$user] ], } EOS - pp_revoke = pp_create_table + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke update on all tables': ensure => absent, @@ -326,13 +326,14 @@ class { 'postgresql::server': } object_name => 'public', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + require => [ Postgresql::Server::Role[$user] ], } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - apply_manifest(pp, expect_changes: true) + ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) ## Check that all privileges were granted to the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -343,7 +344,8 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - apply_manifest(pp_revoke, expect_changes: true) + ## idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants @@ -357,7 +359,7 @@ class { 'postgresql::server': } it 'grant all on all tables to a user' do begin - pp = pp_create_table + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant all on all tables': privilege => 'ALL', @@ -365,12 +367,11 @@ class { 'postgresql::server': } object_name => 'public', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + require => [ Postgresql::Server::Role[$user] ], } EOS - pp_revoke = pp_create_table + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke all on all tables': ensure => absent, @@ -379,13 +380,14 @@ class { 'postgresql::server': } object_name => 'public', db => $db, role => $user, - require => [ Postgresql_psql['create test table'], - Postgresql::Server::Role[$user], ] + require => [ Postgresql::Server::Role[$user] ], } EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - apply_manifest(pp, expect_changes: true) + ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) ## Check that all privileges were granted to the user psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants @@ -397,7 +399,8 @@ class { 'postgresql::server': } expect(r.stderr).to eq('') end - apply_manifest(pp_revoke, expect_changes: true) + ## idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) ## Check that all privileges were revoked from the user psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants From 0fd799746ea9c8f72a9bf427fb356f0c97ad6aca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Sun, 11 Aug 2019 21:47:23 +0200 Subject: [PATCH 0431/1000] Adds test --- spec/unit/classes/server/initdb_spec.rb | 27 +++++++++++++++++++++ spec/unit/defines/server/tablespace_spec.rb | 18 ++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 3c05d0797b..a98ab86af6 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -20,7 +20,21 @@ end it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } + + context 'with manage_datadir set to false' do + let :pre_condition do + " + class {'postgresql::server': + manage_datadir => false, + } + file {'/var/lib/pgsql/data': ensure => 'directory'} + " + end + + it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } + end end + describe 'on Amazon' do let :facts do { @@ -36,6 +50,19 @@ end it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } + + context 'with manage_datadir set to false' do + let :pre_condition do + " + class {'postgresql::server': + manage_datadir => false, + } + file {'/var/lib/pgsql92/data': ensure => 'directory'} + " + end + + it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } + end end describe 'exec with module_workdir => /var/tmp' do diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index e702e2aa4e..4de81fed05 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -27,6 +27,7 @@ "class {'postgresql::server':}" end + it { is_expected.to contain_file('/srv/data/foo').with_ensure('directory') } it { is_expected.to contain_postgresql__server__tablespace('test') } it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Class[postgresql::server::service]') } @@ -40,4 +41,21 @@ it { is_expected.to contain_postgresql_psql('ALTER TABLESPACE "test" OWNER TO "test_owner"') } end + + context 'with manage_location set to false' do + let :params do + { + location: '/srv/data/foo', + manage_location: false, + } + end + let :pre_condition do + " + class {'postgresql::server':} + file {'/srv/data/foo': ensure => 'directory'} + " + end + it { is_expected.to contain_file('/srv/data/foo').with_ensure('directory') } + end + end From 78377cbe73e4c09e4bd78987ebc409377d384a5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Sun, 11 Aug 2019 22:14:54 +0200 Subject: [PATCH 0432/1000] Fixes linter --- spec/unit/defines/server/tablespace_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 4de81fed05..256b54312b 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -49,13 +49,14 @@ manage_location: false, } end + let :pre_condition do " class {'postgresql::server':} file {'/srv/data/foo': ensure => 'directory'} " end + it { is_expected.to contain_file('/srv/data/foo').with_ensure('directory') } end - end From 35ba099ee50a666538454f0251ff3025217e05cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Sun, 11 Aug 2019 22:15:42 +0200 Subject: [PATCH 0433/1000] Fixes untouched flles in spec --- spec/unit/classes/server_spec.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index f202b4fbf9..ad3494685a 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -26,6 +26,7 @@ describe 'with no parameters' do it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_file('/var/lib/postgresql/9.4/main') } it { is_expected.to contain_exec('postgresql_reload').with('command' => 'service postgresql reload') } @@ -161,6 +162,7 @@ class { 'postgresql::globals': it 'contains the correct package version' do is_expected.to contain_class('postgresql::repo').with_version('99.5') + is_expected.to contain_file('/var/lib/postgresql/99.5/main') end end From 95122c998727e4d4d7ac252158d1ef6228b808e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Sun, 11 Aug 2019 22:22:33 +0200 Subject: [PATCH 0434/1000] Fixes untouched file in spec --- spec/unit/defines/server/extension_spec.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index b1f4358100..c9ccd19d03 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -144,6 +144,8 @@ } end + it { is_expected.to contain_file('/var/lib/postgresql/8.4/main') } + context 'with mandatory arguments only' do it { is_expected.to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"') From 1b0a0dfe66e363c731d4f6bf2c2c18edfb959d73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Tue, 13 Aug 2019 20:57:20 +0200 Subject: [PATCH 0435/1000] Adds missing manage_log/xlog parameters tests --- spec/unit/classes/server/initdb_spec.rb | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index a98ab86af6..980cffa69d 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -21,17 +21,25 @@ it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } - context 'with manage_datadir set to false' do + context 'with (log,manage,xlog)_datadir set to false' do let :pre_condition do " class {'postgresql::server': + manage_logdir => false, manage_datadir => false, + manage_xlogdir => false, + logdir => '/var/lib/pgsql/data/log', + xlogdir => '/var/lib/pgsql/data/xlog', } file {'/var/lib/pgsql/data': ensure => 'directory'} + file {'/var/lib/pgsql/data/log': ensure => 'directory'} + file {'/var/lib/pgsql/data/xlog': ensure => 'directory'} " end it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } + it { is_expected.to contain_file('/var/lib/pgsql/data/log').with_ensure('directory') } + it { is_expected.to contain_file('/var/lib/pgsql/data/xlog').with_ensure('directory') } end end From be4d7a0e99058ac09e8ee9a88a0d52c9bc13ed3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Scala?= Date: Tue, 13 Aug 2019 21:09:57 +0200 Subject: [PATCH 0436/1000] Extends test coverage --- spec/unit/classes/server_spec.rb | 4 +++- spec/unit/defines/server/extension_spec.rb | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index ad3494685a..556d8e69e6 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -162,7 +162,9 @@ class { 'postgresql::globals': it 'contains the correct package version' do is_expected.to contain_class('postgresql::repo').with_version('99.5') - is_expected.to contain_file('/var/lib/postgresql/99.5/main') + is_expected.to contain_file('/var/lib/postgresql/99.5/main') # FIXME: be more precise + is_expected.to contain_concat('/etc/postgresql/99.5/main/pg_hba.conf') # FIXME: be more precise + is_expected.to contain_concat('/etc/postgresql/99.5/main/pg_ident.conf') # FIXME: be more precise end end diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index c9ccd19d03..594afb6cd4 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -144,7 +144,9 @@ } end - it { is_expected.to contain_file('/var/lib/postgresql/8.4/main') } + it { is_expected.to contain_file('/var/lib/postgresql/8.4/main') } # FIXME: be more precise + it { is_expected.to contain_concat('/etc/postgresql/8.4/main/pg_hba.conf') } # FIXME: be more precise + it { is_expected.to contain_concat('/etc/postgresql/8.4/main/pg_ident.conf') } # FIXME: be more precise context 'with mandatory arguments only' do it { From 6c945d87acd2c6bd79d0dce6ec3396623ccd91b9 Mon Sep 17 00:00:00 2001 From: sheena Date: Thu, 15 Aug 2019 09:37:11 +0100 Subject: [PATCH 0437/1000] MODULES-9692 - pdksync_1.12.0-0-g55d9ae2 --- Gemfile | 1 + metadata.json | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index 030b78b733..0e395e7ecb 100644 --- a/Gemfile +++ b/Gemfile @@ -23,6 +23,7 @@ group :development do gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-posix-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] diff --git a/metadata.json b/metadata.json index 78aa428fff..756ffb6484 100644 --- a/metadata.json +++ b/metadata.json @@ -84,7 +84,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.11.1", + "pdk-version": "1.12.0", "template-url": "https://github.com/puppetlabs/pdk-templates/#master", - "template-ref": "heads/master-0-gb096033" + "template-ref": "1.12.0-0-g55d9ae2" } From a551e99a91823037bb777975834213b06da8bc56 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Mon, 5 Aug 2019 10:05:54 -0400 Subject: [PATCH 0438/1000] New - Add manage_selinux parameter This parameter controls whether this module will manage selinux parameters. Default value is false. --- manifests/globals.pp | 1 + manifests/params.pp | 1 + manifests/server.pp | 1 + 3 files changed, 3 insertions(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index e5d7ab9e6d..50681f9735 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -143,6 +143,7 @@ $manage_pg_hba_conf = undef, $manage_pg_ident_conf = undef, $manage_recovery_conf = undef, + $manage_selinux = undef, $manage_package_repo = undef, $module_workdir = undef, diff --git a/manifests/params.pp b/manifests/params.pp index 0d0c7af2b3..4a0021e543 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -21,6 +21,7 @@ $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) + $manage_selinux = pick($manage_selinux, false) $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') diff --git a/manifests/server.pp b/manifests/server.pp index 06f7a04a65..4deb155485 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -131,6 +131,7 @@ $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, $manage_recovery_conf = $postgresql::params::manage_recovery_conf, + Boolean $manage_selinux = $postgresql::params::manage_selinux, $module_workdir = $postgresql::params::module_workdir, $manage_datadir = $postgresql::params::manage_datadir, From 8a3744ab7db75e60a92b9df868d3a842c726205c Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Fri, 2 Aug 2019 14:39:09 -0400 Subject: [PATCH 0439/1000] (MODULES-9658) - custom ports are not labeled correctly When a node has SELinux enabled the port must be labeled properly to allow the postgresql service to start. --- README.md | 4 +-- manifests/server/config.pp | 9 ++++++ spec/acceptance/alternative_port_spec.rb | 2 +- spec/unit/classes/server/config_spec.rb | 39 +++++++++++++++++++++++- 4 files changed, 50 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 61056a977e..bc20b8948b 100644 --- a/README.md +++ b/README.md @@ -333,9 +333,9 @@ While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' mod PostGIS is currently considered an unsupported feature, as it doesn't work on all platforms correctly. -### All versions of RHEL/CentOS +### All versions of RHEL/CentOS with manage_selinux => false -If you have SELinux enabled you must add any custom ports you use to the `postgresql_port_t` context. You can do this as follows: +If you have SELinux enabled and you are *not* using the selinux module to manage SELinux (this is the default configuration) you will need to label any custom ports you use with the `postgresql_port_t` context. The postgresql service will not start until this is done. To label a port use the semanage command as follows: ```shell semanage port -a -t postgresql_port_t -p tcp $customport diff --git a/manifests/server/config.pp b/manifests/server/config.pp index b47f189e70..7aa00dd74d 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -106,9 +106,18 @@ } } + # ensure that SELinux has a proper label for the port defined + if $postgresql::server::manage_selinux == true and $facts['selinux'] == true { + exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": + unless => "/usr/sbin/semanage port -l | grep -qw ${port}", + before => Postgresql::Server::Config_entry['port'], + } + } + postgresql::server::config_entry { 'port': value => $port, } + postgresql::server::config_entry { 'data_directory': value => $datadir, } diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 374f745e87..e31bea1d41 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -8,7 +8,7 @@ end it 'on an alternative port' do pp = <<-MANIFEST - class { 'postgresql::server': port => '55433' } + class { 'postgresql::server': port => '55433', manage_selinux => true } MANIFEST idempotent_apply(pp) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 5e22d05dbb..0f1896058a 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -2,7 +2,7 @@ describe 'postgresql::server::config', type: :class do let(:pre_condition) do - 'include postgresql::server' + 'class { postgresql::server: manage_selinux => true }' end describe 'on RedHat 7' do @@ -16,9 +16,26 @@ id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, + os: { + 'architecture' => 'x86_64', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'CentOS', + 'release' => { + 'full' => '7.6.1810', + 'major' => '7', + 'minor' => '6', + }, + }, } end + it 'has SELinux port defined' do + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') + .that_comes_before('Postgresql::Server::Config_entry[port]') + end + it 'has the correct systemd-override file' do is_expected.to contain_file('systemd-override').with( ensure: 'present', path: '/etc/systemd/system/postgresql.service', @@ -65,9 +82,25 @@ class { 'postgresql::server': } id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, + os: { + 'architecture' => 'x86_64', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'Fedora', + 'release' => { + 'full' => '21', + 'major' => '21', + }, + }, } end + it 'has SELinux port defined' do + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') + .that_comes_before('Postgresql::Server::Config_entry[port]') + end + it 'has the correct systemd-override file' do is_expected.to contain_file('systemd-override').with( ensure: 'present', path: '/etc/systemd/system/postgresql.service', @@ -125,6 +158,10 @@ class { 'postgresql::server': } } end + it 'does not have SELinux port defined' do + is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + end + it 'has the correct systemd-override file' do is_expected.to contain_file('systemd-override').with( ensure: 'present', path: '/etc/systemd/system/postgresql-9.5.service', From bde2932c3e36f8981898ba7660788bfd159d5d6f Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Fri, 23 Aug 2019 13:41:56 -0400 Subject: [PATCH 0440/1000] Ensure that the policycoreutils package is installed where needed --- manifests/server/config.pp | 23 +++++++++++++++++-- spec/unit/classes/server/config_spec.rb | 30 +++++++++++++++++++++++++ 2 files changed, 51 insertions(+), 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 7aa00dd74d..8cbe7fa63e 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -108,9 +108,28 @@ # ensure that SELinux has a proper label for the port defined if $postgresql::server::manage_selinux == true and $facts['selinux'] == true { + case $facts['osfamily'] { + 'RedHat', 'Linux': { + if $facts['operatingsystem'] == 'Amazon' { + $package_name = 'policycoreutils' + } + else { + $package_name = $facts['operatingsystemmajrelease'] ? { + '5' => 'policycoreutils', + '6' => 'policycoreutils-python', + '7' => 'policycoreutils-python', + default => 'policycoreutils-python-utils', + } + } + } + } + + ensure_packages([$package_name]) + exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": - unless => "/usr/sbin/semanage port -l | grep -qw ${port}", - before => Postgresql::Server::Config_entry['port'], + unless => "/usr/sbin/semanage port -l | grep -qw ${port}", + before => Postgresql::Server::Config_entry['port'], + require => Package[$package_name], } } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 0f1896058a..78bef2167d 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -31,9 +31,12 @@ end it 'has SELinux port defined' do + is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_requires('Package[policycoreutils-python-utils]') end it 'has the correct systemd-override file' do @@ -96,9 +99,12 @@ class { 'postgresql::server': } end it 'has SELinux port defined' do + is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_requires('Package[policycoreutils-python-utils]') end it 'has the correct systemd-override file' do @@ -136,6 +142,30 @@ class { 'postgresql::server': } end end + describe 'on Amazon' do + let :facts do + { + osfamily: 'RedHat', + operatingsystem: 'Amazon', + operatingsystemrelease: '1.0', + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, + } + end + + it 'has SELinux port defined' do + is_expected.to contain_package('policycoreutils') .with(ensure: 'present') + + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') + .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_requires('Package[policycoreutils]') + end + end + describe 'on Gentoo' do let(:pre_condition) do <<-EOS From 7b282bdd92a17495f6b192f946271e1e18b0c071 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Fri, 12 Jul 2019 15:36:33 -0400 Subject: [PATCH 0441/1000] (MODULES-9219) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed The service command is deprecated and is not installed by default on modern Redhat releases. Updated class parameters to define the service status and service reload commands based on what OS is installed on the node. --- manifests/params.pp | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 4a0021e543..6b2a4d28d4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -78,10 +78,33 @@ } $confdir = pick($confdir, $datadir) } + + case $::operatingsystem { + 'Amazon': { + $service_reload = "service ${service_name} reload" + $service_status = "service ${service_name} status" + } + + # RHEL 5 uses SysV init, RHEL 6 uses upstart. RHEL 7 and 8 both use systemd. + 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { + if $::operatingsystemrelease =~ /^[78].*/ { + $service_reload = "systemctl reload ${service_name}" + $service_status = "systemctl status ${service_name}" + } else { + $service_reload = "service ${service_name} reload" + $service_status = "service ${service_name} status" + } + } + + # Default will catch Fedora which uses systemd + default: { + $service_reload = "systemctl reload ${service_name}" + $service_status = "systemctl status ${service_name}" + } + } + $psql_path = pick($psql_path, "${bindir}/psql") - $service_status = $service_status - $service_reload = "service ${service_name} reload" $perl_package_name = pick($perl_package_name, 'perl-DBD-Pg') $python_package_name = pick($python_package_name, 'python-psycopg2') From aab663e7f3c3d0e08a2d44a59c789a16a67d402a Mon Sep 17 00:00:00 2001 From: Florin Dragos Date: Thu, 29 Aug 2019 17:09:25 +0300 Subject: [PATCH 0442/1000] (MAINT) pdksync: fix for net-ssh 5 host_key check --- spec/spec_helper_acceptance.rb | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 745d46e1b0..aabeb0b80d 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -28,7 +28,30 @@ options[:port] = node_config.dig('ssh', 'port') unless node_config.dig('ssh', 'port').nil? options[:keys] = node_config.dig('ssh', 'private-key') unless node_config.dig('ssh', 'private-key').nil? options[:password] = node_config.dig('ssh', 'password') unless node_config.dig('ssh', 'password').nil? - options[:verify_host_key] = Net::SSH::Verifiers::Null.new unless node_config.dig('ssh', 'host-key-check').nil? + # Support both net-ssh 4 and 5. + # rubocop:disable Metrics/BlockNesting + options[:verify_host_key] = if node_config.dig('ssh', 'host-key-check').nil? + # Fall back to SSH behavior. This variable will only be set in net-ssh 5.3+. + if @strict_host_key_checking.nil? || @strict_host_key_checking + Net::SSH::Verifiers::Always.new + else + # SSH's behavior with StrictHostKeyChecking=no: adds new keys to known_hosts. + # If known_hosts points to /dev/null, then equivalent to :never where it + # accepts any key beacuse they're all new. + Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new + end + elsif node_config.dig('ssh', 'host-key-check') + if defined?(Net::SSH::Verifiers::Always) + Net::SSH::Verifiers::Always.new + else + Net::SSH::Verifiers::Secure.new + end + elsif defined?(Net::SSH::Verifiers::Never) + Net::SSH::Verifiers::Never.new + else + Net::SSH::Verifiers::Null.new + end + # rubocop:enable Metrics/BlockNesting host = if ENV['TARGET_HOST'].include?(':') ENV['TARGET_HOST'].split(':').first else From 2e9833b114e2f2860a62a9bf8476d92138a9e45a Mon Sep 17 00:00:00 2001 From: lionce Date: Wed, 11 Sep 2019 16:15:20 +0300 Subject: [PATCH 0443/1000] FM-8408 - add support on Debian10 --- metadata.json | 3 ++- provision.yaml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 756ffb6484..0dc864db3a 100644 --- a/metadata.json +++ b/metadata.json @@ -58,7 +58,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "8", - "9" + "9", + "10" ] }, { diff --git a/provision.yaml b/provision.yaml index 0ba947b693..9e8e815014 100644 --- a/provision.yaml +++ b/provision.yaml @@ -19,4 +19,4 @@ waffle_el7: images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] release_checks: provisioner: vmpooler - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 2f479a521a128f7bfc5e2019e7e3632c13d1c44b Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 11 Sep 2019 10:54:09 +0100 Subject: [PATCH 0444/1000] MODULES-9878 Release prep v6.2.0 --- CHANGELOG.md | 18 ++++++++++++++++++ metadata.json | 4 ++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5aa9c6eed3..c99d1fe4d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,24 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) + +### Added + +- FM-8408 - add support on Debian10 [\#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) +- Fix/directory defined twice [\#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) +- Adding SLES 15 [\#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) +- \(FM-7500\) conversion to use litmus [\#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) + +### Fixed + +- \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) +- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) +- Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) +- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) + ## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.0.0...v6.1.0) diff --git a/metadata.json b/metadata.json index 0dc864db3a..61944deedf 100644 --- a/metadata.json +++ b/metadata.json @@ -1,10 +1,10 @@ { "name": "puppetlabs-postgresql", - "version": "6.1.0", + "version": "6.2.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", - "source": "git://github.com/puppetlabs/puppetlabs-postgresql.git", + "source": "https://github.com/puppetlabs/puppetlabs-postgresql", "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ From 95919c06e23d95d2adb439e035e77a0ef0924a1c Mon Sep 17 00:00:00 2001 From: tphoney Date: Tue, 17 Sep 2019 15:50:40 +0100 Subject: [PATCH 0445/1000] (maint) Add a codeowners file --- CODEOWNERS | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000000..a5d109e998 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,2 @@ +# Setting ownership to the modules team +* @puppetlabs/modules From 411651e59e7ec12feb2265d156eb6a3d3eba05df Mon Sep 17 00:00:00 2001 From: Florin Dragos Date: Thu, 26 Sep 2019 14:50:26 +0300 Subject: [PATCH 0446/1000] Remove nodesets --- spec/acceptance/nodesets/centos-7-x64.yml | 10 ---------- spec/acceptance/nodesets/debian-8-x64.yml | 10 ---------- spec/acceptance/nodesets/default.yml | 10 ---------- spec/acceptance/nodesets/docker/centos-7.yml | 12 ------------ spec/acceptance/nodesets/docker/debian-8.yml | 11 ----------- spec/acceptance/nodesets/docker/ubuntu-14.04.yml | 12 ------------ 6 files changed, 65 deletions(-) delete mode 100644 spec/acceptance/nodesets/centos-7-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-8-x64.yml delete mode 100644 spec/acceptance/nodesets/default.yml delete mode 100644 spec/acceptance/nodesets/docker/centos-7.yml delete mode 100644 spec/acceptance/nodesets/docker/debian-8.yml delete mode 100644 spec/acceptance/nodesets/docker/ubuntu-14.04.yml diff --git a/spec/acceptance/nodesets/centos-7-x64.yml b/spec/acceptance/nodesets/centos-7-x64.yml deleted file mode 100644 index 5eebdefbfa..0000000000 --- a/spec/acceptance/nodesets/centos-7-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-7-x64: - roles: - - agent - - default - platform: el-7-x86_64 - hypervisor: vagrant - box: puppetlabs/centos-7.2-64-nocm -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/debian-8-x64.yml b/spec/acceptance/nodesets/debian-8-x64.yml deleted file mode 100644 index fef6e63ca5..0000000000 --- a/spec/acceptance/nodesets/debian-8-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-8-x64: - roles: - - agent - - default - platform: debian-8-amd64 - hypervisor: vagrant - box: puppetlabs/debian-8.2-64-nocm -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index dba339c46a..0000000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - roles: - - agent - - default - platform: ubuntu-14.04-amd64 - hypervisor: vagrant - box: puppetlabs/ubuntu-14.04-64-nocm -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/docker/centos-7.yml b/spec/acceptance/nodesets/docker/centos-7.yml deleted file mode 100644 index a3333aac53..0000000000 --- a/spec/acceptance/nodesets/docker/centos-7.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-7-x64: - platform: el-7-x86_64 - hypervisor: docker - image: centos:7 - docker_preserve_image: true - docker_cmd: '["/usr/sbin/init"]' - # install various tools required to get the image up to usable levels - docker_image_commands: - - 'yum install -y crontabs tar wget openssl sysvinit-tools iproute which initscripts' -CONFIG: - trace_limit: 200 diff --git a/spec/acceptance/nodesets/docker/debian-8.yml b/spec/acceptance/nodesets/docker/debian-8.yml deleted file mode 100644 index df5c31944f..0000000000 --- a/spec/acceptance/nodesets/docker/debian-8.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-8-x64: - platform: debian-8-amd64 - hypervisor: docker - image: debian:8 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get update && apt-get install -y net-tools wget locales strace lsof && echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen' -CONFIG: - trace_limit: 200 diff --git a/spec/acceptance/nodesets/docker/ubuntu-14.04.yml b/spec/acceptance/nodesets/docker/ubuntu-14.04.yml deleted file mode 100644 index b1efa58390..0000000000 --- a/spec/acceptance/nodesets/docker/ubuntu-14.04.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - platform: ubuntu-14.04-amd64 - hypervisor: docker - image: ubuntu:14.04 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - # ensure that upstart is booting correctly in the container - - 'rm /usr/sbin/policy-rc.d && rm /sbin/initctl && dpkg-divert --rename --remove /sbin/initctl && apt-get update && apt-get install -y net-tools wget && locale-gen en_US.UTF-8' -CONFIG: - trace_limit: 200 From 20ab1229355e6f6e4171d2eeb35a2362d001de92 Mon Sep 17 00:00:00 2001 From: Andreas Wirooks Date: Mon, 7 Oct 2019 13:55:59 +0200 Subject: [PATCH 0447/1000] Remove duplicate REFERENCE.md file with strange unicode character at end of filename --- "REFERENCE.md\342\200\202" | 2736 ------------------------------------ 1 file changed, 2736 deletions(-) delete mode 100644 "REFERENCE.md\342\200\202" diff --git "a/REFERENCE.md\342\200\202" "b/REFERENCE.md\342\200\202" deleted file mode 100644 index 83c98582a4..0000000000 --- "a/REFERENCE.md\342\200\202" +++ /dev/null @@ -1,2736 +0,0 @@ -# Reference - - -## Table of Contents - -**Classes** - -* [`postgresql::client`](#postgresqlclient): Install client cli tool. See README.md for more details. -* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. See README.md for more details. -* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. See README.md for more details. -* [`postgresql::lib::docs`](#postgresqllibdocs): This class installs the postgresql-docs See README.md for more details. -* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. See README.md for more details. -* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. See README.md for more details. -* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. See README.md for more details. -* [`postgresql::params`](#postgresqlparams): PRIVATE CLASS: do not use directly -* [`postgresql::repo`](#postgresqlrepo): PRIVATE CLASS: do not use directly -* [`postgresql::repo::apt_postgresql_org`](#postgresqlrepoapt_postgresql_org): PRIVATE CLASS: do not use directly -* [`postgresql::repo::yum_postgresql_org`](#postgresqlrepoyum_postgresql_org): PRIVATE CLASS: do not use directly -* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server. See README.md for more details. -* [`postgresql::server::config`](#postgresqlserverconfig): PRIVATE CLASS: do not call directly -* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. See README.md for more details. -* [`postgresql::server::initdb`](#postgresqlserverinitdb): PRIVATE CLASS: do not call directly -* [`postgresql::server::install`](#postgresqlserverinstall): PRIVATE CLASS: do not call directly -* [`postgresql::server::passwd`](#postgresqlserverpasswd): PRIVATE CLASS: do not call directly -* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. See README.md for more details. -* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. See README.md for more details. -* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. See README.md for more details. -* [`postgresql::server::reload`](#postgresqlserverreload): PRIVATE CLASS: do not use directly -* [`postgresql::server::service`](#postgresqlserverservice): PRIVATE CLASS: do not call directly - -**Defined types** - -* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. See README.md for more details. -* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. See README.md for more details. -* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. See README.md for more details. -* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correct permissions. See README.md for more details. -* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database -* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. See README.md for more details. -* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. See README.md for more information -* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in $target. See README.md for more details. -* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in $target. See README.md for more details. -* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. See README.md for more details. This enables us to force the a particular -* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. -* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. See README.md for more information -* [`postgresql::server::schema`](#postgresqlserverschema): = Type: postgresql::server::schema Create a new schema. See README.md for more details. == Requires: The database must exist and the Postg -* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. See README.md for more details. -* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. See README.md for more details. -* [`postgresql::validate_db_connection`](#postgresqlvalidate_db_connection): This type validates that a successful postgres connection can be established between the node on which this resource is run and a specified p - -**Resource types** - -* [`postgresql_conf`](#postgresql_conf): This type allows puppet to manage postgresql.conf parameters. -* [`postgresql_conn_validator`](#postgresql_conn_validator): Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to p -* [`postgresql_psql`](#postgresql_psql): An arbitrary tag for your own reference; the name of the message. -* [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Pos - -**Functions** - -* [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid -* [`postgresql_escape`](#postgresql_escape): Safely escapes a string using $$ using a random tag which should be consistent -* [`postgresql_password`](#postgresql_password): Returns the postgresql password hash from the clear text username / password. - -**Tasks** - -* [`sql`](#sql): Allows you to execute arbitary SQL - -## Classes - -### postgresql::client - -Install client cli tool. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::client` class. - -##### `file_ensure` - -Data type: `Enum['file', 'absent']` - - - -Default value: 'file' - -##### `validcon_script_path` - -Data type: `Stdlib::Absolutepath` - - - -Default value: $postgresql::params::validcon_script_path - -##### `package_name` - -Data type: `String[1]` - - - -Default value: $postgresql::params::client_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::globals - -Class for setting cross-class global overrides. See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::globals` class. - -##### `client_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `server_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `contrib_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `devel_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `java_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `docs_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `perl_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `plperl_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `plpython_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `python_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `postgis_package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `service_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `service_provider` - -Data type: `Any` - - - -Default value: `undef` - -##### `service_status` - -Data type: `Any` - - - -Default value: `undef` - -##### `default_database` - -Data type: `Any` - - - -Default value: `undef` - -##### `validcon_script_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `initdb_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `createdb_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `psql_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `pg_hba_conf_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `pg_ident_conf_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `postgresql_conf_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_conf_path` - -Data type: `Any` - - - -Default value: `undef` - -##### `default_connect_settings` - -Data type: `Any` - - - -Default value: {} - -##### `pg_hba_conf_defaults` - -Data type: `Any` - - - -Default value: `undef` - -##### `datadir` - -Data type: `Any` - - - -Default value: `undef` - -##### `confdir` - -Data type: `Any` - - - -Default value: `undef` - -##### `bindir` - -Data type: `Any` - - - -Default value: `undef` - -##### `xlogdir` - -Data type: `Any` - - - -Default value: `undef` - -##### `logdir` - -Data type: `Any` - - - -Default value: `undef` - -##### `log_line_prefix` - -Data type: `Any` - - - -Default value: `undef` - -##### `user` - -Data type: `Any` - - - -Default value: `undef` - -##### `group` - -Data type: `Any` - - - -Default value: `undef` - -##### `version` - -Data type: `Any` - - - -Default value: `undef` - -##### `postgis_version` - -Data type: `Any` - - - -Default value: `undef` - -##### `repo_proxy` - -Data type: `Any` - - - -Default value: `undef` - -##### `repo_baseurl` - -Data type: `Any` - - - -Default value: `undef` - -##### `needs_initdb` - -Data type: `Any` - - - -Default value: `undef` - -##### `encoding` - -Data type: `Any` - - - -Default value: `undef` - -##### `locale` - -Data type: `Any` - - - -Default value: `undef` - -##### `data_checksums` - -Data type: `Any` - - - -Default value: `undef` - -##### `timezone` - -Data type: `Any` - - - -Default value: `undef` - -##### `manage_pg_hba_conf` - -Data type: `Any` - - - -Default value: `undef` - -##### `manage_pg_ident_conf` - -Data type: `Any` - - - -Default value: `undef` - -##### `manage_recovery_conf` - -Data type: `Any` - - - -Default value: `undef` - -##### `manage_package_repo` - -Data type: `Any` - - - -Default value: `undef` - -##### `module_workdir` - -Data type: `Any` - - - -Default value: `undef` - -### postgresql::lib::devel - -This class installs postgresql development libraries. See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::lib::devel` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::devel_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -##### `link_pg_config` - -Data type: `Boolean` - - - -Default value: $postgresql::params::link_pg_config - -### postgresql::lib::docs - -This class installs the postgresql-docs See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::lib::docs` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::docs_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::lib::java - -This class installs the postgresql jdbc connector. See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::lib::java` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::java_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::lib::perl - -This class installs the perl libs for postgresql. See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::lib::perl` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::perl_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::lib::python - -This class installs the python libs for postgresql. See README.md for more -details. - -#### Parameters - -The following parameters are available in the `postgresql::lib::python` class. - -##### `package_name` - -Data type: `String[1]` - - - -Default value: $postgresql::params::python_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::params - -PRIVATE CLASS: do not use directly - -### postgresql::repo - -PRIVATE CLASS: do not use directly - -#### Parameters - -The following parameters are available in the `postgresql::repo` class. - -##### `version` - -Data type: `Any` - - - -Default value: `undef` - -##### `proxy` - -Data type: `Any` - - - -Default value: `undef` - -##### `baseurl` - -Data type: `Any` - - - -Default value: `undef` - -### postgresql::repo::apt_postgresql_org - -PRIVATE CLASS: do not use directly - -### postgresql::repo::yum_postgresql_org - -PRIVATE CLASS: do not use directly - -### postgresql::server - -This installs a PostgreSQL server. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server` class. - -##### `postgres_password` - -Data type: `Any` - - - -Default value: `undef` - -##### `package_name` - -Data type: `Any` - - - -Default value: $postgresql::params::server_package_name - -##### `package_ensure` - -Data type: `Any` - - - -Default value: $postgresql::params::package_ensure - -##### `plperl_package_name` - -Data type: `Any` - - - -Default value: $postgresql::params::plperl_package_name - -##### `plpython_package_name` - -Data type: `Any` - - - -Default value: $postgresql::params::plpython_package_name - -##### `service_ensure` - -Data type: `Any` - - - -Default value: $postgresql::params::service_ensure - -##### `service_enable` - -Data type: `Any` - - - -Default value: $postgresql::params::service_enable - -##### `service_manage` - -Data type: `Any` - - - -Default value: $postgresql::params::service_manage - -##### `service_name` - -Data type: `Any` - - - -Default value: $postgresql::params::service_name - -##### `service_restart_on_change` - -Data type: `Any` - - - -Default value: $postgresql::params::service_restart_on_change - -##### `service_provider` - -Data type: `Any` - - - -Default value: $postgresql::params::service_provider - -##### `service_reload` - -Data type: `Any` - - - -Default value: $postgresql::params::service_reload - -##### `service_status` - -Data type: `Any` - - - -Default value: $postgresql::params::service_status - -##### `default_database` - -Data type: `Any` - - - -Default value: $postgresql::params::default_database - -##### `default_connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::globals::default_connect_settings - -##### `listen_addresses` - -Data type: `Any` - - - -Default value: $postgresql::params::listen_addresses - -##### `port` - -Data type: `Any` - - - -Default value: $postgresql::params::port - -##### `ip_mask_deny_postgres_user` - -Data type: `Any` - - - -Default value: $postgresql::params::ip_mask_deny_postgres_user - -##### `ip_mask_allow_all_users` - -Data type: `Any` - - - -Default value: $postgresql::params::ip_mask_allow_all_users - -##### `ipv4acls` - -Data type: `Any` - - - -Default value: $postgresql::params::ipv4acls - -##### `ipv6acls` - -Data type: `Any` - - - -Default value: $postgresql::params::ipv6acls - -##### `initdb_path` - -Data type: `Any` - - - -Default value: $postgresql::params::initdb_path - -##### `createdb_path` - -Data type: `Any` - - - -Default value: $postgresql::params::createdb_path - -##### `psql_path` - -Data type: `Any` - - - -Default value: $postgresql::params::psql_path - -##### `pg_hba_conf_path` - -Data type: `Any` - - - -Default value: $postgresql::params::pg_hba_conf_path - -##### `pg_ident_conf_path` - -Data type: `Any` - - - -Default value: $postgresql::params::pg_ident_conf_path - -##### `postgresql_conf_path` - -Data type: `Any` - - - -Default value: $postgresql::params::postgresql_conf_path - -##### `recovery_conf_path` - -Data type: `Any` - - - -Default value: $postgresql::params::recovery_conf_path - -##### `datadir` - -Data type: `Any` - - - -Default value: $postgresql::params::datadir - -##### `xlogdir` - -Data type: `Any` - - - -Default value: $postgresql::params::xlogdir - -##### `logdir` - -Data type: `Any` - - - -Default value: $postgresql::params::logdir - -##### `log_line_prefix` - -Data type: `Any` - - - -Default value: $postgresql::params::log_line_prefix - -##### `pg_hba_conf_defaults` - -Data type: `Any` - - - -Default value: $postgresql::params::pg_hba_conf_defaults - -##### `user` - -Data type: `Any` - - - -Default value: $postgresql::params::user - -##### `group` - -Data type: `Any` - - - -Default value: $postgresql::params::group - -##### `needs_initdb` - -Data type: `Any` - - - -Default value: $postgresql::params::needs_initdb - -##### `encoding` - -Data type: `Any` - - - -Default value: $postgresql::params::encoding - -##### `locale` - -Data type: `Any` - - - -Default value: $postgresql::params::locale - -##### `data_checksums` - -Data type: `Any` - - - -Default value: $postgresql::params::data_checksums - -##### `timezone` - -Data type: `Any` - - - -Default value: $postgresql::params::timezone - -##### `manage_pg_hba_conf` - -Data type: `Any` - - - -Default value: $postgresql::params::manage_pg_hba_conf - -##### `manage_pg_ident_conf` - -Data type: `Any` - - - -Default value: $postgresql::params::manage_pg_ident_conf - -##### `manage_recovery_conf` - -Data type: `Any` - - - -Default value: $postgresql::params::manage_recovery_conf - -##### `module_workdir` - -Data type: `Any` - - - -Default value: $postgresql::params::module_workdir - -##### `roles` - -Data type: `Hash[String, Hash]` - - - -Default value: {} - -##### `config_entries` - -Data type: `Hash[String, Any]` - - - -Default value: {} - -##### `pg_hba_rules` - -Data type: `Hash[String, Hash]` - - - -Default value: {} - -##### `version` - -Data type: `Any` - - - -Default value: `undef` - -### postgresql::server::config - -PRIVATE CLASS: do not call directly - -### postgresql::server::contrib - -Install the contrib postgresql packaging. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::contrib` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::contrib_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::server::initdb - -PRIVATE CLASS: do not call directly - -### postgresql::server::install - -PRIVATE CLASS: do not call directly - -### postgresql::server::passwd - -PRIVATE CLASS: do not call directly - -### postgresql::server::plperl - -This class installs the PL/Perl procedural language for postgresql. See -README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::plperl` class. - -##### `package_ensure` - -Data type: `Any` - - - -Default value: 'present' - -##### `package_name` - -Data type: `Any` - - - -Default value: $postgresql::server::plperl_package_name - -### postgresql::server::plpython - -This class installs the PL/Python procedural language for postgresql. See -README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::plpython` class. - -##### `package_ensure` - -Data type: `Any` - - - -Default value: 'present' - -##### `package_name` - -Data type: `Any` - - - -Default value: $postgresql::server::plpython_package_name - -### postgresql::server::postgis - -Install the postgis postgresql packaging. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::postgis` class. - -##### `package_name` - -Data type: `String` - - - -Default value: $postgresql::params::postgis_package_name - -##### `package_ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -### postgresql::server::reload - -PRIVATE CLASS: do not use directly - -### postgresql::server::service - -PRIVATE CLASS: do not call directly - -## Defined types - -### postgresql::server::config_entry - -Manage a postgresql.conf entry. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::config_entry` defined type. - -##### `ensure` - -Data type: `Any` - - - -Default value: 'present' - -##### `value` - -Data type: `Any` - - - -Default value: `undef` - -##### `path` - -Data type: `Any` - - - -Default value: `false` - -### postgresql::server::database - -Define for creating a database. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::database` defined type. - -##### `comment` - -Data type: `Any` - - - -Default value: `undef` - -##### `dbname` - -Data type: `Any` - - - -Default value: $title - -##### `owner` - -Data type: `Any` - - - -Default value: `undef` - -##### `tablespace` - -Data type: `Any` - - - -Default value: `undef` - -##### `template` - -Data type: `Any` - - - -Default value: 'template0' - -##### `encoding` - -Data type: `Any` - - - -Default value: $postgresql::server::encoding - -##### `locale` - -Data type: `Any` - - - -Default value: $postgresql::server::locale - -##### `istemplate` - -Data type: `Any` - - - -Default value: `false` - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::server::database_grant - -Manage a database grant. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::database_grant` defined type. - -##### `privilege` - -Data type: `Any` - - - -##### `db` - -Data type: `Any` - - - -##### `role` - -Data type: `Any` - - - -##### `ensure` - -Data type: `Any` - - - -Default value: `undef` - -##### `psql_db` - -Data type: `Any` - - - -Default value: `undef` - -##### `psql_user` - -Data type: `Any` - - - -Default value: `undef` - -##### `connect_settings` - -Data type: `Any` - - - -Default value: `undef` - -### postgresql::server::db - -Define for conveniently creating a role, database and assigning the correct -permissions. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::db` defined type. - -##### `user` - -Data type: `Any` - - - -##### `password` - -Data type: `Any` - - - -##### `comment` - -Data type: `Any` - - - -Default value: `undef` - -##### `dbname` - -Data type: `Any` - - - -Default value: $title - -##### `encoding` - -Data type: `Any` - - - -Default value: $postgresql::server::encoding - -##### `locale` - -Data type: `Any` - - - -Default value: $postgresql::server::locale - -##### `grant` - -Data type: `Any` - - - -Default value: 'ALL' - -##### `tablespace` - -Data type: `Any` - - - -Default value: `undef` - -##### `template` - -Data type: `Any` - - - -Default value: 'template0' - -##### `istemplate` - -Data type: `Any` - - - -Default value: `false` - -##### `owner` - -Data type: `Any` - - - -Default value: `undef` - -### postgresql::server::extension - -Activate an extension on a postgresql database - -#### Parameters - -The following parameters are available in the `postgresql::server::extension` defined type. - -##### `database` - -Data type: `Any` - - - -##### `extension` - -Data type: `Any` - - - -Default value: $name - -##### `schema` - -Data type: `Optional[String[1]]` - - - -Default value: `undef` - -##### `version` - -Data type: `Optional[String[1]]` - - - -Default value: `undef` - -##### `ensure` - -Data type: `String[1]` - - - -Default value: 'present' - -##### `package_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `package_ensure` - -Data type: `Any` - - - -Default value: `undef` - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::server::grant - -Define for granting permissions to roles. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::grant` defined type. - -##### `role` - -Data type: `String` - - - -##### `db` - -Data type: `String` - - - -##### `privilege` - -Data type: `String` - - - -Default value: '' - -##### `object_type` - -Data type: `Pattern[#/(?i:^COLUMN$)/, - /(?i:^ALL SEQUENCES IN SCHEMA$)/, - /(?i:^ALL TABLES IN SCHEMA$)/, - /(?i:^DATABASE$)/, - #/(?i:^FOREIGN DATA WRAPPER$)/, - #/(?i:^FOREIGN SERVER$)/, - #/(?i:^FUNCTION$)/, - /(?i:^LANGUAGE$)/, - #/(?i:^PROCEDURAL LANGUAGE$)/, - /(?i:^TABLE$)/, - #/(?i:^TABLESPACE$)/, - /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ - #/(?i:^VIEW$)/ - ]` - - - -Default value: 'database' - -##### `object_name` - -Data type: `Optional[Variant[ - Array[String,2,2], - String[1]] - ]` - - - -Default value: `undef` - -##### `psql_db` - -Data type: `String` - - - -Default value: $postgresql::server::default_database - -##### `psql_user` - -Data type: `String` - - - -Default value: $postgresql::server::user - -##### `port` - -Data type: `Integer` - - - -Default value: $postgresql::server::port - -##### `onlyif_exists` - -Data type: `Boolean` - - - -Default value: `false` - -##### `connect_settings` - -Data type: `Hash` - - - -Default value: $postgresql::server::default_connect_settings - -##### `ensure` - -Data type: `Enum['present', - 'absent' - ]` - - - -Default value: 'present' - -### postgresql::server::grant_role - -Define for granting membership to a role. See README.md for more information - -#### Parameters - -The following parameters are available in the `postgresql::server::grant_role` defined type. - -##### `group` - -Data type: `String[1]` - - - -##### `role` - -Data type: `String[1]` - - - -Default value: $name - -##### `ensure` - -Data type: `Enum['present', 'absent']` - - - -Default value: 'present' - -##### `psql_db` - -Data type: `Any` - - - -Default value: $postgresql::server::default_database - -##### `psql_user` - -Data type: `Any` - - - -Default value: $postgresql::server::user - -##### `port` - -Data type: `Any` - - - -Default value: $postgresql::server::port - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::server::pg_hba_rule - -This resource manages an individual rule that applies to the file defined in -$target. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::pg_hba_rule` defined type. - -##### `type` - -Data type: `Enum['local', 'host', 'hostssl', 'hostnossl']` - - - -##### `database` - -Data type: `String` - - - -##### `user` - -Data type: `String` - - - -##### `auth_method` - -Data type: `String` - - - -##### `address` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `description` - -Data type: `String` - - - -Default value: 'none' - -##### `auth_option` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `order` - -Data type: `Variant[String, Integer]` - - - -Default value: 150 - -##### `target` - -Data type: `Stdlib::Absolutepath` - - - -Default value: $postgresql::server::pg_hba_conf_path - -##### `postgresql_version` - -Data type: `String` - - - -Default value: $postgresql::server::_version - -### postgresql::server::pg_ident_rule - -This resource manages an individual rule that applies to the file defined in -$target. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::pg_ident_rule` defined type. - -##### `map_name` - -Data type: `Any` - - - -##### `system_username` - -Data type: `Any` - - - -##### `database_username` - -Data type: `Any` - - - -##### `description` - -Data type: `Any` - - - -Default value: 'none' - -##### `order` - -Data type: `Any` - - - -Default value: '150' - -##### `target` - -Data type: `Any` - - - -Default value: $postgresql::server::pg_ident_conf_path - -### postgresql::server::reassign_owned_by - -Define for reassigning the ownership of objects within a database. See README.md for more details. -This enables us to force the a particular ownership for objects within a database - -#### Parameters - -The following parameters are available in the `postgresql::server::reassign_owned_by` defined type. - -##### `old_role` - -Data type: `String` - - - -##### `new_role` - -Data type: `String` - - - -##### `db` - -Data type: `String` - - - -##### `psql_user` - -Data type: `String` - - - -Default value: $postgresql::server::user - -##### `port` - -Data type: `Integer` - - - -Default value: $postgresql::server::port - -##### `connect_settings` - -Data type: `Hash` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::server::recovery - -This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::recovery` defined type. - -##### `restore_command` - -Data type: `Any` - - - -Default value: `undef` - -##### `archive_cleanup_command` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_end_command` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target_time` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target_xid` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target_inclusive` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_target_timeline` - -Data type: `Any` - - - -Default value: `undef` - -##### `pause_at_recovery_target` - -Data type: `Any` - - - -Default value: `undef` - -##### `standby_mode` - -Data type: `Any` - - - -Default value: `undef` - -##### `primary_conninfo` - -Data type: `Any` - - - -Default value: `undef` - -##### `primary_slot_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `trigger_file` - -Data type: `Any` - - - -Default value: `undef` - -##### `recovery_min_apply_delay` - -Data type: `Any` - - - -Default value: `undef` - -##### `target` - -Data type: `Any` - - - -Default value: $postgresql::server::recovery_conf_path - -### postgresql::server::role - -Define for creating a database role. See README.md for more information - -#### Parameters - -The following parameters are available in the `postgresql::server::role` defined type. - -##### `update_password` - -Data type: `Any` - - - -Default value: `true` - -##### `password_hash` - -Data type: `Any` - - - -Default value: `false` - -##### `createdb` - -Data type: `Any` - - - -Default value: `false` - -##### `createrole` - -Data type: `Any` - - - -Default value: `false` - -##### `db` - -Data type: `Any` - - - -Default value: $postgresql::server::default_database - -##### `port` - -Data type: `Any` - - - -Default value: `undef` - -##### `login` - -Data type: `Any` - - - -Default value: `true` - -##### `inherit` - -Data type: `Any` - - - -Default value: `true` - -##### `superuser` - -Data type: `Any` - - - -Default value: `false` - -##### `replication` - -Data type: `Any` - - - -Default value: `false` - -##### `connection_limit` - -Data type: `Any` - - - -Default value: '-1' - -##### `username` - -Data type: `Any` - - - -Default value: $title - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -##### `ensure` - -Data type: `Enum['present', 'absent']` - - - -Default value: 'present' - -### postgresql::server::schema - -= Type: postgresql::server::schema - -Create a new schema. See README.md for more details. - -== Requires: - -The database must exist and the PostgreSQL user should have enough privileges - -== Sample Usage: - -postgresql::server::schema {'private': - db => 'template1', -} - -#### Parameters - -The following parameters are available in the `postgresql::server::schema` defined type. - -##### `db` - -Data type: `Any` - - - -Default value: $postgresql::server::default_database - -##### `owner` - -Data type: `Any` - - - -Default value: `undef` - -##### `schema` - -Data type: `Any` - - - -Default value: $title - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::server::table_grant - -This resource wraps the grant resource to manage table grants specifically. -See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::table_grant` defined type. - -##### `privilege` - -Data type: `Any` - - - -##### `table` - -Data type: `Any` - - - -##### `db` - -Data type: `Any` - - - -##### `role` - -Data type: `Any` - - - -##### `ensure` - -Data type: `Any` - - - -Default value: `undef` - -##### `port` - -Data type: `Any` - - - -Default value: `undef` - -##### `psql_db` - -Data type: `Any` - - - -Default value: `undef` - -##### `psql_user` - -Data type: `Any` - - - -Default value: `undef` - -##### `connect_settings` - -Data type: `Any` - - - -Default value: `undef` - -##### `onlyif_exists` - -Data type: `Any` - - - -Default value: `false` - -### postgresql::server::tablespace - -This module creates tablespace. See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::server::tablespace` defined type. - -##### `location` - -Data type: `Any` - - - -##### `owner` - -Data type: `Any` - - - -Default value: `undef` - -##### `spcname` - -Data type: `Any` - - - -Default value: $title - -##### `connect_settings` - -Data type: `Any` - - - -Default value: $postgresql::server::default_connect_settings - -### postgresql::validate_db_connection - -This type validates that a successful postgres connection can be established -between the node on which this resource is run and a specified postgres -instance (host/port/user/password/database name). - -See README.md for more details. - -#### Parameters - -The following parameters are available in the `postgresql::validate_db_connection` defined type. - -##### `database_host` - -Data type: `Any` - - - -Default value: `undef` - -##### `database_name` - -Data type: `Any` - - - -Default value: `undef` - -##### `database_password` - -Data type: `Any` - - - -Default value: `undef` - -##### `database_username` - -Data type: `Any` - - - -Default value: `undef` - -##### `database_port` - -Data type: `Any` - - - -Default value: `undef` - -##### `connect_settings` - -Data type: `Any` - - - -Default value: `undef` - -##### `run_as` - -Data type: `Any` - - - -Default value: `undef` - -##### `sleep` - -Data type: `Any` - - - -Default value: 2 - -##### `tries` - -Data type: `Any` - - - -Default value: 10 - -##### `create_db_first` - -Data type: `Any` - - - -Default value: `true` - -## Resource types - -### postgresql_conf - -This type allows puppet to manage postgresql.conf parameters. - -#### Properties - -The following properties are available in the `postgresql_conf` type. - -##### `ensure` - -Valid values: present, absent - -The basic property that the resource should be in. - -Default value: present - -##### `value` - -The value to set for this parameter. - -##### `target` - -The path to postgresql.conf - -#### Parameters - -The following parameters are available in the `postgresql_conf` type. - -##### `name` - -Valid values: %r{^[\w\.]+$} - -namevar - -The postgresql parameter name to manage. - -### postgresql_conn_validator - -Verify that a connection can be successfully established between a node -and the PostgreSQL server. Its primary use is as a precondition to -prevent configuration changes from being applied if the PostgreSQL -server cannot be reached, but it could potentially be used for other -purposes such as monitoring. - -#### Properties - -The following properties are available in the `postgresql_conn_validator` type. - -##### `ensure` - -Valid values: present, absent - -The basic property that the resource should be in. - -Default value: present - -#### Parameters - -The following parameters are available in the `postgresql_conn_validator` type. - -##### `name` - -namevar - -An arbitrary name used as the identity of the resource. - -##### `db_name` - -The name of the database you are trying to validate a connection with. - -##### `db_username` - -A user that has access to the target PostgreSQL database. - -##### `db_password` - -The password required to access the target PostgreSQL database. - -##### `host` - -The DNS name or IP address of the server where PostgreSQL should be running. - -##### `port` - -The port that the PostgreSQL server should be listening on. - -##### `connect_settings` - -Hash of environment variables for connection to a db. - -##### `sleep` - -The length of sleep time between connection tries. - -Default value: 2 - -##### `tries` - -The number of tries to validate the connection to the target PostgreSQL database. - -Default value: 10 - -##### `psql_path` - -Path to the psql command. - -##### `run_as` - -System user that will run the psql command. - -##### `command` - -Command to run against target database. - -Default value: SELECT 1 - -### postgresql_psql - -An arbitrary tag for your own reference; the name of the message. - -#### Properties - -The following properties are available in the `postgresql_psql` type. - -##### `command` - -The SQL command to execute via psql. - -#### Parameters - -The following parameters are available in the `postgresql_psql` type. - -##### `name` - -namevar - -An arbitrary tag for your own reference; the name of the message. - -##### `unless` - - - -##### `onlyif` - - - -##### `connect_settings` - -Connection settings that will be used when connecting to postgres - -##### `db` - -The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings - -##### `port` - -The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. - -##### `search_path` - -The schema search path to use when executing the SQL command - -##### `psql_path` - -The path to psql executable. - -Default value: psql - -##### `psql_user` - -The system user account under which the psql command should be executed. - -Default value: postgres - -##### `psql_group` - -The system user group account under which the psql command should be executed. - -Default value: postgres - -##### `cwd` - -The working directory under which the psql command should be executed. - -Default value: /tmp - -##### `environment` - -Any additional environment variables you want to set for a -SQL command. Multiple environment variables should be -specified as an array. - -##### `refreshonly` - -Valid values: `true`, `false` - -If 'true', then the SQL will only be executed via a notify/subscribe event. - -Default value: `false` - -### postgresql_replication_slot - -Manages Postgresql replication slots. - -This type allows to create and destroy replication slots -to register warm standby replication on a Postgresql -master server. - -#### Properties - -The following properties are available in the `postgresql_replication_slot` type. - -##### `ensure` - -Valid values: present, absent - -The basic property that the resource should be in. - -Default value: present - -#### Parameters - -The following parameters are available in the `postgresql_replication_slot` type. - -##### `name` - -Valid values: %r{^[a-z0-9_]+$} - -namevar - -The name of the slot to create. Must be a valid replication slot name. - -## Functions - -### postgresql_acls_to_resources_hash - -Type: Ruby 3.x API - -This internal function translates the ipv(4|6)acls format into a resource -suitable for create_resources. It is not intended to be used outside of the -postgresql internal classes/defined resources. - -This function accepts an array of strings that are pg_hba.conf rules. It -will return a hash that can be fed into create_resources to create multiple -individual pg_hba_rule resources. - -The second parameter is an identifier that will be included in the namevar -to provide uniqueness. It must be a string. - -The third parameter is an order offset, so you can start the order at an -arbitrary starting point. - -#### `postgresql_acls_to_resources_hash()` - -This internal function translates the ipv(4|6)acls format into a resource -suitable for create_resources. It is not intended to be used outside of the -postgresql internal classes/defined resources. - -This function accepts an array of strings that are pg_hba.conf rules. It -will return a hash that can be fed into create_resources to create multiple -individual pg_hba_rule resources. - -The second parameter is an identifier that will be included in the namevar -to provide uniqueness. It must be a string. - -The third parameter is an order offset, so you can start the order at an -arbitrary starting point. - -Returns: `Any` - -### postgresql_escape - -Type: Ruby 3.x API - -Safely escapes a string using $$ using a random tag which should be consistent - -#### `postgresql_escape()` - -Safely escapes a string using $$ using a random tag which should be consistent - -Returns: `Any` - -### postgresql_password - -Type: Ruby 3.x API - -Returns the postgresql password hash from the clear text username / password. - -#### `postgresql_password()` - -Returns the postgresql password hash from the clear text username / password. - -Returns: `Any` - -## Tasks - -### sql - -Allows you to execute arbitary SQL - -**Supports noop?** false - -#### Parameters - -##### `database` - -Data type: `Optional[String[1]]` - -Database to connect to - -##### `host` - -Data type: `Optional[String[1]]` - -Hostname to connect to - -##### `password` - -Data type: `Optional[String[1]]` - -The password - -##### `port` - -Data type: `Optional[String[1]]` - -The port - -##### `sql` - -Data type: `String[1]` - -The SQL you want to execute - -##### `user` - -Data type: `Optional[String[1]]` - -The user - From 007efe825e08e5ef582906c9312db11e8b7e173e Mon Sep 17 00:00:00 2001 From: Michael T Lombardi Date: Fri, 18 Oct 2019 17:28:57 -0500 Subject: [PATCH 0448/1000] (FM-8275) Add vagrant provision list Prior to this commit the only provisioners included in the provision lists were docker and vmpooler, neither of which are particularly accessible to folks developing on Windows outside of Puppet. This commit adds a list which leverages the vagrant provisioner. --- provision.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/provision.yaml b/provision.yaml index 9e8e815014..678232181d 100644 --- a/provision.yaml +++ b/provision.yaml @@ -17,6 +17,9 @@ waffle_scientificlinux6: waffle_el7: provisioner: docker images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] +vagrant: + provisioner: vagrant + images: ['centos/7', 'generic/ubuntu1804'] release_checks: provisioner: vmpooler images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 4399f7f527f10999d1f4102eb527573eaa96b72a Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Thu, 24 Oct 2019 15:21:54 +0100 Subject: [PATCH 0449/1000] Point pdk gem to head of master until PDK-1525 resolved --- Gemfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 0e395e7ecb..177a2ca1b5 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,5 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' +gem 'pdk', git: 'https://github.com/puppetlabs/pdk.git', branch: 'master' def location_for(place_or_version, fake_version = nil) git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} @@ -70,4 +71,4 @@ extra_gemfiles.each do |gemfile| eval(File.read(gemfile), binding) end end -# vim: syntax=ruby +# vim: syntax=ruby \ No newline at end of file From c7aebc7e043945a3dcb693090d89775c60289e3e Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Fri, 25 Oct 2019 11:06:15 +0100 Subject: [PATCH 0450/1000] Add default option to case statement setting port labels on SELinux --- manifests/server/config.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 8cbe7fa63e..bc1234ed8b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -122,6 +122,9 @@ } } } + default: { + $package_name = 'policycoreutils' + } } ensure_packages([$package_name]) From d613ebb23d89b1d300faf314463ac9e9d6cc69ed Mon Sep 17 00:00:00 2001 From: Ketan Patel Date: Fri, 25 Oct 2019 17:53:22 -0400 Subject: [PATCH 0451/1000] MODULES-10041 - allow define password_encryption for version above 10 --- REFERENCE.md | 8 ++++++++ manifests/params.pp | 2 +- manifests/server.pp | 1 + manifests/server/config.pp | 7 +++++++ 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/REFERENCE.md b/REFERENCE.md index 3b291ca179..b5e51d03a3 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -973,6 +973,14 @@ Set timezone for the PostgreSQL instance Default value: $postgresql::params::timezone +##### `password_encryption` + +Data type: `Any` + +Set Password Authentication when password-based authentication methods used + +Default value: $postgresql::params::password_encryption + ##### `manage_pg_hba_conf` Data type: `Any` diff --git a/manifests/params.pp b/manifests/params.pp index 6b2a4d28d4..a2a0a6c066 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -24,7 +24,7 @@ $manage_selinux = pick($manage_selinux, false) $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') - + $password_encryption = undef $manage_datadir = true $manage_logdir = true $manage_xlogdir = true diff --git a/manifests/server.pp b/manifests/server.pp index 4deb155485..f388cd64de 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -137,6 +137,7 @@ $manage_datadir = $postgresql::params::manage_datadir, $manage_logdir = $postgresql::params::manage_logdir, $manage_xlogdir = $postgresql::params::manage_xlogdir, + $password_encryption = $postgresql::params::password_encryption, Hash[String, Hash] $roles = {}, Hash[String, Any] $config_entries = {}, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index bc1234ed8b..9b9979383c 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -22,6 +22,7 @@ $service_name = $postgresql::server::service_name $log_line_prefix = $postgresql::server::log_line_prefix $timezone = $postgresql::server::timezone + $password_encryption = $postgresql::server::password_encryption if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file @@ -140,6 +141,12 @@ value => $port, } + if ($password_encryption) and ($version >= 10){ + postgresql::server::config_entry { 'password_encryption': + value => $password_encryption, + } + } + postgresql::server::config_entry { 'data_directory': value => $datadir, } From 480bb71207162ee3fb9c7a506e4ac9ca057d3e27 Mon Sep 17 00:00:00 2001 From: Ben Arblaster Date: Wed, 30 Oct 2019 10:28:03 +0000 Subject: [PATCH 0452/1000] Add postgis support for postgres 11 and 12 --- manifests/globals.pp | 2 ++ manifests/params.pp | 2 ++ 2 files changed, 4 insertions(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 50681f9735..705dcaf653 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -240,6 +240,8 @@ '9.5' => '2.3', '9.6' => '2.3', '10' => '2.4', + '11' => '3.0', + '12' => '3.0', default => undef, } $globals_postgis_version = $postgis_version ? { diff --git a/manifests/params.pp b/manifests/params.pp index a2a0a6c066..fdfc91ce31 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -175,6 +175,8 @@ $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") if $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") + } elsif $postgis_version and versioncmp($postgis_version, '3') >= 0 { + $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-3") } else { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } From 116d2091c88e8f49ee29733d77b20f734498df3e Mon Sep 17 00:00:00 2001 From: Glenn Sarti Date: Fri, 1 Nov 2019 10:20:20 +0800 Subject: [PATCH 0453/1000] (maint) Update for PDK templates This commit updates the module as per PDK-Templates commit 0b5b39b --- .rubocop.yml | 7 +++++++ Gemfile | 2 +- Rakefile | 13 +++++++++++-- metadata.json | 4 ++-- spec/default_facts.yml | 1 + 5 files changed, 22 insertions(+), 5 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 3cd2b0e5a9..bab25db536 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -27,6 +27,7 @@ GetText/DecorateString: Description: We don't want to decorate test output. Exclude: - spec/**/* + Enabled: false RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. @@ -88,6 +89,12 @@ Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true +GetText/DecorateFunctionMessage: + Enabled: false +GetText/DecorateStringFormattingUsingInterpolation: + Enabled: false +GetText/DecorateStringFormattingUsingPercent: + Enabled: false Layout/EndOfLine: Enabled: false Layout/IndentHeredoc: diff --git a/Gemfile b/Gemfile index 177a2ca1b5..f7560c1626 100644 --- a/Gemfile +++ b/Gemfile @@ -71,4 +71,4 @@ extra_gemfiles.each do |gemfile| eval(File.read(gemfile), binding) end end -# vim: syntax=ruby \ No newline at end of file +# vim: syntax=ruby diff --git a/Rakefile b/Rakefile index 19d583df72..c9e16236ca 100644 --- a/Rakefile +++ b/Rakefile @@ -15,8 +15,17 @@ end def changelog_project return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['source'].match(%r{.*/([^/]*)})[1] - raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil? + + returnVal = nil + returnVal ||= begin + metadata_source = JSON.load(File.read('metadata.json'))['source'] + metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) + + metadata_source_match && metadata_source_match[1] + end + + raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator project:#{returnVal}" returnVal end diff --git a/metadata.json b/metadata.json index 61944deedf..5d2361c537 100644 --- a/metadata.json +++ b/metadata.json @@ -85,7 +85,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.12.0", + "pdk-version": "1.14.0", "template-url": "https://github.com/puppetlabs/pdk-templates/#master", - "template-ref": "1.12.0-0-g55d9ae2" + "template-ref": "1.14.1-0-g0b5b39b" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml index ea1e4808e3..f777abfc99 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -3,5 +3,6 @@ # Facts specified here will override the values provided by rspec-puppet-facts. --- ipaddress: "172.16.254.254" +ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" is_pe: false macaddress: "AA:AA:AA:AA:AA:AA" From 26efaba28a87b0be2110f4502d170556bdc42a37 Mon Sep 17 00:00:00 2001 From: Glenn Sarti Date: Fri, 1 Nov 2019 10:22:02 +0800 Subject: [PATCH 0454/1000] (PDK-1501) Allow Travis CI config to be templated Previously the module unmanaged the Travis CI file when converted to Litmus. This commit allows the Travis CI file to be managed. --- .sync.yml | 137 +++++++++++++++++++++++++++++++++++++++++++++++++++- .travis.yml | 131 +++++++++++++++++++------------------------------ 2 files changed, 187 insertions(+), 81 deletions(-) diff --git a/.sync.yml b/.sync.yml index a4f15176c8..0a5a7361d0 100644 --- a/.sync.yml +++ b/.sync.yml @@ -7,7 +7,142 @@ unmanaged: true .travis.yml: - unmanaged: true + dist: trusty + user: puppet + secure: "" + branches: + - release + includes: + - + bundler_args: + dist: trusty + env: PLATFORMS=debian_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=debian_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet6 + rvm: 2.5.3 + before_script: + - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - time bundle exec rake 'litmus:install_agent[puppet6]' + - time bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + - + bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required appveyor.yml: delete: true diff --git a/.travis.yml b/.travis.yml index d740ab025f..2f0409ded3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,149 +13,120 @@ script: bundler_args: --without system_tests rvm: - 2.5.3 -env: - global: - - PUPPET_GEM_VERSION="~> 6.0" +stages: + - static + - spec + - acceptance + - + if: tag =~ ^v\d + name: deploy matrix: fast_finish: true include: - - bundler_args: + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + stage: static + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec + - + env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + rvm: 2.5.3 + stage: spec + - + env: DEPLOY_TO_FORGE=yes + stage: deploy + - + before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=debian_puppet5 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=debian_puppet6 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=ubuntu_puppet5 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["time bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "time bundle exec rake 'litmus:install_agent[puppet6]'", "time bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=ubuntu_puppet6 rvm: 2.5.3 - before_script: - - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' - - time bundle exec rake 'litmus:install_agent[puppet6]' - - time bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=centos6_puppet5 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=centos6_puppet6 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=scientificlinux6_puppet5 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=scientificlinux6_puppet6 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=el7_puppet5 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - bundler_args: + before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + bundler_args: dist: trusty env: PLATFORMS=el7_puppet6 rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel + script: ["bundle exec rake litmus:acceptance:parallel"] services: docker sudo: required - - - env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop" - - - env: CHECK=parallel_spec - - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 branches: only: - master From 1bce1128df9cb1c890fb1c9eac06c8616d77cf5e Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 1 Nov 2019 16:48:54 +0000 Subject: [PATCH 0455/1000] (FM-8634) ensure encrypted communication for fixtures --- .fixtures.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 8381746a03..f87b7e1bd0 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -5,10 +5,10 @@ fixtures: repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" puppet_version: ">= 6.0.0" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" - facts: 'git://github.com/puppetlabs/puppetlabs-facts.git' + facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" - provision: "git://github.com/puppetlabs/provision.git" - puppet_agent: 'git://github.com/puppetlabs/puppetlabs-puppet_agent.git' + provision: "https://github.com/puppetlabs/provision.git" + puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: repo: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" From a290a3d67e531585043f3a3d155662f98035ff3b Mon Sep 17 00:00:00 2001 From: Glenn Sarti Date: Tue, 5 Nov 2019 13:43:41 +0800 Subject: [PATCH 0456/1000] (PDK-1501) Fix acceptance stages in Travis CI Previously the Travis CI file was brought under PDK control, however the sync.yml did not contain the stage settings for the Litmus jobs which meant that they did not run. This commit fixes that error and runs PDK Update again --- .sync.yml | 10 ++++++++++ .travis.yml | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/.sync.yml b/.sync.yml index 0a5a7361d0..d51ccd69f7 100644 --- a/.sync.yml +++ b/.sync.yml @@ -26,6 +26,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -39,6 +40,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -52,6 +54,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -65,6 +68,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -78,6 +82,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -91,6 +96,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -104,6 +110,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -117,6 +124,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -130,6 +138,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance - bundler_args: dist: trusty @@ -143,6 +152,7 @@ - bundle exec rake litmus:acceptance:parallel services: docker sudo: required + stage: acceptance appveyor.yml: delete: true diff --git a/.travis.yml b/.travis.yml index 2f0409ded3..360f588d29 100644 --- a/.travis.yml +++ b/.travis.yml @@ -45,6 +45,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] @@ -54,6 +55,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] @@ -63,6 +65,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["time bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "time bundle exec rake 'litmus:install_agent[puppet6]'", "time bundle exec rake litmus:install_module"] @@ -72,6 +75,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] @@ -81,6 +85,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] @@ -90,6 +95,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] @@ -99,6 +105,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] @@ -108,6 +115,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] @@ -117,6 +125,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required - before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] @@ -126,6 +135,7 @@ matrix: rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker + stage: acceptance sudo: required branches: only: From 781e798796830f857a037827a00366834d86cac7 Mon Sep 17 00:00:00 2001 From: David Swan Date: Mon, 11 Nov 2019 10:33:37 +0000 Subject: [PATCH 0457/1000] (FM-8679) - Support added for CentOS 8 --- metadata.json | 3 ++- provision.yaml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index 5d2361c537..c3553279fd 100644 --- a/metadata.json +++ b/metadata.json @@ -36,7 +36,8 @@ "operatingsystemrelease": [ "5", "6", - "7" + "7", + "8" ] }, { diff --git a/provision.yaml b/provision.yaml index 678232181d..3c6ed5a1c6 100644 --- a/provision.yaml +++ b/provision.yaml @@ -22,4 +22,4 @@ vagrant: images: ['centos/7', 'generic/ubuntu1804'] release_checks: provisioner: vmpooler - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 1f41e86f2a830333af1fadd2e405eca3b9b67c79 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Mon, 18 Nov 2019 17:19:40 +0000 Subject: [PATCH 0458/1000] Add support for granting privileges on functions --- manifests/server/grant.pp | 39 +++++++++++++++++--- spec/acceptance/server/grant_spec.rb | 38 ++++++++++++++++++++ spec/unit/defines/server/grant_spec.rb | 50 ++++++++++++++++++++++++++ 3 files changed, 122 insertions(+), 5 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 6790c6822d..2749e74f00 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -21,7 +21,7 @@ /(?i:^DATABASE$)/, #/(?i:^FOREIGN DATA WRAPPER$)/, #/(?i:^FOREIGN SERVER$)/, - #/(?i:^FUNCTION$)/, + /(?i:^FUNCTION$)/, /(?i:^LANGUAGE$)/, #/(?i:^PROCEDURAL LANGUAGE$)/, /(?i:^TABLE$)/, @@ -34,6 +34,8 @@ Array[String,2,2], String[1]] ] $object_name = undef, + Array[String[1],0] + $object_arguments = [], String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, Integer $port = $postgresql::server::port, @@ -47,11 +49,11 @@ case $ensure { default: { # default is 'present' - $sql_command = 'GRANT %s ON %s "%s" TO "%s"' + $sql_command = 'GRANT %s ON %s "%s"%s TO "%s"' $unless_is = true } 'absent': { - $sql_command = 'REVOKE %s ON %s "%s" FROM "%s"' + $sql_command = 'REVOKE %s ON %s "%s"%s FROM "%s"' $unless_is = false } } @@ -112,6 +114,7 @@ default => undef, 'absent' => 'role_exists', } + $arguments = '' } 'SCHEMA': { $unless_privilege = $_privilege ? { @@ -127,6 +130,7 @@ $unless_function = 'has_schema_privilege' $on_db = $db $onlyif_function = undef + $arguments = '' } 'SEQUENCE': { $unless_privilege = $_privilege ? { @@ -143,6 +147,7 @@ $unless_function = 'has_sequence_privilege' $on_db = $db $onlyif_function = undef + $arguments = '' } 'ALL SEQUENCES IN SCHEMA': { case $_privilege { @@ -159,6 +164,7 @@ $unless_function = 'custom' $on_db = $db $onlyif_function = undef + $arguments = '' $schema = $object_name @@ -275,6 +281,7 @@ true => 'table_exists', default => undef, } + $arguments = '' } 'ALL TABLES IN SCHEMA': { case $_privilege { @@ -295,6 +302,7 @@ $unless_function = 'custom' $on_db = $db $onlyif_function = undef + $arguments = '' $schema = $object_name @@ -366,6 +374,26 @@ true => 'language_exists', default => undef, } + $arguments = '' + } + 'FUNCTION': { + $unless_privilege = $_privilege ? { + 'ALL' => 'EXECUTE', + 'ALL PRIVILEGES' => 'EXECUTE', + Pattern[ + /^$/, + /^EXECUTE$/, + ] => $_privilege, + default => fail('Illegal value for $privilege parameter'), + } + $unless_function = 'has_function_privilege' + $on_db = $db + $onlyif_function = $onlyif_exists ? { + true => 'function_exists', + default => undef, + } + $_quoted_args = join($object_arguments.map |$arg| { "\"${arg}\"" }, ',') + $arguments = "(${_quoted_args})" } default: { @@ -397,17 +425,18 @@ false => undef, 'custom' => $custom_unless, default => "SELECT 1 WHERE ${unless_function}('${role}', - '${_granted_object}', '${unless_privilege}') = ${unless_is}", + '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", } $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}'", + 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object}${arguments}'", default => undef, } - $grant_cmd = sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $role) + $grant_cmd = sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role) postgresql_psql { "grant:${name}": command => $grant_cmd, diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index c37db4170c..50e1e69d9d 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -203,6 +203,44 @@ class { 'postgresql::server': } end end end + ### FUNCTION grants + context 'sequence' do + let(:pp) do + pp_setup + <<-MANIFEST.unindent + postgresql_psql { 'create test function': + command => "CREATE FUNCTION test_func() RETURNS boolean AS 'SELECT true' LANGUAGE 'sql'", + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM information_schema.routines WHERE routine_name = 'test_func'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant execute on test_func': + privilege => 'EXECUTE', + object_type => 'FUNCTION', + object_name => 'test_func', + db => $db, + role => $user, + require => [ Postgresql_psql['create test function'], + Postgresql::Server::Role[$user], ] + } + MANIFEST + end + + it 'grants execute on a function to a user' do + begin + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) + + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func()', 'EXECUTE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + end + end ### TABLE grants context 'table' do describe 'GRANT ... ON TABLE' do diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 32bda6cf22..63d1e9e4ea 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -214,6 +214,56 @@ class {'postgresql::server':} end end + context 'function' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'execute', + object_name: 'test', + object_arguments: ['text', 'text'], + object_type: 'function', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('test') } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT EXECUTE ON FUNCTION "test"\("text","text"\) TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'test\("text","text"\)', 'EXECUTE'\)}m) + end + end + + context 'function with schema' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'execute', + object_name: ['myschema', 'test'], + object_arguments: ['text', 'text'], + object_type: 'function', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('test') } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT EXECUTE ON FUNCTION "myschema"."test"\("text","text"\) TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'myschema.test\("text","text"\)', 'EXECUTE'\)}m) + end + end + context 'invalid object_type' do let :params do { From 1317c8069eaf3d2470d180553d7d374ad04fd480 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 21 Nov 2019 17:17:50 +0000 Subject: [PATCH 0459/1000] (maint) sort and canonicalise .sync.yml --- .sync.yml | 300 ++++++++++++++++++++++++++---------------------------- 1 file changed, 142 insertions(+), 158 deletions(-) diff --git a/.sync.yml b/.sync.yml index d51ccd69f7..e21d875f6e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,173 +1,157 @@ --- -.gitignore: +".gitignore": required: - - ---.project - -.gitlab-ci.yml: + - "---.project" +".gitlab-ci.yml": unmanaged: true - -.travis.yml: +".travis.yml": dist: trusty user: puppet - secure: "" + secure: '' branches: - - release + - release includes: - - - bundler_args: - dist: trusty - env: PLATFORMS=debian_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=debian_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=ubuntu_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=ubuntu_puppet6 - rvm: 2.5.3 - before_script: - - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' - - time bundle exec rake 'litmus:install_agent[puppet6]' - - time bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=centos6_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=centos6_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=scientificlinux6_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=scientificlinux6_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=el7_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - - bundler_args: - dist: trusty - env: PLATFORMS=el7_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - + - bundler_args: + dist: trusty + env: PLATFORMS=debian_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=debian_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=ubuntu_puppet6 + rvm: 2.5.3 + before_script: + - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - time bundle exec rake 'litmus:install_agent[puppet6]' + - time bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=centos6_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=scientificlinux6_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet5 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet5]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance + - bundler_args: + dist: trusty + env: PLATFORMS=el7_puppet6 + rvm: 2.5.3 + before_script: + - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:install_agent[puppet6]' + - bundle exec rake litmus:install_module + script: + - bundle exec rake litmus:acceptance:parallel + services: docker + sudo: required + stage: acceptance appveyor.yml: delete: true - Gemfile: optional: - ':development': - - gem: 'github_changelog_generator' - git: 'https://github.com/skywinder/github-changelog-generator' - ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' - condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')" - + ":development": + - gem: github_changelog_generator + git: https://github.com/skywinder/github-changelog-generator + ref: 20ee04ba1234e9e83eb2ffb5056e23d641c7a018 + condition: Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') Rakefile: changelog_user: puppetlabs - spec/spec_helper.rb: - mock_with: ':rspec' + mock_with: ":rspec" coverage_report: true From d0b14551fe0a6cda277b30509c16a960d49abd1d Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 21 Nov 2019 17:18:40 +0000 Subject: [PATCH 0460/1000] (maint) mark .gitlab-ci.yml as deleted --- .sync.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.sync.yml b/.sync.yml index e21d875f6e..9829049156 100644 --- a/.sync.yml +++ b/.sync.yml @@ -3,7 +3,7 @@ required: - "---.project" ".gitlab-ci.yml": - unmanaged: true + delete: true ".travis.yml": dist: trusty user: puppet From 5f4c6a1b2dbb924c9e58641f2a06ac34b8f44805 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 21 Nov 2019 18:06:18 +0000 Subject: [PATCH 0461/1000] (maint) remove obsolete gepetto .project files --- .project | 23 ----------------------- .sync.yml | 3 --- 2 files changed, 26 deletions(-) delete mode 100644 .project diff --git a/.project b/.project deleted file mode 100644 index 96606a4a1a..0000000000 --- a/.project +++ /dev/null @@ -1,23 +0,0 @@ - - - puppetlabs-postgresql - - - - - - com.puppetlabs.geppetto.pp.dsl.ui.modulefileBuilder - - - - - org.eclipse.xtext.ui.shared.xtextBuilder - - - - - - com.puppetlabs.geppetto.pp.dsl.ui.puppetNature - org.eclipse.xtext.ui.shared.xtextNature - - diff --git a/.sync.yml b/.sync.yml index 9829049156..9a537cfba0 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,7 +1,4 @@ --- -".gitignore": - required: - - "---.project" ".gitlab-ci.yml": delete: true ".travis.yml": From 030bddb9932b73ec9dbd6f5bfeda90cbb6b16f54 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 21 Nov 2019 18:16:13 +0000 Subject: [PATCH 0462/1000] (maint) update gitignore and pdkignore for .project file removal --- .gitignore | 1 + .pdkignore | 1 + 2 files changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 3f4e2e8494..2767022cd6 100644 --- a/.gitignore +++ b/.gitignore @@ -22,5 +22,6 @@ /convert_report.txt /update_report.txt .DS_Store +.project .envrc /inventory.yaml diff --git a/.pdkignore b/.pdkignore index 54d2cda3ab..e6215cd0cb 100644 --- a/.pdkignore +++ b/.pdkignore @@ -22,6 +22,7 @@ /convert_report.txt /update_report.txt .DS_Store +.project .envrc /inventory.yaml /appveyor.yml From d9c3ec32cff9725a2114388de094a5cac416656f Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 25 Nov 2019 18:25:28 +0000 Subject: [PATCH 0463/1000] (maint) enable simplecov for ruby codecoverage testing --- .sync.yml | 1 + .travis.yml | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.sync.yml b/.sync.yml index 9a537cfba0..4260cea831 100644 --- a/.sync.yml +++ b/.sync.yml @@ -138,6 +138,7 @@ services: docker sudo: required stage: acceptance + simplecov: true appveyor.yml: delete: true Gemfile: diff --git a/.travis.yml b/.travis.yml index 360f588d29..98df06fa74 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,7 +9,7 @@ before_install: - gem --version - bundle -v script: - - 'bundle exec rake $CHECK' + - 'SIMPLECOV=yes bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - 2.5.3 @@ -34,9 +34,6 @@ matrix: env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec rvm: 2.5.3 stage: spec - - - env: DEPLOY_TO_FORGE=yes - stage: deploy - before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] bundler_args: @@ -137,6 +134,9 @@ matrix: services: docker stage: acceptance sudo: required + - + env: DEPLOY_TO_FORGE=yes + stage: deploy branches: only: - master From 75c991a9a50a6b91bc3145d51d14ef96b21b9856 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 27 Nov 2019 18:31:35 +0000 Subject: [PATCH 0464/1000] (maint) Update to PDK 1.14.1 --- Gemfile | 1 - metadata.json | 6 +++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index f7560c1626..0e395e7ecb 100644 --- a/Gemfile +++ b/Gemfile @@ -1,5 +1,4 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' -gem 'pdk', git: 'https://github.com/puppetlabs/pdk.git', branch: 'master' def location_for(place_or_version, fake_version = nil) git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} diff --git a/metadata.json b/metadata.json index c3553279fd..fd3770148d 100644 --- a/metadata.json +++ b/metadata.json @@ -86,7 +86,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.14.0", - "template-url": "https://github.com/puppetlabs/pdk-templates/#master", - "template-ref": "1.14.1-0-g0b5b39b" + "pdk-version": "1.14.1", + "template-url": "https://github.com/puppetlabs/pdk-templates#master", + "template-ref": "heads/master-0-gfaf9e8b" } From 3526115d4f93f694bd1879b15bfb351aa16c9153 Mon Sep 17 00:00:00 2001 From: sheena Date: Fri, 6 Dec 2019 14:39:16 +0000 Subject: [PATCH 0465/1000] MODULES-10236 disable deploy_to_forge for the module --- .sync.yml | 2 ++ .travis.yml | 6 ------ metadata.json | 2 +- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.sync.yml b/.sync.yml index 4260cea831..b07489745b 100644 --- a/.sync.yml +++ b/.sync.yml @@ -3,6 +3,8 @@ delete: true ".travis.yml": dist: trusty + deploy_to_forge: + enabled: false user: puppet secure: '' branches: diff --git a/.travis.yml b/.travis.yml index 98df06fa74..e0bd4b2bff 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,9 +17,6 @@ stages: - static - spec - acceptance - - - if: tag =~ ^v\d - name: deploy matrix: fast_finish: true include: @@ -134,9 +131,6 @@ matrix: services: docker stage: acceptance sudo: required - - - env: DEPLOY_TO_FORGE=yes - stage: deploy branches: only: - master diff --git a/metadata.json b/metadata.json index fd3770148d..9f2f422454 100644 --- a/metadata.json +++ b/metadata.json @@ -88,5 +88,5 @@ ], "pdk-version": "1.14.1", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-gfaf9e8b" + "template-ref": "heads/master-0-g643529a" } From 13656d34e562e7cb55663328a53e639f534bc765 Mon Sep 17 00:00:00 2001 From: Molly Waggett Date: Tue, 10 Dec 2019 10:18:29 -0800 Subject: [PATCH 0466/1000] (maint) Remove MAINTAINERS file --- MAINTAINERS.md | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 MAINTAINERS.md diff --git a/MAINTAINERS.md b/MAINTAINERS.md deleted file mode 100644 index d8c8f6f681..0000000000 --- a/MAINTAINERS.md +++ /dev/null @@ -1,6 +0,0 @@ -## Maintenance - -Maintainers: - - Puppet Forge Modules Team `forge-modules |at| puppet |dot| com` - -Tickets: https://tickets.puppet.com/browse/MODULES. Make sure to set component to `postgresql`. From 0e31e595d0582079becfe6371b57dfca5f714564 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 16 Dec 2019 20:14:40 +0000 Subject: [PATCH 0467/1000] (maint) update travis to not use bundle update --system --- .travis.yml | 4 +++- metadata.json | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index e0bd4b2bff..770a30f7c8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,9 @@ cache: bundler before_install: - bundle -v - rm -f Gemfile.lock - - gem update --system $RUBYGEMS_VERSION + - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" + - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" + - '[ -z "$RUBYGEMS_VERSION" ] || gem update --system $RUBYGEMS_VERSION' - gem --version - bundle -v script: diff --git a/metadata.json b/metadata.json index 9f2f422454..85ed89d66f 100644 --- a/metadata.json +++ b/metadata.json @@ -86,7 +86,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.14.1", + "pdk-version": "1.15.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g643529a" + "template-ref": "heads/master-0-gcaed9d7" } From ab55661c56397b6ae62e97e325695c9ee58a5443 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 16 Dec 2019 20:57:22 +0000 Subject: [PATCH 0468/1000] (maint) update travis to notify puppet slack --- .sync.yml | 3 +++ .travis.yml | 2 ++ 2 files changed, 5 insertions(+) diff --git a/.sync.yml b/.sync.yml index b07489745b..a4a0e35fef 100644 --- a/.sync.yml +++ b/.sync.yml @@ -141,6 +141,9 @@ sudo: required stage: acceptance simplecov: true + notifications: + slack: + secure: sulU0RHAFNMVQyQnqcyRHLRjL7Zl1Ao7ywuObL/qTsCiIweRsFiHX0BdTrurxobhjgdHQizx9G2IakkvhE120AOlLbCV9Nw45tvyuzdV4HhdPSKtwdWWKXgU4IvP2tSblZ4hCOEG4CuEKPvFtoY8UEW2ODmvvwFlQz+GOYOBYMw= appveyor.yml: delete: true Gemfile: diff --git a/.travis.yml b/.travis.yml index 770a30f7c8..bd02c5ea2c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -140,6 +140,8 @@ branches: - release notifications: email: false + slack: + secure: sulU0RHAFNMVQyQnqcyRHLRjL7Zl1Ao7ywuObL/qTsCiIweRsFiHX0BdTrurxobhjgdHQizx9G2IakkvhE120AOlLbCV9Nw45tvyuzdV4HhdPSKtwdWWKXgU4IvP2tSblZ4hCOEG4CuEKPvFtoY8UEW2ODmvvwFlQz+GOYOBYMw= deploy: provider: puppetforge user: puppet From bbbb518d1d568608e23d87a625a279a34fa623bf Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 17 Dec 2019 16:55:41 +0000 Subject: [PATCH 0469/1000] (MODULES-10133) - 6.3.0 Release Preperation --- CHANGELOG.md | 10 ++++++++++ metadata.json | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c99d1fe4d0..bf5e847224 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-12-17) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.2.0) + +### Added + +- Add support for granting privileges on functions [\#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) +- \(FM-8679\) - Support added for CentOS 8 [\#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) +- MODULES-10041 - allow define password\_encryption for version above 10 [\#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) + ## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) diff --git a/metadata.json b/metadata.json index 85ed89d66f..c4c9d5a479 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.2.0", + "version": "6.3.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 0c0e373616f104f2b4ad2b980d6b2cae1d8aab58 Mon Sep 17 00:00:00 2001 From: lionce Date: Wed, 18 Dec 2019 16:39:31 +0200 Subject: [PATCH 0470/1000] Add GitHub actions workflow --- .github/workflows/release.yml | 43 +++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..dacc2ff7aa --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,43 @@ +name: "release" + +on: + push: + branches: + - 'release' + +jobs: + LitmusAcceptance: + runs-on: self-hosted + strategy: + matrix: + ruby_version: [2.5.x] + puppet_gem_version: [~> 6.0] + platform: [release_checks] + agent_family: ['puppet5', 'puppet6'] + + steps: + - uses: actions/checkout@v1 + - name: Litmus Parallel + uses: puppetlabs/action-litmus_parallel@master + with: + platform: ${{ matrix.platform }} + agent_family: ${{ matrix.agent_family }} + Spec: + runs-on: self-hosted + strategy: + matrix: + check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] + ruby_version: [2.5.x] + puppet_gem_version: [~> 5.0, ~> 6.0] + exclude: + - puppet_gem_version: ~> 5.0 + check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' + - ruby_version: 2.5.x + puppet_gem_version: ~> 5.0 + steps: + - uses: actions/checkout@v1 + - name: Spec Tests + uses: puppetlabs/action-litmus_spec@master + with: + puppet_gem_version: ${{ matrix.puppet_gem_version }} + check: ${{ matrix.check }} From c3b06d6093b0aab210ec06b11e92a731c608fccd Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Mon, 6 Jan 2020 09:57:52 -0800 Subject: [PATCH 0471/1000] Porting functions to the modern Puppet 4.x API --- .../postgresql_acls_to_resources_hash.rb | 102 ++++++++++++++++++ .../functions/postgresql/postgresql_escape.rb | 56 ++++++++++ .../postgresql/postgresql_password.rb | 49 +++++++++ ..._postgresql_acls_to_resources_hash_spec.rb | 41 +++++++ .../postgresql_postgresql_escape_spec.rb | 41 +++++++ .../postgresql_postgresql_password_spec.rb | 41 +++++++ 6 files changed, 330 insertions(+) create mode 100644 lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb create mode 100644 lib/puppet/functions/postgresql/postgresql_escape.rb create mode 100644 lib/puppet/functions/postgresql/postgresql_password.rb create mode 100644 spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb create mode 100644 spec/functions/postgresql_postgresql_escape_spec.rb create mode 100644 spec/functions/postgresql_postgresql_password_spec.rb diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb new file mode 100644 index 0000000000..ae735ece09 --- /dev/null +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -0,0 +1,102 @@ +# This is an autogenerated function, ported from the original legacy version. +# It /should work/ as is, but will not have all the benefits of the modern +# function API. You should see the function docs to learn how to add function +# signatures for type safety and to document this function using puppet-strings. +# +# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html +# +# ---- original file header ---- +# postgresql_acls_to_resources_hash.rb +# ---- original file header ---- +# +# @summary +# This internal function translates the ipv(4|6)acls format into a resource +# suitable for create_resources. It is not intended to be used outside of the +# postgresql internal classes/defined resources. +# +# @return This function accepts an array of strings that are pg_hba.conf rules. It +# will return a hash that can be fed into create_resources to create multiple +# individual pg_hba_rule resources. +# +# The second parameter is an identifier that will be included in the namevar +# to provide uniqueness. It must be a string. +# +# The third parameter is an order offset, so you can start the order at an +# arbitrary starting point. +# +# +Puppet::Functions.create_function(:'postgresql::postgresql_acls_to_resources_hash') do + # @param args + # The original array of arguments. Port this to individually managed params + # to get the full benefit of the modern function API. + # + # @return [Data type] + # Describe what the function returns here + # + dispatch :default_impl do + # Call the method named 'default_impl' when this is matched + # Port this to match individual params for better type safety + repeated_param 'Any', :args + end + + + def default_impl(*args) + + func_name = 'postgresql_acls_to_resources_hash()' + + if args.size != 3 + raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " \ + "given (#{args.size} for 3)") + end + + acls = args[0] + raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ + unless acls.instance_of? Array + + id = args[1] + raise(Puppet::ParseError, "#{func_name}: second argument must be a string") \ + unless id.instance_of? String + + offset = args[2].to_i + raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ + unless offset.is_a? Integer + + resources = {} + acls.each do |acl| + index = acls.index(acl) + + parts = acl.split + + unless parts.length >= 4 + raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " \ + 'have enough parts') + end + + resource = { + 'type' => parts[0], + 'database' => parts[1], + 'user' => parts[2], + 'order' => format('%03d', offset + index), # rubocop:disable Style/FormatString + } + if parts[0] == 'local' + resource['auth_method'] = parts[3] + if parts.length > 4 + resource['auth_option'] = parts.last(parts.length - 4).join(' ') + end + elsif parts[4] =~ %r{^\d} + resource['address'] = parts[3] + ' ' + parts[4] + resource['auth_method'] = parts[5] + + resource['auth_option'] = parts.last(parts.length - 6).join(' ') if parts.length > 6 + else + resource['address'] = parts[3] + resource['auth_method'] = parts[4] + + resource['auth_option'] = parts.last(parts.length - 5).join(' ') if parts.length > 5 + end + resources["postgresql class generated rule #{id} #{index}"] = resource + end + resources + + end +end diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb new file mode 100644 index 0000000000..64687edb1d --- /dev/null +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -0,0 +1,56 @@ +# This is an autogenerated function, ported from the original legacy version. +# It /should work/ as is, but will not have all the benefits of the modern +# function API. You should see the function docs to learn how to add function +# signatures for type safety and to document this function using puppet-strings. +# +# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html +# +# ---- original file header ---- +require 'digest/md5' + +# postgresql_escape.rb +# ---- original file header ---- +# +# @summary +# This function safely escapes a string using a consistent random tag +# @return Safely escapes a string using $$ using a random tag which should be consistent +# +# +Puppet::Functions.create_function(:'postgresql::postgresql_escape') do + # @param args + # The original array of arguments. Port this to individually managed params + # to get the full benefit of the modern function API. + # + # @return [Data type] + # Describe what the function returns here + # + dispatch :default_impl do + # Call the method named 'default_impl' when this is matched + # Port this to match individual params for better type safety + repeated_param 'Any', :args + end + + + def default_impl(*args) + + + if args.size != 1 + raise(Puppet::ParseError, 'postgresql_escape(): Wrong number of arguments ' \ + "given (#{args.size} for 1)") + end + + password = args[0] + + if password !~ %r{\$\$} && password[-1] != '$' + retval = "$$#{password}$$" + else + escape = Digest::MD5.hexdigest(password)[0..5].gsub(%r{\d}, '') + until password !~ %r{#{escape}} + escape = Digest::MD5.hexdigest(escape)[0..5].gsub(%r{\d}, '') + end + retval = "$#{escape}$#{password}$#{escape}$" + end + retval + + end +end diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb new file mode 100644 index 0000000000..35875acad2 --- /dev/null +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -0,0 +1,49 @@ +# This is an autogenerated function, ported from the original legacy version. +# It /should work/ as is, but will not have all the benefits of the modern +# function API. You should see the function docs to learn how to add function +# signatures for type safety and to document this function using puppet-strings. +# +# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html +# +# ---- original file header ---- +# hash a string as mysql's "PASSWORD()" function would do it +require 'digest/md5' + +# postgresql_password.rb +# ---- original file header ---- +# +# @summary +# This function returns the postgresql password hash from the clear text username / password +# @return Returns the postgresql password hash from the clear text username / password. +# +# +Puppet::Functions.create_function(:'postgresql::postgresql_password') do + # @param args + # The original array of arguments. Port this to individually managed params + # to get the full benefit of the modern function API. + # + # @return [Data type] + # Describe what the function returns here + # + dispatch :default_impl do + # Call the method named 'default_impl' when this is matched + # Port this to match individual params for better type safety + repeated_param 'Any', :args + end + + + def default_impl(*args) + + + if args.size != 2 + raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ + "given (#{args.size} for 2)") + end + + username = args[0] + password = args[1] + + 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + + end +end diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb new file mode 100644 index 0000000000..9cf5dc35fa --- /dev/null +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe 'postgresql::postgresql_acls_to_resources_hash' do + # without knowing details about the implementation, this is the only test + # case that we can autogenerate. You should add more examples below! + it { is_expected.not_to eq(nil) } + +################################# +# Below are some example test cases. You may uncomment and modify them to match +# your needs. Notice that they all expect the base error class of `StandardError`. +# This is because the autogenerated function uses an untyped array for parameters +# and relies on your implementation to do the validation. As you convert your +# function to proper dispatches and typed signatures, you should change the +# expected error of the argument validation examples to `ArgumentError`. +# +# Other error types you might encounter include +# +# * StandardError +# * ArgumentError +# * Puppet::ParseError +# +# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ +# +# it 'raises an error if called with no argument' do +# is_expected.to run.with_params.and_raise_error(StandardError) +# end +# +# it 'raises an error if there is more than 1 arguments' do +# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) +# end +# +# it 'raises an error if argument is not the proper type' do +# is_expected.to run.with_params('foo').and_raise_error(StandardError) +# end +# +# it 'returns the proper output' do +# is_expected.to run.with_params(123).and_return('the expected output') +# end +################################# + +end diff --git a/spec/functions/postgresql_postgresql_escape_spec.rb b/spec/functions/postgresql_postgresql_escape_spec.rb new file mode 100644 index 0000000000..473928ebce --- /dev/null +++ b/spec/functions/postgresql_postgresql_escape_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe 'postgresql::postgresql_escape' do + # without knowing details about the implementation, this is the only test + # case that we can autogenerate. You should add more examples below! + it { is_expected.not_to eq(nil) } + +################################# +# Below are some example test cases. You may uncomment and modify them to match +# your needs. Notice that they all expect the base error class of `StandardError`. +# This is because the autogenerated function uses an untyped array for parameters +# and relies on your implementation to do the validation. As you convert your +# function to proper dispatches and typed signatures, you should change the +# expected error of the argument validation examples to `ArgumentError`. +# +# Other error types you might encounter include +# +# * StandardError +# * ArgumentError +# * Puppet::ParseError +# +# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ +# +# it 'raises an error if called with no argument' do +# is_expected.to run.with_params.and_raise_error(StandardError) +# end +# +# it 'raises an error if there is more than 1 arguments' do +# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) +# end +# +# it 'raises an error if argument is not the proper type' do +# is_expected.to run.with_params('foo').and_raise_error(StandardError) +# end +# +# it 'returns the proper output' do +# is_expected.to run.with_params(123).and_return('the expected output') +# end +################################# + +end diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb new file mode 100644 index 0000000000..42741053df --- /dev/null +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe 'postgresql::postgresql_password' do + # without knowing details about the implementation, this is the only test + # case that we can autogenerate. You should add more examples below! + it { is_expected.not_to eq(nil) } + +################################# +# Below are some example test cases. You may uncomment and modify them to match +# your needs. Notice that they all expect the base error class of `StandardError`. +# This is because the autogenerated function uses an untyped array for parameters +# and relies on your implementation to do the validation. As you convert your +# function to proper dispatches and typed signatures, you should change the +# expected error of the argument validation examples to `ArgumentError`. +# +# Other error types you might encounter include +# +# * StandardError +# * ArgumentError +# * Puppet::ParseError +# +# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ +# +# it 'raises an error if called with no argument' do +# is_expected.to run.with_params.and_raise_error(StandardError) +# end +# +# it 'raises an error if there is more than 1 arguments' do +# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) +# end +# +# it 'raises an error if argument is not the proper type' do +# is_expected.to run.with_params('foo').and_raise_error(StandardError) +# end +# +# it 'returns the proper output' do +# is_expected.to run.with_params(123).and_return('the expected output') +# end +################################# + +end From 2d9978f986dac59d6d128142ada2e30fb8bb3a45 Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Mon, 6 Jan 2020 10:00:14 -0800 Subject: [PATCH 0472/1000] rubocop fixes --- .../postgresql_acls_to_resources_hash.rb | 3 - .../functions/postgresql/postgresql_escape.rb | 4 -- .../postgresql/postgresql_password.rb | 4 -- ..._postgresql_acls_to_resources_hash_spec.rb | 65 +++++++++---------- .../postgresql_postgresql_escape_spec.rb | 65 +++++++++---------- .../postgresql_postgresql_password_spec.rb | 65 +++++++++---------- 6 files changed, 96 insertions(+), 110 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index ae735ece09..3a6f15e309 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -39,9 +39,7 @@ repeated_param 'Any', :args end - def default_impl(*args) - func_name = 'postgresql_acls_to_resources_hash()' if args.size != 3 @@ -97,6 +95,5 @@ def default_impl(*args) resources["postgresql class generated rule #{id} #{index}"] = resource end resources - end end diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb index 64687edb1d..1555af0783 100644 --- a/lib/puppet/functions/postgresql/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -30,10 +30,7 @@ repeated_param 'Any', :args end - def default_impl(*args) - - if args.size != 1 raise(Puppet::ParseError, 'postgresql_escape(): Wrong number of arguments ' \ "given (#{args.size} for 1)") @@ -51,6 +48,5 @@ def default_impl(*args) retval = "$#{escape}$#{password}$#{escape}$" end retval - end end diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 35875acad2..ee6c7ace7d 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -31,10 +31,7 @@ repeated_param 'Any', :args end - def default_impl(*args) - - if args.size != 2 raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ "given (#{args.size} for 2)") @@ -44,6 +41,5 @@ def default_impl(*args) password = args[1] 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) - end end diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 9cf5dc35fa..2df689df18 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -5,37 +5,36 @@ # case that we can autogenerate. You should add more examples below! it { is_expected.not_to eq(nil) } -################################# -# Below are some example test cases. You may uncomment and modify them to match -# your needs. Notice that they all expect the base error class of `StandardError`. -# This is because the autogenerated function uses an untyped array for parameters -# and relies on your implementation to do the validation. As you convert your -# function to proper dispatches and typed signatures, you should change the -# expected error of the argument validation examples to `ArgumentError`. -# -# Other error types you might encounter include -# -# * StandardError -# * ArgumentError -# * Puppet::ParseError -# -# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ -# -# it 'raises an error if called with no argument' do -# is_expected.to run.with_params.and_raise_error(StandardError) -# end -# -# it 'raises an error if there is more than 1 arguments' do -# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) -# end -# -# it 'raises an error if argument is not the proper type' do -# is_expected.to run.with_params('foo').and_raise_error(StandardError) -# end -# -# it 'returns the proper output' do -# is_expected.to run.with_params(123).and_return('the expected output') -# end -################################# - + ################################# + # Below are some example test cases. You may uncomment and modify them to match + # your needs. Notice that they all expect the base error class of `StandardError`. + # This is because the autogenerated function uses an untyped array for parameters + # and relies on your implementation to do the validation. As you convert your + # function to proper dispatches and typed signatures, you should change the + # expected error of the argument validation examples to `ArgumentError`. + # + # Other error types you might encounter include + # + # * StandardError + # * ArgumentError + # * Puppet::ParseError + # + # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ + # + # it 'raises an error if called with no argument' do + # is_expected.to run.with_params.and_raise_error(StandardError) + # end + # + # it 'raises an error if there is more than 1 arguments' do + # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) + # end + # + # it 'raises an error if argument is not the proper type' do + # is_expected.to run.with_params('foo').and_raise_error(StandardError) + # end + # + # it 'returns the proper output' do + # is_expected.to run.with_params(123).and_return('the expected output') + # end + ################################# end diff --git a/spec/functions/postgresql_postgresql_escape_spec.rb b/spec/functions/postgresql_postgresql_escape_spec.rb index 473928ebce..947ee72423 100644 --- a/spec/functions/postgresql_postgresql_escape_spec.rb +++ b/spec/functions/postgresql_postgresql_escape_spec.rb @@ -5,37 +5,36 @@ # case that we can autogenerate. You should add more examples below! it { is_expected.not_to eq(nil) } -################################# -# Below are some example test cases. You may uncomment and modify them to match -# your needs. Notice that they all expect the base error class of `StandardError`. -# This is because the autogenerated function uses an untyped array for parameters -# and relies on your implementation to do the validation. As you convert your -# function to proper dispatches and typed signatures, you should change the -# expected error of the argument validation examples to `ArgumentError`. -# -# Other error types you might encounter include -# -# * StandardError -# * ArgumentError -# * Puppet::ParseError -# -# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ -# -# it 'raises an error if called with no argument' do -# is_expected.to run.with_params.and_raise_error(StandardError) -# end -# -# it 'raises an error if there is more than 1 arguments' do -# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) -# end -# -# it 'raises an error if argument is not the proper type' do -# is_expected.to run.with_params('foo').and_raise_error(StandardError) -# end -# -# it 'returns the proper output' do -# is_expected.to run.with_params(123).and_return('the expected output') -# end -################################# - + ################################# + # Below are some example test cases. You may uncomment and modify them to match + # your needs. Notice that they all expect the base error class of `StandardError`. + # This is because the autogenerated function uses an untyped array for parameters + # and relies on your implementation to do the validation. As you convert your + # function to proper dispatches and typed signatures, you should change the + # expected error of the argument validation examples to `ArgumentError`. + # + # Other error types you might encounter include + # + # * StandardError + # * ArgumentError + # * Puppet::ParseError + # + # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ + # + # it 'raises an error if called with no argument' do + # is_expected.to run.with_params.and_raise_error(StandardError) + # end + # + # it 'raises an error if there is more than 1 arguments' do + # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) + # end + # + # it 'raises an error if argument is not the proper type' do + # is_expected.to run.with_params('foo').and_raise_error(StandardError) + # end + # + # it 'returns the proper output' do + # is_expected.to run.with_params(123).and_return('the expected output') + # end + ################################# end diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb index 42741053df..9678193dfb 100644 --- a/spec/functions/postgresql_postgresql_password_spec.rb +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -5,37 +5,36 @@ # case that we can autogenerate. You should add more examples below! it { is_expected.not_to eq(nil) } -################################# -# Below are some example test cases. You may uncomment and modify them to match -# your needs. Notice that they all expect the base error class of `StandardError`. -# This is because the autogenerated function uses an untyped array for parameters -# and relies on your implementation to do the validation. As you convert your -# function to proper dispatches and typed signatures, you should change the -# expected error of the argument validation examples to `ArgumentError`. -# -# Other error types you might encounter include -# -# * StandardError -# * ArgumentError -# * Puppet::ParseError -# -# Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ -# -# it 'raises an error if called with no argument' do -# is_expected.to run.with_params.and_raise_error(StandardError) -# end -# -# it 'raises an error if there is more than 1 arguments' do -# is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) -# end -# -# it 'raises an error if argument is not the proper type' do -# is_expected.to run.with_params('foo').and_raise_error(StandardError) -# end -# -# it 'returns the proper output' do -# is_expected.to run.with_params(123).and_return('the expected output') -# end -################################# - + ################################# + # Below are some example test cases. You may uncomment and modify them to match + # your needs. Notice that they all expect the base error class of `StandardError`. + # This is because the autogenerated function uses an untyped array for parameters + # and relies on your implementation to do the validation. As you convert your + # function to proper dispatches and typed signatures, you should change the + # expected error of the argument validation examples to `ArgumentError`. + # + # Other error types you might encounter include + # + # * StandardError + # * ArgumentError + # * Puppet::ParseError + # + # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ + # + # it 'raises an error if called with no argument' do + # is_expected.to run.with_params.and_raise_error(StandardError) + # end + # + # it 'raises an error if there is more than 1 arguments' do + # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) + # end + # + # it 'raises an error if argument is not the proper type' do + # is_expected.to run.with_params('foo').and_raise_error(StandardError) + # end + # + # it 'returns the proper output' do + # is_expected.to run.with_params(123).and_return('the expected output') + # end + ################################# end From 82745863cde3bf4e0067c6b5b2474e33215d5eb1 Mon Sep 17 00:00:00 2001 From: David Barbion Date: Mon, 13 Jan 2020 11:17:08 +0100 Subject: [PATCH 0473/1000] fix missing systemd override config for EL8 (CentOS and RHEL) --- manifests/server/config.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 9b9979383c..f9b3925ad2 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -200,7 +200,7 @@ } if $::osfamily == 'RedHat' { - if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' { + if $::operatingsystemrelease =~ /^7|^8/ or $::operatingsystem == 'Fedora' { # Template uses: # - $::operatingsystem # - $service_name From d7625d56a4b08edc22cae7f2be09e224ea8f02d1 Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 10 Jan 2020 15:58:48 +0000 Subject: [PATCH 0474/1000] (FM-8581) - Debian 10 added to travis and provision file refactored --- .sync.yml | 54 +++++++++++++------------------------------------- .travis.yml | 48 +++++++++++++------------------------------- provision.yaml | 21 +++++++++----------- 3 files changed, 37 insertions(+), 86 deletions(-) diff --git a/.sync.yml b/.sync.yml index a4a0e35fef..05ffdb36ed 100644 --- a/.sync.yml +++ b/.sync.yml @@ -12,10 +12,10 @@ includes: - bundler_args: dist: trusty - env: PLATFORMS=debian_puppet5 + env: PLATFORMS=deb_puppet5 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:provision_list[travis_deb]' - bundle exec rake 'litmus:install_agent[puppet5]' - bundle exec rake litmus:install_module script: @@ -25,10 +25,10 @@ stage: acceptance - bundler_args: dist: trusty - env: PLATFORMS=debian_puppet6 + env: PLATFORMS=deb_puppet6 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_debian]' + - bundle exec rake 'litmus:provision_list[travis_deb]' - bundle exec rake 'litmus:install_agent[puppet6]' - bundle exec rake litmus:install_module script: @@ -38,10 +38,10 @@ stage: acceptance - bundler_args: dist: trusty - env: PLATFORMS=ubuntu_puppet5 + env: PLATFORMS=ub_puppet5 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_ubuntu]' + - bundle exec rake 'litmus:provision_list[travis_ub]' - bundle exec rake 'litmus:install_agent[puppet5]' - bundle exec rake litmus:install_module script: @@ -51,36 +51,10 @@ stage: acceptance - bundler_args: dist: trusty - env: PLATFORMS=ubuntu_puppet6 + env: PLATFORMS=ub_puppet6 rvm: 2.5.3 before_script: - - time bundle exec rake 'litmus:provision_list[waffle_ubuntu]' - - time bundle exec rake 'litmus:install_agent[puppet6]' - - time bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=centos6_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=centos6_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[waffle_centos6]' + - bundle exec rake 'litmus:provision_list[travis_ub]' - bundle exec rake 'litmus:install_agent[puppet6]' - bundle exec rake litmus:install_module script: @@ -90,10 +64,10 @@ stage: acceptance - bundler_args: dist: trusty - env: PLATFORMS=scientificlinux6_puppet5 + env: PLATFORMS=el6_puppet5 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:provision_list[travis_el6]' - bundle exec rake 'litmus:install_agent[puppet5]' - bundle exec rake litmus:install_module script: @@ -103,10 +77,10 @@ stage: acceptance - bundler_args: dist: trusty - env: PLATFORMS=scientificlinux6_puppet6 + env: PLATFORMS=el6_puppet6 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]' + - bundle exec rake 'litmus:provision_list[travis_el6]' - bundle exec rake 'litmus:install_agent[puppet6]' - bundle exec rake litmus:install_module script: @@ -119,7 +93,7 @@ env: PLATFORMS=el7_puppet5 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:provision_list[travis_el7]' - bundle exec rake 'litmus:install_agent[puppet5]' - bundle exec rake litmus:install_module script: @@ -132,7 +106,7 @@ env: PLATFORMS=el7_puppet6 rvm: 2.5.3 before_script: - - bundle exec rake 'litmus:provision_list[waffle_el7]' + - bundle exec rake 'litmus:provision_list[travis_el7]' - bundle exec rake 'litmus:install_agent[puppet6]' - bundle exec rake litmus:install_module script: diff --git a/.travis.yml b/.travis.yml index bd02c5ea2c..20de59dda6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,87 +34,67 @@ matrix: rvm: 2.5.3 stage: spec - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_deb]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=debian_puppet5 + env: PLATFORMS=deb_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_debian]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_deb]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=debian_puppet6 + env: PLATFORMS=deb_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_ub]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=ubuntu_puppet5 + env: PLATFORMS=ub_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["time bundle exec rake 'litmus:provision_list[waffle_ubuntu]'", "time bundle exec rake 'litmus:install_agent[puppet6]'", "time bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_ub]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=ubuntu_puppet6 + env: PLATFORMS=ub_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_el6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=centos6_puppet5 + env: PLATFORMS=el6_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_centos6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_el6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty - env: PLATFORMS=centos6_puppet6 + env: PLATFORMS=el6_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] - bundler_args: - dist: trusty - env: PLATFORMS=scientificlinux6_puppet5 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - sudo: required - - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_scientificlinux6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] - bundler_args: - dist: trusty - env: PLATFORMS=scientificlinux6_puppet6 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - sudo: required - - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_el7]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty env: PLATFORMS=el7_puppet5 @@ -124,7 +104,7 @@ matrix: stage: acceptance sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[waffle_el7]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: ["bundle exec rake 'litmus:provision_list[travis_el7]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] bundler_args: dist: trusty env: PLATFORMS=el7_puppet6 diff --git a/provision.yaml b/provision.yaml index 3c6ed5a1c6..b83a528738 100644 --- a/provision.yaml +++ b/provision.yaml @@ -2,24 +2,21 @@ default: provisioner: docker images: ['waffleimage/centos7'] -waffle_debian: +vagrant: + provisioner: vagrant + images: ['centos/7', 'generic/ubuntu1804'] +travis_deb: provisioner: docker - images: ['waffleimage/debian8', 'waffleimage/debian9'] -waffle_ubuntu: + images: ['waffleimage/debian8', 'waffleimage/debian9', 'waffleimage/debian10'] +travis_ub: provisioner: docker images: ['waffleimage/ubuntu14.04', 'waffleimage/ubuntu16.04', 'waffleimage/ubuntu18.04'] -waffle_centos6: - provisioner: docker - images: ['waffleimage/centos6'] -waffle_scientificlinux6: +travis_el6: provisioner: docker - images: ['waffleimage/scientificlinux6'] -waffle_el7: + images: ['waffleimage/centos6', 'waffleimage/scientificlinux6'] +travis_el7: provisioner: docker images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] -vagrant: - provisioner: vagrant - images: ['centos/7', 'generic/ubuntu1804'] release_checks: provisioner: vmpooler images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 59a1d7dfa1529b287f81387072616e32887d9cda Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Fri, 13 Jul 2018 11:42:30 +0200 Subject: [PATCH 0475/1000] Use 'public' instead of 'PUBLIC' in has_*_privilege() functions When using System Information Functions like: * has_database_privilege() * has_table_privilege() Allow usage of 'PUBLIC' in GRANT/REVOKE definition : REVOKE CONNECT ON DATABASE database1 FROM PUBLIC; postgresql::server::database_grant { 'revoke connect on database1': ensure => 'absent', db => 'database1', privilege => 'CONNECT', role => 'PUBLIC', } --- manifests/server/grant.pp | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 2749e74f00..ad425c45ef 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -421,17 +421,22 @@ } } + # Function like has_database_privilege() refer the PUBLIC pseudo role as 'public' + # So we need to replace 'PUBLIC' by 'public'. + $_unless = $unless_function ? { false => undef, 'custom' => $custom_unless, - default => "SELECT 1 WHERE ${unless_function}('${role}', - '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", + default => $role ? { + 'PUBLIC' => "SELECT 1 WHERE ${unless_function}('public', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", + default => "SELECT 1 WHERE ${unless_function}('${role}', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", + } } $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", - 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}'", + 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}' or ${role} = 'PUBLIC'", 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object}${arguments}'", default => undef, } From 5781e4c535cf317483b56896122d82053110c910 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Pinson?= Date: Fri, 24 Jan 2020 14:00:07 +0100 Subject: [PATCH 0476/1000] server::grant: Add unit test for role=PUBLIC --- spec/unit/defines/server/grant_spec.rb | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 63d1e9e4ea..db4214b732 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -214,6 +214,34 @@ class {'postgresql::server':} end end + context 'with a role defined to PUBLIC' do + let :params do + { + db: 'test', + role: 'PUBLIC', + privilege: 'all', + object_name: ['myschema', 'mytable'], + object_type: 'table', + } + end + + let :pre_condition do + <<-EOS + class {'postgresql::server':} + postgresql::server::role { 'test': } + EOS + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('test') } + it { is_expected.to contain_postgresql__server__role('test') } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "PUBLIC"}m) + .with_unless(%r{SELECT 1 WHERE has_table_privilege\('public',\s*'myschema.mytable', 'INSERT'\)}m) + end + end + context 'function' do let :params do { From 6c0f2eb97c405def922e1b1fa873383fbdd41672 Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Mon, 27 Jan 2020 16:51:21 +0100 Subject: [PATCH 0477/1000] Try to fix tests --- manifests/server/grant.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index ad425c45ef..80ca540085 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -436,7 +436,7 @@ $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", - 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}' or ${role} = 'PUBLIC'", + 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}' or '${role}' = 'PUBLIC'", 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object}${arguments}'", default => undef, } From 4da087c2d17062b99baecd4e24fcd7f23b8f64b8 Mon Sep 17 00:00:00 2001 From: Tom Boyd Date: Wed, 29 Jan 2020 12:51:00 -0800 Subject: [PATCH 0478/1000] Perform versioncmp to compare version string to integer --- manifests/server/config.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index f9b3925ad2..3568fca7b8 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -141,7 +141,7 @@ value => $port, } - if ($password_encryption) and ($version >= 10){ + if ($password_encryption) and (versioncmp($version, '10') >= 10){ postgresql::server::config_entry { 'password_encryption': value => $password_encryption, } From e28a08f4882e9fd355d615d54c985c110e199080 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Fran=C3=A7ois=20Roche?= Date: Fri, 31 Jan 2020 16:39:22 +0100 Subject: [PATCH 0479/1000] feat: enable different database resource name in extension enable your postgresql::server::database with a title different than the database name to be referenced in the extension deployment --- manifests/server/extension.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 8b9c1c8f7c..db56cdf5b9 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -23,6 +23,7 @@ $package_name = undef, $package_ensure = undef, $connect_settings = $postgresql::server::default_connect_settings, + $database_resource_name = $database, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -51,7 +52,7 @@ if( $database != 'postgres' ) { # The database postgres cannot managed by this module, so it is exempt from this dependency Postgresql_psql { - require => Postgresql::Server::Database[$database], + require => Postgresql::Server::Database[$database_resource_name], } } From 8ea21ecf906fb5f5687a548cc4a70e4d1c96fa1d Mon Sep 17 00:00:00 2001 From: cmccrisken-puppet <55992494+cmccrisken-puppet@users.noreply.github.com> Date: Mon, 3 Feb 2020 11:54:22 +0000 Subject: [PATCH 0480/1000] Add comment for new $database_resource_name param --- manifests/server/extension.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index db56cdf5b9..56e14d80e4 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -14,6 +14,7 @@ # @param package_name Specifies a package to install prior to activating the extension. # @param package_ensure Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. define postgresql::server::extension ( $database, $extension = $name, From c130029a548247b27f9e67b65586b8c45f6e4745 Mon Sep 17 00:00:00 2001 From: Tom Boyd Date: Tue, 4 Feb 2020 08:51:04 -0800 Subject: [PATCH 0481/1000] Correct comparison versioncmp so it works --- manifests/server/config.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 3568fca7b8..bd735f45dd 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -141,7 +141,7 @@ value => $port, } - if ($password_encryption) and (versioncmp($version, '10') >= 10){ + if ($password_encryption) and (versioncmp($version, '10') >= 0){ postgresql::server::config_entry { 'password_encryption': value => $password_encryption, } From ca02df84e0713c4625c1550d25f19ed80267f3f1 Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Wed, 10 Jul 2019 10:31:15 -0700 Subject: [PATCH 0482/1000] (MAINT) Add a default function Prior to this commit, you could not easily use some of the defined types without also declaring other classes in your manifest like postgresql::server. This is because we were grabbing default values from postgresql::server. After this commit, we introduce a pupept function that can return default values based on the calculations in params/globals. This allows users to use defined types that use the default function without declaring other classes. --- functions/default.pp | 10 ++++++++ manifests/server/extension.pp | 8 +++--- spec/unit/defines/server/extension_spec.rb | 29 ++++++++++++++++++++++ spec/unit/defines/server/role_spec.rb | 5 ++++ 4 files changed, 48 insertions(+), 4 deletions(-) create mode 100644 functions/default.pp diff --git a/functions/default.pp b/functions/default.pp new file mode 100644 index 0000000000..a391e87e3e --- /dev/null +++ b/functions/default.pp @@ -0,0 +1,10 @@ +function postgresql::default( + String $parameter_name +){ + include postgresql::params + + #search for the variable name in params first + #then fall back to globals if not found + getvar("postgresql::params::${parameter_name}", + "postgresql::globals::${parameter_name}") +} diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 56e14d80e4..fe118eb4f0 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -23,12 +23,12 @@ String[1] $ensure = 'present', $package_name = undef, $package_ensure = undef, - $connect_settings = $postgresql::server::default_connect_settings, + $connect_settings = $postgresql::server('default_connect_settings'), $database_resource_name = $database, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path + $user = postgresql::default('user') + $group = postgresql::default('group') + $psql_path = postgresql::default('psql_path') case $ensure { 'present': { diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 594afb6cd4..ece6206292 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -155,3 +155,32 @@ } end end + +describe 'postgresql::server::extension', type: :define do + let :facts do + { + osfamily: 'Debian', + operatingsystem: 'Debian', + operatingsystemrelease: '6.0', + kernel: 'Linux', + concat_basedir: tmpfilename('postgis'), + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let(:title) { 'pg_repack' } + let(:params) do + { + database: 'postgres', + extension: 'pg_repack', + } + end + + context 'without including postgresql::server' do + it { + is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + .with(db: 'postgres', command: 'CREATE EXTENSION "pg_repack"') + } + end +end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index ecf4abc208..b84edee66a 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -142,4 +142,9 @@ is_expected.to contain_postgresql_psql('DROP ROLE "test"').that_requires('Class[postgresql::server::service]') end end + + context 'without including postgresql::server' do + it { is_expected.to compile } + it { is_expected.to contain_postgresql__server__role('test') } + end end From da80f3569f156f1aea14e71269028671fba35a9e Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Tue, 23 Jul 2019 08:53:18 -0700 Subject: [PATCH 0483/1000] (MAINT) Make default function compatible with puppet 5 --- functions/default.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/functions/default.pp b/functions/default.pp index a391e87e3e..754d424710 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -5,6 +5,6 @@ function postgresql::default( #search for the variable name in params first #then fall back to globals if not found - getvar("postgresql::params::${parameter_name}", + pick( getvar("postgresql::params::${parameter_name}"), "postgresql::globals::${parameter_name}") } From c637f21a7d86178e5e56d1b9e969fc91a36fae03 Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Wed, 31 Jul 2019 11:21:29 -0700 Subject: [PATCH 0484/1000] (MAINT) Attempting to add docs to the the default function --- REFERENCE.md | 21 ++++++++++++++++++++- functions/default.pp | 11 +++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/REFERENCE.md b/REFERENCE.md index b5e51d03a3..de9c3ce7be 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -61,6 +61,7 @@ _Private Classes_ **Functions** +* [`postgresql::default`](#postgresqldefault): * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag * [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password @@ -1478,7 +1479,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: postgresql::default('default_connect_settings') ### postgresql::server::grant @@ -2597,6 +2598,24 @@ The name of the slot to create. Must be a valid replication slot name. ## Functions +### postgresql::default + +Type: Puppet Language + +The postgresql::default function. + +#### `postgresql::default(String $parameter_name)` + +The postgresql::default function. + +Returns: `Any` + +##### `parameter_name` + +Data type: `String` + + + ### postgresql_acls_to_resources_hash Type: Ruby 3.x API diff --git a/functions/default.pp b/functions/default.pp index 754d424710..f97d3b4c2c 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -1,3 +1,14 @@ +# @summary This function pull default values +# from the params or globals classes as +# appropriate +# +# This function pull default values +# from the params or globals classes as +# appropriate +# +# @example +# postgresql::default('variable') + function postgresql::default( String $parameter_name ){ From 5e91c8cdd80e0c4455dc307d01929464f252e648 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Thu, 6 Feb 2020 10:54:59 +0200 Subject: [PATCH 0485/1000] (MAINT) Update documentation --- REFERENCE.md | 24 ++++++++++++++++++++---- functions/default.pp | 10 ++-------- manifests/server/extension.pp | 2 +- 3 files changed, 23 insertions(+), 13 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index de9c3ce7be..570c909d6c 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -61,7 +61,7 @@ _Private Classes_ **Functions** -* [`postgresql::default`](#postgresqldefault): +* [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag * [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password @@ -1479,7 +1479,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: postgresql::default('default_connect_settings') +Default value: $postgresql::server::default_connect_settings ### postgresql::server::grant @@ -1517,7 +1517,7 @@ Data type: `Pattern[#/(?i:^COLUMN$)/, /(?i:^DATABASE$)/, #/(?i:^FOREIGN DATA WRAPPER$)/, #/(?i:^FOREIGN SERVER$)/, - #/(?i:^FUNCTION$)/, + /(?i:^FUNCTION$)/, /(?i:^LANGUAGE$)/, #/(?i:^PROCEDURAL LANGUAGE$)/, /(?i:^TABLE$)/, @@ -2602,7 +2602,15 @@ The name of the slot to create. Must be a valid replication slot name. Type: Puppet Language -The postgresql::default function. +This function pull default values from the `params` class or `globals` class if the value is not present in `params`. + +#### Examples + +##### + +```puppet +postgresql::default('variable') +``` #### `postgresql::default(String $parameter_name)` @@ -2610,6 +2618,14 @@ The postgresql::default function. Returns: `Any` +##### Examples + +###### + +```puppet +postgresql::default('variable') +``` + ##### `parameter_name` Data type: `String` diff --git a/functions/default.pp b/functions/default.pp index f97d3b4c2c..7ce7684422 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -1,14 +1,8 @@ -# @summary This function pull default values -# from the params or globals classes as -# appropriate -# -# This function pull default values -# from the params or globals classes as -# appropriate +# @summary This function pull default values from the `params` class or `globals` class if the value is not present in `params`. # # @example # postgresql::default('variable') - +# function postgresql::default( String $parameter_name ){ diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index fe118eb4f0..25626fd0ae 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -23,7 +23,7 @@ String[1] $ensure = 'present', $package_name = undef, $package_ensure = undef, - $connect_settings = $postgresql::server('default_connect_settings'), + $connect_settings = postgresql::default('default_connect_settings'), $database_resource_name = $database, ) { $user = postgresql::default('user') From fb16dec632093d05aa7f331236f1d37cb85c2593 Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 5 Feb 2020 11:13:17 +0000 Subject: [PATCH 0486/1000] (IAC-365) updating tokens and dataset for honeycomb --- .github/workflows/release.yml | 3 +++ .sync.yml | 2 ++ .travis.yml | 6 +++++- Gemfile | 8 ++++---- Rakefile | 2 ++ metadata.json | 4 ++-- spec/spec_helper.rb | 2 ++ 7 files changed, 20 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dacc2ff7aa..0311717bb3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,6 +7,9 @@ on: jobs: LitmusAcceptance: + env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: diff --git a/.sync.yml b/.sync.yml index 05ffdb36ed..888a25b875 100644 --- a/.sync.yml +++ b/.sync.yml @@ -2,6 +2,8 @@ ".gitlab-ci.yml": delete: true ".travis.yml": + global_env: + - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" dist: trusty deploy_to_forge: enabled: false diff --git a/.travis.yml b/.travis.yml index 20de59dda6..176641c1e2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,8 @@ before_install: - rm -f Gemfile.lock - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - - '[ -z "$RUBYGEMS_VERSION" ] || gem update --system $RUBYGEMS_VERSION' + - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" + - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - gem --version - bundle -v script: @@ -15,6 +16,9 @@ script: bundler_args: --without system_tests rvm: - 2.5.3 +env: + global: + - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" stages: - static - spec diff --git a/Gemfile b/Gemfile index 0e395e7ecb..4f6e33b02d 100644 --- a/Gemfile +++ b/Gemfile @@ -24,10 +24,10 @@ group :development do gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end diff --git a/Rakefile b/Rakefile index c9e16236ca..96f6c89175 100644 --- a/Rakefile +++ b/Rakefile @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' diff --git a/metadata.json b/metadata.json index c4c9d5a479..172f7444bb 100644 --- a/metadata.json +++ b/metadata.json @@ -86,7 +86,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.15.0", + "pdk-version": "1.16.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-gcaed9d7" + "template-ref": "heads/master-0-g5d52853" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index c09e0024da..bc023f51af 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + RSpec.configure do |c| c.mock_with :rspec end From 583b6c4b281634fa20f6027585ddd6f2b1969622 Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 14 Feb 2020 14:29:54 +0000 Subject: [PATCH 0487/1000] (IAC-215) - Implement use_litmus:true --- .sync.yml | 113 ++++-------------------------------------------------- 1 file changed, 8 insertions(+), 105 deletions(-) diff --git a/.sync.yml b/.sync.yml index 888a25b875..ae53e69858 100644 --- a/.sync.yml +++ b/.sync.yml @@ -11,111 +11,14 @@ secure: '' branches: - release - includes: - - bundler_args: - dist: trusty - env: PLATFORMS=deb_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_deb]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=deb_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_deb]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=ub_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_ub]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=ub_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_ub]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=el6_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_el6]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=el6_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_el6]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=el7_puppet5 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_el7]' - - bundle exec rake 'litmus:install_agent[puppet5]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance - - bundler_args: - dist: trusty - env: PLATFORMS=el7_puppet6 - rvm: 2.5.3 - before_script: - - bundle exec rake 'litmus:provision_list[travis_el7]' - - bundle exec rake 'litmus:install_agent[puppet6]' - - bundle exec rake litmus:install_module - script: - - bundle exec rake litmus:acceptance:parallel - services: docker - sudo: required - stage: acceptance + use_litmus: true + litmus: + provision_list: + - travis_deb + - travis_ub + - travis_el6 + - travis_el7 + - ---travis_el simplecov: true notifications: slack: From 769505098c1451d9c815d04ac447361c740e05e1 Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 14 Feb 2020 14:37:29 +0000 Subject: [PATCH 0488/1000] (IAC-215) - Pdk Update --- .travis.yml | 91 ++++++++++++++++++++++++++++++--------------------- metadata.json | 2 +- 2 files changed, 55 insertions(+), 38 deletions(-) diff --git a/.travis.yml b/.travis.yml index 176641c1e2..ebd0f0ceee 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,4 +1,5 @@ --- +os: linux dist: trusty language: ruby cache: bundler @@ -23,100 +24,116 @@ stages: - static - spec - acceptance -matrix: +jobs: fast_finish: true include: - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" - stage: static - - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 - stage: spec - - - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.3 - stage: spec - - - before_script: ["bundle exec rake 'litmus:provision_list[travis_deb]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_deb]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=deb_puppet5 + env: PLATFORMS=travis_deb_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_deb]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_ub]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=deb_puppet6 + env: PLATFORMS=travis_ub_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_ub]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el6]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=ub_puppet5 + env: PLATFORMS=travis_el6_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_ub]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el7]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=ub_puppet6 + env: PLATFORMS=travis_el7_puppet5 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_el6]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_deb]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=el6_puppet5 + env: PLATFORMS=travis_deb_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_el6]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_ub]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=el6_puppet6 + env: PLATFORMS=travis_ub_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_el7]'", "bundle exec rake 'litmus:install_agent[puppet5]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el6]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=el7_puppet5 + env: PLATFORMS=travis_el6_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required - - before_script: ["bundle exec rake 'litmus:provision_list[travis_el7]'", "bundle exec rake 'litmus:install_agent[puppet6]'", "bundle exec rake litmus:install_module"] + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el7]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" bundler_args: dist: trusty - env: PLATFORMS=el7_puppet6 + env: PLATFORMS=travis_el7_puppet6 rvm: 2.5.3 script: ["bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - sudo: required + - + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + stage: static + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec + - + env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + rvm: 2.5.3 + stage: spec branches: only: - master @@ -128,7 +145,7 @@ notifications: secure: sulU0RHAFNMVQyQnqcyRHLRjL7Zl1Ao7ywuObL/qTsCiIweRsFiHX0BdTrurxobhjgdHQizx9G2IakkvhE120AOlLbCV9Nw45tvyuzdV4HhdPSKtwdWWKXgU4IvP2tSblZ4hCOEG4CuEKPvFtoY8UEW2ODmvvwFlQz+GOYOBYMw= deploy: provider: puppetforge - user: puppet + username: puppet password: secure: "" on: diff --git a/metadata.json b/metadata.json index 172f7444bb..d013f6e157 100644 --- a/metadata.json +++ b/metadata.json @@ -88,5 +88,5 @@ ], "pdk-version": "1.16.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g5d52853" + "template-ref": "heads/master-0-g88c96ab" } From 4b0e5a88f511175a5388c1e75973d3c4c63ffd9a Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Tue, 18 Feb 2020 10:58:30 -0500 Subject: [PATCH 0489/1000] Add Fedora 31 compatibility --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 705dcaf653..5219a93247 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -153,6 +153,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(31)$/ => '11.6', /^(30)$/ => '11.2', /^(29)$/ => '10.6', /^(28)$/ => '10.4', From 981c24b7236c273c7ffc9d541ae989583b957a8b Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Thu, 20 Feb 2020 09:29:50 +0100 Subject: [PATCH 0490/1000] Fix wrong link Under the text 6.3.0 the link point to the branch 6.2.0 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bf5e847224..988de13615 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-12-17) +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-17) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.2.0) From 1d2b662d5a4ed09336974a764325bf97384f6fc9 Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Thu, 20 Feb 2020 09:31:20 +0100 Subject: [PATCH 0491/1000] Fix compare link --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bf5e847224..dc2d0bb259 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. The format ## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-12-17) -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.2.0) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.3.0) ### Added From f929dc2740562800497f52f0e5d84d84af2c2e6c Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 20 Feb 2020 12:36:00 +0000 Subject: [PATCH 0492/1000] (maint) remove UNSUPPORTED_PLATFORMS noise This pattern is not in use since a long time --- spec/acceptance/alternative_port_spec.rb | 2 +- spec/acceptance/db_spec.rb | 2 +- spec/acceptance/default_parameters_spec.rb | 2 +- spec/acceptance/overridden_settings_spec.rb | 2 +- spec/acceptance/postgresql_conn_validator_spec.rb | 2 +- spec/acceptance/postgresql_psql_spec.rb | 2 +- spec/acceptance/server/grant_role_spec.rb | 2 +- spec/acceptance/server/grant_spec.rb | 2 +- spec/acceptance/server/reassign_owned_by_spec.rb | 2 +- spec/acceptance/server/recovery_spec.rb | 2 +- spec/acceptance/server/schema_spec.rb | 2 +- spec/acceptance/utf8_encoding_spec.rb | 2 +- spec/acceptance/z_alternative_pgdata_spec.rb | 2 +- spec/spec_helper_acceptance_local.rb | 1 - 14 files changed, 13 insertions(+), 14 deletions(-) diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index e31bea1d41..6623bf3596 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,7 +2,7 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server' do before(:all) do install_iproute2 end diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 38714b6577..c17931d31f 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::db', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::db' do it 'creates a database' do begin tmpdir = run_shell('mktemp').stdout diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index a7ebe09e5f..174567f732 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server' do before(:all) do install_iproute2 end diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 95c3cdda9e..a6a8abf4f3 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -2,7 +2,7 @@ # These tests are designed to ensure that the module, when ran overrides, # sets up everything correctly and allows us to connect to Postgres. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server' do before(:all) do install_iproute2 end diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 625402c4bc..21bf22184b 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql_conn_validator', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql_conn_validator' do let(:install_pp) do <<-MANIFEST class { 'postgresql::server': diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index ab3cd9dd81..fe13cdb2a3 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql_psql', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql_psql' do pp_one = <<-MANIFEST class { 'postgresql::server': } -> postgresql_psql { 'foobar': diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 1ba992295a..9515780847 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant_role:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::grant_role:' do let(:db) { 'grant_role_test' } let(:user) { 'psql_grant_role_tester' } let(:group) { 'test_group' } diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 50e1e69d9d..48f35c27a5 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::grant:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::grant:' do let(:db) { 'grant_priv_test' } let(:owner) { 'psql_grant_priv_owner' } let(:user) { 'psql_grant_priv_tester' } diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index d2be33a4eb..cd9059e305 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::reassign_owned_by:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::reassign_owned_by:' do let(:db) { 'reassign_test' } let(:old_owner) { 'psql_reassign_old_owner' } let(:new_owner) { 'psql_reassign_new_owner' } diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 3533641062..862b2b036e 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::recovery', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::recovery' do describe 'should manage recovery' do after(:all) do pp = <<-MANIFEST.unindent diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 7391ffc300..fd6d30a597 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::schema:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server::schema:' do let(:version) do if os[:family] == 'redhat' && os[:release].start_with?('5') '8.1' diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index 7543569e56..fdaed5dbbb 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server' do before(:all) do install_iproute2 end diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index 7575826ed3..aada31883b 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -3,7 +3,7 @@ # These tests ensure that postgres can change itself to an alternative pgdata # location properly. -describe 'postgresql::server', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do +describe 'postgresql::server' do before(:each) do if os[:family] == 'sles' skip "These test's currently do not work on SLES/Suse modules" diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 1f0ac7cc3b..fdbec3af90 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -1,6 +1,5 @@ # frozen_string_literal: true -UNSUPPORTED_PLATFORMS = ['aix', 'windows', 'solaris'].freeze class String def unindent gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') From a1a4ec79cef16cf0982af03520822a8543b65ac9 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 20 Feb 2020 12:38:40 +0000 Subject: [PATCH 0493/1000] (maint) replace manual litmus setup code with `configure!` --- spec/spec_helper_acceptance.rb | 77 +--------------------------- spec/spec_helper_acceptance_local.rb | 13 +++-- 2 files changed, 11 insertions(+), 79 deletions(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index aabeb0b80d..7de7381250 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -3,80 +3,5 @@ require 'serverspec' require 'puppet_litmus' require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) -include PuppetLitmus -if ENV['TARGET_HOST'].nil? || ENV['TARGET_HOST'] == 'localhost' - puts 'Running tests against this machine !' - if Gem.win_platform? - set :backend, :cmd - else - set :backend, :exec - end -else - # load inventory - inventory_hash = inventory_hash_from_inventory_file - node_config = config_from_node(inventory_hash, ENV['TARGET_HOST']) - - if target_in_group(inventory_hash, ENV['TARGET_HOST'], 'docker_nodes') - host = ENV['TARGET_HOST'] - set :backend, :docker - set :docker_container, host - elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'ssh_nodes') - set :backend, :ssh - options = Net::SSH::Config.for(host) - options[:user] = node_config.dig('ssh', 'user') unless node_config.dig('ssh', 'user').nil? - options[:port] = node_config.dig('ssh', 'port') unless node_config.dig('ssh', 'port').nil? - options[:keys] = node_config.dig('ssh', 'private-key') unless node_config.dig('ssh', 'private-key').nil? - options[:password] = node_config.dig('ssh', 'password') unless node_config.dig('ssh', 'password').nil? - # Support both net-ssh 4 and 5. - # rubocop:disable Metrics/BlockNesting - options[:verify_host_key] = if node_config.dig('ssh', 'host-key-check').nil? - # Fall back to SSH behavior. This variable will only be set in net-ssh 5.3+. - if @strict_host_key_checking.nil? || @strict_host_key_checking - Net::SSH::Verifiers::Always.new - else - # SSH's behavior with StrictHostKeyChecking=no: adds new keys to known_hosts. - # If known_hosts points to /dev/null, then equivalent to :never where it - # accepts any key beacuse they're all new. - Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new - end - elsif node_config.dig('ssh', 'host-key-check') - if defined?(Net::SSH::Verifiers::Always) - Net::SSH::Verifiers::Always.new - else - Net::SSH::Verifiers::Secure.new - end - elsif defined?(Net::SSH::Verifiers::Never) - Net::SSH::Verifiers::Never.new - else - Net::SSH::Verifiers::Null.new - end - # rubocop:enable Metrics/BlockNesting - host = if ENV['TARGET_HOST'].include?(':') - ENV['TARGET_HOST'].split(':').first - else - ENV['TARGET_HOST'] - end - set :host, options[:host_name] || host - set :ssh_options, options - set :request_pty, true - elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'winrm_nodes') - require 'winrm' - - set :backend, :winrm - set :os, family: 'windows' - user = node_config.dig('winrm', 'user') unless node_config.dig('winrm', 'user').nil? - pass = node_config.dig('winrm', 'password') unless node_config.dig('winrm', 'password').nil? - endpoint = "http://#{ENV['TARGET_HOST']}:5985/wsman" - - opts = { - user: user, - password: pass, - endpoint: endpoint, - operation_timeout: 300, - } - - winrm = WinRM::Connection.new opts - Specinfra.configuration.winrm = winrm - end -end +PuppetLitmus.configure! diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index fdbec3af90..5e92a8d8ce 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -1,5 +1,12 @@ # frozen_string_literal: true +require 'singleton' + +class LitmusHelper + include Singleton + include PuppetLitmus +end + class String def unindent gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') @@ -10,17 +17,17 @@ def install_iproute2 pp = <<-MANIFEST package { 'iproute2': ensure => installed } MANIFEST - apply_manifest(pp) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') + LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') end def postgresql_version - result = run_shell('psql --version') + result = LitmusHelper.instance.run_shell('psql --version') result.stdout.match(%r{\s(\d{1,2}\.\d)})[1] end def psql(psql_cmd, user = 'postgres', exit_codes = [0, 1], &block) psql = "psql #{psql_cmd}" - run_shell("cd /tmp; su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) + LitmusHelper.instance.run_shell("cd /tmp; su #{shellescape(user)} -c #{shellescape(psql)}", acceptable_exit_codes: exit_codes, &block) end def shellescape(str) From f7365d880998c7c430006474ace7a1c74864a88c Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 20 Feb 2020 12:40:53 +0000 Subject: [PATCH 0494/1000] (maint) replace install_iproute2 calls with before:suite hook This ensures that `apply_manifest` is only called once if required --- spec/acceptance/alternative_port_spec.rb | 3 --- spec/acceptance/default_parameters_spec.rb | 3 --- spec/acceptance/overridden_settings_spec.rb | 4 ---- spec/acceptance/utf8_encoding_spec.rb | 3 --- spec/spec_helper_acceptance_local.rb | 10 ++++++++-- 5 files changed, 8 insertions(+), 15 deletions(-) diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 6623bf3596..f854973bad 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -3,9 +3,6 @@ # These tests ensure that postgres can change itself to an alternative port # properly. describe 'postgresql::server' do - before(:all) do - install_iproute2 - end it 'on an alternative port' do pp = <<-MANIFEST class { 'postgresql::server': port => '55433', manage_selinux => true } diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index 174567f732..ea4ccc8ba8 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -3,9 +3,6 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server' do - before(:all) do - install_iproute2 - end it 'with defaults' do pp = <<-MANIFEST class { 'postgresql::server': } diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index a6a8abf4f3..b2f26ae632 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -3,10 +3,6 @@ # These tests are designed to ensure that the module, when ran overrides, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server' do - before(:all) do - install_iproute2 - end - let(:pp) do <<-MANIFEST class { 'postgresql::server': diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index fdaed5dbbb..9493e6e4b6 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -1,9 +1,6 @@ require 'spec_helper_acceptance' describe 'postgresql::server' do - before(:all) do - install_iproute2 - end let(:pp) do <<-MANIFEST class { 'postgresql::globals': diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 5e92a8d8ce..1e9481dc10 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -13,8 +13,14 @@ def unindent end end -def install_iproute2 - pp = <<-MANIFEST +RSpec.configure do |c| + c.before :suite do + install_dependencies + end +end + +def install_dependencies + iproute2 = <<-MANIFEST package { 'iproute2': ensure => installed } MANIFEST LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') From 01d7de8df733c76270253c9888e4df1a16bcb4e1 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 20 Feb 2020 12:42:03 +0000 Subject: [PATCH 0495/1000] (IAC-527) fix idempotency issues with oracle linux Installing the policycoreutils-python changes how puppet reacts in SELinux enabled systems. Pre-installing them avoids that. --- spec/spec_helper_acceptance_local.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 1e9481dc10..f73d697211 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -24,6 +24,10 @@ def install_dependencies package { 'iproute2': ensure => installed } MANIFEST LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') + selinux = <<-MANIFEST + package { 'policycoreutils-python': ensure => installed } + MANIFEST + LitmusHelper.instance.apply_manifest(selinux) if os[:family] == 'redhat' && os[:release].start_with?('6', '7') end def postgresql_version From 1dbe28050aa548745b3a6a07bd97ab259cf7e290 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 26 Feb 2020 11:12:37 +0000 Subject: [PATCH 0496/1000] (IAC-560) Replace waffleimage with litmusimage --- provision.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/provision.yaml b/provision.yaml index b83a528738..237371822c 100644 --- a/provision.yaml +++ b/provision.yaml @@ -1,22 +1,22 @@ --- default: provisioner: docker - images: ['waffleimage/centos7'] + images: ['litmusimage/centos7'] vagrant: provisioner: vagrant images: ['centos/7', 'generic/ubuntu1804'] travis_deb: provisioner: docker - images: ['waffleimage/debian8', 'waffleimage/debian9', 'waffleimage/debian10'] + images: ['litmusimage/debian:8', 'litmusimage/debian:9', 'litmusimage/debian:10'] travis_ub: provisioner: docker - images: ['waffleimage/ubuntu14.04', 'waffleimage/ubuntu16.04', 'waffleimage/ubuntu18.04'] + images: ['litmusimage/ubuntu:14.04', 'litmusimage/ubuntu:16.04', 'litmusimage/ubuntu:18.04'] travis_el6: provisioner: docker - images: ['waffleimage/centos6', 'waffleimage/scientificlinux6'] + images: ['litmusimage/centos:6', 'litmusimage/scientificlinux:6'] travis_el7: provisioner: docker - images: ['waffleimage/centos7', 'waffleimage/oraclelinux7', 'waffleimage/scientificlinux7'] + images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] release_checks: provisioner: vmpooler images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From 122ab26b9a756faf0f14fa5a3d057d8c75042be6 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 20 Feb 2020 14:37:19 +0000 Subject: [PATCH 0497/1000] (IAC-554) Update travis to remove livelock This is based off the changes from: * https://github.com/puppetlabs/pdk-templates/pull/318 * https://github.com/puppetlabs/pdk-templates/pull/319 --- .sync.yml | 3 +-- .travis.yml | 62 ++++++++++++++++++++++----------------------------- metadata.json | 2 +- 3 files changed, 29 insertions(+), 38 deletions(-) diff --git a/.sync.yml b/.sync.yml index ae53e69858..8ceb746298 100644 --- a/.sync.yml +++ b/.sync.yml @@ -2,9 +2,8 @@ ".gitlab-ci.yml": delete: true ".travis.yml": - global_env: + global_env: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" - dist: trusty deploy_to_forge: enabled: false user: puppet diff --git a/.travis.yml b/.travis.yml index ebd0f0ceee..29f08e671e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,6 @@ --- os: linux -dist: trusty +dist: xenial language: ruby cache: bundler before_install: @@ -16,7 +16,7 @@ script: - 'SIMPLECOV=yes bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.3 + - 2.5.7 env: global: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" @@ -32,11 +32,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_deb_puppet5 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -44,11 +43,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_ub]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_ub_puppet5 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -56,11 +54,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_el6]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_el6_puppet5 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -68,11 +65,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_el7_puppet5 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -80,11 +76,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_deb_puppet6 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -92,11 +87,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_ub]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_ub_puppet6 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -104,11 +98,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_el6]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_el6_puppet6 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -116,11 +109,10 @@ jobs: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: - dist: trusty + bundler_args: env: PLATFORMS=travis_el7_puppet6 - rvm: 2.5.3 - script: ["bundle exec rake litmus:acceptance:parallel"] + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - @@ -132,7 +124,7 @@ jobs: stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.3 + rvm: 2.5.7 stage: spec branches: only: diff --git a/metadata.json b/metadata.json index d013f6e157..cc776e1a10 100644 --- a/metadata.json +++ b/metadata.json @@ -88,5 +88,5 @@ ], "pdk-version": "1.16.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g88c96ab" + "template-ref": "heads/master-0-g9eed4aa" } From 3da259c13576e37fb03f040466d38d26749205e5 Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 27 Feb 2020 13:15:22 +0000 Subject: [PATCH 0498/1000] (maint) - Pdk Update --- metadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index cc776e1a10..ecf2b4a822 100644 --- a/metadata.json +++ b/metadata.json @@ -86,7 +86,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.16.0", + "pdk-version": "1.17.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g9eed4aa" + "template-ref": "1.17.0-0-gd3a4319" } From cd71a28623ef38c7e5215791b1272688c895e515 Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Mon, 2 Mar 2020 13:45:14 +0100 Subject: [PATCH 0499/1000] grant: Fixup escaping of function arguments in granting. The "arguments" in this case are the actual types, and they must not be quoted. --- manifests/server/grant.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 80ca540085..e07f624173 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -392,7 +392,7 @@ true => 'function_exists', default => undef, } - $_quoted_args = join($object_arguments.map |$arg| { "\"${arg}\"" }, ',') + $_quoted_args = join($object_arguments, ',') $arguments = "(${_quoted_args})" } From 0cac23f521f73f66375e7fca40744fa2f273273e Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Mon, 2 Mar 2020 13:55:08 +0100 Subject: [PATCH 0500/1000] grant: Fixup quotation of function name plus arguments. Function and type arguments must stay together: "pg_catalog.pg_ls_dir"(text,boolean,boolean) => "pg_catalog.pg_ls_dir(text,boolean,boolean)" --- manifests/server/grant.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index e07f624173..677b2b83b2 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -49,11 +49,11 @@ case $ensure { default: { # default is 'present' - $sql_command = 'GRANT %s ON %s "%s"%s TO "%s"' + $sql_command = 'GRANT %s ON %s "%s%s" TO "%s"' $unless_is = true } 'absent': { - $sql_command = 'REVOKE %s ON %s "%s"%s FROM "%s"' + $sql_command = 'REVOKE %s ON %s "%s%s" FROM "%s"' $unless_is = false } } From 4c091d577fcaa3dafe196714abb811582df30276 Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Mon, 2 Mar 2020 15:14:12 +0100 Subject: [PATCH 0501/1000] grant: Prevent quotation of the full function in GRANT commant. GRANT EXECUTE ON FUNCTION "func()" fails, we need to unquote in that case. --- manifests/server/grant.pp | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 677b2b83b2..52ed1add9e 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -50,10 +50,12 @@ default: { # default is 'present' $sql_command = 'GRANT %s ON %s "%s%s" TO "%s"' + $sql_command_unquoted = 'GRANT %s ON %s %s%s TO "%s"' $unless_is = true } 'absent': { $sql_command = 'REVOKE %s ON %s "%s%s" FROM "%s"' + $sql_command_unquoted = 'REVOKE %s ON %s %s%s FROM "%s"' $unless_is = false } } @@ -115,6 +117,7 @@ 'absent' => 'role_exists', } $arguments = '' + $_enquote_object = true } 'SCHEMA': { $unless_privilege = $_privilege ? { @@ -131,6 +134,7 @@ $on_db = $db $onlyif_function = undef $arguments = '' + $_enquote_object = true } 'SEQUENCE': { $unless_privilege = $_privilege ? { @@ -148,6 +152,7 @@ $on_db = $db $onlyif_function = undef $arguments = '' + $_enquote_object = true } 'ALL SEQUENCES IN SCHEMA': { case $_privilege { @@ -165,6 +170,7 @@ $on_db = $db $onlyif_function = undef $arguments = '' + $_enquote_object = true $schema = $object_name @@ -282,6 +288,7 @@ default => undef, } $arguments = '' + $_enquote_object = true } 'ALL TABLES IN SCHEMA': { case $_privilege { @@ -303,6 +310,7 @@ $on_db = $db $onlyif_function = undef $arguments = '' + $_enquote_object = true $schema = $object_name @@ -375,6 +383,7 @@ default => undef, } $arguments = '' + $_enquote_object = false } 'FUNCTION': { $unless_privilege = $_privilege ? { @@ -392,8 +401,9 @@ true => 'function_exists', default => undef, } - $_quoted_args = join($object_arguments, ',') - $arguments = "(${_quoted_args})" + $_joined_args = join($object_arguments, ',') + $arguments = "(${_joined_args})" + $_enquote_object = false } default: { @@ -441,7 +451,10 @@ default => undef, } - $grant_cmd = sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role) + $grant_cmd = $_enquote_object ? { + false => sprintf($sql_command_unquoted, $_privilege, $_object_type, $_togrant_object, $arguments, $role), + default => sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role), + } postgresql_psql { "grant:${name}": command => $grant_cmd, From 4594946d07db42062c013229dd4898e97f6ff679 Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 6 Mar 2020 12:37:46 +0000 Subject: [PATCH 0502/1000] (IAC-555) - Remove distelli-manifest.yml --- distelli-manifest.yml | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 distelli-manifest.yml diff --git a/distelli-manifest.yml b/distelli-manifest.yml deleted file mode 100644 index b7cc65445d..0000000000 --- a/distelli-manifest.yml +++ /dev/null @@ -1,25 +0,0 @@ -team-modules/puppetlabs-postgresql: - PreBuild: - - source /opt/rh/rh-ruby25/enable - - echo "--- LETS update BUNDLER ---" - - bundle install --path vendor/bundle --jobs 3 - Build: - - echo "--- PROVISIONING ---" - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:provision_list[release_checks] - - cat inventory.yaml - - echo "--- AGENT INSTALLATION ---" - - bundle exec rake litmus:install_agent - - echo "--- MODULE INSTALLATION ---" - - bundle exec rake litmus:install_module - - echo "--- TESTS RUNNING ---" - - bundle exec rake litmus:acceptance:parallel - AfterBuildSuccess: - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:tear_down - AfterBuildFailure: - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:tear_down - CommitData: - - RepoType: Git - - RepoPath: . From c90bbe3d08955b073f56cb9e89c523eaa0d7acb7 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Thu, 20 Feb 2020 11:36:34 +0200 Subject: [PATCH 0503/1000] Add weekly workflow on default branch --- .github/workflows/weekly.yml | 42 ++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 .github/workflows/weekly.yml diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml new file mode 100644 index 0000000000..3be2e0523a --- /dev/null +++ b/.github/workflows/weekly.yml @@ -0,0 +1,42 @@ +name: "weekly" + +on: + schedule: + - cron: '0 0 * * 6' + +jobs: + LitmusAcceptance: + runs-on: self-hosted + strategy: + matrix: + ruby_version: [2.5.x] + puppet_gem_version: [~> 6.0] + platform: [release_checks] + agent_family: ['puppet5', 'puppet6'] + + steps: + - uses: actions/checkout@v1 + - name: Litmus Parallel + uses: puppetlabs/action-litmus_parallel@master + with: + platform: ${{ matrix.platform }} + agent_family: ${{ matrix.agent_family }} + Spec: + runs-on: self-hosted + strategy: + matrix: + check: [spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] + ruby_version: [2.5.x] + puppet_gem_version: [~> 5.0, ~> 6.0] + exclude: + - puppet_gem_version: ~> 5.0 + check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' + - ruby_version: 2.5.x + puppet_gem_version: ~> 5.0 + steps: + - uses: actions/checkout@v1 + - name: Spec Tests + uses: puppetlabs/action-litmus_spec@master + with: + puppet_gem_version: ${{ matrix.puppet_gem_version }} + check: ${{ matrix.check }} From 4d8bc8a2cd3d2dcbf37a0a87d3efadaa2d636af8 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Wed, 26 Feb 2020 11:41:05 +0200 Subject: [PATCH 0504/1000] Update weekly workflow schedule --- .github/workflows/weekly.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 3be2e0523a..c75105585a 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -2,10 +2,13 @@ name: "weekly" on: schedule: - - cron: '0 0 * * 6' + - cron: '0 3 * * 1' jobs: LitmusAcceptance: + env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: @@ -25,7 +28,7 @@ jobs: runs-on: self-hosted strategy: matrix: - check: [spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] + check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] ruby_version: [2.5.x] puppet_gem_version: [~> 5.0, ~> 6.0] exclude: From 48ecb4d519862b142ff9eaad3a3fc85148a2a1ab Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Fri, 13 Mar 2020 21:07:27 +0100 Subject: [PATCH 0505/1000] grant: Fixup indentation bug. Co-Authored-By: sanfrancrisko <55992494+sanfrancrisko@users.noreply.github.com> --- manifests/server/grant.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 52ed1add9e..d02206463a 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -383,7 +383,7 @@ default => undef, } $arguments = '' - $_enquote_object = false + $_enquote_object = false } 'FUNCTION': { $unless_privilege = $_privilege ? { From 699535bf64f5a8ed35b3bad418bff21a01f29b7d Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Fri, 13 Mar 2020 22:03:25 +0100 Subject: [PATCH 0506/1000] server::grant_spec: Adapt test to correct function quoting. Types must not be quoted neither for granting not checking, and the overall expression must not be quoted for granting. --- spec/unit/defines/server/grant_spec.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index db4214b732..52a57112ca 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -249,7 +249,7 @@ class {'postgresql::server':} role: 'test', privilege: 'execute', object_name: 'test', - object_arguments: ['text', 'text'], + object_arguments: ['text', 'boolean'], object_type: 'function', } end @@ -262,8 +262,8 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__grant('test') } it do is_expected.to contain_postgresql_psql('grant:test') - .with_command(%r{GRANT EXECUTE ON FUNCTION "test"\("text","text"\) TO\s* "test"}m) - .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'test\("text","text"\)', 'EXECUTE'\)}m) + .with_command(%r{GRANT EXECUTE ON FUNCTION test\(text,boolean\) TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'test\(text,boolean\)', 'EXECUTE'\)}m) end end @@ -274,7 +274,7 @@ class {'postgresql::server':} role: 'test', privilege: 'execute', object_name: ['myschema', 'test'], - object_arguments: ['text', 'text'], + object_arguments: ['text', 'boolean'], object_type: 'function', } end @@ -287,8 +287,8 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__grant('test') } it do is_expected.to contain_postgresql_psql('grant:test') - .with_command(%r{GRANT EXECUTE ON FUNCTION "myschema"."test"\("text","text"\) TO\s* "test"}m) - .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'myschema.test\("text","text"\)', 'EXECUTE'\)}m) + .with_command(%r{GRANT EXECUTE ON FUNCTION myschema.test\(text,boolean\) TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'myschema.test\(text,boolean\)', 'EXECUTE'\)}m) end end From 215b350bc6c7b1aace9778464c3380e40a56c163 Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Fri, 13 Mar 2020 22:15:47 +0100 Subject: [PATCH 0507/1000] grant: Fixup quoting for function permission granting if schema is given. This was missed before and found by the test. --- manifests/server/grant.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index d02206463a..56c5c4ca6e 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -421,7 +421,10 @@ # } case $_object_name { Array: { - $_togrant_object = join($_object_name, '"."') + $_togrant_object = $_enquote_object ? { + false => join($_object_name, '.'), + default => join($_object_name, '"."'), + } # Never put double quotes into has_*_privilege function $_granted_object = join($_object_name, '.') } From ec600a7b3de06861b16f9935c33d1b9e0be205be Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Fri, 13 Mar 2020 23:19:18 +0100 Subject: [PATCH 0508/1000] acceptance: grant_spec: test grant EXECUTE on function with argument. --- spec/acceptance/server/grant_spec.rb | 32 ++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 48f35c27a5..05aef5f6bc 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -224,6 +224,25 @@ class { 'postgresql::server': } require => [ Postgresql_psql['create test function'], Postgresql::Server::Role[$user], ] } + + postgresql_psql { 'create test function with argument': + command => "CREATE FUNCTION test_func_with_arg(val integer) RETURNS integer AS 'SELECT val + 1' LANGUAGE 'sql'", + db => $db, + psql_user => $owner, + unless => "SELECT 1 FROM (SELECT format('%I.%I(%s)', ns.nspname, p.proname, oidvectortypes(p.proargtypes)) as func_with_args FROM pg_proc p INNER JOIN pg_namespace ns ON (p.pronamespace = ns.oid) WHERE ns.nspname not in ('pg_catalog', 'information_schema')) as funclist WHERE func_with_args='public.test_func_with_arg(integer)'", + require => Postgresql::Server::Database[$db], + } + + postgresql::server::grant { 'grant execute on test_func_with_arg': + privilege => 'EXECUTE', + object_type => 'FUNCTION', + object_name => 'test_func_with_arg', + object_arguments => ['integer'], + db => $db, + role => $user, + require => [ Postgresql_psql['create test function with argument'], + Postgresql::Server::Role[$user], ] + } MANIFEST end @@ -240,6 +259,19 @@ class { 'postgresql::server': } end end end + it 'grants execute on a function with argument to a user' do + begin + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) + + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func_with_arg(integer)', 'EXECUTE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + end end ### TABLE grants context 'table' do From 575cfe100ec1048a234df0d39afa805452358e58 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Tue, 17 Mar 2020 11:10:40 +0000 Subject: [PATCH 0509/1000] Release version 6.4.0 --- CHANGELOG.md | 25 +++++- REFERENCE.md | 222 ++++++++++++++++++++++++++++++++++++++++++++++++-- metadata.json | 2 +- 3 files changed, 238 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f89d38c2ad..d24dd28937 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,26 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-17) +## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) (2020-03-17) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.3.0...v6.4.0) + +### Added + +- Add Fedora 31 compatibility [\#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) +- feat: enable different database resource name in extension [\#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) +- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) +- Puppet 4 functions [\#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) + +### Fixed + +- Fix incorrectly quoted GRANT cmd on functions [\#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) +- Correct versioncmp logic in config.pp [\#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) +- Treat $version as an integer for comparison, defaults to string [\#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) +- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) +- fix missing systemd override config for EL8 \(CentOS and RHEL\) [\#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) + +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-18) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.3.0) @@ -12,6 +31,10 @@ All notable changes to this project will be documented in this file. The format - \(FM-8679\) - Support added for CentOS 8 [\#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) - MODULES-10041 - allow define password\_encryption for version above 10 [\#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) +### Fixed + +- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) + ## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) diff --git a/REFERENCE.md b/REFERENCE.md index 570c909d6c..41f820d532 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -62,6 +62,9 @@ _Private Classes_ **Functions** * [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. +* [`postgresql::postgresql_acls_to_resources_hash`](#postgresqlpostgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource +* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function safely escapes a string using a consistent random tag +* [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag * [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password @@ -493,6 +496,30 @@ Allow Puppet to manage the recovery.conf file. Default value: `undef` +##### `manage_datadir` + +Data type: `Any` + +Set to false if you have file{ $datadir: } already defined + +Default value: `undef` + +##### `manage_logdir` + +Data type: `Any` + +Set to false if you have file{ $logdir: } already defined + +Default value: `undef` + +##### `manage_xlogdir` + +Data type: `Any` + +Set to false if you have file{ $xlogdir: } already defined + +Default value: `undef` + ##### `manage_package_repo` Data type: `Any` @@ -507,6 +534,14 @@ Data type: `Any` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +Default value: `undef` + +##### `manage_selinux` + +Data type: `Any` + + + Default value: `undef` ### postgresql::lib::devel @@ -974,14 +1009,6 @@ Set timezone for the PostgreSQL instance Default value: $postgresql::params::timezone -##### `password_encryption` - -Data type: `Any` - -Set Password Authentication when password-based authentication methods used - -Default value: $postgresql::params::password_encryption - ##### `manage_pg_hba_conf` Data type: `Any` @@ -1014,6 +1041,30 @@ Working directory for the PostgreSQL module Default value: $postgresql::params::module_workdir +##### `manage_datadir` + +Data type: `Any` + +Set to false if you have file{ $datadir: } already defined + +Default value: $postgresql::params::manage_datadir + +##### `manage_logdir` + +Data type: `Any` + +Set to false if you have file{ $logdir: } already defined + +Default value: $postgresql::params::manage_logdir + +##### `manage_xlogdir` + +Data type: `Any` + +Set to false if you have file{ $xlogdir: } already defined + +Default value: $postgresql::params::manage_xlogdir + ##### `roles` Data type: `Hash[String, Hash]` @@ -1046,6 +1097,22 @@ Sets PostgreSQL version Default value: `undef` +##### `manage_selinux` + +Data type: `Boolean` + + + +Default value: $postgresql::params::manage_selinux + +##### `password_encryption` + +Data type: `Any` + + + +Default value: $postgresql::params::password_encryption + ### postgresql::server::contrib Install the contrib postgresql packaging. @@ -1479,7 +1546,15 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: postgresql::default('default_connect_settings') + +##### `database_resource_name` + +Data type: `Any` + +Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. + +Default value: $database ### postgresql::server::grant @@ -1592,6 +1667,14 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: 'present' +##### `object_arguments` + +Data type: `Array[String[1],0]` + + + +Default value: [] + ### postgresql::server::grant_role Define for granting membership to a role. @@ -2244,6 +2327,14 @@ Data type: `Any` Specifies the path to locate this tablespace. +##### `manage_location` + +Data type: `Any` + +Set to false if you have file{ $location: } already defined + +Default value: `true` + ##### `owner` Data type: `Any` @@ -2632,6 +2723,119 @@ Data type: `String` +### postgresql::postgresql_acls_to_resources_hash + +Type: Ruby 4.x API + +This is an autogenerated function, ported from the original legacy version. +It /should work/ as is, but will not have all the benefits of the modern +function API. You should see the function docs to learn how to add function +signatures for type safety and to document this function using puppet-strings. + +https://puppet.com/docs/puppet/latest/custom_functions_ruby.html + +---- original file header ---- +postgresql_acls_to_resources_hash.rb +---- original file header ---- + + suitable for create_resources. It is not intended to be used outside of the + postgresql internal classes/defined resources. + + @return This function accepts an array of strings that are pg_hba.conf rules. It + will return a hash that can be fed into create_resources to create multiple + individual pg_hba_rule resources. + + The second parameter is an identifier that will be included in the namevar + to provide uniqueness. It must be a string. + + The third parameter is an order offset, so you can start the order at an + arbitrary starting point. + +#### `postgresql::postgresql_acls_to_resources_hash(Any *$args)` + +This is an autogenerated function, ported from the original legacy version. +It /should work/ as is, but will not have all the benefits of the modern +function API. You should see the function docs to learn how to add function +signatures for type safety and to document this function using puppet-strings. + +https://puppet.com/docs/puppet/latest/custom_functions_ruby.html + +---- original file header ---- +postgresql_acls_to_resources_hash.rb +---- original file header ---- + + suitable for create_resources. It is not intended to be used outside of the + postgresql internal classes/defined resources. + + @return This function accepts an array of strings that are pg_hba.conf rules. It + will return a hash that can be fed into create_resources to create multiple + individual pg_hba_rule resources. + + The second parameter is an identifier that will be included in the namevar + to provide uniqueness. It must be a string. + + The third parameter is an order offset, so you can start the order at an + arbitrary starting point. + +Returns: `Data type` Describe what the function returns here + +##### `*args` + +Data type: `Any` + +The original array of arguments. Port this to individually managed params +to get the full benefit of the modern function API. + +### postgresql::postgresql_escape + +Type: Ruby 4.x API + +postgresql_escape.rb +---- original file header ---- + + @return Safely escapes a string using $$ using a random tag which should be consistent + +#### `postgresql::postgresql_escape(Any *$args)` + +postgresql_escape.rb +---- original file header ---- + + @return Safely escapes a string using $$ using a random tag which should be consistent + +Returns: `Data type` Describe what the function returns here + +##### `*args` + +Data type: `Any` + +The original array of arguments. Port this to individually managed params +to get the full benefit of the modern function API. + +### postgresql::postgresql_password + +Type: Ruby 4.x API + +postgresql_password.rb +---- original file header ---- + + @return Returns the postgresql password hash from the clear text username / password. + +#### `postgresql::postgresql_password(Any *$args)` + +postgresql_password.rb +---- original file header ---- + + @return Returns the postgresql password hash from the clear text username / password. + +Returns: `Data type` Describe what the function returns here + +##### `*args` + +Data type: `Any` + +The original array of arguments. Port this to individually managed params +to get the full benefit of the modern function API. + ### postgresql_acls_to_resources_hash Type: Ruby 3.x API diff --git a/metadata.json b/metadata.json index ecf2b4a822..f52a997c1a 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.3.0", + "version": "6.4.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 1e4133b81a237ddc27156c3a2c96d36bafe5c441 Mon Sep 17 00:00:00 2001 From: Ivan Grcic <394398+igrcic@users.noreply.github.com> Date: Fri, 20 Mar 2020 12:30:04 +0100 Subject: [PATCH 0510/1000] Update contributing link url --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bc20b8948b..c004a59251 100644 --- a/README.md +++ b/README.md @@ -343,7 +343,7 @@ semanage port -a -t postgresql_port_t -p tcp $customport ## Development -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://puppet.com/docs/puppet/latest/contributing.html). ### Tests From 54268da1fb925d5fb09cf157be51f70975318ead Mon Sep 17 00:00:00 2001 From: Jan Veninga Date: Mon, 23 Mar 2020 15:29:09 +0100 Subject: [PATCH 0511/1000] add extra_systemd_config parameter --- manifests/params.pp | 1 + manifests/server.pp | 1 + manifests/server/config.pp | 1 + templates/systemd-override.erb | 1 + 4 files changed, 4 insertions(+) diff --git a/manifests/params.pp b/manifests/params.pp index fdfc91ce31..15b72bd2fb 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -25,6 +25,7 @@ $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') $password_encryption = undef + $extra_systemd_config = '' $manage_datadir = true $manage_logdir = true $manage_xlogdir = true diff --git a/manifests/server.pp b/manifests/server.pp index f388cd64de..d998042da0 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -138,6 +138,7 @@ $manage_logdir = $postgresql::params::manage_logdir, $manage_xlogdir = $postgresql::params::manage_xlogdir, $password_encryption = $postgresql::params::password_encryption, + $extra_systemd_config = $postgresql::params::extra_systemd_config, Hash[String, Hash] $roles = {}, Hash[String, Any] $config_entries = {}, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index bd735f45dd..6af92c07a7 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -23,6 +23,7 @@ $log_line_prefix = $postgresql::server::log_line_prefix $timezone = $postgresql::server::timezone $password_encryption = $postgresql::server::password_encryption + $extra_systemd_config = $postgresql::server::extra_systemd_config if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index 5a2a31c614..cae5101502 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -12,3 +12,4 @@ Environment=DATA_DIR=<%= @datadir %> <%- else -%> Environment=PGDATA=<%= @datadir %> <%- end -%> +<%= @extra_systemd_config %> From 90d871d07a3a43e143946591c814e281c24ba857 Mon Sep 17 00:00:00 2001 From: Jan Veninga Date: Mon, 23 Mar 2020 16:32:44 +0100 Subject: [PATCH 0512/1000] add documentation for extra_systemd_config parameter --- manifests/server.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server.pp b/manifests/server.pp index d998042da0..5b65a2f224 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -75,6 +75,7 @@ # # @param version Sets PostgreSQL version # +# @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # class postgresql::server ( $postgres_password = undef, From f18cf07d81a1050bd53385d2a28526cb3649e7a2 Mon Sep 17 00:00:00 2001 From: XnS Date: Wed, 25 Mar 2020 18:31:26 +0100 Subject: [PATCH 0513/1000] add versions for SLES 12 SP 3 to 5 --- manifests/globals.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5219a93247..02795e9ff6 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -211,7 +211,8 @@ /11\.[0-3]/ => '91', /11\.4/ => '94', /12\.0/ => '93', - /12\.[1-2]/ => '94', + /12\.[1-3]/ => '94', + /12\.[4-5]/ => '10', /15\.0/ => '10', default => '96', }, From d456da430d92c0ea624f93e4e8e64ea8279720b3 Mon Sep 17 00:00:00 2001 From: Martin Alfke Date: Mon, 30 Mar 2020 13:58:31 +0200 Subject: [PATCH 0514/1000] Allow usage of grant and role when not managing postgresql::server Some installations use other ways to install postgresql. But people still want to make use of grant and role defined type --- manifests/server/grant.pp | 6 ++++-- manifests/server/role.pp | 12 ++++++++---- spec/unit/defines/server/grant_spec.rb | 22 ++++++++++++++++++++++ spec/unit/defines/server/role_spec.rb | 25 +++++++++++++++++++++++++ 4 files changed, 59 insertions(+), 6 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 56c5c4ca6e..4faea3b3ea 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -11,6 +11,8 @@ # @param onlyif_exists Create grant only if doesn't exist # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. +# @param group Sets the OS group to run psql +# @param psql_path Sets the path to psql command define postgresql::server::grant ( String $role, String $db, @@ -44,6 +46,8 @@ Enum['present', 'absent' ] $ensure = 'present', + String $group = $postgresql::server::group, + String $psql_path = $postgresql::server::psql_path, ) { case $ensure { @@ -60,8 +64,6 @@ } } - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path if ! $object_name { $_object_name = $db diff --git a/manifests/server/role.pp b/manifests/server/role.pp index be4d9d0e42..98519ba990 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -14,6 +14,10 @@ # @param username Defines the username of the role to create. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param ensure Specify whether to create or drop the role. Specifying 'present' creates the role. Specifying 'absent' drops the role. +# @param psql_user Sets the OS user to run psql +# @param psql_group Sets the OS group to run psql +# @param psql_path Sets path to psql command +# @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. define postgresql::server::role( $update_password = true, $password_hash = false, @@ -28,12 +32,12 @@ $connection_limit = '-1', $username = $title, $connect_settings = $postgresql::server::default_connect_settings, + $psql_user = $postgresql::server::user, + $psql_group = $postgresql::server::group, + $psql_path = $postgresql::server::psql_path, + $module_workdir = $postgresql::server::module_workdir, Enum['present', 'absent'] $ensure = 'present', ) { - $psql_user = $postgresql::server::user - $psql_group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $module_workdir = $postgresql::server::module_workdir # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 52a57112ca..32d2fb92b2 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -292,6 +292,28 @@ class {'postgresql::server':} end end + context 'standalone not managing server' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'execute', + object_name: ['myschema', 'test'], + object_arguments: ['text', 'boolean'], + object_type: 'function', + group: 'postgresql', + psql_path: '/usr/bin', + psql_user: 'postgres', + psql_db: 'db', + port: 1542, + connect_settings: {}, + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.not_to contain_class('postgresql::server') } + end + context 'invalid object_type' do let :params do { diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index b84edee66a..ed24c32c0e 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -147,4 +147,29 @@ it { is_expected.to compile } it { is_expected.to contain_postgresql__server__role('test') } end + + context 'standalone not managing server' do + let :params do + { + password_hash: 'new-pa$s', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' }, + psql_user: 'postgresql', + psql_group: 'postgresql', + psql_path: '/usr/bin', + module_workdir: '/tmp', + db: 'db', + } + end + + let :pre_condition do + '' + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.not_to contain_class('postgresql::server') } + end end From 6d827ec1d37c3012d6a44826878cbef558163b7f Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Wed, 1 Apr 2020 14:30:57 -0400 Subject: [PATCH 0515/1000] (MODULES-10610) Use correct lower bound for concat version --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index f52a997c1a..52def0bf18 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppetlabs/concat", - "version_requirement": ">= 1.1.0 < 7.0.0" + "version_requirement": ">= 4.1.0 < 7.0.0" } ], "operatingsystem_support": [ From 700d2c5bb54b7ea91d518de96e2c7a22318d0afa Mon Sep 17 00:00:00 2001 From: Alexander Fisher Date: Mon, 13 Apr 2020 11:55:15 +0100 Subject: [PATCH 0516/1000] Finish conversion of `postgresql_password` function In https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129 the 3 functions from this module were ported to the modern function API and namespaced. None of the boilerplate was fixed up, tests weren't updated, documentation wasn't updated etc. This commit finishes the work for the `postgresql_password` function. * Remove old API `puppet/parser/functions` version. * Create a replacement non-namespaced, (but deprecated), new API shim that calls the namespaced version. * Replace argument validation in the function code with data-type based validation for the individual function parameters. * Update the README and REFERENCE.md files. * Test both shim and namespaced version of the function. --- README.md | 4 +- REFERENCE.md | 97 +++++++++++++++---- .../postgresql/postgresql_password.rb | 47 ++------- lib/puppet/functions/postgresql_password.rb | 10 ++ .../parser/functions/postgresql_password.rb | 22 ----- spec/functions/postgresql_password_spec.rb | 5 + .../postgresql_postgresql_password_spec.rb | 37 +------ spec/spec_helper_local.rb | 14 +++ .../functions/postgresql_password_spec.rb | 16 --- 9 files changed, 121 insertions(+), 131 deletions(-) create mode 100644 lib/puppet/functions/postgresql_password.rb delete mode 100644 lib/puppet/parser/functions/postgresql_password.rb create mode 100644 spec/functions/postgresql_password_spec.rb delete mode 100644 spec/unit/functions/postgresql_password_spec.rb diff --git a/README.md b/README.md index c004a59251..d8470d61a0 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ class { 'postgresql::server': postgresql::server::db { 'mydatabasename': user => 'mydatabaseuser', - password => postgresql_password('mydatabaseuser', 'mypassword'), + password => postgresql::postgresql_password('mydatabaseuser', 'mypassword'), } ``` @@ -94,7 +94,7 @@ class { 'postgresql::server': } postgresql::server::role { 'marmot': - password_hash => postgresql_password('marmot', 'mypasswd'), + password_hash => postgresql::postgresql_password('marmot', 'mypasswd'), } postgresql::server::database_grant { 'test1': diff --git a/REFERENCE.md b/REFERENCE.md index 41f820d532..f4698b385e 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -67,7 +67,7 @@ _Private Classes_ * [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag -* [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. **Tasks** @@ -1097,6 +1097,14 @@ Sets PostgreSQL version Default value: `undef` +##### `extra_systemd_config` + +Data type: `Any` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: $postgresql::params::extra_systemd_config + ##### `manage_selinux` Data type: `Boolean` @@ -1667,6 +1675,22 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: 'present' +##### `group` + +Data type: `String` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `String` + +Sets the path to psql command + +Default value: $postgresql::server::psql_path + ##### `object_arguments` Data type: `Array[String[1],0]` @@ -2181,6 +2205,38 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: 'present' +##### `psql_user` + +Data type: `Any` + +Sets the OS user to run psql + +Default value: $postgresql::server::user + +##### `psql_group` + +Data type: `Any` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `Any` + +Sets path to psql command + +Default value: $postgresql::server::psql_path + +##### `module_workdir` + +Data type: `Any` + +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: $postgresql::server::module_workdir + ### postgresql::server::schema Create a new schema. @@ -2815,26 +2871,25 @@ to get the full benefit of the modern function API. Type: Ruby 4.x API -postgresql_password.rb ----- original file header ---- +This function returns the postgresql password hash from the clear text username / password - @return Returns the postgresql password hash from the clear text username / password. +#### `postgresql::postgresql_password(Variant[String[1],Integer] $username, Variant[String[1],Integer] $password)` -#### `postgresql::postgresql_password(Any *$args)` +The postgresql::postgresql_password function. -postgresql_password.rb ----- original file header ---- +Returns: `String` The postgresql password hash from the clear text username / password. - @return Returns the postgresql password hash from the clear text username / password. +##### `username` -Returns: `Data type` Describe what the function returns here +Data type: `Variant[String[1],Integer]` -##### `*args` +The clear text `username` -Data type: `Any` +##### `password` -The original array of arguments. Port this to individually managed params -to get the full benefit of the modern function API. +Data type: `Variant[String[1],Integer]` + +The clear text `password` ### postgresql_acls_to_resources_hash @@ -2884,15 +2939,21 @@ Returns: `Any` Safely escapes a string using $$ using a random tag which should ### postgresql_password -Type: Ruby 3.x API +Type: Ruby 4.x API -This function returns the postgresql password hash from the clear text username / password +DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. -#### `postgresql_password()` +#### `postgresql_password(Any *$args)` + +The postgresql_password function. + +Returns: `Any` + +##### `*args` + +Data type: `Any` -This function returns the postgresql password hash from the clear text username / password -Returns: `Any` Returns the postgresql password hash from the clear text username / password. ## Tasks diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index ee6c7ace7d..43b8bf8969 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -1,45 +1,18 @@ -# This is an autogenerated function, ported from the original legacy version. -# It /should work/ as is, but will not have all the benefits of the modern -# function API. You should see the function docs to learn how to add function -# signatures for type safety and to document this function using puppet-strings. -# -# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html -# -# ---- original file header ---- -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/md5' - -# postgresql_password.rb -# ---- original file header ---- -# -# @summary -# This function returns the postgresql password hash from the clear text username / password -# @return Returns the postgresql password hash from the clear text username / password. -# -# +# @summary This function returns the postgresql password hash from the clear text username / password Puppet::Functions.create_function(:'postgresql::postgresql_password') do - # @param args - # The original array of arguments. Port this to individually managed params - # to get the full benefit of the modern function API. - # - # @return [Data type] - # Describe what the function returns here + # @param username + # The clear text `username` + # @param password + # The clear text `password` # + # @return [String] + # The postgresql password hash from the clear text username / password. dispatch :default_impl do - # Call the method named 'default_impl' when this is matched - # Port this to match individual params for better type safety - repeated_param 'Any', :args + param 'Variant[String[1],Integer]', :username + param 'Variant[String[1],Integer]', :password end - def default_impl(*args) - if args.size != 2 - raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ - "given (#{args.size} for 2)") - end - - username = args[0] - password = args[1] - + def default_impl(username, password) 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) end end diff --git a/lib/puppet/functions/postgresql_password.rb b/lib/puppet/functions/postgresql_password.rb new file mode 100644 index 0000000000..e098ebe8d5 --- /dev/null +++ b/lib/puppet/functions/postgresql_password.rb @@ -0,0 +1,10 @@ +# @summary DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. +Puppet::Functions.create_function(:postgresql_password) do + dispatch :deprecation_gen do + repeated_param 'Any', :args + end + def deprecation_gen(*args) + call_function('deprecation', 'postgresql_password', 'This method is deprecated, please use postgresql::postgresql_password instead.') + call_function('postgresql::postgresql_password', *args) + end +end diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb deleted file mode 100644 index d32791a5ec..0000000000 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ /dev/null @@ -1,22 +0,0 @@ -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/md5' - -# postgresql_password.rb -module Puppet::Parser::Functions - newfunction(:postgresql_password, type: :rvalue, doc: <<-EOS - This function returns the postgresql password hash from the clear text username / password - @return Returns the postgresql password hash from the clear text username / password. - EOS - ) do |args| - - if args.size != 2 - raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ - "given (#{args.size} for 2)") - end - - username = args[0] - password = args[1] - - 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) - end -end diff --git a/spec/functions/postgresql_password_spec.rb b/spec/functions/postgresql_password_spec.rb new file mode 100644 index 0000000000..7133c004d3 --- /dev/null +++ b/spec/functions/postgresql_password_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe 'postgresql_password' do + it_behaves_like 'postgresql_password function' +end diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb index 9678193dfb..ac24fe43ed 100644 --- a/spec/functions/postgresql_postgresql_password_spec.rb +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -1,40 +1,5 @@ require 'spec_helper' describe 'postgresql::postgresql_password' do - # without knowing details about the implementation, this is the only test - # case that we can autogenerate. You should add more examples below! - it { is_expected.not_to eq(nil) } - - ################################# - # Below are some example test cases. You may uncomment and modify them to match - # your needs. Notice that they all expect the base error class of `StandardError`. - # This is because the autogenerated function uses an untyped array for parameters - # and relies on your implementation to do the validation. As you convert your - # function to proper dispatches and typed signatures, you should change the - # expected error of the argument validation examples to `ArgumentError`. - # - # Other error types you might encounter include - # - # * StandardError - # * ArgumentError - # * Puppet::ParseError - # - # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ - # - # it 'raises an error if called with no argument' do - # is_expected.to run.with_params.and_raise_error(StandardError) - # end - # - # it 'raises an error if there is more than 1 arguments' do - # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) - # end - # - # it 'raises an error if argument is not the proper type' do - # is_expected.to run.with_params('foo').and_raise_error(StandardError) - # end - # - # it 'returns the proper output' do - # is_expected.to run.with_params(123).and_return('the expected output') - # end - ################################# + it_behaves_like 'postgresql_password function' end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index bb02c5a232..ba834774b1 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -41,3 +41,17 @@ def param(type, title, param) param_value(catalogue, type, title, param) end + +shared_examples 'postgresql_password function' do + it { is_expected.not_to eq(nil) } + + it { + is_expected.to run.with_params('foo', 'bar').and_return('md596948aad3fcae80c08a35c9b5958cd89') + } + it { + is_expected.to run.with_params('foo', 1234).and_return('md539a0e1b308278a8de5e007cd1f795920') + } + it 'raises an error if there is only 1 argument' do + is_expected.to run.with_params('foo').and_raise_error(StandardError) + end +end diff --git a/spec/unit/functions/postgresql_password_spec.rb b/spec/unit/functions/postgresql_password_spec.rb deleted file mode 100644 index 446f93fb78..0000000000 --- a/spec/unit/functions/postgresql_password_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_password', type: :puppet_function do - it { - is_expected.to run.with_params('foo', 'bar') - .and_return('md596948aad3fcae80c08a35c9b5958cd89') - } - it { - is_expected.to run.with_params('foo', 1234) - .and_return('md539a0e1b308278a8de5e007cd1f795920') - } - it { - is_expected.to run.with_params('foo') - .and_raise_error(%r{Wrong number of arguments}) - } -end From ccc440dd52655511bd0e5d392244a5b4a07a89fe Mon Sep 17 00:00:00 2001 From: Alexander Fisher Date: Wed, 15 Apr 2020 15:44:09 +0100 Subject: [PATCH 0517/1000] Finish conversion of `postgresql_acls_to_resources_hash` function In https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129 the 3 functions from this module were ported to the modern function API and namespaced. None of the boilerplate was fixed up, tests weren't updated, documentation wasn't updated etc. This commit finishes the work for the `postgresql_acls_to_resources_hash` function. The existing function documentation made it pretty clear that this function is for internal use only. As such, I've marked it `@api private` and haven't created a non-namespaced shim (like I've being doing with the other functions in this module). --- REFERENCE.md | 161 ++++++---------- .../postgresql_acls_to_resources_hash.rb | 78 ++------ .../postgresql_acls_to_resources_hash.rb | 75 -------- manifests/server/config.pp | 4 +- ..._postgresql_acls_to_resources_hash_spec.rb | 176 ++++++++++++++---- .../postgresql_acls_to_resources_hash_spec.rb | 92 --------- 6 files changed, 224 insertions(+), 362 deletions(-) delete mode 100644 lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb delete mode 100644 spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb diff --git a/REFERENCE.md b/REFERENCE.md index 41f820d532..51f053254f 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -61,14 +61,18 @@ _Private Classes_ **Functions** +_Public Functions_ + * [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. -* [`postgresql::postgresql_acls_to_resources_hash`](#postgresqlpostgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource * [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function safely escapes a string using a consistent random tag * [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password -* [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag * [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password +_Private Functions_ + +* `postgresql::postgresql_acls_to_resources_hash`: This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. + **Tasks** * [`sql`](#sql): Allows you to execute arbitary SQL @@ -1097,6 +1101,14 @@ Sets PostgreSQL version Default value: `undef` +##### `extra_systemd_config` + +Data type: `Any` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: $postgresql::params::extra_systemd_config + ##### `manage_selinux` Data type: `Boolean` @@ -1667,6 +1679,22 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: 'present' +##### `group` + +Data type: `String` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `String` + +Sets the path to psql command + +Default value: $postgresql::server::psql_path + ##### `object_arguments` Data type: `Array[String[1],0]` @@ -2181,6 +2209,38 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: 'present' +##### `psql_user` + +Data type: `Any` + +Sets the OS user to run psql + +Default value: $postgresql::server::user + +##### `psql_group` + +Data type: `Any` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `Any` + +Sets path to psql command + +Default value: $postgresql::server::psql_path + +##### `module_workdir` + +Data type: `Any` + +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: $postgresql::server::module_workdir + ### postgresql::server::schema Create a new schema. @@ -2723,69 +2783,6 @@ Data type: `String` -### postgresql::postgresql_acls_to_resources_hash - -Type: Ruby 4.x API - -This is an autogenerated function, ported from the original legacy version. -It /should work/ as is, but will not have all the benefits of the modern -function API. You should see the function docs to learn how to add function -signatures for type safety and to document this function using puppet-strings. - -https://puppet.com/docs/puppet/latest/custom_functions_ruby.html - ----- original file header ---- -postgresql_acls_to_resources_hash.rb ----- original file header ---- - - suitable for create_resources. It is not intended to be used outside of the - postgresql internal classes/defined resources. - - @return This function accepts an array of strings that are pg_hba.conf rules. It - will return a hash that can be fed into create_resources to create multiple - individual pg_hba_rule resources. - - The second parameter is an identifier that will be included in the namevar - to provide uniqueness. It must be a string. - - The third parameter is an order offset, so you can start the order at an - arbitrary starting point. - -#### `postgresql::postgresql_acls_to_resources_hash(Any *$args)` - -This is an autogenerated function, ported from the original legacy version. -It /should work/ as is, but will not have all the benefits of the modern -function API. You should see the function docs to learn how to add function -signatures for type safety and to document this function using puppet-strings. - -https://puppet.com/docs/puppet/latest/custom_functions_ruby.html - ----- original file header ---- -postgresql_acls_to_resources_hash.rb ----- original file header ---- - - suitable for create_resources. It is not intended to be used outside of the - postgresql internal classes/defined resources. - - @return This function accepts an array of strings that are pg_hba.conf rules. It - will return a hash that can be fed into create_resources to create multiple - individual pg_hba_rule resources. - - The second parameter is an identifier that will be included in the namevar - to provide uniqueness. It must be a string. - - The third parameter is an order offset, so you can start the order at an - arbitrary starting point. - -Returns: `Data type` Describe what the function returns here - -##### `*args` - -Data type: `Any` - -The original array of arguments. Port this to individually managed params -to get the full benefit of the modern function API. - ### postgresql::postgresql_escape Type: Ruby 4.x API @@ -2836,40 +2833,6 @@ Data type: `Any` The original array of arguments. Port this to individually managed params to get the full benefit of the modern function API. -### postgresql_acls_to_resources_hash - -Type: Ruby 3.x API - -This internal function translates the ipv(4|6)acls format into a resource -suitable for create_resources. It is not intended to be used outside of the -postgresql internal classes/defined resources. - -will return a hash that can be fed into create_resources to create multiple -individual pg_hba_rule resources. - -The second parameter is an identifier that will be included in the namevar -to provide uniqueness. It must be a string. - -The third parameter is an order offset, so you can start the order at an -arbitrary starting point. - -#### `postgresql_acls_to_resources_hash()` - -This internal function translates the ipv(4|6)acls format into a resource -suitable for create_resources. It is not intended to be used outside of the -postgresql internal classes/defined resources. - -will return a hash that can be fed into create_resources to create multiple -individual pg_hba_rule resources. - -The second parameter is an identifier that will be included in the namevar -to provide uniqueness. It must be a string. - -The third parameter is an order offset, so you can start the order at an -arbitrary starting point. - -Returns: `Any` This function accepts an array of strings that are pg_hba.conf rules. It - ### postgresql_escape Type: Ruby 3.x API diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 3a6f15e309..9625454f86 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -1,64 +1,22 @@ -# This is an autogenerated function, ported from the original legacy version. -# It /should work/ as is, but will not have all the benefits of the modern -# function API. You should see the function docs to learn how to add function -# signatures for type safety and to document this function using puppet-strings. -# -# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html -# -# ---- original file header ---- -# postgresql_acls_to_resources_hash.rb -# ---- original file header ---- -# -# @summary -# This internal function translates the ipv(4|6)acls format into a resource -# suitable for create_resources. It is not intended to be used outside of the -# postgresql internal classes/defined resources. -# -# @return This function accepts an array of strings that are pg_hba.conf rules. It -# will return a hash that can be fed into create_resources to create multiple -# individual pg_hba_rule resources. -# -# The second parameter is an identifier that will be included in the namevar -# to provide uniqueness. It must be a string. -# -# The third parameter is an order offset, so you can start the order at an -# arbitrary starting point. -# -# +# @summary This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. +# @api private Puppet::Functions.create_function(:'postgresql::postgresql_acls_to_resources_hash') do - # @param args - # The original array of arguments. Port this to individually managed params - # to get the full benefit of the modern function API. - # - # @return [Data type] - # Describe what the function returns here + # @param acls + # An array of strings that are pg_hba.conf rules. + # @param id + # An identifier that will be included in the namevar to provide uniqueness. + # @param offset + # An order offset, so you can start the order at an arbitrary starting point. # + # @return [Hash] + # A hash that can be fed into create_resources to create multiple individual pg_hba_rule resources. dispatch :default_impl do - # Call the method named 'default_impl' when this is matched - # Port this to match individual params for better type safety - repeated_param 'Any', :args + param 'Array[String]', :acls + param 'String[1]', :id + param 'Integer[0]', :offset end - def default_impl(*args) - func_name = 'postgresql_acls_to_resources_hash()' - - if args.size != 3 - raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " \ - "given (#{args.size} for 3)") - end - - acls = args[0] - raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ - unless acls.instance_of? Array - - id = args[1] - raise(Puppet::ParseError, "#{func_name}: second argument must be a string") \ - unless id.instance_of? String - - offset = args[2].to_i - raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ - unless offset.is_a? Integer - + def default_impl(acls, id, offset) resources = {} acls.each do |acl| index = acls.index(acl) @@ -66,15 +24,15 @@ def default_impl(*args) parts = acl.split unless parts.length >= 4 - raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " \ + raise(Puppet::ParseError, "postgresql::postgresql_acls_to_resources_hash(): acl line #{index} does not " \ 'have enough parts') end resource = { - 'type' => parts[0], + 'type' => parts[0], 'database' => parts[1], - 'user' => parts[2], - 'order' => format('%03d', offset + index), # rubocop:disable Style/FormatString + 'user' => parts[2], + 'order' => '%03d' % (offset + index), } if parts[0] == 'local' resource['auth_method'] = parts[3] diff --git a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb b/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb deleted file mode 100644 index 86a2d6005a..0000000000 --- a/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb +++ /dev/null @@ -1,75 +0,0 @@ -# postgresql_acls_to_resources_hash.rb -module Puppet::Parser::Functions - newfunction(:postgresql_acls_to_resources_hash, type: :rvalue, doc: <<-EOS - This internal function translates the ipv(4|6)acls format into a resource - suitable for create_resources. It is not intended to be used outside of the - postgresql internal classes/defined resources. - - @return This function accepts an array of strings that are pg_hba.conf rules. It - will return a hash that can be fed into create_resources to create multiple - individual pg_hba_rule resources. - - The second parameter is an identifier that will be included in the namevar - to provide uniqueness. It must be a string. - - The third parameter is an order offset, so you can start the order at an - arbitrary starting point. - EOS - ) do |args| - func_name = 'postgresql_acls_to_resources_hash()' - - if args.size != 3 - raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " \ - "given (#{args.size} for 3)") - end - - acls = args[0] - raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ - unless acls.instance_of? Array - - id = args[1] - raise(Puppet::ParseError, "#{func_name}: second argument must be a string") \ - unless id.instance_of? String - - offset = args[2].to_i - raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ - unless offset.is_a? Integer - - resources = {} - acls.each do |acl| - index = acls.index(acl) - - parts = acl.split - - unless parts.length >= 4 - raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " \ - 'have enough parts') - end - - resource = { - 'type' => parts[0], - 'database' => parts[1], - 'user' => parts[2], - 'order' => format('%03d', offset + index), # rubocop:disable Style/FormatString - } - if parts[0] == 'local' - resource['auth_method'] = parts[3] - if parts.length > 4 - resource['auth_option'] = parts.last(parts.length - 4).join(' ') - end - elsif parts[4] =~ %r{^\d} - resource['address'] = parts[3] + ' ' + parts[4] - resource['auth_method'] = parts[5] - - resource['auth_option'] = parts.last(parts.length - 6).join(' ') if parts.length > 6 - else - resource['address'] = parts[3] - resource['auth_method'] = parts[4] - - resource['auth_option'] = parts.last(parts.length - 5).join(' ') if parts.length > 5 - end - resources["postgresql class generated rule #{id} #{index}"] = resource - end - resources - end -end diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 6af92c07a7..44a2ee7c52 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -90,14 +90,14 @@ # ipv4acls are passed as an array of rule strings, here we transform # them into a resources hash, and pass the result to create_resources - $ipv4acl_resources = postgresql_acls_to_resources_hash($ipv4acls, + $ipv4acl_resources = postgresql::postgresql_acls_to_resources_hash($ipv4acls, 'ipv4acls', 10) create_resources('postgresql::server::pg_hba_rule', $ipv4acl_resources) # ipv6acls are passed as an array of rule strings, here we transform # them into a resources hash, and pass the result to create_resources - $ipv6acl_resources = postgresql_acls_to_resources_hash($ipv6acls, + $ipv6acl_resources = postgresql::postgresql_acls_to_resources_hash($ipv6acls, 'ipv6acls', 102) create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources) } diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 2df689df18..21a1ee1842 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -1,40 +1,148 @@ require 'spec_helper' describe 'postgresql::postgresql_acls_to_resources_hash' do - # without knowing details about the implementation, this is the only test - # case that we can autogenerate. You should add more examples below! it { is_expected.not_to eq(nil) } + context 'individual transform tests' do + it do + input = 'local all postgres ident' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'postgres', + 'auth_method' => 'ident', + 'order' => '100', + }, + } + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end - ################################# - # Below are some example test cases. You may uncomment and modify them to match - # your needs. Notice that they all expect the base error class of `StandardError`. - # This is because the autogenerated function uses an untyped array for parameters - # and relies on your implementation to do the validation. As you convert your - # function to proper dispatches and typed signatures, you should change the - # expected error of the argument validation examples to `ArgumentError`. - # - # Other error types you might encounter include - # - # * StandardError - # * ArgumentError - # * Puppet::ParseError - # - # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ - # - # it 'raises an error if called with no argument' do - # is_expected.to run.with_params.and_raise_error(StandardError) - # end - # - # it 'raises an error if there is more than 1 arguments' do - # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) - # end - # - # it 'raises an error if argument is not the proper type' do - # is_expected.to run.with_params('foo').and_raise_error(StandardError) - # end - # - # it 'returns the proper output' do - # is_expected.to run.with_params(123).and_return('the expected output') - # end - ################################# + it do + input = 'local all root ident' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'root', + 'auth_method' => 'ident', + 'order' => '100', + }, + } + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + + it do + input_array = ['local all all ident'] + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'all', + 'auth_method' => 'ident', + 'order' => '100', + }, + } + is_expected.to run.with_params(input_array, 'test', 100).and_return(result) + end + + it do + input = 'host all all 127.0.0.1/32 md5' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '127.0.0.1/32', + 'auth_method' => 'md5', + 'order' => '100', + }, + } + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + + it do + input = 'host all all 0.0.0.0/0 md5' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '0.0.0.0/0', + 'auth_method' => 'md5', + 'order' => '100', + }, + } + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + + it do + input = 'host all all ::1/128 md5' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '::1/128', + 'auth_method' => 'md5', + 'order' => '100', + }, + } + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + + it do + input = 'host all all 1.1.1.1 255.255.255.0 md5' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '1.1.1.1 255.255.255.0', + 'auth_method' => 'md5', + 'order' => '100', + }, + } + + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + + it do + input = 'host all all 1.1.1.1 255.255.255.0 ldap ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"' + result = { + 'postgresql class generated rule test 0' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '1.1.1.1 255.255.255.0', + 'auth_method' => 'ldap', + 'auth_option' => 'ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"', + 'order' => '100', + }, + } + + is_expected.to run.with_params([input], 'test', 100).and_return(result) + end + end + + context 'error catching tests' do + it do + is_expected.to run.with_params(['test'], 'test').and_raise_error(%r{expects 3 arguments, got 2}) + end + + it do + is_expected.to run.with_params('test', 'test', 100).and_raise_error(%r{parameter 'acls' expects an Array value, got String}) + end + + it do + is_expected.to run.with_params(['test'], 100, 'test').and_raise_error(%r{parameter 'id' expects a String value, got Integer}) + end + + it do + is_expected.to run.with_params(['test'], 'test', 1).and_raise_error(%r{does not have enough parts}) + end + end + + it 'returns an empty hash when input is empty array' do + is_expected.to run.with_params([], 'test', 100).and_return({}) + end end diff --git a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb b/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb deleted file mode 100644 index b38b244918..0000000000 --- a/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_acls_to_resources_hash', type: :puppet_function do - context 'individual transform tests' do - it do - input = 'local all postgres ident' - result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'postgres', - 'auth_method' => 'ident', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'local all root ident' - result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'root', - 'auth_method' => 'ident', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input_array = ['local all all ident'] - result = { 'postgresql class generated rule test 0' => { 'type' => 'local', 'database' => 'all', 'user' => 'all', - 'auth_method' => 'ident', 'order' => '100' } } - - is_expected.to run.with_params(input_array, 'test', 100).and_return(result) - end - - it do - input = 'host all all 127.0.0.1/32 md5' - result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '127.0.0.1/32', - 'auth_method' => 'md5', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 0.0.0.0/0 md5' - result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '0.0.0.0/0', - 'auth_method' => 'md5', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all ::1/128 md5' - result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '::1/128', - 'auth_method' => 'md5', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 1.1.1.1 255.255.255.0 md5' - result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '1.1.1.1 255.255.255.0', - 'auth_method' => 'md5', 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 1.1.1.1 255.255.255.0 ldap ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"' - result = { 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', 'user' => 'all', 'address' => '1.1.1.1 255.255.255.0', - 'auth_method' => 'ldap', 'auth_option' => 'ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"', - 'order' => '100' } } - - is_expected.to run.with_params([input], 'test', 100).and_return(result) - end - end - - context 'error catching tests' do - it do - is_expected.to run.with_params(['test'], 'test').and_raise_error(%r{Wrong number of arguments}) - end - - it do - is_expected.to run.with_params('test', 'test', 100).and_raise_error(%r{first argument must be an array}) - end - - it do - is_expected.to run.with_params(['test'], 100, 'test').and_raise_error(%r{second argument must be a string}) - end - - it do - is_expected.to run.with_params(['test'], 'test', 1).and_raise_error(%r{does not have enough parts}) - end - end - - it 'returns an empty hash when input is empty array' do - is_expected.to run.with_params([], 'test', 100).and_return({}) - end -end From face6c32d7427d57e38310b62b2bff0faf7b5c51 Mon Sep 17 00:00:00 2001 From: Alexander Fisher Date: Wed, 15 Apr 2020 18:37:53 +0100 Subject: [PATCH 0518/1000] Replace `create_resources` for acls with iteration --- REFERENCE.md | 4 ++-- manifests/server.pp | 4 ++-- manifests/server/config.pp | 22 ++++++++++------------ 3 files changed, 14 insertions(+), 16 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 51f053254f..5544a5f329 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -846,7 +846,7 @@ Default value: $postgresql::params::ip_mask_allow_all_users ##### `ipv4acls` -Data type: `Any` +Data type: `Array[String[1]]` Lists strings for access control for connection method, users, databases, IPv4 addresses; @@ -854,7 +854,7 @@ Default value: $postgresql::params::ipv4acls ##### `ipv6acls` -Data type: `Any` +Data type: `Array[String[1]]` Lists strings for access control for connection method, users, databases, IPv6 addresses. diff --git a/manifests/server.pp b/manifests/server.pp index 5b65a2f224..b28345362c 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -100,8 +100,8 @@ $port = $postgresql::params::port, $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, - $ipv4acls = $postgresql::params::ipv4acls, - $ipv6acls = $postgresql::params::ipv6acls, + Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, $initdb_path = $postgresql::params::initdb_path, $createdb_path = $postgresql::params::createdb_path, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 44a2ee7c52..93bc9b9396 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -88,18 +88,16 @@ } } - # ipv4acls are passed as an array of rule strings, here we transform - # them into a resources hash, and pass the result to create_resources - $ipv4acl_resources = postgresql::postgresql_acls_to_resources_hash($ipv4acls, - 'ipv4acls', 10) - create_resources('postgresql::server::pg_hba_rule', $ipv4acl_resources) - - - # ipv6acls are passed as an array of rule strings, here we transform - # them into a resources hash, and pass the result to create_resources - $ipv6acl_resources = postgresql::postgresql_acls_to_resources_hash($ipv6acls, - 'ipv6acls', 102) - create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources) + # $ipv4acls and $ipv6acls are arrays of rule strings + # They are converted into hashes we can iterate over to create postgresql::server::pg_hba_rule resources. + ( + postgresql::postgresql_acls_to_resources_hash($ipv4acls, 'ipv4acls', 10) + + postgresql::postgresql_acls_to_resources_hash($ipv6acls, 'ipv6acls', 102) + ).each | String $key, Hash $attrs| { + postgresql::server::pg_hba_rule { $key: + * => $attrs, + } + } } if $listen_addresses { From c3c576ea8013467a43e89838f73486bd1b5407e7 Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Mon, 20 Apr 2020 08:31:00 +0200 Subject: [PATCH 0519/1000] Add tests for custom port in extension --- spec/unit/defines/server/extension_spec.rb | 77 ++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index ece6206292..f993c0a48c 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -178,9 +178,86 @@ end context 'without including postgresql::server' do + + let :pre_condition do + "class {'postgresql::server':}" + end + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with(db: 'postgres', command: 'CREATE EXTENSION "pg_repack"') } end + + context 'default port' do + let :params do + { + database: 'postgres', + extension: 'pg_repack', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_port('5432') } + end + + context 'port overriden by explicit parameter' do + let :params do + { + database: 'postgres', + extension: 'pg_repack', + port: 1234, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_port('1234') } + end + + context 'with specific db connection settings' do + let :params do + { + database: 'postgres', + extension: 'pg_repack', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(nil) } + end + + context 'with specific db connection settings - port overriden by explicit parameter' do + let :params do + { + database: 'postgres', + extension: 'pg_repack', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234' }, + port: 5678, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('5678') } + end end From 1af23048043e0000d26d6b2669fa9b9ca228aeae Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Wed, 8 Apr 2020 15:38:07 +0200 Subject: [PATCH 0520/1000] Add port parameter for extension --- manifests/server/extension.pp | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 25626fd0ae..71b11d869b 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -9,10 +9,11 @@ # version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' # eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. # version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. -# +# # @param ensure Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. # @param package_name Specifies a package to install prior to activating the extension. # @param package_ensure Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. +# @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. define postgresql::server::extension ( @@ -23,6 +24,7 @@ String[1] $ensure = 'present', $package_name = undef, $package_ensure = undef, + Optional[Integer] $port = undef, $connect_settings = postgresql::default('default_connect_settings'), $database_resource_name = $database, ) { @@ -33,7 +35,7 @@ case $ensure { 'present': { $command = "CREATE EXTENSION \"${extension}\"" - $unless_mod = '' + $unless_mod = undef $package_require = [] $package_before = Postgresql_psql["${database}: ${command}"] } @@ -57,6 +59,17 @@ } } + # + # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port + # + if $port != undef { + $port_override = $port + } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port_override = undef + } else { + $port_override = $postgresql::server::port + } + postgresql_psql { "${database}: ${command}": psql_user => $user, @@ -65,6 +78,7 @@ connect_settings => $connect_settings, db => $database, + port => $port_override, command => $command, unless => "SELECT 1 WHERE ${unless_mod}EXISTS (SELECT 1 FROM pg_extension WHERE extname = '${extension}')", } @@ -90,6 +104,7 @@ psql_path => $psql_path, connect_settings => $connect_settings, db => $database, + port => $port_override, require => Postgresql_psql["${database}: ${command}"], } @@ -119,6 +134,7 @@ } postgresql_psql { "${database}: ${alter_extension_sql}": db => $database, + port => $port_override, psql_user => $user, psql_group => $group, psql_path => $psql_path, From c1ca98fe63db097c86fc3b7155006c972140410a Mon Sep 17 00:00:00 2001 From: Julien Acroute Date: Tue, 21 Apr 2020 09:53:10 +0200 Subject: [PATCH 0521/1000] Fix linting --- spec/unit/defines/server/extension_spec.rb | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index f993c0a48c..14fe09500e 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -178,7 +178,6 @@ end context 'without including postgresql::server' do - let :pre_condition do "class {'postgresql::server':}" end @@ -238,7 +237,11 @@ end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(nil) } + it { + is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') + .with_port(nil) + } end context 'with specific db connection settings - port overriden by explicit parameter' do @@ -258,6 +261,10 @@ end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('5678') } + it { + is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') + .with_port('5678') + } end end From 788aad69c0a735464c546914dc0f54b355532de8 Mon Sep 17 00:00:00 2001 From: Alexander Fisher Date: Tue, 14 Apr 2020 14:26:47 +0100 Subject: [PATCH 0522/1000] Finish conversion of `postgresql_escape` function In https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129 the 3 functions from this module were ported to the modern function API and namespaced. None of the boilerplate was fixed up, tests weren't updated, documentation wasn't updated etc. This commit finishes the work for the `postgresql_escape` function. * Remove old API puppet/parser/functions version. * Create a replacement non-namespaced, (but deprecated), new API shim that calls the namespaced version. This function is *probably* not being used outside of this module, but it doesn't hurt to get the old version around for now. * Replace argument validation in the function code with data-type based validation for the individual function parameters. * Refactor function for increased readability. * Test both shim and namespaced version of the function. * Update `postgresql::server` to use namespaced version. * Update REFERENCE.md --- REFERENCE.md | 41 +++++++------ .../functions/postgresql/postgresql_escape.rb | 58 ++++++------------- lib/puppet/functions/postgresql_escape.rb | 10 ++++ .../parser/functions/postgresql_escape.rb | 29 ---------- manifests/server/passwd.pp | 4 +- spec/functions/postgresql_escape_spec.rb | 5 ++ .../postgresql_postgresql_escape_spec.rb | 37 +----------- spec/spec_helper_local.rb | 20 +++++++ spec/unit/functions/postgresql_escape_spec.rb | 27 --------- 9 files changed, 76 insertions(+), 155 deletions(-) create mode 100644 lib/puppet/functions/postgresql_escape.rb delete mode 100644 lib/puppet/parser/functions/postgresql_escape.rb create mode 100644 spec/functions/postgresql_escape_spec.rb delete mode 100644 spec/unit/functions/postgresql_escape_spec.rb diff --git a/REFERENCE.md b/REFERENCE.md index 428f5fa9a3..b03fc8aca3 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -64,9 +64,9 @@ _Private Classes_ _Public Functions_ * [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. -* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function safely escapes a string using a consistent random tag +* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. * [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password -* [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag +* [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. _Private Functions_ @@ -2787,26 +2787,19 @@ Data type: `String` Type: Ruby 4.x API -postgresql_escape.rb ----- original file header ---- +This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. - @return Safely escapes a string using $$ using a random tag which should be consistent +#### `postgresql::postgresql_escape(String[1] $input_string)` -#### `postgresql::postgresql_escape(Any *$args)` +The postgresql::postgresql_escape function. -postgresql_escape.rb ----- original file header ---- +Returns: `String` A `Dollar Quoted` string - @return Safely escapes a string using $$ using a random tag which should be consistent +##### `input_string` -Returns: `Data type` Describe what the function returns here - -##### `*args` - -Data type: `Any` +Data type: `String[1]` -The original array of arguments. Port this to individually managed params -to get the full benefit of the modern function API. +The unescaped string you want to escape using `dollar quoting` ### postgresql::postgresql_password @@ -2834,15 +2827,21 @@ The clear text `password` ### postgresql_escape -Type: Ruby 3.x API +Type: Ruby 4.x API + +DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. -This function safely escapes a string using a consistent random tag +#### `postgresql_escape(Any *$args)` -#### `postgresql_escape()` +The postgresql_escape function. + +Returns: `Any` + +##### `*args` + +Data type: `Any` -This function safely escapes a string using a consistent random tag -Returns: `Any` Safely escapes a string using $$ using a random tag which should be consistent ### postgresql_password diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb index 1555af0783..223ad7018f 100644 --- a/lib/puppet/functions/postgresql/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -1,52 +1,30 @@ -# This is an autogenerated function, ported from the original legacy version. -# It /should work/ as is, but will not have all the benefits of the modern -# function API. You should see the function docs to learn how to add function -# signatures for type safety and to document this function using puppet-strings. -# -# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html -# -# ---- original file header ---- require 'digest/md5' -# postgresql_escape.rb -# ---- original file header ---- -# -# @summary -# This function safely escapes a string using a consistent random tag -# @return Safely escapes a string using $$ using a random tag which should be consistent -# -# +# @summary This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. Puppet::Functions.create_function(:'postgresql::postgresql_escape') do - # @param args - # The original array of arguments. Port this to individually managed params - # to get the full benefit of the modern function API. - # - # @return [Data type] - # Describe what the function returns here + # @param input_string + # The unescaped string you want to escape using `dollar quoting` # + # @return [String] + # A `Dollar Quoted` string dispatch :default_impl do - # Call the method named 'default_impl' when this is matched - # Port this to match individual params for better type safety - repeated_param 'Any', :args + param 'String[1]', :input_string end - def default_impl(*args) - if args.size != 1 - raise(Puppet::ParseError, 'postgresql_escape(): Wrong number of arguments ' \ - "given (#{args.size} for 1)") + def default_impl(input_string) + # Where allowed, just return the original string wrapped in `$$` + return "$$#{input_string}$$" unless tag_needed?(input_string) + + # Keep generating possible values for tag until we find one that doesn't appear in the input string + tag = Digest::MD5.hexdigest(input_string)[0..5].gsub(%r{\d}, '') + until input_string !~ %r{#{tag}} + tag = Digest::MD5.hexdigest(tag)[0..5].gsub(%r{\d}, '') end - password = args[0] + "$#{tag}$#{input_string}$#{tag}$" + end - if password !~ %r{\$\$} && password[-1] != '$' - retval = "$$#{password}$$" - else - escape = Digest::MD5.hexdigest(password)[0..5].gsub(%r{\d}, '') - until password !~ %r{#{escape}} - escape = Digest::MD5.hexdigest(escape)[0..5].gsub(%r{\d}, '') - end - retval = "$#{escape}$#{password}$#{escape}$" - end - retval + def tag_needed?(input_string) + input_string =~ %r{\$\$} || input_string.end_with?('$') end end diff --git a/lib/puppet/functions/postgresql_escape.rb b/lib/puppet/functions/postgresql_escape.rb new file mode 100644 index 0000000000..1e366d2d06 --- /dev/null +++ b/lib/puppet/functions/postgresql_escape.rb @@ -0,0 +1,10 @@ +# @summary DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. +Puppet::Functions.create_function(:postgresql_escape) do + dispatch :deprecation_gen do + repeated_param 'Any', :args + end + def deprecation_gen(*args) + call_function('deprecation', 'postgresql_escape', 'This method is deprecated, please use postgresql::postgresql_escape instead.') + call_function('postgresql::postgresql_escape', *args) + end +end diff --git a/lib/puppet/parser/functions/postgresql_escape.rb b/lib/puppet/parser/functions/postgresql_escape.rb deleted file mode 100644 index f7e6f33add..0000000000 --- a/lib/puppet/parser/functions/postgresql_escape.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'digest/md5' - -# postgresql_escape.rb -module Puppet::Parser::Functions - newfunction(:postgresql_escape, type: :rvalue, doc: <<-EOS - This function safely escapes a string using a consistent random tag - @return Safely escapes a string using $$ using a random tag which should be consistent - EOS - ) do |args| - - if args.size != 1 - raise(Puppet::ParseError, 'postgresql_escape(): Wrong number of arguments ' \ - "given (#{args.size} for 1)") - end - - password = args[0] - - if password !~ %r{\$\$} && password[-1] != '$' - retval = "$$#{password}$$" - else - escape = Digest::MD5.hexdigest(password)[0..5].gsub(%r{\d}, '') - until password !~ %r{#{escape}} - escape = Digest::MD5.hexdigest(escape)[0..5].gsub(%r{\d}, '') - end - retval = "$#{escape}$#{password}$#{escape}$" - end - retval - end -end diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index a9477fd0f3..a2f52ba18b 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -15,12 +15,12 @@ default => '' } - if ($postgres_password != undef) { + if $postgres_password { # NOTE: this password-setting logic relies on the pg_hba.conf being # configured to allow the postgres system user to connect via psql # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. - $escaped = postgresql_escape($postgres_password) + $escaped = postgresql::postgresql_escape($postgres_password) exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user diff --git a/spec/functions/postgresql_escape_spec.rb b/spec/functions/postgresql_escape_spec.rb new file mode 100644 index 0000000000..a00f05eecd --- /dev/null +++ b/spec/functions/postgresql_escape_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe 'postgresql_escape' do + it_behaves_like 'postgresql_escape function' +end diff --git a/spec/functions/postgresql_postgresql_escape_spec.rb b/spec/functions/postgresql_postgresql_escape_spec.rb index 947ee72423..329ae8521a 100644 --- a/spec/functions/postgresql_postgresql_escape_spec.rb +++ b/spec/functions/postgresql_postgresql_escape_spec.rb @@ -1,40 +1,5 @@ require 'spec_helper' describe 'postgresql::postgresql_escape' do - # without knowing details about the implementation, this is the only test - # case that we can autogenerate. You should add more examples below! - it { is_expected.not_to eq(nil) } - - ################################# - # Below are some example test cases. You may uncomment and modify them to match - # your needs. Notice that they all expect the base error class of `StandardError`. - # This is because the autogenerated function uses an untyped array for parameters - # and relies on your implementation to do the validation. As you convert your - # function to proper dispatches and typed signatures, you should change the - # expected error of the argument validation examples to `ArgumentError`. - # - # Other error types you might encounter include - # - # * StandardError - # * ArgumentError - # * Puppet::ParseError - # - # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ - # - # it 'raises an error if called with no argument' do - # is_expected.to run.with_params.and_raise_error(StandardError) - # end - # - # it 'raises an error if there is more than 1 arguments' do - # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) - # end - # - # it 'raises an error if argument is not the proper type' do - # is_expected.to run.with_params('foo').and_raise_error(StandardError) - # end - # - # it 'returns the proper output' do - # is_expected.to run.with_params(123).and_return('the expected output') - # end - ################################# + it_behaves_like 'postgresql_escape function' end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index ba834774b1..a5ed86af90 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -55,3 +55,23 @@ def param(type, title, param) is_expected.to run.with_params('foo').and_raise_error(StandardError) end end + +shared_examples 'postgresql_escape function' do + it { is_expected.not_to eq(nil) } + it { + is_expected.to run.with_params('foo') + .and_return('$$foo$$') + } + it { + is_expected.to run.with_params('fo$$o') + .and_return('$ed$fo$$o$ed$') + } + it { + is_expected.to run.with_params('foo$') + .and_return('$a$foo$$a$') + } + it 'raises an error if there is more than 1 argument' do + is_expected.to run.with_params(['foo'], ['foo']) + .and_raise_error(StandardError) + end +end diff --git a/spec/unit/functions/postgresql_escape_spec.rb b/spec/unit/functions/postgresql_escape_spec.rb deleted file mode 100644 index b512c0cda9..0000000000 --- a/spec/unit/functions/postgresql_escape_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require 'spec_helper' -describe 'postgresql_escape' do - describe 'postgresql_escape', type: :puppet_function do - it { - is_expected.to run.with_params('foo') - .and_return('$$foo$$') - } - end - describe 'postgresql_escape', type: :puppet_function do - it { - is_expected.to run.with_params('fo$$o') - .and_return('$ed$fo$$o$ed$') - } - end - describe 'postgresql_escape', type: :puppet_function do - it { - is_expected.to run.with_params('foo$') - .and_return('$a$foo$$a$') - } - end - describe 'postgresql_escape', type: :puppet_function do - it { - is_expected.to run.with_params(['foo'], ['foo']) - .and_raise_error(%r{Wrong number of arguments}) - } - end -end From ed3b3e3fc87e5d524e337df9f637a9db90624da6 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 27 Apr 2020 14:26:53 +0300 Subject: [PATCH 0523/1000] Add net-ssh dependency gems to development group --- Gemfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Gemfile b/Gemfile index 4f6e33b02d..adbbe6d0a4 100644 --- a/Gemfile +++ b/Gemfile @@ -29,6 +29,8 @@ group :development do gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') + gem 'ed25519', '>= 1.2', '< 2.0' + gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0' end puppet_version = ENV['PUPPET_GEM_VERSION'] From d12b64c9e3dad98ba6447f34437be59c2139bd21 Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Tue, 28 Apr 2020 22:55:23 -0700 Subject: [PATCH 0524/1000] the deprecation message should be in docs, not just runtime --- manifests/server.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server.pp b/manifests/server.pp index b28345362c..480a8718b0 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -73,7 +73,7 @@ # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. # -# @param version Sets PostgreSQL version +# @param version Deprecated. Use postgresql::globals instead. Sets PostgreSQL version # # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # From e4bac1cbf6b1864a501e55619d95b3ba92aab2c9 Mon Sep 17 00:00:00 2001 From: Ben Ford Date: Tue, 28 Apr 2020 22:02:21 -0700 Subject: [PATCH 0525/1000] Service ensure => true is an allowed value (aliased to running) Add unit test to cover service_ensure => true --- manifests/server/service.pp | 2 +- spec/unit/classes/server_spec.rb | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index fa264a02e8..095970c04c 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -25,7 +25,7 @@ status => $service_status, } - if $service_ensure == 'running' { + if $service_ensure in ['running', true] { # This blocks the class before continuing if chained correctly, making # sure the service really is 'up' before continuing. # diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 556d8e69e6..9cef244061 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -57,6 +57,28 @@ end end + describe 'service_ensure => true' do + let(:params) do + { + service_ensure: true, + postgres_password: 'new-p@s$word-to-set', + } + end + + it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_class('postgresql::server::passwd') } + it 'validates connection' do + is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + end + it 'sets postgres password' do + is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") + end + end + describe 'service_ensure => stopped' do let(:params) { { service_ensure: 'stopped' } } From 9d0b9ee20431d2d808617ed86550c5865e17218b Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 12 May 2020 15:39:48 +0100 Subject: [PATCH 0526/1000] (maint) - Pdk Update --- .rubocop.yml | 4 ++++ .vscode/extensions.json | 2 +- Gemfile | 2 -- metadata.json | 2 +- spec/spec_helper.rb | 1 + 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index bab25db536..5307849e37 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -40,6 +40,10 @@ Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. EnforcedStyle: braces_for_chaining +Style/BracesAroundHashParameters: + Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0. + See https://github.com/rubocop-hq/rubocop/pull/7643 + Enabled: true Style/ClassAndModuleChildren: Description: Compact style reduces the required amount of indentation. EnforcedStyle: compact diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 6177782746..2f1e4f73a5 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,6 +1,6 @@ { "recommendations": [ - "jpogran.puppet-vscode", + "puppet.puppet-vscode", "rebornix.Ruby" ] } diff --git a/Gemfile b/Gemfile index adbbe6d0a4..4f6e33b02d 100644 --- a/Gemfile +++ b/Gemfile @@ -29,8 +29,6 @@ group :development do gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') - gem 'ed25519', '>= 1.2', '< 2.0' - gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0' end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 52def0bf18..3a9986f1eb 100644 --- a/metadata.json +++ b/metadata.json @@ -88,5 +88,5 @@ ], "pdk-version": "1.17.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "1.17.0-0-gd3a4319" + "template-ref": "heads/master-0-g095317c" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index bc023f51af..16764b6ff1 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -42,6 +42,7 @@ # set to strictest setting for testing # by default Puppet runs at warning level Puppet.settings[:strict] = :warning + Puppet.settings[:strict_variables] = true end c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] c.after(:suite) do From 4a1a0c26ab30625c2760cc4766c94ca01e1ce85b Mon Sep 17 00:00:00 2001 From: david22swan Date: Wed, 13 May 2020 11:09:23 +0100 Subject: [PATCH 0527/1000] (maint) - add back gems removed by pdk update --- Gemfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Gemfile b/Gemfile index 4f6e33b02d..adbbe6d0a4 100644 --- a/Gemfile +++ b/Gemfile @@ -29,6 +29,8 @@ group :development do gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') + gem 'ed25519', '>= 1.2', '< 2.0' + gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0' end puppet_version = ENV['PUPPET_GEM_VERSION'] From 88adfd7cbc9f12e8dace27c11883d22f96b06967 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Wed, 13 May 2020 11:53:07 +0000 Subject: [PATCH 0528/1000] Release version 6.5.0 --- CHANGELOG.md | 18 ++++++++++++++++++ REFERENCE.md | 2 +- metadata.json | 2 +- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d24dd28937..006e184e65 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,24 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) (2020-05-13) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.4.0...v6.5.0) + +### Added + +- service\_ensure =\> true is now an allowed value \(aliased to running\) [\#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) +- Finish conversion of `postgresql\_acls\_to\_resources\_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql\_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql\_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) +- Allow usage of grant and role when not managing postgresql::server [\#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) +- Add version configs for SLES 12 SP 3 to 5 [\#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) +- Add extra parameter "extra\_systemd\_config" [\#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) + +### Fixed + +- \(MODULES-10610\) Use correct lower bound for concat version [\#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) + ## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) (2020-03-17) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.3.0...v6.4.0) diff --git a/REFERENCE.md b/REFERENCE.md index b03fc8aca3..e8e137b5f1 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1097,7 +1097,7 @@ Default value: {} Data type: `Any` -Sets PostgreSQL version +Deprecated. Use postgresql::globals instead. Sets PostgreSQL version Default value: `undef` diff --git a/metadata.json b/metadata.json index 52def0bf18..97ef244ad3 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.4.0", + "version": "6.5.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 6750b82b95cda7f9492f3aa78ecb394ead41f9df Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 18 May 2020 09:55:48 +0300 Subject: [PATCH 0529/1000] Change provision from vmpooler to abs --- provision.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provision.yaml b/provision.yaml index 237371822c..46258c750b 100644 --- a/provision.yaml +++ b/provision.yaml @@ -18,5 +18,5 @@ travis_el7: provisioner: docker images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] release_checks: - provisioner: vmpooler + provisioner: abs images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From d546816bd36c5172ded5390e8d6be2c5e45927a3 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 18 May 2020 10:02:05 +0300 Subject: [PATCH 0530/1000] Switch to default spec_helper_acceptance file --- spec/spec_helper_acceptance.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 7de7381250..4ac8d7e0f6 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,6 +1,5 @@ # frozen_string_literal: true -require 'serverspec' require 'puppet_litmus' require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) From f9d36fb4dffdc216057beef25ffc020ce1897f75 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 20 May 2020 11:52:07 +0100 Subject: [PATCH 0531/1000] (IAC-746) - Add ubuntu 20.04 support --- .github/workflows/release.yml | 25 ++++++++++++++++++++++--- .github/workflows/weekly.yml | 25 ++++++++++++++++++++++--- .sync.yml | 20 +++++++++++++++----- .travis.yml | 28 ++++++++++++++-------------- metadata.json | 5 +++-- provision.yaml | 10 ++++++++-- 6 files changed, 84 insertions(+), 29 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0311717bb3..064443f2f9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: - 'release' jobs: - LitmusAcceptance: + LitmusAcceptancePuppet5: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests @@ -15,8 +15,27 @@ jobs: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] - platform: [release_checks] - agent_family: ['puppet5', 'puppet6'] + platform: [release_checks_5] + agent_family: ['puppet5'] + + steps: + - uses: actions/checkout@v1 + - name: Litmus Parallel + uses: puppetlabs/action-litmus_parallel@master + with: + platform: ${{ matrix.platform }} + agent_family: ${{ matrix.agent_family }} + LitmusAcceptancePuppet6: + env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + runs-on: self-hosted + strategy: + matrix: + ruby_version: [2.5.x] + puppet_gem_version: [~> 6.0] + platform: [release_checks_6] + agent_family: ['puppet6'] steps: - uses: actions/checkout@v1 diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index c75105585a..1cf92dba15 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -5,7 +5,7 @@ on: - cron: '0 3 * * 1' jobs: - LitmusAcceptance: + LitmusAcceptancePuppet5: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests @@ -14,8 +14,27 @@ jobs: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] - platform: [release_checks] - agent_family: ['puppet5', 'puppet6'] + platform: [release_checks_5] + agent_family: ['puppet5'] + + steps: + - uses: actions/checkout@v1 + - name: Litmus Parallel + uses: puppetlabs/action-litmus_parallel@master + with: + platform: ${{ matrix.platform }} + agent_family: ${{ matrix.agent_family }} + LitmusAcceptancePuppet6: + env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + runs-on: self-hosted + strategy: + matrix: + ruby_version: [2.5.x] + puppet_gem_version: [~> 6.0] + platform: [release_checks_6] + agent_family: ['puppet6'] steps: - uses: actions/checkout@v1 diff --git a/.sync.yml b/.sync.yml index 8ceb746298..ebc7f65712 100644 --- a/.sync.yml +++ b/.sync.yml @@ -13,11 +13,21 @@ use_litmus: true litmus: provision_list: - - travis_deb - - travis_ub - - travis_el6 - - travis_el7 - - ---travis_el + - ---travis_el + - travis_deb + - travis_el6 + - travis_el7 + complex: + - collection: + puppet_collection: + - puppet6 + provision_list: + - travis_ub_6 + - collection: + puppet_collection: + - puppet5 + provision_list: + - travis_ub_5 simplecov: true notifications: slack: diff --git a/.travis.yml b/.travis.yml index 29f08e671e..e9b807a9b1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -29,66 +29,66 @@ jobs: include: - before_script: - - "bundle exec rake 'litmus:provision_list[travis_deb]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_deb_puppet5 + env: PLATFORMS=travis_ub_6_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - - "bundle exec rake 'litmus:provision_list[travis_ub]'" + - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_ub_puppet5 + env: PLATFORMS=travis_ub_5_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el6]'" + - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_el6_puppet5 + env: PLATFORMS=travis_deb_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el7]'" + - "bundle exec rake 'litmus:provision_list[travis_el6]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_el7_puppet5 + env: PLATFORMS=travis_el6_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - - "bundle exec rake 'litmus:provision_list[travis_deb]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake 'litmus:provision_list[travis_el7]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_deb_puppet6 + env: PLATFORMS=travis_el7_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - - "bundle exec rake 'litmus:provision_list[travis_ub]'" + - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" bundler_args: - env: PLATFORMS=travis_ub_puppet6 + env: PLATFORMS=travis_deb_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker diff --git a/metadata.json b/metadata.json index 63a4b51f90..690ac4ec2a 100644 --- a/metadata.json +++ b/metadata.json @@ -76,7 +76,8 @@ "operatingsystemrelease": [ "14.04", "16.04", - "18.04" + "18.04", + "20.04" ] } ], @@ -88,5 +89,5 @@ ], "pdk-version": "1.17.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g095317c" + "template-ref": "heads/master-0-g88b05c7" } diff --git a/provision.yaml b/provision.yaml index 46258c750b..b352fd77c4 100644 --- a/provision.yaml +++ b/provision.yaml @@ -8,15 +8,21 @@ vagrant: travis_deb: provisioner: docker images: ['litmusimage/debian:8', 'litmusimage/debian:9', 'litmusimage/debian:10'] -travis_ub: +travis_ub_5: provisioner: docker images: ['litmusimage/ubuntu:14.04', 'litmusimage/ubuntu:16.04', 'litmusimage/ubuntu:18.04'] +travis_ub_6: + provisioner: docker + images: ['litmusimage/ubuntu:14.04', 'litmusimage/ubuntu:16.04', 'litmusimage/ubuntu:18.04', 'litmusimage/ubuntu:20.04'] travis_el6: provisioner: docker images: ['litmusimage/centos:6', 'litmusimage/scientificlinux:6'] travis_el7: provisioner: docker images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] -release_checks: +release_checks_5: provisioner: abs images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] +release_checks_6: + provisioner: abs + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64', 'ubuntu-2004-x86_64'] From 0756d4366268e5657a25b4ce636a944bf4ef9151 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 20 May 2020 17:37:00 +0100 Subject: [PATCH 0532/1000] (IAC-746) - Set default Postgresql version for Ubuntu 20.04 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 02795e9ff6..a2d6f3ab31 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -191,6 +191,7 @@ /^(16.04|16.10)$/ => '9.5', /^(17.04|17.10)$/ => '9.6', /^(18.04)$/ => '10', + /^(20.04)$/ => '12', default => undef, }, default => undef, From 895944005d3dc67b1e3737b474355800736b0e7b Mon Sep 17 00:00:00 2001 From: Auto-release Date: Tue, 2 Jun 2020 12:59:04 +0000 Subject: [PATCH 0533/1000] Release version 6.6.0 --- CHANGELOG.md | 12 ++++++++++++ REFERENCE.md | 8 ++++++++ metadata.json | 2 +- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 006e184e65..38d7d618ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) (2020-06-02) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.5.0...v6.6.0) + +### Added + +- \(IAC-746\) - Add ubuntu 20.04 support [\#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- Fix custom port in extension [\#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) + ## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) (2020-05-13) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.4.0...v6.5.0) diff --git a/REFERENCE.md b/REFERENCE.md index e8e137b5f1..c68d934443 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1552,6 +1552,14 @@ Overrides default package deletion behavior. By default, the package specified w Default value: `undef` +##### `port` + +Data type: `Optional[Integer]` + +Port to use when connecting. + +Default value: `undef` + ##### `connect_settings` Data type: `Any` diff --git a/metadata.json b/metadata.json index 690ac4ec2a..1b458d2095 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.5.0", + "version": "6.6.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 40440aaa00ab8f10f1692b9964b95f4a441b33a4 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sat, 6 Jun 2020 01:28:22 +0100 Subject: [PATCH 0534/1000] Set default PostgreSQL version for Fedora 32 Signed-off-by: Michael Brown --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index a2d6f3ab31..9914a2390d 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -153,6 +153,7 @@ $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { + /^(32)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', /^(29)$/ => '10.6', From cb984b0b647191d25b6b89d35f60aa0836c05579 Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Mon, 15 Jun 2020 18:19:52 +0100 Subject: [PATCH 0535/1000] (IAC-889) Set FastGettext.default_text_domain in Rakefile Also performed pdk update --- .sync.yml | 2 ++ Gemfile | 2 -- Rakefile | 1 + metadata.json | 4 ++-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.sync.yml b/.sync.yml index ebc7f65712..1c2c6c0fc2 100644 --- a/.sync.yml +++ b/.sync.yml @@ -42,6 +42,8 @@ Gemfile: ref: 20ee04ba1234e9e83eb2ffb5056e23d641c7a018 condition: Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') Rakefile: + extras: + "FastGettext.default_text_domain = 'default-text-domain'" changelog_user: puppetlabs spec/spec_helper.rb: mock_with: ":rspec" diff --git a/Gemfile b/Gemfile index adbbe6d0a4..4f6e33b02d 100644 --- a/Gemfile +++ b/Gemfile @@ -29,8 +29,6 @@ group :development do gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') - gem 'ed25519', '>= 1.2', '< 2.0' - gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0' end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index 96f6c89175..30e64c2d88 100644 --- a/Rakefile +++ b/Rakefile @@ -86,3 +86,4 @@ EOM end end +FastGettext.default_text_domain = 'default-text-domain' diff --git a/metadata.json b/metadata.json index 690ac4ec2a..a6163dfab3 100644 --- a/metadata.json +++ b/metadata.json @@ -87,7 +87,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.17.0", + "pdk-version": "1.18.0", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g88b05c7" + "template-ref": "heads/master-0-g9c14433" } From fad1cf38357c85502e177949d593c7653daf31f2 Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Fri, 12 Jun 2020 16:33:38 +0100 Subject: [PATCH 0536/1000] (IAC-886) Remove SLES 11 from release checks --- provision.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/provision.yaml b/provision.yaml index b352fd77c4..4c3d266124 100644 --- a/provision.yaml +++ b/provision.yaml @@ -22,7 +22,7 @@ travis_el7: images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] release_checks_5: provisioner: abs - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] release_checks_6: provisioner: abs - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64', 'ubuntu-2004-x86_64'] + images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64', 'ubuntu-2004-x86_64'] From 289faa62e9bd752244613c0b54af2777ee928739 Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 16 Jun 2020 16:24:50 +0100 Subject: [PATCH 0537/1000] (IAC-890) - Implement CentOS 8 travis tests --- .sync.yml | 1 + .travis.yml | 22 ++++++++++++++++++++++ provision.yaml | 3 +++ 3 files changed, 26 insertions(+) diff --git a/.sync.yml b/.sync.yml index 1c2c6c0fc2..1cc0fb1de9 100644 --- a/.sync.yml +++ b/.sync.yml @@ -17,6 +17,7 @@ - travis_deb - travis_el6 - travis_el7 + - travis_el8 complex: - collection: puppet_collection: diff --git a/.travis.yml b/.travis.yml index e9b807a9b1..b0a9b7f6b9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -82,6 +82,17 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance + - + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" + bundler_args: + env: PLATFORMS=travis_el8_puppet5 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" @@ -115,6 +126,17 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance + - + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" + bundler_args: + env: PLATFORMS=travis_el8_puppet6 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static diff --git a/provision.yaml b/provision.yaml index b352fd77c4..694af9fd8d 100644 --- a/provision.yaml +++ b/provision.yaml @@ -20,6 +20,9 @@ travis_el6: travis_el7: provisioner: docker images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] +travis_el8: + provisioner: docker + images: ['litmusimage/centos:8'] release_checks_5: provisioner: abs images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] From e7f9c9ada73550866a3f9c410a628f8279e51354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Pinson?= Date: Thu, 18 Jun 2020 14:20:36 +0200 Subject: [PATCH 0538/1000] Invert psql/package dependency logic --- manifests/server/extension.pp | 36 ++++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 71b11d869b..1f9c9fbe9b 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -32,19 +32,36 @@ $group = postgresql::default('group') $psql_path = postgresql::default('psql_path') + if( $database != 'postgres' ) { + # The database postgres cannot managed by this module, so it is exempt from this dependency + $default_psql_require = Postgresql::Server::Database[$database_resource_name] + + Postgresql_psql { + require => $default_psql_require, + } + } else { + $default_psql_require = undef + } + case $ensure { 'present': { $command = "CREATE EXTENSION \"${extension}\"" $unless_mod = undef - $package_require = [] - $package_before = Postgresql_psql["${database}: ${command}"] + $psql_cmd_require = $package_name ? { + undef => $default_psql_require, + default => [$default_psql_require, Package[$package_name]], + } + $psql_cmd_before = [] } 'absent': { $command = "DROP EXTENSION \"${extension}\"" $unless_mod = 'NOT ' - $package_require = Postgresql_psql["${database}: ${command}"] - $package_before = [] + $psql_cmd_require = $default_psql_require + $psql_cmd_before = $package_name ? { + undef => [], + default => Package[$package_name], + } } default: { @@ -52,13 +69,6 @@ } } - if( $database != 'postgres' ) { - # The database postgres cannot managed by this module, so it is exempt from this dependency - Postgresql_psql { - require => Postgresql::Server::Database[$database_resource_name], - } - } - # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # @@ -81,6 +91,8 @@ port => $port_override, command => $command, unless => "SELECT 1 WHERE ${unless_mod}EXISTS (SELECT 1 FROM pg_extension WHERE extname = '${extension}')", + require => $psql_cmd_require, + before => $psql_cmd_before, } if $ensure == 'present' and $schema { @@ -120,8 +132,6 @@ ensure_packages($package_name, { ensure => $_package_ensure, tag => 'puppetlabs-postgresql', - require => $package_require, - before => $package_before, }) } if $version { From 9c1fdb78cbad08216b5af472a9f31c7b263b6a98 Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Mon, 27 Jul 2020 10:07:15 -0500 Subject: [PATCH 0539/1000] (MAINT) Indicate supported PostgreSQL versions Prior to this commit, there was an old limitation noted that we only support up to PostgreSQL 9.5. After this commit, we remove that limitation because we support whatever the default for each OS is. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d8470d61a0..059e709454 100644 --- a/README.md +++ b/README.md @@ -320,7 +320,7 @@ For information on the classes and types, see the [REFERENCE.md](https://github. ## Limitations -Works with versions of PostgreSQL from 8.1 through 9.5. +Works with versions of PostgreSQL on supported OSes. For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/metadata.json) From 812f97bc4c9c36e8973b65fd892c8aaba91f8dbe Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 4 Aug 2020 15:42:40 +0100 Subject: [PATCH 0540/1000] (IAC-973) - Update travis/appveyor to run on new default branch main --- .travis.yml | 2 +- Rakefile | 13 ++++++------- metadata.json | 4 ++-- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/.travis.yml b/.travis.yml index b0a9b7f6b9..271ea34184 100644 --- a/.travis.yml +++ b/.travis.yml @@ -150,7 +150,7 @@ jobs: stage: spec branches: only: - - master + - main - /^v\d/ - release notifications: diff --git a/Rakefile b/Rakefile index 30e64c2d88..c4f6f86fad 100644 --- a/Rakefile +++ b/Rakefile @@ -52,7 +52,7 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." config.add_pr_wo_labels = true config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" + config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" config.configure_sections = { "Changed" => { "prefix" => "### Changed", @@ -60,11 +60,11 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? }, "Added" => { "prefix" => "### Added", - "labels" => ["feature", "enhancement"], + "labels" => ["enhancement", "feature"], }, "Fixed" => { "prefix" => "### Fixed", - "labels" => ["bugfix"], + "labels" => ["bug", "documentation", "bugfix"], }, } end @@ -72,16 +72,15 @@ else desc 'Generate a Changelog from GitHub' task :changelog do raise <= Gem::Version.new('2.2.2')" + version: '~> 1.15' + condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" EOM end end diff --git a/metadata.json b/metadata.json index 65264c40a3..bc611969ac 100644 --- a/metadata.json +++ b/metadata.json @@ -87,7 +87,7 @@ "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "pdk-version": "1.18.0", + "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g9c14433" + "template-ref": "heads/master-0-gd610ead" } From 5a9ebab4338129da919cf48e83d014b1c7a1727a Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 10 Aug 2020 11:53:01 +0200 Subject: [PATCH 0541/1000] Use Data Types to verify ensure This makes the API clear and the code simpler. --- manifests/server/config_entry.pp | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 6b86f5f831..c1d21d34b4 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,7 +5,7 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - $ensure = 'present', + Enum['present', 'absent'] $ensure = 'present', $value = undef, $path = false ) { @@ -161,18 +161,10 @@ } } - case $ensure { - /present|absent/: { - postgresql_conf { $name: - ensure => $ensure, - target => $target, - value => $value, - require => Class['postgresql::server::initdb'], - } - } - - default: { - fail("Unknown value for ensure '${ensure}'.") - } + postgresql_conf { $name: + ensure => $ensure, + target => $target, + value => $value, + require => Class['postgresql::server::initdb'], } } From 22ffe7ecf59930ad2a9e0d79b7b2f0ea4832ccc3 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Fri, 28 Aug 2020 13:06:58 +0000 Subject: [PATCH 0542/1000] Release version 6.7.0 update changelog.md --- CHANGELOG.md | 12 + REFERENCE.md | 779 ++++++++++++++++++++++++++------------------------ metadata.json | 2 +- 3 files changed, 413 insertions(+), 380 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 38d7d618ac..25c5da971e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) (2020-08-28) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) + +### Added + +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) + ## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) (2020-06-02) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.5.0...v6.6.0) diff --git a/REFERENCE.md b/REFERENCE.md index c68d934443..6227ef29c8 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1,11 +1,12 @@ # Reference + ## Table of Contents -**Classes** +### Classes -_Public Classes_ +#### Public Classes * [`postgresql::client`](#postgresqlclient): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. * [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. @@ -20,20 +21,20 @@ _Public Classes_ * [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. * [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. -_Private Classes_ +#### Private Classes -* `postgresql::params`: -* `postgresql::repo`: -* `postgresql::repo::apt_postgresql_org`: -* `postgresql::repo::yum_postgresql_org`: -* `postgresql::server::config`: -* `postgresql::server::initdb`: -* `postgresql::server::install`: -* `postgresql::server::passwd`: -* `postgresql::server::reload`: -* `postgresql::server::service`: +* `postgresql::params` +* `postgresql::repo` +* `postgresql::repo::apt_postgresql_org` +* `postgresql::repo::yum_postgresql_org` +* `postgresql::server::config` +* `postgresql::server::initdb` +* `postgresql::server::install` +* `postgresql::server::passwd` +* `postgresql::server::reload` +* `postgresql::server::service` -**Defined types** +### Defined types * [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. * [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. @@ -52,16 +53,16 @@ _Private Classes_ * [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. * [`postgresql::validate_db_connection`](#postgresqlvalidate_db_connection): This type validates that a successful postgres connection. -**Resource types** +### Resource types * [`postgresql_conf`](#postgresql_conf): This type allows puppet to manage postgresql.conf parameters. * [`postgresql_conn_validator`](#postgresql_conn_validator): Verify if a connection can be successfully established * [`postgresql_psql`](#postgresql_psql): An arbitrary tag for your own reference; the name of the message. * [`postgresql_replication_slot`](#postgresql_replication_slot): Manages Postgresql replication slots. -**Functions** +### Functions -_Public Functions_ +#### Public Functions * [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. * [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. @@ -69,17 +70,17 @@ _Public Functions_ * [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. -_Private Functions_ +#### Private Functions * `postgresql::postgresql_acls_to_resources_hash`: This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. -**Tasks** +### Tasks * [`sql`](#sql): Allows you to execute arbitary SQL ## Classes -### postgresql::client +### `postgresql::client` Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. @@ -95,7 +96,7 @@ Data type: `Enum['file', 'absent']` Ensure the connection validation script is present -Default value: 'file' +Default value: `'file'` ##### `validcon_script_path` @@ -103,7 +104,7 @@ Data type: `Stdlib::Absolutepath` Optional. Absolute path for the postgresql connection validation script. -Default value: $postgresql::params::validcon_script_path +Default value: `$postgresql::params::validcon_script_path` ##### `package_name` @@ -111,7 +112,7 @@ Data type: `String[1]` Sets the name of the PostgreSQL client package. -Default value: $postgresql::params::client_package_name +Default value: `$postgresql::params::client_package_name` ##### `package_ensure` @@ -119,9 +120,9 @@ Data type: `String[1]` Ensure the client package is installed -Default value: 'present' +Default value: `'present'` -### postgresql::globals +### `postgresql::globals` Class for setting cross-class global overrides. @@ -138,7 +139,7 @@ Data type: `Any` Overrides the default PostgreSQL client package name. -Default value: `undef` +Default value: ``undef`` ##### `server_package_name` @@ -146,7 +147,7 @@ Data type: `Any` Overrides the default PostgreSQL server package name. -Default value: `undef` +Default value: ``undef`` ##### `contrib_package_name` @@ -154,7 +155,7 @@ Data type: `Any` Overrides the default PostgreSQL contrib package name. -Default value: `undef` +Default value: ``undef`` ##### `devel_package_name` @@ -162,7 +163,7 @@ Data type: `Any` Overrides the default PostgreSQL devel package name. -Default value: `undef` +Default value: ``undef`` ##### `java_package_name` @@ -170,7 +171,7 @@ Data type: `Any` Overrides the default PostgreSQL java package name. -Default value: `undef` +Default value: ``undef`` ##### `docs_package_name` @@ -178,7 +179,7 @@ Data type: `Any` Overrides the default PostgreSQL docs package name. -Default value: `undef` +Default value: ``undef`` ##### `perl_package_name` @@ -186,7 +187,7 @@ Data type: `Any` Overrides the default PostgreSQL Perl package name. -Default value: `undef` +Default value: ``undef`` ##### `plperl_package_name` @@ -194,7 +195,7 @@ Data type: `Any` Overrides the default PostgreSQL PL/Perl package name. -Default value: `undef` +Default value: ``undef`` ##### `plpython_package_name` @@ -202,7 +203,7 @@ Data type: `Any` Overrides the default PostgreSQL PL/Python package name. -Default value: `undef` +Default value: ``undef`` ##### `python_package_name` @@ -210,7 +211,7 @@ Data type: `Any` Overrides the default PostgreSQL Python package name. -Default value: `undef` +Default value: ``undef`` ##### `postgis_package_name` @@ -218,7 +219,7 @@ Data type: `Any` Overrides the default PostgreSQL PostGIS package name. -Default value: `undef` +Default value: ``undef`` ##### `service_name` @@ -226,7 +227,7 @@ Data type: `Any` Overrides the default PostgreSQL service name. -Default value: `undef` +Default value: ``undef`` ##### `service_provider` @@ -234,7 +235,7 @@ Data type: `Any` Overrides the default PostgreSQL service provider. -Default value: `undef` +Default value: ``undef`` ##### `service_status` @@ -242,7 +243,7 @@ Data type: `Any` Overrides the default status check command for your PostgreSQL service. -Default value: `undef` +Default value: ``undef`` ##### `default_database` @@ -250,7 +251,7 @@ Data type: `Any` Specifies the name of the default database to connect with. -Default value: `undef` +Default value: ``undef`` ##### `validcon_script_path` @@ -258,7 +259,7 @@ Data type: `Any` Scipt path for the connection validation check. -Default value: `undef` +Default value: ``undef`` ##### `initdb_path` @@ -266,7 +267,7 @@ Data type: `Any` Path to the initdb command. -Default value: `undef` +Default value: ``undef`` ##### `createdb_path` @@ -274,7 +275,7 @@ Data type: `Any` Deprecated. Path to the createdb command. -Default value: `undef` +Default value: ``undef`` ##### `psql_path` @@ -282,7 +283,7 @@ Data type: `Any` Sets the path to the psql command. -Default value: `undef` +Default value: ``undef`` ##### `pg_hba_conf_path` @@ -290,7 +291,7 @@ Data type: `Any` Specifies the path to your pg_hba.conf file. -Default value: `undef` +Default value: ``undef`` ##### `pg_ident_conf_path` @@ -298,7 +299,7 @@ Data type: `Any` Specifies the path to your pg_ident.conf file. -Default value: `undef` +Default value: ``undef`` ##### `postgresql_conf_path` @@ -306,7 +307,7 @@ Data type: `Any` Sets the path to your postgresql.conf file. -Default value: `undef` +Default value: ``undef`` ##### `recovery_conf_path` @@ -314,7 +315,7 @@ Data type: `Any` Path to your recovery.conf file. -Default value: `undef` +Default value: ``undef`` ##### `default_connect_settings` @@ -322,7 +323,7 @@ Data type: `Any` Default connection settings. -Default value: {} +Default value: `{}` ##### `pg_hba_conf_defaults` @@ -330,7 +331,7 @@ Data type: `Any` Disables the defaults supplied with the module for pg_hba.conf if set to false. -Default value: `undef` +Default value: ``undef`` ##### `datadir` @@ -342,7 +343,7 @@ For Red Hat systems, the data directory must be labeled appropriately for SELinu On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original -Default value: `undef` +Default value: ``undef`` ##### `confdir` @@ -350,7 +351,7 @@ Data type: `Any` Overrides the default PostgreSQL configuration directory for the target platform. -Default value: `undef` +Default value: ``undef`` ##### `bindir` @@ -358,7 +359,7 @@ Data type: `Any` Overrides the default PostgreSQL binaries directory for the target platform. -Default value: `undef` +Default value: ``undef`` ##### `xlogdir` @@ -366,7 +367,7 @@ Data type: `Any` Overrides the default PostgreSQL xlog directory. -Default value: `undef` +Default value: ``undef`` ##### `logdir` @@ -374,7 +375,7 @@ Data type: `Any` Overrides the default PostgreSQL log directory. -Default value: `undef` +Default value: ``undef`` ##### `log_line_prefix` @@ -382,7 +383,7 @@ Data type: `Any` Overrides the default PostgreSQL log prefix. -Default value: `undef` +Default value: ``undef`` ##### `user` @@ -390,7 +391,7 @@ Data type: `Any` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: `undef` +Default value: ``undef`` ##### `group` @@ -398,7 +399,7 @@ Data type: `Any` Overrides the default postgres user group to be used for related files in the file system. -Default value: `undef` +Default value: ``undef`` ##### `version` @@ -406,7 +407,7 @@ Data type: `Any` The version of PostgreSQL to install and manage. -Default value: `undef` +Default value: ``undef`` ##### `postgis_version` @@ -414,7 +415,7 @@ Data type: `Any` Defines the version of PostGIS to install, if you install PostGIS. -Default value: `undef` +Default value: ``undef`` ##### `repo_proxy` @@ -422,7 +423,7 @@ Data type: `Any` Sets the proxy option for the official PostgreSQL yum-repositories only. -Default value: `undef` +Default value: ``undef`` ##### `repo_baseurl` @@ -430,7 +431,7 @@ Data type: `Any` Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: `undef` +Default value: ``undef`` ##### `needs_initdb` @@ -438,7 +439,7 @@ Data type: `Any` Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. -Default value: `undef` +Default value: ``undef`` ##### `encoding` @@ -447,7 +448,7 @@ Data type: `Any` Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -Default value: `undef` +Default value: ``undef`` ##### `locale` @@ -457,7 +458,7 @@ Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. -Default value: `undef` +Default value: ``undef`` ##### `data_checksums` @@ -466,7 +467,7 @@ Data type: `Any` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. -Default value: `undef` +Default value: ``undef`` ##### `timezone` @@ -474,7 +475,7 @@ Data type: `Any` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. -Default value: `undef` +Default value: ``undef`` ##### `manage_pg_hba_conf` @@ -482,7 +483,7 @@ Data type: `Any` Allow Puppet to manage the pg_hba.conf file. -Default value: `undef` +Default value: ``undef`` ##### `manage_pg_ident_conf` @@ -490,7 +491,7 @@ Data type: `Any` Allow Puppet to manage the pg_ident.conf file. -Default value: `undef` +Default value: ``undef`` ##### `manage_recovery_conf` @@ -498,7 +499,7 @@ Data type: `Any` Allow Puppet to manage the recovery.conf file. -Default value: `undef` +Default value: ``undef`` ##### `manage_datadir` @@ -506,7 +507,7 @@ Data type: `Any` Set to false if you have file{ $datadir: } already defined -Default value: `undef` +Default value: ``undef`` ##### `manage_logdir` @@ -514,7 +515,7 @@ Data type: `Any` Set to false if you have file{ $logdir: } already defined -Default value: `undef` +Default value: ``undef`` ##### `manage_xlogdir` @@ -522,7 +523,7 @@ Data type: `Any` Set to false if you have file{ $xlogdir: } already defined -Default value: `undef` +Default value: ``undef`` ##### `manage_package_repo` @@ -530,7 +531,7 @@ Data type: `Any` Sets up official PostgreSQL repositories on your host if set to true. -Default value: `undef` +Default value: ``undef`` ##### `module_workdir` @@ -538,7 +539,7 @@ Data type: `Any` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: `undef` +Default value: ``undef`` ##### `manage_selinux` @@ -546,9 +547,9 @@ Data type: `Any` -Default value: `undef` +Default value: ``undef`` -### postgresql::lib::devel +### `postgresql::lib::devel` This class installs postgresql development libraries. @@ -562,7 +563,7 @@ Data type: `String` Override devel package name -Default value: $postgresql::params::devel_package_name +Default value: `$postgresql::params::devel_package_name` ##### `package_ensure` @@ -570,7 +571,7 @@ Data type: `String[1]` Ensure the development libraries are installed -Default value: 'present' +Default value: `'present'` ##### `link_pg_config` @@ -578,9 +579,9 @@ Data type: `Boolean` If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. -Default value: $postgresql::params::link_pg_config +Default value: `$postgresql::params::link_pg_config` -### postgresql::lib::docs +### `postgresql::lib::docs` Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -596,7 +597,7 @@ Data type: `String` Specifies the name of the PostgreSQL docs package. -Default value: $postgresql::params::docs_package_name +Default value: `$postgresql::params::docs_package_name` ##### `package_ensure` @@ -604,9 +605,9 @@ Data type: `String[1]` Whether the PostgreSQL docs package resource should be present. -Default value: 'present' +Default value: `'present'` -### postgresql::lib::java +### `postgresql::lib::java` This class installs the postgresql jdbc connector. @@ -622,7 +623,7 @@ Data type: `String` Specifies the name of the PostgreSQL java package. -Default value: $postgresql::params::java_package_name +Default value: `$postgresql::params::java_package_name` ##### `package_ensure` @@ -630,9 +631,9 @@ Data type: `String[1]` Specifies whether the package is present. -Default value: 'present' +Default value: `'present'` -### postgresql::lib::perl +### `postgresql::lib::perl` This class installs the perl libs for postgresql. @@ -646,7 +647,7 @@ Data type: `String` Specifies the name of the PostgreSQL perl package to install. -Default value: $postgresql::params::perl_package_name +Default value: `$postgresql::params::perl_package_name` ##### `package_ensure` @@ -654,9 +655,9 @@ Data type: `String[1]` Ensure the perl libs for postgresql are installed. -Default value: 'present' +Default value: `'present'` -### postgresql::lib::python +### `postgresql::lib::python` This class installs the python libs for postgresql. @@ -670,7 +671,7 @@ Data type: `String[1]` The name of the PostgreSQL Python package. -Default value: $postgresql::params::python_package_name +Default value: `$postgresql::params::python_package_name` ##### `package_ensure` @@ -678,9 +679,9 @@ Data type: `String[1]` Ensure the python libs for postgresql are installed. -Default value: 'present' +Default value: `'present'` -### postgresql::server +### `postgresql::server` This installs a PostgreSQL server @@ -694,7 +695,7 @@ Data type: `Any` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -Default value: `undef` +Default value: ``undef`` ##### `package_name` @@ -702,7 +703,7 @@ Data type: `Any` Specifies the name of the package to use for installing the server software. -Default value: $postgresql::params::server_package_name +Default value: `$postgresql::params::server_package_name` ##### `package_ensure` @@ -710,7 +711,7 @@ Data type: `Any` Passes a value through to the package resource when creating the server instance. -Default value: $postgresql::params::package_ensure +Default value: `$postgresql::params::package_ensure` ##### `plperl_package_name` @@ -718,7 +719,7 @@ Data type: `Any` Sets the default package name for the PL/Perl extension. -Default value: $postgresql::params::plperl_package_name +Default value: `$postgresql::params::plperl_package_name` ##### `plpython_package_name` @@ -726,7 +727,7 @@ Data type: `Any` Sets the default package name for the PL/Python extension. -Default value: $postgresql::params::plpython_package_name +Default value: `$postgresql::params::plpython_package_name` ##### `service_ensure` @@ -734,7 +735,7 @@ Data type: `Any` Ensure service is installed -Default value: $postgresql::params::service_ensure +Default value: `$postgresql::params::service_ensure` ##### `service_enable` @@ -742,7 +743,7 @@ Data type: `Any` Enable the PostgreSQL service -Default value: $postgresql::params::service_enable +Default value: `$postgresql::params::service_enable` ##### `service_manage` @@ -750,7 +751,7 @@ Data type: `Any` Defines whether or not Puppet should manage the service. -Default value: $postgresql::params::service_manage +Default value: `$postgresql::params::service_manage` ##### `service_name` @@ -758,7 +759,7 @@ Data type: `Any` Overrides the default PostgreSQL service name. -Default value: $postgresql::params::service_name +Default value: `$postgresql::params::service_name` ##### `service_restart_on_change` @@ -766,7 +767,7 @@ Data type: `Any` Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. -Default value: $postgresql::params::service_restart_on_change +Default value: `$postgresql::params::service_restart_on_change` ##### `service_provider` @@ -774,7 +775,7 @@ Data type: `Any` Overrides the default PostgreSQL service provider. -Default value: $postgresql::params::service_provider +Default value: `$postgresql::params::service_provider` ##### `service_reload` @@ -782,7 +783,7 @@ Data type: `Any` Overrides the default reload command for your PostgreSQL service. -Default value: $postgresql::params::service_reload +Default value: `$postgresql::params::service_reload` ##### `service_status` @@ -790,7 +791,7 @@ Data type: `Any` Overrides the default status check command for your PostgreSQL service. -Default value: $postgresql::params::service_status +Default value: `$postgresql::params::service_status` ##### `default_database` @@ -798,7 +799,7 @@ Data type: `Any` Specifies the name of the default database to connect with. On most systems this is 'postgres'. -Default value: $postgresql::params::default_database +Default value: `$postgresql::params::default_database` ##### `default_connect_settings` @@ -806,7 +807,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. -Default value: $postgresql::globals::default_connect_settings +Default value: `$postgresql::globals::default_connect_settings` ##### `listen_addresses` @@ -814,7 +815,7 @@ Data type: `Any` Address list on which the PostgreSQL service will listen -Default value: $postgresql::params::listen_addresses +Default value: `$postgresql::params::listen_addresses` ##### `port` @@ -823,7 +824,7 @@ Data type: `Any` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. -Default value: $postgresql::params::port +Default value: `$postgresql::params::port` ##### `ip_mask_deny_postgres_user` @@ -832,7 +833,7 @@ Data type: `Any` Specifies the IP mask from which remote connections should be denied for the postgres superuser. Default value: '0.0.0.0/0', which denies any remote connection. -Default value: $postgresql::params::ip_mask_deny_postgres_user +Default value: `$postgresql::params::ip_mask_deny_postgres_user` ##### `ip_mask_allow_all_users` @@ -842,7 +843,7 @@ Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL doe Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. Default value: '127.0.0.1/32'. -Default value: $postgresql::params::ip_mask_allow_all_users +Default value: `$postgresql::params::ip_mask_allow_all_users` ##### `ipv4acls` @@ -850,7 +851,7 @@ Data type: `Array[String[1]]` Lists strings for access control for connection method, users, databases, IPv4 addresses; -Default value: $postgresql::params::ipv4acls +Default value: `$postgresql::params::ipv4acls` ##### `ipv6acls` @@ -858,7 +859,7 @@ Data type: `Array[String[1]]` Lists strings for access control for connection method, users, databases, IPv6 addresses. -Default value: $postgresql::params::ipv6acls +Default value: `$postgresql::params::ipv6acls` ##### `initdb_path` @@ -866,7 +867,7 @@ Data type: `Any` Specifies the path to the initdb command. -Default value: $postgresql::params::initdb_path +Default value: `$postgresql::params::initdb_path` ##### `createdb_path` @@ -874,7 +875,7 @@ Data type: `Any` Deprecated. Specifies the path to the createdb command. -Default value: $postgresql::params::createdb_path +Default value: `$postgresql::params::createdb_path` ##### `psql_path` @@ -882,7 +883,7 @@ Data type: `Any` Specifies the path to the psql command. -Default value: $postgresql::params::psql_path +Default value: `$postgresql::params::psql_path` ##### `pg_hba_conf_path` @@ -890,7 +891,7 @@ Data type: `Any` Specifies the path to your pg_hba.conf file. -Default value: $postgresql::params::pg_hba_conf_path +Default value: `$postgresql::params::pg_hba_conf_path` ##### `pg_ident_conf_path` @@ -898,7 +899,7 @@ Data type: `Any` Specifies the path to your pg_ident.conf file. -Default value: $postgresql::params::pg_ident_conf_path +Default value: `$postgresql::params::pg_ident_conf_path` ##### `postgresql_conf_path` @@ -906,7 +907,7 @@ Data type: `Any` Specifies the path to your postgresql.conf file. -Default value: $postgresql::params::postgresql_conf_path +Default value: `$postgresql::params::postgresql_conf_path` ##### `recovery_conf_path` @@ -914,7 +915,7 @@ Data type: `Any` Specifies the path to your recovery.conf file. -Default value: $postgresql::params::recovery_conf_path +Default value: `$postgresql::params::recovery_conf_path` ##### `datadir` @@ -922,7 +923,7 @@ Data type: `Any` PostgreSQL data directory -Default value: $postgresql::params::datadir +Default value: `$postgresql::params::datadir` ##### `xlogdir` @@ -930,7 +931,7 @@ Data type: `Any` PostgreSQL xlog directory -Default value: $postgresql::params::xlogdir +Default value: `$postgresql::params::xlogdir` ##### `logdir` @@ -938,7 +939,7 @@ Data type: `Any` PostgreSQL log directory -Default value: $postgresql::params::logdir +Default value: `$postgresql::params::logdir` ##### `log_line_prefix` @@ -946,7 +947,7 @@ Data type: `Any` PostgreSQL log line prefix -Default value: $postgresql::params::log_line_prefix +Default value: `$postgresql::params::log_line_prefix` ##### `pg_hba_conf_defaults` @@ -954,7 +955,7 @@ Data type: `Any` If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. -Default value: $postgresql::params::pg_hba_conf_defaults +Default value: `$postgresql::params::pg_hba_conf_defaults` ##### `user` @@ -962,7 +963,7 @@ Data type: `Any` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: $postgresql::params::user +Default value: `$postgresql::params::user` ##### `group` @@ -970,7 +971,7 @@ Data type: `Any` Overrides the default postgres user group to be used for related files in the file system. -Default value: $postgresql::params::group +Default value: `$postgresql::params::group` ##### `needs_initdb` @@ -978,7 +979,7 @@ Data type: `Any` Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. -Default value: $postgresql::params::needs_initdb +Default value: `$postgresql::params::needs_initdb` ##### `encoding` @@ -986,7 +987,7 @@ Data type: `Any` Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. -Default value: $postgresql::params::encoding +Default value: `$postgresql::params::encoding` ##### `locale` @@ -994,7 +995,7 @@ Data type: `Any` Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. -Default value: $postgresql::params::locale +Default value: `$postgresql::params::locale` ##### `data_checksums` @@ -1003,7 +1004,7 @@ Data type: `Any` Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. -Default value: $postgresql::params::data_checksums +Default value: `$postgresql::params::data_checksums` ##### `timezone` @@ -1011,7 +1012,7 @@ Data type: `Any` Set timezone for the PostgreSQL instance -Default value: $postgresql::params::timezone +Default value: `$postgresql::params::timezone` ##### `manage_pg_hba_conf` @@ -1019,7 +1020,7 @@ Data type: `Any` Boolean. Whether to manage the pg_hba.conf. -Default value: $postgresql::params::manage_pg_hba_conf +Default value: `$postgresql::params::manage_pg_hba_conf` ##### `manage_pg_ident_conf` @@ -1027,7 +1028,7 @@ Data type: `Any` Boolean. Overwrites the pg_ident.conf file. -Default value: $postgresql::params::manage_pg_ident_conf +Default value: `$postgresql::params::manage_pg_ident_conf` ##### `manage_recovery_conf` @@ -1035,7 +1036,7 @@ Data type: `Any` Boolean. Specifies whether or not manage the recovery.conf. -Default value: $postgresql::params::manage_recovery_conf +Default value: `$postgresql::params::manage_recovery_conf` ##### `module_workdir` @@ -1043,7 +1044,7 @@ Data type: `Any` Working directory for the PostgreSQL module -Default value: $postgresql::params::module_workdir +Default value: `$postgresql::params::module_workdir` ##### `manage_datadir` @@ -1051,7 +1052,7 @@ Data type: `Any` Set to false if you have file{ $datadir: } already defined -Default value: $postgresql::params::manage_datadir +Default value: `$postgresql::params::manage_datadir` ##### `manage_logdir` @@ -1059,7 +1060,7 @@ Data type: `Any` Set to false if you have file{ $logdir: } already defined -Default value: $postgresql::params::manage_logdir +Default value: `$postgresql::params::manage_logdir` ##### `manage_xlogdir` @@ -1067,7 +1068,7 @@ Data type: `Any` Set to false if you have file{ $xlogdir: } already defined -Default value: $postgresql::params::manage_xlogdir +Default value: `$postgresql::params::manage_xlogdir` ##### `roles` @@ -1075,7 +1076,7 @@ Data type: `Hash[String, Hash]` Specifies a hash from which to generate postgresql::server::role resources. -Default value: {} +Default value: `{}` ##### `config_entries` @@ -1083,7 +1084,7 @@ Data type: `Hash[String, Any]` Specifies a hash from which to generate postgresql::server::config_entry resources. -Default value: {} +Default value: `{}` ##### `pg_hba_rules` @@ -1091,7 +1092,7 @@ Data type: `Hash[String, Hash]` Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. -Default value: {} +Default value: `{}` ##### `version` @@ -1099,7 +1100,7 @@ Data type: `Any` Deprecated. Use postgresql::globals instead. Sets PostgreSQL version -Default value: `undef` +Default value: ``undef`` ##### `extra_systemd_config` @@ -1107,7 +1108,7 @@ Data type: `Any` Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string -Default value: $postgresql::params::extra_systemd_config +Default value: `$postgresql::params::extra_systemd_config` ##### `manage_selinux` @@ -1115,7 +1116,7 @@ Data type: `Boolean` -Default value: $postgresql::params::manage_selinux +Default value: `$postgresql::params::manage_selinux` ##### `password_encryption` @@ -1123,9 +1124,9 @@ Data type: `Any` -Default value: $postgresql::params::password_encryption +Default value: `$postgresql::params::password_encryption` -### postgresql::server::contrib +### `postgresql::server::contrib` Install the contrib postgresql packaging. @@ -1139,7 +1140,7 @@ Data type: `String` The name of the PostgreSQL contrib package. -Default value: $postgresql::params::contrib_package_name +Default value: `$postgresql::params::contrib_package_name` ##### `package_ensure` @@ -1147,9 +1148,9 @@ Data type: `String[1]` Ensure the contrib package is installed. -Default value: 'present' +Default value: `'present'` -### postgresql::server::plperl +### `postgresql::server::plperl` This class installs the PL/Perl procedural language for postgresql. @@ -1163,7 +1164,7 @@ Data type: `Any` The ensure parameter passed on to PostgreSQL PL/Perl package resource. -Default value: 'present' +Default value: `'present'` ##### `package_name` @@ -1171,9 +1172,9 @@ Data type: `Any` The name of the PostgreSQL PL/Perl package. -Default value: $postgresql::server::plperl_package_name +Default value: `$postgresql::server::plperl_package_name` -### postgresql::server::plpython +### `postgresql::server::plpython` This class installs the PL/Python procedural language for postgresql. @@ -1187,7 +1188,7 @@ Data type: `Any` Specifies whether the package is present. -Default value: 'present' +Default value: `'present'` ##### `package_name` @@ -1195,9 +1196,9 @@ Data type: `Any` Specifies the name of the postgresql PL/Python package. -Default value: $postgresql::server::plpython_package_name +Default value: `$postgresql::server::plpython_package_name` -### postgresql::server::postgis +### `postgresql::server::postgis` Install the postgis postgresql packaging. @@ -1211,7 +1212,7 @@ Data type: `String` Sets the package name. -Default value: $postgresql::params::postgis_package_name +Default value: `$postgresql::params::postgis_package_name` ##### `package_ensure` @@ -1219,11 +1220,11 @@ Data type: `String[1]` Specifies if the package is present or not. -Default value: 'present' +Default value: `'present'` ## Defined types -### postgresql::server::config_entry +### `postgresql::server::config_entry` Manage a postgresql.conf entry. @@ -1233,11 +1234,11 @@ The following parameters are available in the `postgresql::server::config_entry` ##### `ensure` -Data type: `Any` +Data type: `Enum['present', 'absent']` Removes an entry if set to 'absent'. -Default value: 'present' +Default value: `'present'` ##### `value` @@ -1245,7 +1246,7 @@ Data type: `Any` Defines the value for the setting. -Default value: `undef` +Default value: ``undef`` ##### `path` @@ -1253,9 +1254,9 @@ Data type: `Any` Path for postgresql.conf -Default value: `false` +Default value: ``false`` -### postgresql::server::database +### `postgresql::server::database` Define for creating a database. @@ -1269,7 +1270,7 @@ Data type: `Any` Sets a comment on the database. -Default value: `undef` +Default value: ``undef`` ##### `dbname` @@ -1277,7 +1278,7 @@ Data type: `Any` Sets the name of the database. -Default value: $title +Default value: `$title` ##### `owner` @@ -1285,7 +1286,7 @@ Data type: `Any` Sets name of the database owner. -Default value: `undef` +Default value: ``undef`` ##### `tablespace` @@ -1293,7 +1294,7 @@ Data type: `Any` Sets tablespace for where to create this database. -Default value: `undef` +Default value: ``undef`` ##### `template` @@ -1301,7 +1302,7 @@ Data type: `Any` Specifies the name of the template database from which to build this database. Default value: 'template0'. -Default value: 'template0' +Default value: `'template0'` ##### `encoding` @@ -1309,7 +1310,7 @@ Data type: `Any` Overrides the character set during creation of the database. -Default value: $postgresql::server::encoding +Default value: `$postgresql::server::encoding` ##### `locale` @@ -1317,7 +1318,7 @@ Data type: `Any` Overrides the locale during creation of the database. -Default value: $postgresql::server::locale +Default value: `$postgresql::server::locale` ##### `istemplate` @@ -1325,7 +1326,7 @@ Data type: `Any` Defines the database as a template if set to true. -Default value: `false` +Default value: ``false`` ##### `connect_settings` @@ -1333,9 +1334,9 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` -### postgresql::server::database_grant +### `postgresql::server::database_grant` Manage a database grant. @@ -1367,7 +1368,7 @@ Data type: `Any` Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. -Default value: `undef` +Default value: ``undef`` ##### `psql_db` @@ -1375,7 +1376,7 @@ Data type: `Any` Defines the database to execute the grant against. This should not ordinarily be changed from the default -Default value: `undef` +Default value: ``undef`` ##### `psql_user` @@ -1383,7 +1384,7 @@ Data type: `Any` Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. -Default value: `undef` +Default value: ``undef`` ##### `connect_settings` @@ -1391,9 +1392,9 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: `undef` +Default value: ``undef`` -### postgresql::server::db +### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correctpermissions. @@ -1419,7 +1420,7 @@ Data type: `Any` Defines a comment to be stored about the database using the PostgreSQL COMMENT command. -Default value: `undef` +Default value: ``undef`` ##### `dbname` @@ -1427,7 +1428,7 @@ Data type: `Any` Sets the name of the database to be created. -Default value: $title +Default value: `$title` ##### `encoding` @@ -1435,7 +1436,7 @@ Data type: `Any` Overrides the character set during creation of the database. -Default value: $postgresql::server::encoding +Default value: `$postgresql::server::encoding` ##### `locale` @@ -1443,7 +1444,7 @@ Data type: `Any` Overrides the locale during creation of the database. -Default value: $postgresql::server::locale +Default value: `$postgresql::server::locale` ##### `grant` @@ -1451,7 +1452,7 @@ Data type: `Any` Specifies the permissions to grant during creation. Default value: 'ALL'. -Default value: 'ALL' +Default value: `'ALL'` ##### `tablespace` @@ -1459,7 +1460,7 @@ Data type: `Any` Defines the name of the tablespace to allocate the created database to. -Default value: `undef` +Default value: ``undef`` ##### `template` @@ -1467,7 +1468,7 @@ Data type: `Any` Specifies the name of the template database from which to build this database. Defaults value: template0. -Default value: 'template0' +Default value: `'template0'` ##### `istemplate` @@ -1475,7 +1476,7 @@ Data type: `Any` Specifies that the database is a template, if set to true. -Default value: `false` +Default value: ``false`` ##### `owner` @@ -1483,9 +1484,9 @@ Data type: `Any` Sets a user as the owner of the database. -Default value: `undef` +Default value: ``undef`` -### postgresql::server::extension +### `postgresql::server::extension` Activate an extension on a postgresql database. @@ -1505,7 +1506,7 @@ Data type: `Any` Specifies the extension to activate. If left blank, uses the name of the resource. -Default value: $name +Default value: `$name` ##### `schema` @@ -1513,7 +1514,7 @@ Data type: `Optional[String[1]]` Specifies the schema on which to activate the extension. -Default value: `undef` +Default value: ``undef`` ##### `version` @@ -1526,7 +1527,7 @@ version may be set to a specific version, in which case the extension is updated eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. -Default value: `undef` +Default value: ``undef`` ##### `ensure` @@ -1534,7 +1535,7 @@ Data type: `String[1]` Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. -Default value: 'present' +Default value: `'present'` ##### `package_name` @@ -1542,7 +1543,7 @@ Data type: `Any` Specifies a package to install prior to activating the extension. -Default value: `undef` +Default value: ``undef`` ##### `package_ensure` @@ -1550,7 +1551,7 @@ Data type: `Any` Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. -Default value: `undef` +Default value: ``undef`` ##### `port` @@ -1558,7 +1559,7 @@ Data type: `Optional[Integer]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` ##### `connect_settings` @@ -1566,7 +1567,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: postgresql::default('default_connect_settings') +Default value: `postgresql::default('default_connect_settings')` ##### `database_resource_name` @@ -1574,9 +1575,9 @@ Data type: `Any` Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. -Default value: $database +Default value: `$database` -### postgresql::server::grant +### `postgresql::server::grant` Define for granting permissions to roles. @@ -1602,7 +1603,7 @@ Data type: `String` Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. -Default value: '' +Default value: `''` ##### `object_type` @@ -1624,7 +1625,7 @@ Data type: `Pattern[#/(?i:^COLUMN$)/, Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. -Default value: 'database' +Default value: `'database'` ##### `object_name` @@ -1635,7 +1636,7 @@ Data type: `Optional[Variant[ Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] -Default value: `undef` +Default value: ``undef`` ##### `psql_db` @@ -1643,7 +1644,7 @@ Data type: `String` Specifies the database to execute the grant against. This should not ordinarily be changed from the default -Default value: $postgresql::server::default_database +Default value: `$postgresql::server::default_database` ##### `psql_user` @@ -1651,7 +1652,7 @@ Data type: `String` Sets the OS user to run psql. -Default value: $postgresql::server::user +Default value: `$postgresql::server::user` ##### `port` @@ -1659,7 +1660,7 @@ Data type: `Integer` Port to use when connecting. -Default value: $postgresql::server::port +Default value: `$postgresql::server::port` ##### `onlyif_exists` @@ -1667,7 +1668,7 @@ Data type: `Boolean` Create grant only if doesn't exist -Default value: `false` +Default value: ``false`` ##### `connect_settings` @@ -1675,7 +1676,7 @@ Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` ##### `ensure` @@ -1685,7 +1686,7 @@ Data type: `Enum['present', Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. -Default value: 'present' +Default value: `'present'` ##### `group` @@ -1693,7 +1694,7 @@ Data type: `String` Sets the OS group to run psql -Default value: $postgresql::server::group +Default value: `$postgresql::server::group` ##### `psql_path` @@ -1701,7 +1702,7 @@ Data type: `String` Sets the path to psql command -Default value: $postgresql::server::psql_path +Default value: `$postgresql::server::psql_path` ##### `object_arguments` @@ -1709,9 +1710,9 @@ Data type: `Array[String[1],0]` -Default value: [] +Default value: `[]` -### postgresql::server::grant_role +### `postgresql::server::grant_role` Define for granting membership to a role. @@ -1731,7 +1732,7 @@ Data type: `String[1]` Specifies the role you want to assign to a group. If left blank, uses the name of the resource. -Default value: $name +Default value: `$name` ##### `ensure` @@ -1739,7 +1740,7 @@ Data type: `Enum['present', 'absent']` Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'. -Default value: 'present' +Default value: `'present'` ##### `psql_db` @@ -1747,7 +1748,7 @@ Data type: `Any` Specifies the database to execute the grant against. This should not ordinarily be changed from the default -Default value: $postgresql::server::default_database +Default value: `$postgresql::server::default_database` ##### `psql_user` @@ -1755,7 +1756,7 @@ Data type: `Any` Sets the OS user to run psql. -Default value: $postgresql::server::user +Default value: `$postgresql::server::user` ##### `port` @@ -1763,7 +1764,7 @@ Data type: `Any` Port to use when connecting. -Default value: $postgresql::server::port +Default value: `$postgresql::server::port` ##### `connect_settings` @@ -1771,9 +1772,9 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` -### postgresql::server::pg_hba_rule +### `postgresql::server::pg_hba_rule` This resource manages an individual rule that applies to the file defined in target. @@ -1812,7 +1813,7 @@ Data type: `Optional[String]` Sets a CIDR based address for this rule matching when the type is not 'local'. -Default value: `undef` +Default value: ``undef`` ##### `description` @@ -1820,7 +1821,7 @@ Data type: `String` Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. -Default value: 'none' +Default value: `'none'` ##### `auth_option` @@ -1828,7 +1829,7 @@ Data type: `Optional[String]` For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. -Default value: `undef` +Default value: ``undef`` ##### `order` @@ -1836,7 +1837,7 @@ Data type: `Variant[String, Integer]` Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. -Default value: 150 +Default value: `150` ##### `target` @@ -1844,7 +1845,7 @@ Data type: `Stdlib::Absolutepath` Provides the target for the rule, and is generally an internal only property. Use with caution. -Default value: $postgresql::server::pg_hba_conf_path +Default value: `$postgresql::server::pg_hba_conf_path` ##### `postgresql_version` @@ -1852,9 +1853,9 @@ Data type: `String` Manages pg_hba.conf without managing the entire PostgreSQL instance. -Default value: $postgresql::server::_version +Default value: `$postgresql::server::_version` -### postgresql::server::pg_ident_rule +### `postgresql::server::pg_ident_rule` This resource manages an individual rule that applies to the file defined in target. @@ -1886,7 +1887,7 @@ Data type: `Any` Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. -Default value: 'none' +Default value: `'none'` ##### `order` @@ -1894,7 +1895,7 @@ Data type: `Any` Defines an order for placing the mapping in pg_ident.conf. Default value: 150. -Default value: '150' +Default value: `'150'` ##### `target` @@ -1902,9 +1903,9 @@ Data type: `Any` Provides the target for the rule and is generally an internal only property. Use with caution. -Default value: $postgresql::server::pg_ident_conf_path +Default value: `$postgresql::server::pg_ident_conf_path` -### postgresql::server::reassign_owned_by +### `postgresql::server::reassign_owned_by` Define for reassigning the ownership of objects within a database. @@ -1938,7 +1939,7 @@ Data type: `String` Specifies the OS user for running psql. -Default value: $postgresql::server::user +Default value: `$postgresql::server::user` ##### `port` @@ -1946,7 +1947,7 @@ Data type: `Integer` Port to use when connecting. -Default value: $postgresql::server::port +Default value: `$postgresql::server::port` ##### `connect_settings` @@ -1954,9 +1955,9 @@ Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` -### postgresql::server::recovery +### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -1975,7 +1976,7 @@ Data type: `Any` The shell command to execute to retrieve an archived segment of the WAL file series. -Default value: `undef` +Default value: ``undef`` ##### `archive_cleanup_command` @@ -1983,7 +1984,7 @@ Data type: `Any` This optional parameter specifies a shell command that will be executed at every restartpoint. -Default value: `undef` +Default value: ``undef`` ##### `recovery_end_command` @@ -1991,7 +1992,7 @@ Data type: `Any` This parameter specifies a shell command that will be executed once only at the end of recovery. -Default value: `undef` +Default value: ``undef`` ##### `recovery_target_name` @@ -1999,7 +2000,7 @@ Data type: `Any` This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` ##### `recovery_target_time` @@ -2007,7 +2008,7 @@ Data type: `Any` This parameter specifies the time stamp up to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` ##### `recovery_target_xid` @@ -2015,7 +2016,7 @@ Data type: `Any` This parameter specifies the transaction ID up to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` ##### `recovery_target_inclusive` @@ -2023,7 +2024,7 @@ Data type: `Any` Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). -Default value: `undef` +Default value: ``undef`` ##### `recovery_target` @@ -2031,7 +2032,7 @@ Data type: `Any` This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. -Default value: `undef` +Default value: ``undef`` ##### `recovery_target_timeline` @@ -2039,7 +2040,7 @@ Data type: `Any` Specifies recovering into a particular timeline. -Default value: `undef` +Default value: ``undef`` ##### `pause_at_recovery_target` @@ -2047,7 +2048,7 @@ Data type: `Any` Specifies whether recovery should pause when the recovery target is reached. -Default value: `undef` +Default value: ``undef`` ##### `standby_mode` @@ -2055,7 +2056,7 @@ Data type: `Any` Specifies whether to start the PostgreSQL server as a standby. -Default value: `undef` +Default value: ``undef`` ##### `primary_conninfo` @@ -2063,7 +2064,7 @@ Data type: `Any` Specifies a connection string to be used for the standby server to connect with the primary. -Default value: `undef` +Default value: ``undef`` ##### `primary_slot_name` @@ -2071,7 +2072,7 @@ Data type: `Any` Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. -Default value: `undef` +Default value: ``undef`` ##### `trigger_file` @@ -2079,7 +2080,7 @@ Data type: `Any` Specifies a trigger file whose presence ends recovery in the standby. -Default value: `undef` +Default value: ``undef`` ##### `recovery_min_apply_delay` @@ -2087,7 +2088,7 @@ Data type: `Any` This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. -Default value: `undef` +Default value: ``undef`` ##### `target` @@ -2095,9 +2096,9 @@ Data type: `Any` Provides the target for the rule, and is generally an internal only property. Use with caution. -Default value: $postgresql::server::recovery_conf_path +Default value: `$postgresql::server::recovery_conf_path` -### postgresql::server::role +### `postgresql::server::role` Define for creating a database role. @@ -2111,7 +2112,7 @@ Data type: `Any` If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. -Default value: `true` +Default value: ``true`` ##### `password_hash` @@ -2119,7 +2120,7 @@ Data type: `Any` Sets the hash to use during password creation. -Default value: `false` +Default value: ``false`` ##### `createdb` @@ -2127,7 +2128,7 @@ Data type: `Any` Specifies whether to grant the ability to create new databases with this role. -Default value: `false` +Default value: ``false`` ##### `createrole` @@ -2135,7 +2136,7 @@ Data type: `Any` Specifies whether to grant the ability to create new roles with this role. -Default value: `false` +Default value: ``false`` ##### `db` @@ -2143,7 +2144,7 @@ Data type: `Any` Database used to connect to. -Default value: $postgresql::server::default_database +Default value: `$postgresql::server::default_database` ##### `port` @@ -2151,7 +2152,7 @@ Data type: `Any` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` ##### `login` @@ -2159,7 +2160,7 @@ Data type: `Any` Specifies whether to grant login capability for the new role. -Default value: `true` +Default value: ``true`` ##### `inherit` @@ -2167,7 +2168,7 @@ Data type: `Any` Specifies whether to grant inherit capability for the new role. -Default value: `true` +Default value: ``true`` ##### `superuser` @@ -2175,7 +2176,7 @@ Data type: `Any` Specifies whether to grant super user capability for the new role. -Default value: `false` +Default value: ``false`` ##### `replication` @@ -2183,7 +2184,7 @@ Data type: `Any` Provides provides replication capabilities for this role if set to true. -Default value: `false` +Default value: ``false`` ##### `connection_limit` @@ -2191,7 +2192,7 @@ Data type: `Any` Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. -Default value: '-1' +Default value: `'-1'` ##### `username` @@ -2199,7 +2200,7 @@ Data type: `Any` Defines the username of the role to create. -Default value: $title +Default value: `$title` ##### `connect_settings` @@ -2207,7 +2208,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` ##### `ensure` @@ -2215,7 +2216,7 @@ Data type: `Enum['present', 'absent']` Specify whether to create or drop the role. Specifying 'present' creates the role. Specifying 'absent' drops the role. -Default value: 'present' +Default value: `'present'` ##### `psql_user` @@ -2223,7 +2224,7 @@ Data type: `Any` Sets the OS user to run psql -Default value: $postgresql::server::user +Default value: `$postgresql::server::user` ##### `psql_group` @@ -2231,7 +2232,7 @@ Data type: `Any` Sets the OS group to run psql -Default value: $postgresql::server::group +Default value: `$postgresql::server::group` ##### `psql_path` @@ -2239,7 +2240,7 @@ Data type: `Any` Sets path to psql command -Default value: $postgresql::server::psql_path +Default value: `$postgresql::server::psql_path` ##### `module_workdir` @@ -2247,9 +2248,9 @@ Data type: `Any` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: $postgresql::server::module_workdir +Default value: `$postgresql::server::module_workdir` -### postgresql::server::schema +### `postgresql::server::schema` Create a new schema. @@ -2275,7 +2276,7 @@ Data type: `Any` Required. Sets the name of the database in which to create this schema. -Default value: $postgresql::server::default_database +Default value: `$postgresql::server::default_database` ##### `owner` @@ -2283,7 +2284,7 @@ Data type: `Any` Sets the default owner of the schema. -Default value: `undef` +Default value: ``undef`` ##### `schema` @@ -2291,7 +2292,7 @@ Data type: `Any` Sets the name of the schema. -Default value: $title +Default value: `$title` ##### `connect_settings` @@ -2299,9 +2300,9 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` -### postgresql::server::table_grant +### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -2339,7 +2340,7 @@ Data type: `Any` Specifies whether to grant or revoke the privilege. Default is to grant the privilege. -Default value: `undef` +Default value: ``undef`` ##### `port` @@ -2347,7 +2348,7 @@ Data type: `Any` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` ##### `psql_db` @@ -2355,7 +2356,7 @@ Data type: `Any` Specifies the database to execute the grant against. This should not ordinarily be changed from the default. -Default value: `undef` +Default value: ``undef`` ##### `psql_user` @@ -2363,7 +2364,7 @@ Data type: `Any` Specifies the OS user for running psql. -Default value: `undef` +Default value: ``undef`` ##### `connect_settings` @@ -2371,7 +2372,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: `undef` +Default value: ``undef`` ##### `onlyif_exists` @@ -2379,9 +2380,9 @@ Data type: `Any` Create grant only if it doesn't exist. -Default value: `false` +Default value: ``false`` -### postgresql::server::tablespace +### `postgresql::server::tablespace` This module creates tablespace. @@ -2401,7 +2402,7 @@ Data type: `Any` Set to false if you have file{ $location: } already defined -Default value: `true` +Default value: ``true`` ##### `owner` @@ -2409,7 +2410,7 @@ Data type: `Any` Specifies the default owner of the tablespace. -Default value: `undef` +Default value: ``undef`` ##### `spcname` @@ -2417,7 +2418,7 @@ Data type: `Any` Specifies the name of the tablespace. -Default value: $title +Default value: `$title` ##### `connect_settings` @@ -2425,9 +2426,9 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: $postgresql::server::default_connect_settings +Default value: `$postgresql::server::default_connect_settings` -### postgresql::validate_db_connection +### `postgresql::validate_db_connection` This validated if the postgres connection can be established between the node on which this resource is run and a specified postgres @@ -2443,7 +2444,7 @@ Data type: `Any` Database host address -Default value: `undef` +Default value: ``undef`` ##### `database_name` @@ -2451,7 +2452,7 @@ Data type: `Any` Specifies the name of the database you wish to test. -Default value: `undef` +Default value: ``undef`` ##### `database_password` @@ -2459,7 +2460,7 @@ Data type: `Any` Specifies the password to connect with. -Default value: `undef` +Default value: ``undef`` ##### `database_username` @@ -2467,7 +2468,7 @@ Data type: `Any` Specifies the username to connect with. -Default value: `undef` +Default value: ``undef`` ##### `database_port` @@ -2475,7 +2476,7 @@ Data type: `Any` Defines the port to use when connecting. -Default value: `undef` +Default value: ``undef`` ##### `connect_settings` @@ -2483,7 +2484,7 @@ Data type: `Any` Specifies a hash of environment variables used when connecting to a remote server. -Default value: `undef` +Default value: ``undef`` ##### `run_as` @@ -2491,7 +2492,7 @@ Data type: `Any` Specifies the user to run the psql command as. -Default value: `undef` +Default value: ``undef`` ##### `sleep` @@ -2499,7 +2500,7 @@ Data type: `Any` Sets the number of seconds to sleep for before trying again after a failure. -Default value: 2 +Default value: `2` ##### `tries` @@ -2507,7 +2508,7 @@ Data type: `Any` Sets the number of attempts after failure before giving up and failing the resource. -Default value: 10 +Default value: `10` ##### `create_db_first` @@ -2515,11 +2516,11 @@ Data type: `Any` Creates the database when obtaining a successful connection. -Default value: `true` +Default value: ``true`` ## Resource types -### postgresql_conf +### `postgresql_conf` This type allows puppet to manage postgresql.conf parameters. @@ -2529,33 +2530,38 @@ The following properties are available in the `postgresql_conf` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` The basic property that the resource should be in. -Default value: present - -##### `value` - -The value to set for this parameter. +Default value: `present` ##### `target` The path to postgresql.conf +##### `value` + +The value to set for this parameter. + #### Parameters The following parameters are available in the `postgresql_conf` type. ##### `name` -Valid values: %r{^[\w\.]+$} +Valid values: `%r{^[\w\.]+$}` namevar The postgresql parameter name to manage. -### postgresql_conn_validator +##### `provider` + +The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `postgresql_conn_validator` Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to @@ -2569,57 +2575,56 @@ The following properties are available in the `postgresql_conn_validator` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` Ensure connection validation -Default value: present +Default value: `present` #### Parameters The following parameters are available in the `postgresql_conn_validator` type. -##### `name` +##### `command` -namevar +Command to run against target database. -An arbitrary name used as the identity of the resource. +Default value: `SELECT 1` -##### `db_name` +##### `connect_settings` -The name of the database you are trying to validate a connection with. +Hash of environment variables for connection to a db. -##### `db_username` +##### `db_name` -A user that has access to the target PostgreSQL database. +The name of the database you are trying to validate a connection with. ##### `db_password` The password required to access the target PostgreSQL database. -##### `host` - -The DNS name or IP address of the server where PostgreSQL should be running. +##### `db_username` -##### `port` +A user that has access to the target PostgreSQL database. -The port that the PostgreSQL server should be listening on. +##### `host` -##### `connect_settings` +The DNS name or IP address of the server where PostgreSQL should be running. -Hash of environment variables for connection to a db. +##### `name` -##### `sleep` +namevar -The length of sleep time between connection tries. +An arbitrary name used as the identity of the resource. -Default value: 2 +##### `port` -##### `tries` +The port that the PostgreSQL server should be listening on. -The number of tries to validate the connection to the target PostgreSQL database. +##### `provider` -Default value: 10 +The specific backend to use for this `postgresql_conn_validator` resource. You will seldom need to specify this --- +Puppet will usually discover the appropriate provider for your platform. ##### `psql_path` @@ -2629,13 +2634,19 @@ Path to the psql command. System user that will run the psql command. -##### `command` +##### `sleep` -Command to run against target database. +The length of sleep time between connection tries. + +Default value: `2` -Default value: SELECT 1 +##### `tries` -### postgresql_psql +The number of tries to validate the connection to the target PostgreSQL database. + +Default value: `10` + +### `postgresql_psql` An arbitrary tag for your own reference; the name of the message. @@ -2651,19 +2662,32 @@ The SQL command to execute via psql. The following parameters are available in the `postgresql_psql` type. +##### `connect_settings` + +Connection settings that will be used when connecting to postgres + +##### `cwd` + +The working directory under which the psql command should be executed. + +Default value: `/tmp` + +##### `db` + +The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings + +##### `environment` + +Any additional environment variables you want to set for a +SQL command. Multiple environment variables should be +specified as an array. + ##### `name` namevar An arbitrary tag for your own reference; the name of the message. -##### `unless` - -An optional SQL command to execute prior to the main :command; -this is generally intended to be used for idempotency, to check -for the existence of an object in the database to determine whether -or not the main SQL command needs to be executed at all.' - ##### `onlyif` An optional SQL command to execute prior to the main :command; @@ -2671,61 +2695,53 @@ this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -##### `connect_settings` - -Connection settings that will be used when connecting to postgres +##### `port` -##### `db` +The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. -The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings +##### `provider` -##### `port` +The specific backend to use for this `postgresql_psql` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. -The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. +##### `psql_group` -##### `search_path` +The system user group account under which the psql command should be executed. -The schema search path to use when executing the SQL command +Default value: `postgres` ##### `psql_path` The path to psql executable. -Default value: psql +Default value: `psql` ##### `psql_user` The system user account under which the psql command should be executed. -Default value: postgres - -##### `psql_group` - -The system user group account under which the psql command should be executed. +Default value: `postgres` -Default value: postgres - -##### `cwd` +##### `refreshonly` -The working directory under which the psql command should be executed. +Valid values: ``true``, ``false`` -Default value: /tmp +If 'true', then the SQL will only be executed via a notify/subscribe event. -##### `environment` +Default value: ``false`` -Any additional environment variables you want to set for a -SQL command. Multiple environment variables should be -specified as an array. - -##### `refreshonly` +##### `search_path` -Valid values: `true`, `false` +The schema search path to use when executing the SQL command -If 'true', then the SQL will only be executed via a notify/subscribe event. +##### `unless` -Default value: `false` +An optional SQL command to execute prior to the main :command; +this is generally intended to be used for idempotency, to check +for the existence of an object in the database to determine whether +or not the main SQL command needs to be executed at all.' -### postgresql_replication_slot +### `postgresql_replication_slot` This type allows to create and destroy replication slots to register warm standby replication on a Postgresql @@ -2737,11 +2753,11 @@ The following properties are available in the `postgresql_replication_slot` type ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` The basic property that the resource should be in. -Default value: present +Default value: `present` #### Parameters @@ -2749,15 +2765,20 @@ The following parameters are available in the `postgresql_replication_slot` type ##### `name` -Valid values: %r{^[a-z0-9_]+$} +Valid values: `%r{^[a-z0-9_]+$}` namevar The name of the slot to create. Must be a valid replication slot name. +##### `provider` + +The specific backend to use for this `postgresql_replication_slot` resource. You will seldom need to specify this --- +Puppet will usually discover the appropriate provider for your platform. + ## Functions -### postgresql::default +### `postgresql::default` Type: Puppet Language @@ -2791,7 +2812,7 @@ Data type: `String` -### postgresql::postgresql_escape +### `postgresql::postgresql_escape` Type: Ruby 4.x API @@ -2809,7 +2830,7 @@ Data type: `String[1]` The unescaped string you want to escape using `dollar quoting` -### postgresql::postgresql_password +### `postgresql::postgresql_password` Type: Ruby 4.x API @@ -2833,7 +2854,7 @@ Data type: `Variant[String[1],Integer]` The clear text `password` -### postgresql_escape +### `postgresql_escape` Type: Ruby 4.x API @@ -2851,7 +2872,7 @@ Data type: `Any` -### postgresql_password +### `postgresql_password` Type: Ruby 4.x API @@ -2871,7 +2892,7 @@ Data type: `Any` ## Tasks -### sql +### `sql` Allows you to execute arbitary SQL diff --git a/metadata.json b/metadata.json index bc611969ac..dc1cc66fe9 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.6.0", + "version": "6.7.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From e60a05dfec82da1649e3c9d71441c5168f29816e Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Wed, 23 Sep 2020 15:25:20 +0100 Subject: [PATCH 0543/1000] (IAC-1136) Back out CentOS 8 tests from TravisCI --- .travis.yml | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/.travis.yml b/.travis.yml index 271ea34184..f6b8aa8421 100644 --- a/.travis.yml +++ b/.travis.yml @@ -82,17 +82,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - bundler_args: - env: PLATFORMS=travis_el8_puppet5 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" @@ -126,17 +115,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - bundler_args: - env: PLATFORMS=travis_el8_puppet6 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static From 3ed5c402467b01cf1c90f6458040e1f3f9b09fef Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Wed, 23 Sep 2020 10:31:58 +0100 Subject: [PATCH 0544/1000] (maint) Use 'policycoreutils-python-utils' on RHEL 8 The `policycoreutils-python` package has now been replaced by the `policycoreutils-python-utils` on RHEL 8 according to [this documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/considerations_in_adopting_rhel_8/index#selinux-python3_security) --- spec/spec_helper_acceptance_local.rb | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index f73d697211..6c6f6c2002 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -24,10 +24,19 @@ def install_dependencies package { 'iproute2': ensure => installed } MANIFEST LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') - selinux = <<-MANIFEST + + return unless os[:family] == 'redhat' + + selinux = if os[:release].start_with?('6', '7') + <<-MANIFEST package { 'policycoreutils-python': ensure => installed } - MANIFEST - LitmusHelper.instance.apply_manifest(selinux) if os[:family] == 'redhat' && os[:release].start_with?('6', '7') + MANIFEST + elsif os[:release].start_with?('8') + <<-MANIFEST + package { 'policycoreutils-python-utils': ensure => installed } + MANIFEST + end + LitmusHelper.instance.apply_manifest(selinux) end def postgresql_version From 662729590bad75bdb38fefc710378f1058fccd2a Mon Sep 17 00:00:00 2001 From: sanfrancrisko <55992494+sanfrancrisko@users.noreply.github.com> Date: Mon, 21 Sep 2020 16:15:28 +0100 Subject: [PATCH 0545/1000] (maint) Fix typo in provision.yaml --- provision.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provision.yaml b/provision.yaml index b0022df264..cc35ea3a72 100644 --- a/provision.yaml +++ b/provision.yaml @@ -1,7 +1,7 @@ --- default: provisioner: docker - images: ['litmusimage/centos7'] + images: ['litmusimage/centos:7'] vagrant: provisioner: vagrant images: ['centos/7', 'generic/ubuntu1804'] From df7f406cb18c57a5d38c8cf2e0066c66d82785d1 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 10 Aug 2020 12:00:18 +0200 Subject: [PATCH 0546/1000] Allow removal of config_entries via main class This allows removal of config entries by setting their value to undef. In doing so, users can remove values via hiera. One example is checkpoint_segments which was removed in PostgreSQL 9.5, but commonly used as a tuning parameter in older versions. --- manifests/server.pp | 3 ++- spec/unit/classes/server_spec.rb | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 480a8718b0..2bab98dc74 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -184,7 +184,8 @@ $config_entries.each |$entry, $value| { postgresql::server::config_entry { $entry: - value => $value, + ensure => bool2str($value =~ Undef, 'absent', 'present'), + value => $value, } } diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 9cef244061..d0a401afb8 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -209,13 +209,15 @@ class { 'postgresql::globals': config_entries: { fsync: 'off', checkpoint_segments: '20', + remove_me: :undef, }, } end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql__server__config_entry('fsync').with_value('off') } - it { is_expected.to contain_postgresql__server__config_entry('checkpoint_segments').with_value('20') } + it { is_expected.to contain_postgresql__server__config_entry('fsync').with_value('off').with_ensure('present') } + it { is_expected.to contain_postgresql__server__config_entry('checkpoint_segments').with_value('20').with_ensure('present') } + it { is_expected.to contain_postgresql__server__config_entry('remove_me').with_value(nil).with_ensure('absent') } end describe 'additional pg_hba_rules' do From ca0f9bf4f1bcf7ccffe6570bb2b96d6c1b9bb59e Mon Sep 17 00:00:00 2001 From: Romuald Conty Date: Thu, 27 Aug 2020 16:54:26 +0200 Subject: [PATCH 0547/1000] Fix code indentation --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 15b72bd2fb..2501e37748 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -187,7 +187,7 @@ /^6/ => pick($java_package_name, 'libpg-java'), default => pick($java_package_name, 'libpostgresql-jdbc-java'), }, - default => pick($java_package_name, 'libpostgresql-jdbc-java'), + default => pick($java_package_name, 'libpostgresql-jdbc-java'), } $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") From baa009197b8347fb67939a4e7512dc08d6ed76af Mon Sep 17 00:00:00 2001 From: Romuald Conty Date: Thu, 27 Aug 2020 16:53:43 +0200 Subject: [PATCH 0548/1000] Fix contrib_package_name under Debian 10 --- manifests/params.pp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 2501e37748..a02f19771f 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -173,7 +173,11 @@ $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") - $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") + if $::operatingsystem == 'Debian' and $::operatingsystemrelease =~ /^10/ and $postgresql::globals::manage_package_repo != true { + $contrib_package_name = pick($contrib_package_name, 'postgresql-contrib') + } else { + $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") + } if $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") } elsif $postgis_version and versioncmp($postgis_version, '3') >= 0 { From e5835e959e251964417a70c41d289edc5c8af75b Mon Sep 17 00:00:00 2001 From: Pat Riehecky Date: Mon, 14 Sep 2020 16:07:36 -0500 Subject: [PATCH 0549/1000] Resolve simple puppet-lint notices --- functions/default.pp | 4 +- manifests/client.pp | 2 - manifests/globals.pp | 24 +++++----- manifests/lib/devel.pp | 6 +-- manifests/lib/docs.pp | 2 - manifests/lib/java.pp | 2 - manifests/lib/perl.pp | 4 +- manifests/lib/python.pp | 4 +- manifests/params.pp | 36 +++++++-------- manifests/repo.pp | 4 +- manifests/repo/apt_postgresql_org.pp | 4 +- manifests/repo/yum_postgresql_org.pp | 4 +- manifests/server.pp | 2 +- manifests/server/config.pp | 45 +++++++++---------- manifests/server/config_entry.pp | 40 ++++++++--------- manifests/server/contrib.pp | 3 +- manifests/server/database.pp | 4 +- manifests/server/database_grant.pp | 2 +- manifests/server/db.pp | 1 - manifests/server/extension.pp | 6 +-- manifests/server/grant.pp | 40 ++++++++--------- manifests/server/initdb.pp | 16 +++---- manifests/server/install.pp | 1 - manifests/server/pg_hba_rule.pp | 6 +-- manifests/server/pg_ident_rule.pp | 6 +-- manifests/server/plperl.pp | 3 +- manifests/server/plpython.pp | 3 +- manifests/server/postgis.pp | 1 - manifests/server/reassign_owned_by.pp | 1 - manifests/server/recovery.pp | 9 ++-- manifests/server/role.pp | 19 ++++---- manifests/server/schema.pp | 2 +- manifests/server/service.pp | 5 +-- manifests/server/table_grant.pp | 2 +- manifests/server/tablespace.pp | 2 +- manifests/validate_db_connection.pp | 2 +- spec/unit/classes/client_spec.rb | 8 ++-- spec/unit/classes/globals_spec.rb | 11 +++-- spec/unit/classes/lib/devel_spec.rb | 32 +++++++------ spec/unit/classes/lib/java_spec.rb | 16 ++++--- spec/unit/classes/lib/perl_spec.rb | 16 ++++--- spec/unit/classes/lib/pgdocs_spec.rb | 8 ++-- spec/unit/classes/lib/python_spec.rb | 16 ++++--- spec/unit/classes/params_spec.rb | 8 ++-- spec/unit/classes/repo_spec.rb | 3 -- spec/unit/classes/server/config_spec.rb | 30 ++++++------- spec/unit/classes/server/contrib_spec.rb | 14 +++--- spec/unit/classes/server/initdb_spec.rb | 40 ++++++++++------- spec/unit/classes/server/plperl_spec.rb | 8 ++-- spec/unit/classes/server/plpython_spec.rb | 8 ++-- spec/unit/classes/server/postgis_spec.rb | 8 ++-- spec/unit/classes/server_spec.rb | 3 -- spec/unit/defines/server/config_entry_spec.rb | 40 ++++++++++------- .../defines/server/database_grant_spec.rb | 8 ++-- spec/unit/defines/server/database_spec.rb | 8 ++-- spec/unit/defines/server/db_spec.rb | 8 ++-- spec/unit/defines/server/extension_spec.rb | 8 ++-- spec/unit/defines/server/grant_role_spec.rb | 12 +++-- spec/unit/defines/server/grant_spec.rb | 8 ++-- spec/unit/defines/server/pg_hba_rule_spec.rb | 8 ++-- .../unit/defines/server/pg_ident_rule_spec.rb | 8 ++-- .../defines/server/reassign_owned_by_spec.rb | 8 ++-- spec/unit/defines/server/recovery_spec.rb | 8 ++-- spec/unit/defines/server/role_spec.rb | 8 ++-- spec/unit/defines/server/schema_spec.rb | 8 ++-- spec/unit/defines/server/table_grant_spec.rb | 8 ++-- spec/unit/defines/server/tablespace_spec.rb | 8 ++-- .../defines/validate_db_connection_spec.rb | 8 ++-- 68 files changed, 378 insertions(+), 332 deletions(-) diff --git a/functions/default.pp b/functions/default.pp index 7ce7684422..7852530791 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -5,11 +5,11 @@ # function postgresql::default( String $parameter_name -){ +) { include postgresql::params #search for the variable name in params first #then fall back to globals if not found pick( getvar("postgresql::params::${parameter_name}"), - "postgresql::globals::${parameter_name}") + "postgresql::globals::${parameter_name}") } diff --git a/manifests/client.pp b/manifests/client.pp index 2235f68a09..7bb31a8309 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -17,7 +17,6 @@ String[1] $package_name = $postgresql::params::client_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - if $package_name != 'UNSET' { package { 'postgresql-client': ensure => $package_ensure, @@ -33,5 +32,4 @@ group => 0, mode => '0755', } - } diff --git a/manifests/globals.pp b/manifests/globals.pp index 9914a2390d..4d5502e11e 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -150,9 +150,9 @@ ) { # We are determining this here, because it is needed by the package repo # class. - $default_version = $::osfamily ? { - /^(RedHat|Linux)/ => $::operatingsystem ? { - 'Fedora' => $::operatingsystemrelease ? { + $default_version = $facts['os']['family'] ? { + /^(RedHat|Linux)/ => $facts['os']['name'] ? { + 'Fedora' => $facts['os']['release']['full'] ? { /^(32)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', @@ -167,7 +167,7 @@ default => undef, }, 'Amazon' => '9.2', - default => $::operatingsystemrelease ? { + default => $facts['os']['release']['full'] ? { /^8\./ => '10', /^7\./ => '9.2', /^6\./ => '8.4', @@ -175,8 +175,8 @@ default => undef, }, }, - 'Debian' => $::operatingsystem ? { - 'Debian' => $::operatingsystemrelease ? { + 'Debian' => $facts['os']['name'] ? { + 'Debian' => $facts['os']['release']['full'] ? { /^(squeeze|6\.)/ => '8.4', /^(wheezy|7\.)/ => '9.1', /^(jessie|8\.)/ => '9.4', @@ -184,7 +184,7 @@ /^(buster|10\.)/ => '11', default => undef, }, - 'Ubuntu' => $::operatingsystemrelease ? { + 'Ubuntu' => $facts['os']['release']['full'] ? { /^(10.04|10.10|11.04)$/ => '8.4', /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(14.04)$/ => '9.3', @@ -197,19 +197,19 @@ }, default => undef, }, - 'Archlinux' => $::operatingsystem ? { + 'Archlinux' => $facts['os']['name'] ? { /Archlinux/ => '9.2', default => '9.2', }, 'Gentoo' => '9.5', 'FreeBSD' => '93', - 'OpenBSD' => $::operatingsystemrelease ? { + 'OpenBSD' => $facts['os']['release']['full'] ? { /5\.6/ => '9.3', /5\.[7-9]/ => '9.4', /6\.[0-9]/ => '9.5', }, - 'Suse' => $::operatingsystem ? { - 'SLES' => $::operatingsystemrelease ? { + 'Suse' => $facts['os']['name'] ? { + 'SLES' => $facts['os']['release']['full'] ? { /11\.[0-3]/ => '91', /11\.4/ => '94', /12\.0/ => '93', @@ -218,7 +218,7 @@ /15\.0/ => '10', default => '96', }, - 'OpenSuSE' => $::operatingsystemrelease ? { + 'OpenSuSE' => $facts['os']['release']['full'] ? { /42\.[1-2]/ => '94', default => '96', }, diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index ee37509be6..0efa6f6d21 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -8,13 +8,12 @@ # If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. # # -class postgresql::lib::devel( +class postgresql::lib::devel ( String $package_name = $postgresql::params::devel_package_name, String[1] $package_ensure = 'present', Boolean $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { - - if $::osfamily == 'Gentoo' { + if $facts['os']['family'] == 'Gentoo' { fail('osfamily Gentoo does not have a separate "devel" package, postgresql::lib::devel is not supported') } @@ -32,5 +31,4 @@ } } } - } diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index b3bd138e4e..0eba0607f4 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -13,11 +13,9 @@ String $package_name = $postgresql::params::docs_package_name, String[1] $package_ensure = 'present', ) inherits postgresql::params { - package { 'postgresql-docs': ensure => $package_ensure, name => $package_name, tag => 'puppetlabs-postgresql', } - } diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index 3fa98e1d9b..ac1ff28095 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -12,11 +12,9 @@ String $package_name = $postgresql::params::java_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - package { 'postgresql-jdbc': ensure => $package_ensure, name => $package_name, tag => 'puppetlabs-postgresql', } - } diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 782ddeeabe..2a9b714391 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -5,15 +5,13 @@ # @param package_ensure # Ensure the perl libs for postgresql are installed. # -class postgresql::lib::perl( +class postgresql::lib::perl ( String $package_name = $postgresql::params::perl_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - package { 'perl-DBD-Pg': ensure => $package_ensure, name => $package_name, tag => 'puppetlabs-postgresql', } - } diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 7f7f0a868b..3587e8cdeb 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -5,15 +5,13 @@ # @param package_ensure # Ensure the python libs for postgresql are installed. # -class postgresql::lib::python( +class postgresql::lib::python ( String[1] $package_name = $postgresql::params::python_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - package { 'python-psycopg2': ensure => $package_ensure, name => $package_name, tag => 'puppetlabs-postgresql', } - } diff --git a/manifests/params.pp b/manifests/params.pp index 15b72bd2fb..12c8d9c101 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -31,7 +31,7 @@ $manage_xlogdir = true # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. - case $::osfamily { + case $facts['os']['family'] { 'RedHat', 'Linux': { $link_pg_config = true $user = pick($user, 'postgres') @@ -40,7 +40,7 @@ $version_parts = split($version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" - if $version == $postgresql::globals::default_version and $::operatingsystem != 'Amazon' { + if $version == $postgresql::globals::default_version and $facts['os']['name'] != 'Amazon' { $client_package_name = pick($client_package_name, 'postgresql') $server_package_name = pick($server_package_name, 'postgresql-server') $contrib_package_name = pick($contrib_package_name,'postgresql-contrib') @@ -51,7 +51,7 @@ $plpython_package_name = pick($plpython_package_name, 'postgresql-plpython') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/bin') - $datadir = $::operatingsystem ? { + $datadir = $facts['os']['name'] ? { 'Amazon' => pick($datadir, "/var/lib/pgsql${package_version}/data"), default => pick($datadir, '/var/lib/pgsql/data'), } @@ -65,22 +65,22 @@ $docs_package_name = pick($docs_package_name, "postgresql${package_version}-docs") $plperl_package_name = pick($plperl_package_name, "postgresql${package_version}-plperl") $plpython_package_name = pick($plpython_package_name, "postgresql${package_version}-plpython") - $service_name = $::operatingsystem ? { + $service_name = $facts['os']['name'] ? { 'Amazon' => pick($service_name, "postgresql${version_parts[0]}${version_parts[1]}"), default => pick($service_name, "postgresql-${version}"), } - $bindir = $::operatingsystem ? { + $bindir = $facts['os']['name'] ? { 'Amazon' => pick($bindir, '/usr/bin'), default => pick($bindir, "/usr/pgsql-${version}/bin"), } - $datadir = $::operatingsystem ? { + $datadir = $facts['os']['name'] ? { 'Amazon' => pick($datadir, "/var/lib/pgsql${package_version}/data"), default => pick($datadir, "/var/lib/pgsql/${version}/data"), } $confdir = pick($confdir, $datadir) } - case $::operatingsystem { + case $facts['os']['name'] { 'Amazon': { $service_reload = "service ${service_name} reload" $service_status = "service ${service_name} status" @@ -88,7 +88,7 @@ # RHEL 5 uses SysV init, RHEL 6 uses upstart. RHEL 7 and 8 both use systemd. 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { - if $::operatingsystemrelease =~ /^[78].*/ { + if $facts['os']['release']['full'] =~ /^[78].*/ { $service_reload = "systemctl reload ${service_name}" $service_status = "systemctl status ${service_name}" } else { @@ -111,7 +111,7 @@ if $postgresql::globals::postgis_package_name { $postgis_package_name = $postgresql::globals::postgis_package_name - } elsif $::operatingsystemrelease =~ /^5\./ { + } elsif $facts['os']['release']['full'] =~ /^5\./ { $postgis_package_name = 'postgis' } elsif $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = "postgis${package_version}" @@ -161,9 +161,9 @@ $service_name = pick($service_name, 'postgresql') } else { $needs_initdb = pick($needs_initdb, false) - $service_name = $::operatingsystem ? { + $service_name = $facts['os']['name'] ? { 'Debian' => pick($service_name, 'postgresql'), - 'Ubuntu' => $::lsbmajdistrelease ? { + 'Ubuntu' => $facts['os']['distro']['release']['major'] ? { /^10/ => pick($service_name, "postgresql-${version}"), default => pick($service_name, 'postgresql'), }, @@ -182,12 +182,12 @@ $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } $devel_package_name = pick($devel_package_name, 'libpq-dev') - $java_package_name = $::operatingsystem ? { - 'Debian' => $::operatingsystemrelease ? { + $java_package_name = $facts['os']['name'] ? { + 'Debian' => $facts['os']['release']['full'] ? { /^6/ => pick($java_package_name, 'libpg-java'), default => pick($java_package_name, 'libpostgresql-jdbc-java'), }, - default => pick($java_package_name, 'libpostgresql-jdbc-java'), + default => pick($java_package_name, 'libpostgresql-jdbc-java'), } $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") @@ -197,10 +197,10 @@ $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") $confdir = pick($confdir, "/etc/postgresql/${version}/main") - if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8.0') >= 0 { + if $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['full'], '8.0') >= 0 { # Jessie uses systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") - } elsif $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '15.04') >= 0 { + } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '15.04') >= 0 { # Ubuntu releases since vivid use systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name} status") } else { @@ -310,7 +310,7 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, '11.4') <= 0 { + if $facts['os']['name'] == 'SLES' and versioncmp($facts['os']['release']['full'], '11.4') <= 0 { $service_status = pick($service_status, "/etc/init.d/${service_name} status") $service_reload = "/etc/init.d/${service_name} reload" } else { @@ -329,7 +329,7 @@ # Since we can't determine defaults on our own, we rely on users setting # parameters with the postgresql::globals class. Here we are checking # that the mandatory minimum is set for the module to operate. - $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}; please specify a value for ${module_name}::globals::" + $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${facts['os']['family']} operatingsystem: ${facts['os']['name']}; please specify a value for ${module_name}::globals::" if ($needs_initdb == undef) { fail("${err_prefix}needs_initdb") } if ($service_name == undef) { fail("${err_prefix}service_name") } if ($client_package_name == undef) { fail("${err_prefix}client_package_name") } diff --git a/manifests/repo.pp b/manifests/repo.pp index db00943a60..2f422eaac5 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -4,7 +4,7 @@ $proxy = undef, $baseurl = undef, ) { - case $::osfamily { + case $facts['os']['family'] { 'RedHat', 'Linux': { if $version == undef { fail("The parameter 'version' for 'postgresql::repo' is undefined. You must always define it when osfamily == Redhat or Linux") @@ -17,7 +17,7 @@ } default: { - fail("Unsupported managed repository for osfamily: ${::osfamily}, operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") + fail("Unsupported managed repository for osfamily: ${facts['os']['family']}, operatingsystem: ${facts['os']['name']}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") } } } diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 794abbaea2..9bea6e2b93 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -1,6 +1,6 @@ # @api private class postgresql::repo::apt_postgresql_org inherits postgresql::repo { - include ::apt + include apt # Here we have tried to replicate the instructions on the PostgreSQL site: # @@ -16,7 +16,7 @@ } -> apt::source { 'apt.postgresql.org': location => $_baseurl, - release => "${::lsbdistcodename}-pgdg", + release => "${facts['os']['distro']['codename']}-pgdg", repos => "main ${postgresql::repo::version}", key => { id => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 499dca2424..9d0ee191ce 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -9,10 +9,10 @@ owner => 'root', group => 'root', mode => '0644', - before => Yumrepo['yum.postgresql.org'] + before => Yumrepo['yum.postgresql.org'], } - if($::operatingsystem == 'Fedora') { + if($facts['os']['name'] == 'Fedora') { $label1 = 'fedora' $label2 = $label1 } else { diff --git a/manifests/server.pp b/manifests/server.pp index 480a8718b0..7abd64036d 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -155,7 +155,7 @@ $_version = $postgresql::params::version } - if $createdb_path != undef{ + if $createdb_path != undef { warning('Passing "createdb_path" to postgresql::server is deprecated, it can be removed safely for the same behaviour') } diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 93bc9b9396..9ceabf061f 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -107,14 +107,14 @@ } # ensure that SELinux has a proper label for the port defined - if $postgresql::server::manage_selinux == true and $facts['selinux'] == true { - case $facts['osfamily'] { + if $postgresql::server::manage_selinux == true and $facts['os']['selinux']['enabled'] == true { + case $facts['os']['family'] { 'RedHat', 'Linux': { - if $facts['operatingsystem'] == 'Amazon' { + if $facts['os']['name'] == 'Amazon' { $package_name = 'policycoreutils' } else { - $package_name = $facts['operatingsystemmajrelease'] ? { + $package_name = $facts['os']['release']['major'] ? { '5' => 'policycoreutils', '6' => 'policycoreutils-python', '7' => 'policycoreutils-python', @@ -130,9 +130,9 @@ ensure_packages([$package_name]) exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": - unless => "/usr/sbin/semanage port -l | grep -qw ${port}", - before => Postgresql::Server::Config_entry['port'], - require => Package[$package_name], + unless => "/usr/sbin/semanage port -l | grep -qw ${port}", + before => Postgresql::Server::Config_entry['port'], + require => Package[$package_name], } } @@ -140,7 +140,7 @@ value => $port, } - if ($password_encryption) and (versioncmp($version, '10') >= 0){ + if ($password_encryption) and (versioncmp($version, '10') >= 0) { postgresql::server::config_entry { 'password_encryption': value => $password_encryption, } @@ -158,20 +158,19 @@ postgresql::server::config_entry { 'log_directory': value => $logdir, } - } # Allow timestamps in log by default if $log_line_prefix { - postgresql::server::config_entry {'log_line_prefix': + postgresql::server::config_entry { 'log_line_prefix': value => $log_line_prefix, } } # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7|^8/) and ($::operatingsystem != 'Fedora') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['full'] !~ /^7|^8/) and ($facts['os']['name'] != 'Fedora') { file { '/etc/sysconfig/pgsql/postgresql': - ensure => present, + ensure => file, replace => false, } @@ -182,12 +181,10 @@ file { "/etc/sysconfig/pgsql/postgresql-${version}": ensure => link, target => '/etc/sysconfig/pgsql/postgresql', - require => File[ '/etc/sysconfig/pgsql/postgresql' ], + require => File['/etc/sysconfig/pgsql/postgresql'], } - } - if ($manage_pg_ident_conf == true) { concat { $pg_ident_conf_path: owner => $user, @@ -198,48 +195,48 @@ } } - if $::osfamily == 'RedHat' { - if $::operatingsystemrelease =~ /^7|^8/ or $::operatingsystem == 'Fedora' { + if $facts['os']['family'] == 'RedHat' { + if $facts['os']['release']['full'] =~ /^7|^8/ or $facts['os']['name'] == 'Fedora' { # Template uses: # - $::operatingsystem # - $service_name # - $port # - $datadir file { 'systemd-override': - ensure => present, + ensure => file, path => "/etc/systemd/system/${service_name}.service", owner => root, group => root, content => template('postgresql/systemd-override.erb'), - notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ], + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], before => Class['postgresql::server::reload'], } exec { 'restart-systemd': command => 'systemctl daemon-reload', refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin' + path => '/bin:/usr/bin:/usr/local/bin', } } } - elsif $::osfamily == 'Gentoo' { + elsif $facts['os']['family'] == 'Gentoo' { # Template uses: # - $::operatingsystem # - $service_name # - $port # - $datadir file { 'systemd-override': - ensure => present, + ensure => file, path => "/etc/systemd/system/${service_name}.service", owner => root, group => root, content => template('postgresql/systemd-override.erb'), - notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ], + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], before => Class['postgresql::server::reload'], } exec { 'restart-systemd': command => 'systemctl daemon-reload', refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin' + path => '/bin:/usr/bin:/usr/local/bin', } } } diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 6b86f5f831..ee9abd29a7 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -75,8 +75,8 @@ } if ! ($name in $requires_restart_until and ( - ! $requires_restart_until[$name] or - versioncmp($postgresql::server::_version, $requires_restart_until[$name]) < 0 + ! $requires_restart_until[$name] or + versioncmp($postgresql::server::_version, $requires_restart_until[$name]) < 0 )) { Postgresql_conf { notify => Class['postgresql::server::reload'], @@ -96,35 +96,35 @@ # we stop the service completely. On RHEL 7 we either have to create # a systemd override for the port or update the sysconfig file, but this # is managed for us in postgresql::server::config. - if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { - if $name == 'port' and ( $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^10\.04/ ) { - exec { "postgresql_stop_${name}": - command => "service ${::postgresql::server::service_name} stop", - onlyif => "service ${::postgresql::server::service_name} status", - unless => "grep 'port = ${value}' ${::postgresql::server::postgresql_conf_path}", - path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', - before => Postgresql_conf[$name], - } + if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { + if $name == 'port' and ( $facts['os']['release']['full'] =~ /^6/ or $facts['os']['release']['full'] =~ /^10\.04/ ) { + exec { "postgresql_stop_${name}": + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", + unless => "grep 'port = ${value}' ${postgresql::server::postgresql_conf_path}", + path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', + before => Postgresql_conf[$name], + } } elsif $name == 'data_directory' { exec { "postgresql_stop_${name}": - command => "service ${::postgresql::server::service_name} stop", - onlyif => "service ${::postgresql::server::service_name} status", - unless => "grep \"data_directory = '${value}'\" ${::postgresql::server::postgresql_conf_path}", + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", + unless => "grep \"data_directory = '${value}'\" ${postgresql::server::postgresql_conf_path}", path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', before => Postgresql_conf[$name], } } } - if $::osfamily == 'RedHat' { - if ! ($::operatingsystemrelease =~ /^7|^8/ or $::operatingsystem == 'Fedora') { + if $facts['os']['family'] == 'RedHat' { + if ! ($facts['os']['release']['full'] =~ /^7|^8/ or $facts['os']['name'] == 'Fedora') { if $name == 'port' { # We need to force postgresql to stop before updating the port # because puppet becomes confused and is unable to manage the # service appropriately. exec { "postgresql_stop_${name}": - command => "service ${::postgresql::server::service_name} stop", - onlyif => "service ${::postgresql::server::service_name} status", + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], @@ -142,8 +142,8 @@ # We need to force postgresql to stop before updating the data directory # otherwise init script breaks exec { "postgresql_${name}": - command => "service ${::postgresql::server::service_name} stop", - onlyif => "service ${::postgresql::server::service_name} status", + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 466a898069..0cd8e5834f 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -8,8 +8,7 @@ String $package_name = $postgresql::params::contrib_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - - if $::osfamily == 'Gentoo' { + if $facts['os']['family'] == 'Gentoo' { fail('osfamily Gentoo does not have a separate "contrib" package, postgresql::server::contrib is not supported.') } diff --git a/manifests/server/database.pp b/manifests/server/database.pp index b0268f00e9..87d443f7e9 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -9,7 +9,7 @@ # @param locale Overrides the locale during creation of the database. # @param istemplate Defines the database as a template if set to true. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -define postgresql::server::database( +define postgresql::server::database ( $comment = undef, $dbname = $title, $owner = undef, @@ -86,7 +86,7 @@ postgresql_psql { "CREATE DATABASE \"${dbname}\"": command => "CREATE DATABASE \"${dbname}\" WITH ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", - require => Class['postgresql::server::service'] + require => Class['postgresql::server::service'], } # This will prevent users from connecting to the database unless they've been diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 373fa77bb2..0c389a5378 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -7,7 +7,7 @@ # @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -define postgresql::server::database_grant( +define postgresql::server::database_grant ( $privilege, $db, $role, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 98aa8797e6..f98de6f268 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -24,7 +24,6 @@ $istemplate = false, $owner = undef ) { - if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: comment => $comment, diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 1f9c9fbe9b..8417351430 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -110,7 +110,7 @@ n.nspname = '${schema}' ) |-END - , + , psql_user => $user, psql_group => $group, psql_path => $psql_path, @@ -130,8 +130,8 @@ } ensure_packages($package_name, { - ensure => $_package_ensure, - tag => 'puppetlabs-postgresql', + ensure => $_package_ensure, + tag => 'puppetlabs-postgresql', }) } if $version { diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 4faea3b3ea..4382c6b396 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -49,7 +49,6 @@ String $group = $postgresql::server::group, String $psql_path = $postgresql::server::psql_path, ) { - case $ensure { default: { # default is 'present' @@ -64,7 +63,6 @@ } } - if ! $object_name { $_object_name = $db } else { @@ -108,7 +106,7 @@ /^CONNECT$/, /^CREATE$/, /^TEMP$/, - /^TEMPORARY$/ + /^TEMPORARY$/, ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -116,7 +114,7 @@ $on_db = $psql_db $onlyif_function = $ensure ? { default => undef, - 'absent' => 'role_exists', + 'absent' => 'role_exists', } $arguments = '' $_enquote_object = true @@ -128,7 +126,7 @@ Pattern[ /^$/, /^CREATE$/, - /^USAGE$/ + /^USAGE$/, ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -146,7 +144,7 @@ /^ALL PRIVILEGES$/, /^SELECT$/, /^UPDATE$/, - /^USAGE$/ + /^USAGE$/, ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -164,8 +162,8 @@ /^ALL PRIVILEGES$/, /^SELECT$/, /^UPDATE$/, - /^USAGE$/ - ]: { } + /^USAGE$/, + ]: {} default: { fail('Illegal value for $privilege parameter') } } $unless_function = 'custom' @@ -279,7 +277,7 @@ /^SELECT$/, /^TRIGGER$/, /^TRUNCATE$/, - /^UPDATE$/ + /^UPDATE$/, ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -304,8 +302,8 @@ /^SELECT$/, /^TRIGGER$/, /^TRUNCATE$/, - /^UPDATE$/ - ]: { } + /^UPDATE$/, + ]: {} default: { fail('Illegal value for $privilege parameter') } } $unless_function = 'custom' @@ -340,7 +338,6 @@ GROUP BY t.tablename ) AS j WHERE j.priv_count < 7 )" - } else { # GRANT $_privilege $custom_unless = "SELECT 1 WHERE NOT EXISTS @@ -365,7 +362,6 @@ )" } } - } 'LANGUAGE': { $unless_privilege = $_privilege ? { @@ -374,7 +370,7 @@ Pattern[ /^$/, /^CREATE$/, - /^USAGE$/ + /^USAGE$/, ] => $_privilege, default => fail('Illegal value for $privilege parameter'), } @@ -440,12 +436,12 @@ # So we need to replace 'PUBLIC' by 'public'. $_unless = $unless_function ? { - false => undef, - 'custom' => $custom_unless, - default => $role ? { - 'PUBLIC' => "SELECT 1 WHERE ${unless_function}('public', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", - default => "SELECT 1 WHERE ${unless_function}('${role}', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", - } + false => undef, + 'custom' => $custom_unless, + default => $role ? { + 'PUBLIC' => "SELECT 1 WHERE ${unless_function}('public', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", + default => "SELECT 1 WHERE ${unless_function}('${role}', '${_granted_object}${arguments}', '${unless_privilege}') = ${unless_is}", + } } $_onlyif = $onlyif_function ? { @@ -457,8 +453,8 @@ } $grant_cmd = $_enquote_object ? { - false => sprintf($sql_command_unquoted, $_privilege, $_object_type, $_togrant_object, $arguments, $role), - default => sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role), + false => sprintf($sql_command_unquoted, $_privilege, $_object_type, $_togrant_object, $arguments, $role), + default => sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role), } postgresql_psql { "grant:${name}": diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index a73186db5b..2da021a27c 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -26,7 +26,7 @@ cwd => $module_workdir, } - if $::osfamily == 'RedHat' and $::selinux == true { + if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' $logdir_type = 'postgresql_log_t' } @@ -68,7 +68,7 @@ } } else { # changes an already defined xlogdir - File <| title == $xlogdir |> { + File <| title == $xlogdir |> { ensure => directory, owner => $user, group => $group, @@ -148,14 +148,14 @@ } # The package will take care of this for us the first time, but if we # ever need to init a new db we need to copy these files explicitly - if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { - if $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^7/ or $::operatingsystemrelease =~ /^10\.04/ or $::operatingsystemrelease =~ /^12\.04/ { + if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { + if $facts['os']['release']['full'] =~ /^6/ or $facts['os']['release']['full'] =~ /^7/ or $facts['os']['release']['full'] =~ /^10\.04/ or $facts['os']['release']['full'] =~ /^12\.04/ { file { 'server.crt': ensure => file, path => "${datadir}/server.crt", source => 'file:///etc/ssl/certs/ssl-cert-snakeoil.pem', - owner => $::postgresql::server::user, - group => $::postgresql::server::group, + owner => $postgresql::server::user, + group => $postgresql::server::group, mode => '0644', require => Exec['postgresql_initdb'], } @@ -163,8 +163,8 @@ ensure => file, path => "${datadir}/server.key", source => 'file:///etc/ssl/private/ssl-cert-snakeoil.key', - owner => $::postgresql::server::user, - group => $::postgresql::server::group, + owner => $postgresql::server::user, + group => $postgresql::server::group, mode => '0600', require => Exec['postgresql_initdb'], } diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 666596bf45..afd579b3d5 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -18,5 +18,4 @@ # careful about its removal tag => 'puppetlabs-postgresql', } - } diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 0307099952..b03d8209d2 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -11,7 +11,7 @@ # @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. -define postgresql::server::pg_hba_rule( +define postgresql::server::pg_hba_rule ( Enum['local', 'host', 'hostssl', 'hostnossl'] $type, String $database, String $user, @@ -26,7 +26,6 @@ Stdlib::Absolutepath $target = $postgresql::server::pg_hba_conf_path, String $postgresql_version = $postgresql::server::_version ) { - #Allow users to manage pg_hba.conf even if they are not managing the whole PostgreSQL instance if !defined( 'postgresql::server' ) { $manage_pg_hba_conf = true @@ -36,9 +35,8 @@ } if $manage_pg_hba_conf == false { - fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') + fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { - if($type =~ /^host/ and $address == undef) { fail('You must specify an address property when type is host based') } diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 3d8ce7fff3..bf15047164 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -6,7 +6,7 @@ # @param description Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. # @param order Defines an order for placing the mapping in pg_ident.conf. Default value: 150. # @param target Provides the target for the rule and is generally an internal only property. Use with caution. -define postgresql::server::pg_ident_rule( +define postgresql::server::pg_ident_rule ( $map_name, $system_username, $database_username, @@ -17,11 +17,9 @@ # working. $target = $postgresql::server::pg_ident_conf_path ) { - if $postgresql::server::manage_pg_ident_conf == false { - fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') + fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { - # Create a rule fragment $fragname = "pg_ident_rule_${name}" concat::fragment { $fragname: diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index c54a6dd664..842c7ad5ed 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -2,7 +2,7 @@ # # @param package_ensure The ensure parameter passed on to PostgreSQL PL/Perl package resource. # @param package_name The name of the PostgreSQL PL/Perl package. -class postgresql::server::plperl( +class postgresql::server::plperl ( $package_ensure = 'present', $package_name = $postgresql::server::plperl_package_name ) { @@ -17,5 +17,4 @@ -> Package['postgresql-plperl'] -> Class['postgresql::server::service'] anchor { 'postgresql::server::plperl::end': } - } diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 5ca7ed26df..55f6da448a 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -4,7 +4,7 @@ # Specifies whether the package is present. # @param package_name # Specifies the name of the postgresql PL/Python package. -class postgresql::server::plpython( +class postgresql::server::plpython ( $package_ensure = 'present', $package_name = $postgresql::server::plpython_package_name, ) { @@ -19,5 +19,4 @@ -> Package['postgresql-plpython'] -> Class['postgresql::server::service'] -> anchor { 'postgresql::server::plpython::end': } - } diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 364c3edfda..c35ef5ce6e 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -6,7 +6,6 @@ String $package_name = $postgresql::params::postgis_package_name, String[1] $package_ensure = 'present' ) inherits postgresql::params { - package { 'postgresql-postgis': ensure => $package_ensure, name => $package_name, diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index df187e65ec..8bcccb454f 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -16,7 +16,6 @@ Integer $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" $group = $postgresql::server::group diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index eae8777051..8c6a7c24d2 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -22,7 +22,7 @@ # @param trigger_file Specifies a trigger file whose presence ends recovery in the standby. # @param recovery_min_apply_delay This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. -define postgresql::server::recovery( +define postgresql::server::recovery ( $restore_command = undef, $archive_cleanup_command = undef, $recovery_end_command = undef, @@ -40,7 +40,6 @@ $recovery_min_apply_delay = undef, $target = $postgresql::server::recovery_conf_path ) { - if $postgresql::server::manage_recovery_conf == false { fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { @@ -48,13 +47,13 @@ and $recovery_target_name == undef and $recovery_target_time == undef and $recovery_target_xid == undef and $recovery_target_inclusive == undef and $recovery_target == undef and $recovery_target_timeline == undef and $pause_at_recovery_target == undef and $standby_mode == undef and $primary_conninfo == undef - and $primary_slot_name == undef and $trigger_file == undef and $recovery_min_apply_delay == undef) { + and $primary_slot_name == undef and $trigger_file == undef and $recovery_min_apply_delay == undef) { fail('postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.') } concat { $target: - owner => $::postgresql::server::config::user, - group => $::postgresql::server::config::group, + owner => $postgresql::server::config::user, + group => $postgresql::server::config::group, force => true, # do not crash if there is no recovery conf file mode => '0640', warn => true, diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 98519ba990..c2dc4b40a7 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -18,7 +18,7 @@ # @param psql_group Sets the OS group to run psql # @param psql_path Sets path to psql command # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -define postgresql::server::role( +define postgresql::server::role ( $update_password = true, $password_hash = false, $createdb = false, @@ -38,7 +38,6 @@ $module_workdir = $postgresql::server::module_workdir, Enum['present', 'absent'] $ensure = 'present', ) { - # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # @@ -91,39 +90,39 @@ require => undef, } - postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${superuser_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}", } - postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${createdb_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}", } - postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${createrole_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}", } - postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${login_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}", } - postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${inherit_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}", } if(versioncmp($version, '9.1') >= 0) { if $replication_sql == '' { - postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": + postgresql_psql { "ALTER ROLE \"${username}\" NOREPLICATION": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", } } else { - postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": + postgresql_psql { "ALTER ROLE \"${username}\" ${replication_sql}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}", } } } - postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": + postgresql_psql { "ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 98503a3009..0fbda4c07c 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -12,7 +12,7 @@ # postgresql::server::schema {'private': # db => 'template1', # } -define postgresql::server::schema( +define postgresql::server::schema ( $db = $postgresql::server::default_database, $owner = undef, $schema = $title, diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 095970c04c..87a228f56e 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -15,7 +15,6 @@ anchor { 'postgresql::server::service::begin': } if $service_manage { - service { 'postgresqld': ensure => $service_ensure, enable => $service_enable, @@ -31,7 +30,7 @@ # # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. - postgresql_conn_validator{ 'validate_service_is_running': + postgresql_conn_validator { 'validate_service_is_running': run_as => $user, db_name => $default_database, port => $port, @@ -40,7 +39,7 @@ tries => 60, psql_path => $psql_path, require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'] + before => Anchor['postgresql::server::service::end'], } Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] } diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index ec60bd2197..a198fbd7b9 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -10,7 +10,7 @@ # @param psql_user Specifies the OS user for running psql. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists Create grant only if it doesn't exist. -define postgresql::server::table_grant( +define postgresql::server::table_grant ( $privilege, $table, $db, diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 43ce30ba41..5d1f4282ca 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -5,7 +5,7 @@ # @param owner Specifies the default owner of the tablespace. # @param spcname Specifies the name of the tablespace. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -define postgresql::server::tablespace( +define postgresql::server::tablespace ( $location, $manage_location = true, $owner = undef, diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 990c5f1d1f..2a382006a6 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -17,7 +17,7 @@ # @param tries Sets the number of attempts after failure before giving up and failing the resource. # @param create_db_first Creates the database when obtaining a successful connection. # -define postgresql::validate_db_connection( +define postgresql::validate_db_connection ( $database_host = undef, $database_name = undef, $database_password = undef, diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 7084084011..0d810bda9d 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::client', type: :class do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index a5f47599cd..cff61377ff 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -12,9 +12,6 @@ major: '8', }, }, - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', lsbdistid: 'Debian', lsbdistcodename: 'jessie', } @@ -42,9 +39,11 @@ context 'on redhat family systems' do let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '7.1', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '7.1' }, + }, } end diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 06b4cd7120..0efe0f69a4 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::lib::devel', type: :class do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end @@ -32,10 +34,11 @@ describe 'should not link pg_config on RedHat with default version' do let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.3', - operatingsystemmajrelease: '6', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.3' }, + }, } end @@ -45,10 +48,11 @@ describe 'link pg_config on RedHat with non-default version' do let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.3', - operatingsystemmajrelease: '6', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.3' }, + }, } end let :pre_condition do @@ -65,8 +69,10 @@ describe 'on Gentoo' do let :facts do { - osfamily: 'Gentoo', - operatingsystem: 'Gentoo', + os: { + family: 'Gentoo', + name: 'Gentoo', + }, } end let :params do diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 8aed2ac522..6b8f5fad28 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -4,9 +4,11 @@ describe 'on a debian based os' do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end @@ -22,9 +24,11 @@ describe 'on a redhat based os' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, } end diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/unit/classes/lib/perl_spec.rb index deeb5e9593..2e7e1bfc06 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/unit/classes/lib/perl_spec.rb @@ -4,9 +4,11 @@ describe 'on a redhat based os' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, } end @@ -21,9 +23,11 @@ describe 'on a debian based os' do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/unit/classes/lib/pgdocs_spec.rb index b531e79423..29153b5458 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/unit/classes/lib/pgdocs_spec.rb @@ -4,9 +4,11 @@ describe 'on a redhat based os' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, } end diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index 7710447348..f2e781cc15 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -4,9 +4,11 @@ describe 'on a redhat based os' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, } end @@ -21,9 +23,11 @@ describe 'on a debian based os' do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end diff --git a/spec/unit/classes/params_spec.rb b/spec/unit/classes/params_spec.rb index 27b7195e08..8636ae73a0 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/unit/classes/params_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::params', type: :class do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index 1d8067d0c8..78572115cc 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -11,9 +11,6 @@ major: '8', }, }, - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', lsbdistid: 'Debian', lsbdistcodename: 'jessie', } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 78bef2167d..47471d2a75 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -8,9 +8,6 @@ describe 'on RedHat 7' do let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '7.0', concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -77,9 +74,6 @@ class { 'postgresql::server': } describe 'on Fedora 21' do let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'Fedora', - operatingsystemrelease: '21', concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -145,9 +139,11 @@ class { 'postgresql::server': } describe 'on Amazon' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'Amazon', - operatingsystemrelease: '1.0', + os: { + family: 'RedHat', + name: 'Amazon', + release: { 'full' => '1.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -177,9 +173,11 @@ class { 'postgresql::server': } end let(:facts) do { - osfamily: 'Gentoo', - operatingsystem: 'Gentoo', - operatingsystemrelease: 'unused', + os: { + family: 'Gentoo', + name: 'Gentoo', + release: { 'full' => 'unused' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -221,9 +219,11 @@ class { 'postgresql::server': end let(:facts) do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '7.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '7.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index fc4c8ab4af..08df3ddfbd 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -7,9 +7,11 @@ let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', @@ -41,8 +43,10 @@ describe 'on Gentoo' do let :facts do { - osfamily: 'Gentoo', - operatingsystem: 'Gentoo', + os: { + family: 'Gentoo', + name: 'Gentoo', + }, } end diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 980cffa69d..7a9f16b814 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -8,9 +8,11 @@ describe 'on RedHat' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -46,9 +48,11 @@ class {'postgresql::server': describe 'on Amazon' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'Amazon', - operatingsystemrelease: '1.0', + os: { + family: 'RedHat', + name: 'Amazon', + release: { 'full' => '1.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -76,9 +80,11 @@ class {'postgresql::server': describe 'exec with module_workdir => /var/tmp' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -105,9 +111,11 @@ class { 'postgresql::server': } describe 'exec with module_workdir => undef' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', @@ -133,9 +141,11 @@ class { 'postgresql::server': } describe 'postgresql_psql with module_workdir => /var/tmp' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.0' }, + }, concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index 721ebdbd3e..cca441b529 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::plperl', type: :class do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('plperl'), id: 'root', diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index 26f6bf9a34..722f59f2ea 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::plpython', type: :class do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'CentOS', - operatingsystemrelease: '6.0', + os: { + family: 'RedHat', + name: 'CentOS', + release: { 'full' => '6.8' }, + }, concat_basedir: tmpfilename('plpython'), kernel: 'Linux', id: 'root', diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index 53cd48f011..343b135e6c 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -7,9 +7,11 @@ let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 9cef244061..ea037bd6ed 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -11,11 +11,8 @@ major: '8', }, }, - osfamily: 'Debian', - operatingsystem: 'Debian', lsbdistid: 'Debian', lsbdistcodename: 'jessie', - operatingsystemrelease: '8.0', concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 852ced8d4a..de98036ce7 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::config_entry', type: :define do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', @@ -34,9 +36,11 @@ context 'redhat 6' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '6.4', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '6.4' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', @@ -56,9 +60,11 @@ context 'redhat 7' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '7.0', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '7.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', @@ -78,9 +84,11 @@ context 'fedora 19' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'Fedora', - operatingsystemrelease: '19', + os: { + family: 'RedHat', + name: 'Fedora', + release: { 'full' => '19' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', @@ -122,9 +130,11 @@ context 'unix_socket_directories' do let :facts do { - osfamily: 'RedHat', - operatingsystem: 'RedHat', - operatingsystemrelease: '7.0', + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '7.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index f3cd003b59..c5201ec437 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::database_grant', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 67aaa2b78d..276205f8d2 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::database', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 4ecb3b1b4e..804b949ebe 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::db', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 14fe09500e..133671daa4 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -10,9 +10,11 @@ let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index c92173b4cb..73934b1998 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -6,12 +6,16 @@ end let(:facts) do - { osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('postgis'), id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' } + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' + } end let(:title) { 'test' } diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 32d2fb92b2..664f93af6c 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::grant', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 1637b42585..e948db4da2 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::pg_hba_rule', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('pg_hba'), id: 'root', diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index ece632292c..f7fce23a2c 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::pg_ident_rule', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('pg_ident'), id: 'root', diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 761c517279..338e754d09 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::reassign_owned_by', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('reassign_owned_by'), id: 'root', diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index d814175928..c1a36d0ecc 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::recovery', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('recovery'), id: 'root', diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index ed24c32c0e..42801fab48 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::role', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('contrib'), id: 'root', diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index 9cc0cac4b0..eaa0ff63ee 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::schema', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('schema'), id: 'root', diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index 804b4fa0c3..2bc22cc126 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::table_grant', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('table_grant'), id: 'root', diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 256b54312b..87ca34255c 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::server::tablespace', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, kernel: 'Linux', concat_basedir: tmpfilename('tablespace'), id: 'root', diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index 2534f9a9a6..4a4ec15a41 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -3,9 +3,11 @@ describe 'postgresql::validate_db_connection', type: :define do let :facts do { - osfamily: 'Debian', - operatingsystem: 'Debian', - operatingsystemrelease: '8.0', + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0' }, + }, } end From 7481dd708e975aa7fef9354463761ddb602403f7 Mon Sep 17 00:00:00 2001 From: osijan Date: Thu, 24 Sep 2020 12:02:06 -0500 Subject: [PATCH 0550/1000] Update pg_hba_rule.pp Postgres 12 now supports hostgss encryption. Added hostgssenc to allowed hba rule type. --- manifests/server/pg_hba_rule.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 0307099952..66493f7a9a 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -12,7 +12,7 @@ # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. define postgresql::server::pg_hba_rule( - Enum['local', 'host', 'hostssl', 'hostnossl'] $type, + Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc'] $type, String $database, String $user, String $auth_method, From cb5ebd4d9c0b7e5596166aa935fcc1f1fd93960e Mon Sep 17 00:00:00 2001 From: osijan Date: Thu, 24 Sep 2020 12:53:52 -0500 Subject: [PATCH 0551/1000] Update pg_hba_rule.pp --- manifests/server/pg_hba_rule.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 66493f7a9a..7f4ee403a4 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,7 +1,7 @@ # @summary This resource manages an individual rule that applies to the file defined in target. # # @param type Sets the type of rule. -# Enum['local','host','hostssl','hostnossl']. +# Enum['local','host','hostssl','hostnossl', 'hostgssenc']. # @param database Sets a comma-separated list of databases that this rule matches. # @param user Sets a comma-separated list of users that this rule matches. # @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. From 6941e5cb01f5d08a13887193de3ab6b9655b7cb3 Mon Sep 17 00:00:00 2001 From: osijan Date: Thu, 24 Sep 2020 12:55:27 -0500 Subject: [PATCH 0552/1000] Update pg_hba_rule.pp --- manifests/server/pg_hba_rule.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 7f4ee403a4..a78e1f5eb0 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,7 +1,7 @@ # @summary This resource manages an individual rule that applies to the file defined in target. # # @param type Sets the type of rule. -# Enum['local','host','hostssl','hostnossl', 'hostgssenc']. +# Enum['local','host','hostssl','hostnossl','hostgssenc']. # @param database Sets a comma-separated list of databases that this rule matches. # @param user Sets a comma-separated list of users that this rule matches. # @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. From b036667d34eff4d27d69ae6018235bf9e099ce70 Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Fri, 25 Sep 2020 17:28:33 +0100 Subject: [PATCH 0553/1000] Fix incorrect guard clause logic Introduced in #1193 --- spec/spec_helper_acceptance_local.rb | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 6c6f6c2002..18ebc3ee60 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -25,17 +25,15 @@ def install_dependencies MANIFEST LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') - return unless os[:family] == 'redhat' - - selinux = if os[:release].start_with?('6', '7') - <<-MANIFEST - package { 'policycoreutils-python': ensure => installed } - MANIFEST - elsif os[:release].start_with?('8') - <<-MANIFEST - package { 'policycoreutils-python-utils': ensure => installed } - MANIFEST - end + return unless os[:family] == 'redhat' && os[:release].start_with?('6', '7', '8') + + policycoreutils_pkg = 'policycoreutils-python' if os[:release].start_with?('6', '7') + policycoreutils_pkg = 'policycoreutils-python-utils' if os[:release].start_with?('8') + + selinux = <<-MANIFEST + package { '#{policycoreutils_pkg}': ensure => installed } + MANIFEST + LitmusHelper.instance.apply_manifest(selinux) end From 45fb3c65cf5fb53979b89b23c54f56f444c4eec6 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Mon, 28 Sep 2020 14:40:52 +0000 Subject: [PATCH 0554/1000] Release version 6.8.0 --- CHANGELOG.md | 13 +++++++++++++ REFERENCE.md | 4 ++-- metadata.json | 2 +- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 25c5da971e..a2b02daa32 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) (2020-09-28) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.7.0...v6.8.0) + +### Added + +- add hostgssenc type to pg\_hba rules [\#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) +- Allow removal of config\_entries via main class [\#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) + +### Fixed + +- Fix contrib package name under debian 10 [\#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) + ## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) (2020-08-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) diff --git a/REFERENCE.md b/REFERENCE.md index 6227ef29c8..6552635317 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1784,10 +1784,10 @@ The following parameters are available in the `postgresql::server::pg_hba_rule` ##### `type` -Data type: `Enum['local', 'host', 'hostssl', 'hostnossl']` +Data type: `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc']` Sets the type of rule. -Enum['local','host','hostssl','hostnossl']. +Enum['local','host','hostssl','hostnossl','hostgssenc']. ##### `database` diff --git a/metadata.json b/metadata.json index dc1cc66fe9..258556caf9 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.7.0", + "version": "6.8.0", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 93f8954fb9b3729f98d88ba716086e34130ec345 Mon Sep 17 00:00:00 2001 From: Adrian Iurca <45214757+adrianiurca@users.noreply.github.com> Date: Tue, 6 Oct 2020 15:03:06 +0300 Subject: [PATCH 0555/1000] Update params.pp --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 29feab35c2..37352b1eaa 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -163,7 +163,7 @@ $needs_initdb = pick($needs_initdb, false) $service_name = $facts['os']['name'] ? { 'Debian' => pick($service_name, 'postgresql'), - 'Ubuntu' => $facts['os']['distro']['release']['major'] ? { + 'Ubuntu' => $::lsbmajdistrelease ? { /^10/ => pick($service_name, "postgresql-${version}"), default => pick($service_name, 'postgresql'), }, From bf4b2cc3c4a7cc7f475cf914948b07ca0a882418 Mon Sep 17 00:00:00 2001 From: Disha-maker Date: Wed, 21 Oct 2020 13:07:46 +0100 Subject: [PATCH 0556/1000] (IAC-1116) - updating authorname to puppetlabs this module --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 258556caf9..b53eee9a8a 100644 --- a/metadata.json +++ b/metadata.json @@ -1,7 +1,7 @@ { "name": "puppetlabs-postgresql", "version": "6.8.0", - "author": "Inkling/Puppet Labs", + "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", "source": "https://github.com/puppetlabs/puppetlabs-postgresql", From 87299005740c6f0355a19ee1bfadff56fb9c70fe Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Fri, 30 Oct 2020 16:53:45 -0400 Subject: [PATCH 0557/1000] Set default PostgreSQL version for Fedora 33 Fedora 33 uses Postgresql 12 by default. --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 4d5502e11e..ee7d924b87 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -153,7 +153,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['full'] ? { - /^(32)$/ => '12', + /^(32|33)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', /^(29)$/ => '10.6', From d42fd4cb40e7ac6fd3e8fa1edcb46ecd61173aef Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 4 Nov 2020 19:18:04 +0100 Subject: [PATCH 0558/1000] Use non-deprecation password function in acceptance tests 700d2c5bb54b7ea91d518de96e2c7a22318d0afa claimed to complete the work that c3b06d6093b0aab210ec06b11e92a731c608fccd started, but didn't migrate the acceptance tests. This avoids deprecation warnings in the output. --- spec/acceptance/overridden_settings_spec.rb | 2 +- spec/acceptance/postgresql_conn_validator_spec.rb | 2 +- spec/acceptance/server/grant_role_spec.rb | 4 ++-- spec/acceptance/server/grant_spec.rb | 2 +- spec/acceptance/server/reassign_owned_by_spec.rb | 2 +- spec/acceptance/server/schema_spec.rb | 2 +- spec/acceptance/sql_task_spec.rb | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index b2f26ae632..246180b1b2 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -8,7 +8,7 @@ class { 'postgresql::server': roles => { 'testusername' => { - password_hash => postgresql_password('testusername', 'supersecret'), + password_hash => postgresql::postgresql_password('testusername', 'supersecret'), createdb => true, }, }, diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 21bf22184b..94101c0911 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -7,7 +7,7 @@ class { 'postgresql::server': postgres_password => 'space password', }-> postgresql::server::role { 'testuser': - password_hash => postgresql_password('testuser','test1'), + password_hash => postgresql::postgresql_password('testuser','test1'), }-> postgresql::server::database { 'testdb': owner => 'testuser', diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 9515780847..3b2647550b 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -26,7 +26,7 @@ class { 'postgresql::server': } } postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), + password_hash => postgresql::postgresql_password($user, $password), } postgresql::server::database { $db: @@ -80,7 +80,7 @@ class { 'postgresql::server': } } postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), + password_hash => postgresql::postgresql_password($user, $password), } postgresql::server::database { $db: diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 05aef5f6bc..95b31e2f9a 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -15,7 +15,7 @@ class { 'postgresql::server': } postgresql::server::role { $owner: - password_hash => postgresql_password($owner, $password), + password_hash => postgresql::postgresql_password($owner, $password), } # Since we are not testing pg_hba or any of that, make a local user for ident auth diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index cd9059e305..0e1bd8c277 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -17,7 +17,7 @@ class { 'postgresql::server': } postgresql::server::role { $old_owner: - password_hash => postgresql_password($old_owner, $password), + password_hash => postgresql::postgresql_password($old_owner, $password), } # Since we are not testing pg_hba or any of that, make a local user for ident auth diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index fd6d30a597..da813602b5 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -21,7 +21,7 @@ class { 'postgresql::server': } } postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), + password_hash => postgresql::postgresql_password($user, $password), } postgresql::server::database { $db: diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb index 52ebfd4e16..62252cdaa1 100644 --- a/spec/acceptance/sql_task_spec.rb +++ b/spec/acceptance/sql_task_spec.rb @@ -7,7 +7,7 @@ class { 'postgresql::server': } -> postgresql::server::db { 'spec1': user => 'root1', - password => postgresql_password('root1', 'password'), + password => postgresql::postgresql_password('root1', 'password'), } MANIFEST From 3fba56bd8ab36e4862f9ea7b2e9cc69206271531 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 4 Nov 2020 19:07:21 +0100 Subject: [PATCH 0559/1000] Drop concat_basedir fact in tests This fact hasn't existed since puppetlabs-concat 2.x as released in 2016. 6d827ec1d37c3012d6a44826878cbef558163b7f dropped support for those 1.x versions which means this hasn't been needed for a while. --- spec/unit/classes/server/config_spec.rb | 5 ----- spec/unit/classes/server/contrib_spec.rb | 1 - spec/unit/classes/server/initdb_spec.rb | 5 ----- spec/unit/classes/server/plperl_spec.rb | 1 - spec/unit/classes/server/plpython_spec.rb | 1 - spec/unit/classes/server/postgis_spec.rb | 1 - spec/unit/classes/server_spec.rb | 1 - spec/unit/defines/server/config_entry_spec.rb | 5 ----- spec/unit/defines/server/database_grant_spec.rb | 1 - spec/unit/defines/server/database_spec.rb | 1 - spec/unit/defines/server/db_spec.rb | 1 - spec/unit/defines/server/extension_spec.rb | 3 --- spec/unit/defines/server/grant_role_spec.rb | 4 ++-- spec/unit/defines/server/grant_spec.rb | 1 - spec/unit/defines/server/pg_hba_rule_spec.rb | 1 - spec/unit/defines/server/pg_ident_rule_spec.rb | 1 - spec/unit/defines/server/reassign_owned_by_spec.rb | 1 - spec/unit/defines/server/recovery_spec.rb | 1 - spec/unit/defines/server/role_spec.rb | 1 - spec/unit/defines/server/schema_spec.rb | 1 - spec/unit/defines/server/table_grant_spec.rb | 1 - spec/unit/defines/server/tablespace_spec.rb | 1 - 22 files changed, 2 insertions(+), 37 deletions(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index e5bd26bd3c..65a848bf09 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -8,7 +8,6 @@ describe 'on RedHat 7' do let(:facts) do { - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -75,7 +74,6 @@ class { 'postgresql::server': } describe 'on Fedora 21' do let(:facts) do { - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -148,7 +146,6 @@ class { 'postgresql::server': } release: { 'full' => '1.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -184,7 +181,6 @@ class { 'postgresql::server': } selinux: { 'enabled' => true }, }, osfamily: 'Gentoo', - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -231,7 +227,6 @@ class { 'postgresql::server': release: { 'full' => '7.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index 08df3ddfbd..c177a02a8b 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -13,7 +13,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 17456f4dcd..156246225b 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -14,7 +14,6 @@ release: { 'full' => '6.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -55,7 +54,6 @@ class {'postgresql::server': release: { 'full' => '1.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -88,7 +86,6 @@ class {'postgresql::server': release: { 'full' => '6.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -120,7 +117,6 @@ class { 'postgresql::server': } release: { 'full' => '6.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', @@ -151,7 +147,6 @@ class { 'postgresql::server': } release: { 'full' => '6.0' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index cca441b529..ca3a8299ff 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('plperl'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index 9a991ef26d..b1619ed47a 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '6.8' }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('plpython'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index 343b135e6c..e3449b7843 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -13,7 +13,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('postgis'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 2aa165dbb6..1151946d29 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -15,7 +15,6 @@ osfamily: 'Debian', lsbdistid: 'Debian', lsbdistcodename: 'jessie', - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index c139c78d6f..8c8721de62 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -10,7 +10,6 @@ selinux: { 'enabled' => true }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, @@ -44,7 +43,6 @@ selinux: { 'enabled' => true }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, @@ -69,7 +67,6 @@ selinux: { 'enabled' => true }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, @@ -94,7 +91,6 @@ selinux: { 'enabled' => true }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, @@ -141,7 +137,6 @@ selinux: { 'enabled' => true }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index c5201ec437..f2c4c3452f 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 276205f8d2..1b1eee6d72 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 804b949ebe..0db5ff62f1 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index c6c2a00787..8d566288d7 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -16,7 +16,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('postgis'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } @@ -134,7 +133,6 @@ release: { 'full' => '6.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('postgis'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } @@ -169,7 +167,6 @@ release: { 'full' => '6.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('postgis'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 73934b1998..2ddd9a16b2 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -12,9 +12,9 @@ name: 'Debian', release: { 'full' => '8.0' }, }, - kernel: 'Linux', concat_basedir: tmpfilename('postgis'), + kernel: 'Linux', id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 664f93af6c..7130903836 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index e948db4da2..63a3167b58 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('pg_hba'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index f7fce23a2c..57f687205e 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('pg_ident'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 338e754d09..5c933944ac 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('reassign_owned_by'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index c1a36d0ecc..48af4c1a9b 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('recovery'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 42801fab48..54f81b64fe 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('contrib'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index eaa0ff63ee..76d1fcdad0 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('schema'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index 2bc22cc126..2188509899 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('table_grant'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 87ca34255c..6a99e6f8ff 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -9,7 +9,6 @@ release: { 'full' => '8.0' }, }, kernel: 'Linux', - concat_basedir: tmpfilename('tablespace'), id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } From 08e3a517ea20fdda3f03a1825df55f274984e58d Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 10 Nov 2020 09:47:10 +0000 Subject: [PATCH 0560/1000] (IAC-1000) - Removal of inappropriate terminology Removal of any inappropriate or offensive terminology from the code base. --- .github/workflows/release.yml | 6 +++--- .github/workflows/weekly.yml | 6 +++--- CONTRIBUTING.md | 2 +- README.md | 4 ++-- REFERENCE.md | 2 +- lib/puppet/type/postgresql_replication_slot.rb | 2 +- metadata.json | 4 ++-- readmes/README_ja_JP.md | 2 +- 8 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 064443f2f9..8424781b14 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} @@ -40,7 +40,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} @@ -59,7 +59,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Spec Tests - uses: puppetlabs/action-litmus_spec@master + uses: puppetlabs/action-litmus_spec@main with: puppet_gem_version: ${{ matrix.puppet_gem_version }} check: ${{ matrix.check }} diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 1cf92dba15..2df6c9131d 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -20,7 +20,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} @@ -39,7 +39,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} @@ -58,7 +58,7 @@ jobs: steps: - uses: actions/checkout@v1 - name: Spec Tests - uses: puppetlabs/action-litmus_spec@master + uses: puppetlabs/action-litmus_spec@main with: puppet_gem_version: ${{ matrix.puppet_gem_version }} check: ${{ matrix.check }} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1a9fb3a5cd..9c171f9949 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -108,7 +108,7 @@ process as easy as possible. To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of - directly on "master". + directly on "main". It makes things much easier to keep track of, especially if you decide to work on another thing before your first change is merged in. diff --git a/README.md b/README.md index 059e709454..5499099647 100644 --- a/README.md +++ b/README.md @@ -316,13 +316,13 @@ exec { 'rake db:migrate': ## Reference -For information on the classes and types, see the [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/REFERENCE.md) +For information on the classes and types, see the [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/REFERENCE.md) ## Limitations Works with versions of PostgreSQL on supported OSes. -For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/metadata.json) +For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/metadata.json) ### Apt module support diff --git a/REFERENCE.md b/REFERENCE.md index 6552635317..ae0ca38742 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2745,7 +2745,7 @@ or not the main SQL command needs to be executed at all.' This type allows to create and destroy replication slots to register warm standby replication on a Postgresql -master server. +primary server. #### Properties diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index bfca4a754f..f0bb991d89 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -4,7 +4,7 @@ This type allows to create and destroy replication slots to register warm standby replication on a Postgresql -master server. +primary server. EOS ensurable diff --git a/metadata.json b/metadata.json index b53eee9a8a..416a789387 100644 --- a/metadata.json +++ b/metadata.json @@ -88,6 +88,6 @@ } ], "pdk-version": "1.18.1", - "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-gd610ead" + "template-url": "https://github.com/puppetlabs/pdk-templates#main", + "template-ref": "heads/main-0-gd610ead" } diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index f9c4f65307..242ba1f38a 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1910,7 +1910,7 @@ Postgresqlモジュールにはサンプルタスクがあり、ユーザはデ PostgreSQLのバージョン8.1~9.5で動作します。 -サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/metadata.json)を参照してください。 +サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/metadata.json)を参照してください。 ### Aptモジュールのサポート From 171a1be93df8113fce82460d3c9b07f17974af4f Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 19 Oct 2020 17:14:17 +0200 Subject: [PATCH 0561/1000] Manage postgresql_conf_path file permissions This adds a parameter (defaulting to true) to manage the postgresql_conf_path file resource. The actual content isn't managed because that's what postgresql::server::config_entry is for. However, managing the file ensures the correct permissions. It also provides a workaround for PUP-10548[1] when using Red Hat SCL for packages when the correct SELinux file context isn't present. Without managing the file, an admin will need to either make sure the package is present before running Puppet, manage the file via another module or manually set the file context after Puppet ran. With this workaround, Puppet will converge on the second run and actually start PostgreSQL. The acceptance test path is changed to avoid problems on Debian(-based) systems where the root user can't write to it. Root doens't own the file and doesn't have write access due to the sticky bit. [1]: https://tickets.puppetlabs.com/browse/PUP-10548 --- manifests/globals.pp | 109 ++++++++-------- manifests/params.pp | 61 ++++----- manifests/server.pp | 131 +++++++++++--------- manifests/server/config.pp | 59 +++++---- spec/acceptance/server/config_entry_spec.rb | 4 +- 5 files changed, 196 insertions(+), 168 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index ee7d924b87..e96e76d69a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -30,6 +30,7 @@ # @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. # @param postgresql_conf_path Sets the path to your postgresql.conf file. +# @param postgresql_conf_mode Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. # @param recovery_conf_path Path to your recovery.conf file. # @param default_connect_settings Default connection settings. # @@ -75,6 +76,10 @@ # @param manage_pg_hba_conf Allow Puppet to manage the pg_hba.conf file. # @param manage_pg_ident_conf Allow Puppet to manage the pg_ident.conf file. # @param manage_recovery_conf Allow Puppet to manage the recovery.conf file. +# @param manage_postgresql_conf_perms +# Whether to manage the postgresql conf file permissions. This means owner, +# group and mode. Contents are not managed but should be managed through +# postgresql::server::config_entry. # # @param manage_datadir Set to false if you have file{ $datadir: } already defined # @param manage_logdir Set to false if you have file{ $logdir: } already defined @@ -85,68 +90,70 @@ # # class postgresql::globals ( - $client_package_name = undef, - $server_package_name = undef, - $contrib_package_name = undef, - $devel_package_name = undef, - $java_package_name = undef, - $docs_package_name = undef, - $perl_package_name = undef, - $plperl_package_name = undef, - $plpython_package_name = undef, - $python_package_name = undef, - $postgis_package_name = undef, + $client_package_name = undef, + $server_package_name = undef, + $contrib_package_name = undef, + $devel_package_name = undef, + $java_package_name = undef, + $docs_package_name = undef, + $perl_package_name = undef, + $plperl_package_name = undef, + $plpython_package_name = undef, + $python_package_name = undef, + $postgis_package_name = undef, - $service_name = undef, - $service_provider = undef, - $service_status = undef, - $default_database = undef, + $service_name = undef, + $service_provider = undef, + $service_status = undef, + $default_database = undef, - $validcon_script_path = undef, + $validcon_script_path = undef, - $initdb_path = undef, - $createdb_path = undef, - $psql_path = undef, - $pg_hba_conf_path = undef, - $pg_ident_conf_path = undef, - $postgresql_conf_path = undef, - $recovery_conf_path = undef, - $default_connect_settings = {}, + $initdb_path = undef, + $createdb_path = undef, + $psql_path = undef, + $pg_hba_conf_path = undef, + $pg_ident_conf_path = undef, + $postgresql_conf_path = undef, + Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, + $recovery_conf_path = undef, + $default_connect_settings = {}, - $pg_hba_conf_defaults = undef, + $pg_hba_conf_defaults = undef, - $datadir = undef, - $confdir = undef, - $bindir = undef, - $xlogdir = undef, - $logdir = undef, - $log_line_prefix = undef, - $manage_datadir = undef, - $manage_logdir = undef, - $manage_xlogdir = undef, + $datadir = undef, + $confdir = undef, + $bindir = undef, + $xlogdir = undef, + $logdir = undef, + $log_line_prefix = undef, + $manage_datadir = undef, + $manage_logdir = undef, + $manage_xlogdir = undef, - $user = undef, - $group = undef, + $user = undef, + $group = undef, - $version = undef, - $postgis_version = undef, - $repo_proxy = undef, - $repo_baseurl = undef, + $version = undef, + $postgis_version = undef, + $repo_proxy = undef, + $repo_baseurl = undef, - $needs_initdb = undef, + $needs_initdb = undef, - $encoding = undef, - $locale = undef, - $data_checksums = undef, - $timezone = undef, + $encoding = undef, + $locale = undef, + $data_checksums = undef, + $timezone = undef, - $manage_pg_hba_conf = undef, - $manage_pg_ident_conf = undef, - $manage_recovery_conf = undef, - $manage_selinux = undef, + $manage_pg_hba_conf = undef, + $manage_pg_ident_conf = undef, + $manage_recovery_conf = undef, + $manage_postgresql_conf_perms = undef, + $manage_selinux = undef, - $manage_package_repo = undef, - $module_workdir = undef, + $manage_package_repo = undef, + $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/params.pp b/manifests/params.pp index 37352b1eaa..26f9c1efd3 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,34 +1,35 @@ # @api private class postgresql::params inherits postgresql::globals { - $version = $postgresql::globals::globals_version - $postgis_version = $postgresql::globals::globals_postgis_version - $listen_addresses = undef - $port = 5432 - $log_line_prefix = undef - $ip_mask_deny_postgres_user = '0.0.0.0/0' - $ip_mask_allow_all_users = '127.0.0.1/32' - $ipv4acls = [] - $ipv6acls = [] - $encoding = $postgresql::globals::encoding - $locale = $postgresql::globals::locale - $data_checksums = $postgresql::globals::data_checksums - $timezone = $postgresql::globals::timezone - $service_ensure = 'running' - $service_enable = true - $service_manage = true - $service_restart_on_change = true - $service_provider = $postgresql::globals::service_provider - $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) - $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) - $manage_recovery_conf = pick($manage_recovery_conf, false) - $manage_selinux = pick($manage_selinux, false) - $package_ensure = 'present' - $module_workdir = pick($module_workdir,'/tmp') - $password_encryption = undef - $extra_systemd_config = '' - $manage_datadir = true - $manage_logdir = true - $manage_xlogdir = true + $version = $postgresql::globals::globals_version + $postgis_version = $postgresql::globals::globals_postgis_version + $listen_addresses = undef + $port = 5432 + $log_line_prefix = undef + $ip_mask_deny_postgres_user = '0.0.0.0/0' + $ip_mask_allow_all_users = '127.0.0.1/32' + $ipv4acls = [] + $ipv6acls = [] + $encoding = $postgresql::globals::encoding + $locale = $postgresql::globals::locale + $data_checksums = $postgresql::globals::data_checksums + $timezone = $postgresql::globals::timezone + $service_ensure = 'running' + $service_enable = true + $service_manage = true + $service_restart_on_change = true + $service_provider = $postgresql::globals::service_provider + $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) + $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) + $manage_recovery_conf = pick($manage_recovery_conf, false) + $manage_postgresql_conf_perms = pick($manage_postgresql_conf_perms, true) + $manage_selinux = pick($manage_selinux, false) + $package_ensure = 'present' + $module_workdir = pick($module_workdir,'/tmp') + $password_encryption = undef + $extra_systemd_config = '' + $manage_datadir = true + $manage_logdir = true + $manage_xlogdir = true # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $facts['os']['family'] { @@ -78,6 +79,7 @@ default => pick($datadir, "/var/lib/pgsql/${version}/data"), } $confdir = pick($confdir, $datadir) + $postgresql_conf_mode = pick($postgresql_conf_mode, '0600') } case $facts['os']['name'] { @@ -212,6 +214,7 @@ } $service_reload = "service ${service_name} reload" $psql_path = pick($psql_path, '/usr/bin/psql') + $postgresql_conf_mode = pick($postgresql_conf_mode, '0644') } 'Gentoo': { diff --git a/manifests/server.pp b/manifests/server.pp index 07ce011821..07bbff49c1 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -38,6 +38,7 @@ # @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. # @param postgresql_conf_path Specifies the path to your postgresql.conf file. +# @param postgresql_conf_mode Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. # @param recovery_conf_path Specifies the path to your recovery.conf file. # # @param datadir PostgreSQL data directory @@ -63,6 +64,10 @@ # @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. # @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. # @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. +# @param manage_postgresql_conf_perms +# Whether to manage the postgresql conf file permissions. This means owner, +# group and mode. Contents are not managed but should be managed through +# postgresql::server::config_entry. # @param module_workdir Working directory for the PostgreSQL module # # @param manage_datadir Set to false if you have file{ $datadir: } already defined @@ -78,68 +83,70 @@ # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # class postgresql::server ( - $postgres_password = undef, - - $package_name = $postgresql::params::server_package_name, - $package_ensure = $postgresql::params::package_ensure, - - $plperl_package_name = $postgresql::params::plperl_package_name, - $plpython_package_name = $postgresql::params::plpython_package_name, - - $service_ensure = $postgresql::params::service_ensure, - $service_enable = $postgresql::params::service_enable, - $service_manage = $postgresql::params::service_manage, - $service_name = $postgresql::params::service_name, - $service_restart_on_change = $postgresql::params::service_restart_on_change, - $service_provider = $postgresql::params::service_provider, - $service_reload = $postgresql::params::service_reload, - $service_status = $postgresql::params::service_status, - $default_database = $postgresql::params::default_database, - $default_connect_settings = $postgresql::globals::default_connect_settings, - $listen_addresses = $postgresql::params::listen_addresses, - $port = $postgresql::params::port, - $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, - $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, - Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, - - $initdb_path = $postgresql::params::initdb_path, - $createdb_path = $postgresql::params::createdb_path, - $psql_path = $postgresql::params::psql_path, - $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, - $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, - $postgresql_conf_path = $postgresql::params::postgresql_conf_path, - $recovery_conf_path = $postgresql::params::recovery_conf_path, - - $datadir = $postgresql::params::datadir, - $xlogdir = $postgresql::params::xlogdir, - $logdir = $postgresql::params::logdir, - - $log_line_prefix = $postgresql::params::log_line_prefix, - - $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, - - $user = $postgresql::params::user, - $group = $postgresql::params::group, - - $needs_initdb = $postgresql::params::needs_initdb, - - $encoding = $postgresql::params::encoding, - $locale = $postgresql::params::locale, - $data_checksums = $postgresql::params::data_checksums, - $timezone = $postgresql::params::timezone, - - $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, - $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, - $manage_recovery_conf = $postgresql::params::manage_recovery_conf, - Boolean $manage_selinux = $postgresql::params::manage_selinux, - $module_workdir = $postgresql::params::module_workdir, - - $manage_datadir = $postgresql::params::manage_datadir, - $manage_logdir = $postgresql::params::manage_logdir, - $manage_xlogdir = $postgresql::params::manage_xlogdir, - $password_encryption = $postgresql::params::password_encryption, - $extra_systemd_config = $postgresql::params::extra_systemd_config, + $postgres_password = undef, + + $package_name = $postgresql::params::server_package_name, + $package_ensure = $postgresql::params::package_ensure, + + $plperl_package_name = $postgresql::params::plperl_package_name, + $plpython_package_name = $postgresql::params::plpython_package_name, + + $service_ensure = $postgresql::params::service_ensure, + $service_enable = $postgresql::params::service_enable, + $service_manage = $postgresql::params::service_manage, + $service_name = $postgresql::params::service_name, + $service_restart_on_change = $postgresql::params::service_restart_on_change, + $service_provider = $postgresql::params::service_provider, + $service_reload = $postgresql::params::service_reload, + $service_status = $postgresql::params::service_status, + $default_database = $postgresql::params::default_database, + $default_connect_settings = $postgresql::globals::default_connect_settings, + $listen_addresses = $postgresql::params::listen_addresses, + $port = $postgresql::params::port, + $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, + $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, + Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, + + $initdb_path = $postgresql::params::initdb_path, + $createdb_path = $postgresql::params::createdb_path, + $psql_path = $postgresql::params::psql_path, + $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, + $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, + $postgresql_conf_path = $postgresql::params::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, + $recovery_conf_path = $postgresql::params::recovery_conf_path, + + $datadir = $postgresql::params::datadir, + $xlogdir = $postgresql::params::xlogdir, + $logdir = $postgresql::params::logdir, + + $log_line_prefix = $postgresql::params::log_line_prefix, + + $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, + + $user = $postgresql::params::user, + $group = $postgresql::params::group, + + $needs_initdb = $postgresql::params::needs_initdb, + + $encoding = $postgresql::params::encoding, + $locale = $postgresql::params::locale, + $data_checksums = $postgresql::params::data_checksums, + $timezone = $postgresql::params::timezone, + + $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, + $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, + $manage_recovery_conf = $postgresql::params::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, + Boolean $manage_selinux = $postgresql::params::manage_selinux, + $module_workdir = $postgresql::params::module_workdir, + + $manage_datadir = $postgresql::params::manage_datadir, + $manage_logdir = $postgresql::params::manage_logdir, + $manage_xlogdir = $postgresql::params::manage_xlogdir, + $password_encryption = $postgresql::params::password_encryption, + $extra_systemd_config = $postgresql::params::extra_systemd_config, Hash[String, Hash] $roles = {}, Hash[String, Any] $config_entries = {}, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 2534ea0948..e97fca8f07 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -1,29 +1,31 @@ # @api private class postgresql::server::config { - $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user - $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users - $listen_addresses = $postgresql::server::listen_addresses - $port = $postgresql::server::port - $ipv4acls = $postgresql::server::ipv4acls - $ipv6acls = $postgresql::server::ipv6acls - $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path - $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path - $postgresql_conf_path = $postgresql::server::postgresql_conf_path - $recovery_conf_path = $postgresql::server::recovery_conf_path - $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults - $user = $postgresql::server::user - $group = $postgresql::server::group - $version = $postgresql::server::_version - $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf - $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf - $manage_recovery_conf = $postgresql::server::manage_recovery_conf - $datadir = $postgresql::server::datadir - $logdir = $postgresql::server::logdir - $service_name = $postgresql::server::service_name - $log_line_prefix = $postgresql::server::log_line_prefix - $timezone = $postgresql::server::timezone - $password_encryption = $postgresql::server::password_encryption - $extra_systemd_config = $postgresql::server::extra_systemd_config + $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user + $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users + $listen_addresses = $postgresql::server::listen_addresses + $port = $postgresql::server::port + $ipv4acls = $postgresql::server::ipv4acls + $ipv6acls = $postgresql::server::ipv6acls + $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path + $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path + $postgresql_conf_path = $postgresql::server::postgresql_conf_path + $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode + $recovery_conf_path = $postgresql::server::recovery_conf_path + $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults + $user = $postgresql::server::user + $group = $postgresql::server::group + $version = $postgresql::server::_version + $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf + $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf + $manage_recovery_conf = $postgresql::server::manage_recovery_conf + $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms + $datadir = $postgresql::server::datadir + $logdir = $postgresql::server::logdir + $service_name = $postgresql::server::service_name + $log_line_prefix = $postgresql::server::log_line_prefix + $timezone = $postgresql::server::timezone + $password_encryption = $postgresql::server::password_encryption + $extra_systemd_config = $postgresql::server::extra_systemd_config if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file @@ -100,6 +102,15 @@ } } + if $manage_postgresql_conf_perms { + file { $postgresql_conf_path: + ensure => file, + owner => $user, + group => $group, + mode => $postgresql_conf_mode, + } + } + if $listen_addresses { postgresql::server::config_entry { 'listen_addresses': value => $listen_addresses, diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index 35e22fa98c..bcbfe01325 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -5,7 +5,7 @@ let(:pp_test) do <<-MANIFEST class { 'postgresql::server': - postgresql_conf_path => '/tmp/postgresql.conf', + postgresql_conf_path => '/etc/postgresql-puppet.conf', } postgresql::server::config_entry { 'unix_socket_directories': @@ -16,7 +16,7 @@ class { 'postgresql::server': it 'is expected to run idempotently' do idempotent_apply(pp_test) - expect(run_shell('cat /tmp/postgresql.conf').stdout).to match "unix_socket_directories = '/var/socket/, /root/'" + expect(run_shell('cat /etc/postgresql-puppet.conf').stdout).to match "unix_socket_directories = '/var/socket/, /root/'" end end end From 4ac35376eabb072b61ca08d9b7b1364e45fca27c Mon Sep 17 00:00:00 2001 From: David Swan Date: Thu, 19 Nov 2020 10:22:45 +0000 Subject: [PATCH 0562/1000] (IAC-1189) - Fix for SLES 15 SP 1 and later Current code only allows for SLES 15 SP0 while released versions currently go up to SP2. Have extended to potential SP9 to prevent the need to update again in the future as the final SP version is as of yet unknown. --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index ee7d924b87..49da3cad52 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -215,7 +215,7 @@ /12\.0/ => '93', /12\.[1-3]/ => '94', /12\.[4-5]/ => '10', - /15\.0/ => '10', + /15\.[0-9]/ => '10', default => '96', }, 'OpenSuSE' => $facts['os']['release']['full'] ? { From b5bdb4c8ba565e82705717d41d33b150ce3032a3 Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 25 Nov 2020 09:10:11 +0000 Subject: [PATCH 0563/1000] (bugfix) updated defaults for rhel7 policycoreutils --- manifests/server/config.pp | 1 + spec/unit/classes/server/config_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index e97fca8f07..a661fbdf34 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -128,6 +128,7 @@ $package_name = $facts['os']['release']['major'] ? { '5' => 'policycoreutils', '6' => 'policycoreutils-python', + '7' => 'policycoreutils-python', default => 'policycoreutils-python-utils', } } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 65a848bf09..f297d9ffb5 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -28,12 +28,12 @@ end it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + is_expected.to contain_package('policycoreutils-python') .with(ensure: 'present') is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') - .that_requires('Package[policycoreutils-python-utils]') + .that_requires('Package[policycoreutils-python]') end it 'has the correct systemd-override file' do From 2d00914b4acbf389f8937c3b279b47c18ef8368e Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Wed, 25 Nov 2020 13:28:27 +0000 Subject: [PATCH 0564/1000] (maint) Add release_checks_7 config to provision.yaml --- provision.yaml | 95 ++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 85 insertions(+), 10 deletions(-) diff --git a/provision.yaml b/provision.yaml index cc35ea3a72..5d854324d2 100644 --- a/provision.yaml +++ b/provision.yaml @@ -1,31 +1,106 @@ --- default: provisioner: docker - images: ['litmusimage/centos:7'] + images: + - litmusimage/centos:7 vagrant: provisioner: vagrant - images: ['centos/7', 'generic/ubuntu1804'] + images: + - centos/7 + - generic/ubuntu1804 travis_deb: provisioner: docker - images: ['litmusimage/debian:8', 'litmusimage/debian:9', 'litmusimage/debian:10'] + images: + - litmusimage/debian:8 + - litmusimage/debian:9 + - litmusimage/debian:10 travis_ub_5: provisioner: docker - images: ['litmusimage/ubuntu:14.04', 'litmusimage/ubuntu:16.04', 'litmusimage/ubuntu:18.04'] + images: + - litmusimage/ubuntu:14.04 + - litmusimage/ubuntu:16.04 + - litmusimage/ubuntu:18.04 travis_ub_6: provisioner: docker - images: ['litmusimage/ubuntu:14.04', 'litmusimage/ubuntu:16.04', 'litmusimage/ubuntu:18.04', 'litmusimage/ubuntu:20.04'] + images: + - litmusimage/ubuntu:14.04 + - litmusimage/ubuntu:16.04 + - litmusimage/ubuntu:18.04 + - litmusimage/ubuntu:20.04 travis_el6: provisioner: docker - images: ['litmusimage/centos:6', 'litmusimage/scientificlinux:6'] + images: + - litmusimage/centos:6 + - litmusimage/scientificlinux:6 travis_el7: provisioner: docker - images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] + images: + - litmusimage/centos:7 + - litmusimage/oraclelinux:7 + - litmusimage/scientificlinux:7 travis_el8: provisioner: docker - images: ['litmusimage/centos:8'] + images: + - litmusimage/centos:8 release_checks_5: provisioner: abs - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + images: + - redhat-5-x86_64 + - redhat-6-x86_64 + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-5-x86_64 + - centos-6-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-5-x86_64 + - oracle-6-x86_64 + - oracle-7-x86_64 + - scientific-6-x86_64 + - scientific-7-x86_64 + - debian-8-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - sles-12-x86_64 + - ubuntu-1404-x86_64 + - ubuntu-1604-x86_64 + - ubuntu-1804-x86_64 release_checks_6: provisioner: abs - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-12-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64', 'ubuntu-2004-x86_64'] + images: + - redhat-5-x86_64 + - redhat-6-x86_64 + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-5-x86_64 + - centos-6-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-5-x86_64 + - oracle-6-x86_64 + - oracle-7-x86_64 + - scientific-6-x86_64 + - scientific-7-x86_64 + - debian-8-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - sles-12-x86_64 + - ubuntu-1404-x86_64 + - ubuntu-1604-x86_64 + - ubuntu-1804-x86_64 + - ubuntu-2004-x86_64 +release_checks_7: + provisioner: abs + images: + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-7-x86_64 + - scientific-7-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - sles-12-x86_64 + - sles-15-x86_64 + - ubuntu-1804-x86_64 + - ubuntu-2004-x86_64 From 0299aa510f94d7edbd3d8bf6432423b62d68848a Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Thu, 26 Nov 2020 12:13:50 -0500 Subject: [PATCH 0565/1000] Clean up definition of pg_hba rules --- manifests/server/config.pp | 83 +++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 38 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index e97fca8f07..6288f52bcc 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -48,45 +48,52 @@ '8.1' => 'sameuser', default => undef, } - postgresql::server::pg_hba_rule { 'local access as postgres user': - type => 'local', - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - } - postgresql::server::pg_hba_rule { 'local access to database with same name': - type => 'local', - auth_method => 'ident', - auth_option => $local_auth_option, - order => 2, - } - postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user': - type => 'host', - user => $user, - address => '127.0.0.1/32', - auth_method => 'md5', - order => 3, - } - postgresql::server::pg_hba_rule { 'deny access to postgresql user': - type => 'host', - user => $user, - address => $ip_mask_deny_postgres_user, - auth_method => 'reject', - order => 4, - } - postgresql::server::pg_hba_rule { 'allow access to all users': - type => 'host', - address => $ip_mask_allow_all_users, - auth_method => 'md5', - order => 100, - } - postgresql::server::pg_hba_rule { 'allow access to ipv6 localhost': - type => 'host', - address => '::1/128', - auth_method => 'md5', - order => 101, + postgresql::server::pg_hba_rule { + 'local access as postgres user': + type => 'local', + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1, + ; + + 'local access to database with same name': + type => 'local', + auth_method => 'ident', + auth_option => $local_auth_option, + order => 2, + ; + + 'allow localhost TCP access to postgresql user': + type => 'host', + user => $user, + address => '127.0.0.1/32', + auth_method => 'md5', + order => 3, + ; + + 'deny access to postgresql user': + type => 'host', + user => $user, + address => $ip_mask_deny_postgres_user, + auth_method => 'reject', + order => 4, + ; + + 'allow access to all users': + type => 'host', + address => $ip_mask_allow_all_users, + auth_method => 'md5', + order => 100, + ; + + 'allow access to ipv6 localhost': + type => 'host', + address => '::1/128', + auth_method => 'md5', + order => 101, + ; } } From b1ddd7bea9cb28b4e340215dd5c3302b211daa16 Mon Sep 17 00:00:00 2001 From: Michael Watters Date: Tue, 27 Oct 2020 11:47:30 -0400 Subject: [PATCH 0566/1000] Change - Use systemd drop-in directory for override settings The .include directive has been deprecated and support for it may be removed in a future systemd release. Drop-in directories are supported on all current RedHat, Fedora, and Gentoo releases. This branch contains changes to support this feature and disables the old behavior of using Include directives on RedHat based nodes. --- manifests/server/config.pp | 76 ++--- spec/unit/classes/server/config_spec.rb | 260 ++++++++++++++---- spec/unit/defines/server/config_entry_spec.rb | 40 +-- templates/systemd-override.erb | 8 +- 4 files changed, 254 insertions(+), 130 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index e97fca8f07..9ae92922ac 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -205,48 +205,50 @@ } } - if $facts['os']['family'] == 'RedHat' { - if $facts['os']['release']['full'] =~ /^7|^8/ or $facts['os']['name'] == 'Fedora' { + # RHEL 7 and 8 both support drop-in files for systemd units. The old include directive is deprecated and may be removed in future systemd releases. + # Gentoo also supports drop-in files. + if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { # Template uses: - # - $::operatingsystem + # - $facts['os']['name'] + # - $facts['os']['release']['major'] # - $service_name # - $port # - $datadir - file { 'systemd-override': - ensure => file, - path => "/etc/systemd/system/${service_name}.service", - owner => root, - group => root, - content => template('postgresql/systemd-override.erb'), - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload'], - } - exec { 'restart-systemd': - command => 'systemctl daemon-reload', - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin', - } + # - @extra_systemd_config + + if (versioncmp($facts['puppetversion'], '5.0.0') <= 0) { + $systemd_notify = [Exec['restart-systemd'], Class['postgresql::server::service']] } - } - elsif $facts['os']['family'] == 'Gentoo' { - # Template uses: - # - $::operatingsystem - # - $service_name - # - $port - # - $datadir - file { 'systemd-override': - ensure => file, - path => "/etc/systemd/system/${service_name}.service", - owner => root, - group => root, - content => template('postgresql/systemd-override.erb'), - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload'], - } - exec { 'restart-systemd': - command => 'systemctl daemon-reload', - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin', + else { + $systemd_notify = Class['postgresql::server::service'] + } + + file { + default: + ensure => file, + owner => root, + group => root, + notify => $systemd_notify, + before => Class['postgresql::server::reload'], + + ; + + 'systemd-conf-dir': + ensure => directory, + path => "/etc/systemd/system/${service_name}.service.d", + ; + + 'systemd-override': + path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", + content => template('postgresql/systemd-override.erb'), + require => File['systemd-conf-dir'], + ; + + # Remove old unit file to avoid conflicts + 'old-systemd-override': + ensure => absent, + path => "/etc/systemd/system/${service_name}.service", + ; } } } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 65a848bf09..158a9f7779 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -18,12 +18,14 @@ 'hardware' => 'x86_64', 'name' => 'CentOS', 'release' => { - 'full' => '7.6.1810', + 'full' => '7.9.2009', 'major' => '7', - 'minor' => '6', + 'minor' => '9', }, selinux: { 'enabled' => true }, }, + operatingsystemrelease: '7.9.2009', + service_provider: 'systemd', } end @@ -36,15 +38,130 @@ .that_requires('Package[policycoreutils-python-utils]') end - it 'has the correct systemd-override file' do + it 'removes the old systemd-override file' do + is_expected.to contain_file('old-systemd-override') + .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') + end + + it 'has the correct systemd-override drop file' do is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql.service', + ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', owner: 'root', group: 'root' - ) + ) .that_requires('File[systemd-conf-dir]') end - it 'has the correct systemd-override file #content' do + + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('systemd-override') \ - .with_content(%r{.include \/usr\/lib\/systemd\/system\/postgresql.service}) + .with_content(%r{(?!^.include)}) + end + + context 'RHEL 7 host with Puppet 5' do + let(:facts) do + { + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, + os: { + 'architecture' => 'x86_64', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'CentOS', + 'release' => { + 'full' => '7.9.2009', + 'major' => '7', + 'minor' => '9', + }, + selinux: { 'enabled' => true }, + }, + operatingsystemrelease: '7.9.2009', + puppetversion: '5.0.1', + service_provider: 'systemd', + } + end + + it 'has systemctl restart command' do + is_expected.to contain_exec('restart-systemd').with( + command: 'systemctl daemon-reload', + refreshonly: true, + path: '/bin:/usr/bin:/usr/local/bin', + ) + end + end + + describe 'with manage_package_repo => true and a version' do + let(:pre_condition) do + <<-EOS + class { 'postgresql::globals': + manage_package_repo => true, + version => '9.4', + }-> + class { 'postgresql::server': } + EOS + end + + it 'has the correct systemd-override file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service.d/postgresql-9.4.conf', + owner: 'root', group: 'root' + ) + end + + it 'has the correct systemd-override file #regex' do + is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + end + end + end + + describe 'on Redhat 8' do + let(:facts) do + { + concat_basedir: tmpfilename('server'), + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, + os: { + 'architecture' => 'x86_64', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'RedHat', + 'release' => { + 'full' => '8.2.2004', + 'major' => '8', + 'minor' => '2', + }, + selinux: { 'enabled' => true }, + }, + operatingsystem: 'RedHat', + operatingsystemrelease: '8.2.2004', + service_provider: 'systemd', + } + end + + it 'has SELinux port defined' do + is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + + is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') + .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_requires('Package[policycoreutils-python-utils]') + end + + it 'removes the old systemd-override file' do + is_expected.to contain_file('old-systemd-override') + .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') + end + + it 'has the correct systemd-override drop file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', + owner: 'root', group: 'root' + ) .that_requires('File[systemd-conf-dir]') + end + + it 'has the correct systemd-override file #regex' do + is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -60,18 +177,17 @@ class { 'postgresql::server': } it 'has the correct systemd-override file' do is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service', + ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service.d/postgresql-9.4.conf', owner: 'root', group: 'root' ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{.include \/usr\/lib\/systemd\/system\/postgresql-9.4.service}) + is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) end end end - describe 'on Fedora 21' do + describe 'on Fedora 33' do let(:facts) do { kernel: 'Linux', @@ -84,12 +200,15 @@ class { 'postgresql::server': } 'hardware' => 'x86_64', 'name' => 'Fedora', 'release' => { - 'full' => '21', - 'major' => '21', + 'full' => '33', + 'major' => '33', + 'minor' => '33', }, selinux: { 'enabled' => true }, }, operatingsystem: 'Fedora', + operatingsystemrelease: '33', + service_provider: 'systemd', } end @@ -102,15 +221,20 @@ class { 'postgresql::server': } .that_requires('Package[policycoreutils-python-utils]') end - it 'has the correct systemd-override file' do + it 'removes the old systemd-override file' do + is_expected.to contain_file('old-systemd-override') + .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') + end + + it 'has the correct systemd-override drop file' do is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql.service', + ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', owner: 'root', group: 'root' - ) + ) .that_requires('File[systemd-conf-dir]') end + it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{.include \/lib\/systemd\/system\/postgresql.service}) + is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -118,7 +242,7 @@ class { 'postgresql::server': } <<-EOS class { 'postgresql::globals': manage_package_repo => true, - version => '9.4', + version => '13', }-> class { 'postgresql::server': } EOS @@ -126,13 +250,13 @@ class { 'postgresql::server': } it 'has the correct systemd-override file' do is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service', + ensure: 'file', path: '/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf', owner: 'root', group: 'root' ) end + it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{.include \/lib\/systemd\/system\/postgresql-9.4.service}) + is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) end end end @@ -143,7 +267,10 @@ class { 'postgresql::server': } os: { family: 'RedHat', name: 'Amazon', - release: { 'full' => '1.0' }, + release: { + 'full' => '1.0', + 'major' => '1', + }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -163,82 +290,99 @@ class { 'postgresql::server': } end end - describe 'on Gentoo' do + describe 'with managed pg_hba_conf and ipv4acls' do let(:pre_condition) do <<-EOS class { 'postgresql::globals': version => '9.5', }-> - class { 'postgresql::server': } + class { 'postgresql::server': + manage_pg_hba_conf => true, + ipv4acls => [ + 'hostnossl all all 0.0.0.0/0 reject', + 'hostssl all all 0.0.0.0/0 md5' + ] + } EOS end let(:facts) do { os: { - family: 'Gentoo', - name: 'Gentoo', - release: { 'full' => 'unused' }, + family: 'RedHat', + name: 'CentOS', + release: { + 'full' => '7.9.2009', + 'major' => '7', + 'minor' => '9', + }, selinux: { 'enabled' => true }, }, - osfamily: 'Gentoo', + concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: false, + selinux: true, + service_provider: 'systemd', } end - it 'does not have SELinux port defined' do - is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') - end - - it 'has the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.5.service', - owner: 'root', group: 'root' - ) + it 'has hba rule default' do + is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') end - it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service}) + it 'has hba rule ipv4acls' do + is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') end end - describe 'with managed pg_hba_conf and ipv4acls' do + describe 'on Gentoo' do let(:pre_condition) do <<-EOS class { 'postgresql::globals': version => '9.5', }-> - class { 'postgresql::server': - manage_pg_hba_conf => true, - ipv4acls => [ - 'hostnossl all all 0.0.0.0/0 reject', - 'hostssl all all 0.0.0.0/0 md5' - ] - } + class { 'postgresql::server': } EOS end + let(:facts) do { os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '7.0' }, + family: 'Gentoo', + name: 'Gentoo', + release: { + 'full' => 'unused', + 'major' => 'unused', + }, selinux: { 'enabled' => true }, }, + concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, + selinux: false, + service_provider: 'systemd', } end - it 'has hba rule default' do - is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') + it 'does not have SELinux port defined' do + is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') end - it 'has hba rule ipv4acls' do - is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') + + it 'removes the old systemd-override file' do + is_expected.to contain_file('old-systemd-override') + .with(ensure: 'absent', path: '/etc/systemd/system/postgresql-9.5.service') + end + + it 'has the correct systemd-override drop file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'file', path: '/etc/systemd/system/postgresql-9.5.service.d/postgresql-9.5.conf', + owner: 'root', group: 'root' + ) + end + + it 'has the correct systemd-override file #regex' do + is_expected.to contain_file('systemd-override') \ + .with_content(%r{(?!^.include)}) end end end diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 8c8721de62..9c6154b4f3 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -6,7 +6,11 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { + 'full' => '6.4', + 'major' => '6', + 'minor' => '4', + }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -63,13 +67,18 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '7.0' }, + release: { + 'full' => '7.9.2009', + 'major' => '7', + 'minor' => '9', + }, selinux: { 'enabled' => true }, }, kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, + service_provider: 'systemd', } end let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } @@ -77,33 +86,6 @@ it 'stops postgresql and changes the port #file' do is_expected.to contain_file('systemd-override') end - it 'stops postgresql and changes the port #exec' do - is_expected.to contain_exec('restart-systemd') - end - end - context 'fedora 19' do - let :facts do - { - os: { - family: 'RedHat', - name: 'Fedora', - release: { 'full' => '19' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end - let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } - - it 'stops postgresql and changes the port #file' do - is_expected.to contain_file('systemd-override') - end - it 'stops postgresql and changes the port #exec' do - is_expected.to contain_exec('restart-systemd') - end end end diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index cae5101502..54b14476be 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -1,13 +1,9 @@ -<%- if scope.lookupvar('::osfamily') == 'Gentoo' -%> -.include /usr/lib64/systemd/system/<%= @service_name %>.service -<%- elsif scope.lookupvar('::operatingsystem') == 'Fedora' -%> -.include /lib/systemd/system/<%= @service_name %>.service -<% else -%> +<%- if @os['name'] == 'Fedora' and @os['release']['major'] <= '31' -%> .include /usr/lib/systemd/system/<%= @service_name %>.service <% end -%> [Service] Environment=PGPORT=<%= @port %> -<%- if scope.lookupvar('::osfamily') == 'Gentoo' -%> +<%- if @os['family'] == 'Gentoo' -%> Environment=DATA_DIR=<%= @datadir %> <%- else -%> Environment=PGDATA=<%= @datadir %> From 1cb5c188f89153b4436ebaada3244240a97dda6a Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 29 Nov 2020 13:34:15 -0500 Subject: [PATCH 0567/1000] Update manifests/server/config.pp Co-authored-by: Ewoud Kohl van Wijngaarden --- manifests/server/config.pp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 9ae92922ac..be51e24fcf 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -216,7 +216,12 @@ # - $datadir # - @extra_systemd_config - if (versioncmp($facts['puppetversion'], '5.0.0') <= 0) { + if (versioncmp($facts['puppetversion'], '6.1.0') < 0) { + exec { 'restart-systemd': + command => 'systemctl daemon-reload', + refreshonly => true, + path => '/bin:/usr/bin:/usr/local/bin', + } $systemd_notify = [Exec['restart-systemd'], Class['postgresql::server::service']] } else { From 74d6b073a61428ea5a481d86b9ac4b3e18384ec8 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 29 Nov 2020 13:34:28 -0500 Subject: [PATCH 0568/1000] Update spec/unit/classes/server/config_spec.rb Co-authored-by: Ewoud Kohl van Wijngaarden --- spec/unit/classes/server/config_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 158a9f7779..e858bc304d 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -116,7 +116,6 @@ class { 'postgresql::server': } describe 'on Redhat 8' do let(:facts) do { - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', From 35535171b4b8725fcca8adeff3eb8cf2073fbf14 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 29 Nov 2020 13:34:43 -0500 Subject: [PATCH 0569/1000] Update spec/unit/classes/server/config_spec.rb Co-authored-by: Ewoud Kohl van Wijngaarden --- spec/unit/classes/server/config_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index e858bc304d..3e76282e6e 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -354,7 +354,6 @@ class { 'postgresql::server': } }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', From 4f976e6ad444c2c7e873e899b3e989164c657472 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 29 Nov 2020 13:34:54 -0500 Subject: [PATCH 0570/1000] Update spec/unit/classes/server/config_spec.rb Co-authored-by: Ewoud Kohl van Wijngaarden --- spec/unit/classes/server/config_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 3e76282e6e..a7fa57257a 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -316,7 +316,6 @@ class { 'postgresql::server': }, selinux: { 'enabled' => true }, }, - concat_basedir: tmpfilename('server'), kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', From 400940883a1877876094fa87e39e241de82ba461 Mon Sep 17 00:00:00 2001 From: Daiana_Mezdrea Date: Thu, 3 Dec 2020 16:34:14 +0200 Subject: [PATCH 0571/1000] (feat) - Bump Puppet boundary --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 416a789387..74bd255b4b 100644 --- a/metadata.json +++ b/metadata.json @@ -84,7 +84,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 5.5.10 < 7.0.0" + "version_requirement": ">= 5.5.10 < 8.0.0" } ], "pdk-version": "1.18.1", From f12b57f740251dd4059144e7c8b3324370df0ed0 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 7 Dec 2020 17:23:48 +0200 Subject: [PATCH 0572/1000] Remove EL6 testing from Travis --- .sync.yml | 1 - .travis.yml | 22 ---------------------- provision.yaml | 5 ----- 3 files changed, 28 deletions(-) diff --git a/.sync.yml b/.sync.yml index 1cc0fb1de9..e8a645eee3 100644 --- a/.sync.yml +++ b/.sync.yml @@ -15,7 +15,6 @@ provision_list: - ---travis_el - travis_deb - - travis_el6 - travis_el7 - travis_el8 complex: diff --git a/.travis.yml b/.travis.yml index f6b8aa8421..4b002857f4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -60,17 +60,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el6]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - bundler_args: - env: PLATFORMS=travis_el6_puppet5 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" @@ -93,17 +82,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el6]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - bundler_args: - env: PLATFORMS=travis_el6_puppet6 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" diff --git a/provision.yaml b/provision.yaml index 5d854324d2..69fc622dac 100644 --- a/provision.yaml +++ b/provision.yaml @@ -27,11 +27,6 @@ travis_ub_6: - litmusimage/ubuntu:16.04 - litmusimage/ubuntu:18.04 - litmusimage/ubuntu:20.04 -travis_el6: - provisioner: docker - images: - - litmusimage/centos:6 - - litmusimage/scientificlinux:6 travis_el7: provisioner: docker images: From 469e2bd8f32f3d1d6d1ffdc08f22360b64c34278 Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 18 Nov 2020 15:59:16 +0000 Subject: [PATCH 0573/1000] (maint) add postgresql module to ci --- .devcontainer/Dockerfile | 6 + .devcontainer/devcontainer.json | 23 + .github/workflows/nightly.yml | 217 +++++++++ .github/workflows/pr_test.yml | 198 +++++++++ .github/workflows/release.yml | 65 --- .github/workflows/weekly.yml | 64 --- .pdkignore | 2 + .rubocop.yml | 439 ++++++++++++++++++- .sync.yml | 4 + .travis.yml | 38 +- Gemfile | 18 +- metadata.json | 2 +- spec/acceptance/alternative_port_spec.rb | 3 +- spec/acceptance/server/recovery_spec.rb | 5 +- spec/acceptance/sql_task_spec.rb | 1 + spec/acceptance/utf8_encoding_spec.rb | 3 +- spec/acceptance/z_alternative_pgdata_spec.rb | 2 +- spec/spec_helper_acceptance_local.rb | 29 ++ 18 files changed, 942 insertions(+), 177 deletions(-) create mode 100644 .devcontainer/Dockerfile create mode 100644 .devcontainer/devcontainer.json create mode 100644 .github/workflows/nightly.yml create mode 100644 .github/workflows/pr_test.yml delete mode 100644 .github/workflows/release.yml delete mode 100644 .github/workflows/weekly.yml diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile new file mode 100644 index 0000000000..12ed4ff109 --- /dev/null +++ b/.devcontainer/Dockerfile @@ -0,0 +1,6 @@ +FROM puppet/pdk:latest + +# [Optional] Uncomment this section to install additional packages. +# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ +# && apt-get -y install --no-install-recommends + diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000000..f1a55dc3f0 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,23 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: +// https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet +{ + "name": "Puppet Development Kit (Community)", + "dockerFile": "Dockerfile", + + // Set *default* container specific settings.json values on container create. + "settings": { + "terminal.integrated.shell.linux": "/bin/bash" + }, + + // Add the IDs of extensions you want installed when the container is created. + "extensions": [ + "puppet.puppet-vscode", + "rebornix.Ruby" + ] + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "pdk --version", +} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml new file mode 100644 index 0000000000..4021da7645 --- /dev/null +++ b/.github/workflows/nightly.yml @@ -0,0 +1,217 @@ +name: "nightly" + +on: + schedule: + - cron: '0 0 * * *' + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=0 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: actions/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + + - name: Cache gems + uses: actions/cache@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + path: vendor/gems + key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} + restore-keys: | + ${{ runner.os }}-${{ github.event_name }}- + ${{ runner.os }}- + + - name: Install gems + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems + buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 + buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 + buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install + buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + + - name: Setup Acceptance Test Matrix + id: get-matrix + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Acceptance: + needs: + - setup_matrix + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start recording" + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: actions/setup-ruby@v1 + with: + ruby-version: "2.7" + + - name: Cache gems + uses: actions/cache@v2 + with: + path: vendor/gems + key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} + restore-keys: | + ${{ runner.os }}-${{ github.event_name }}- + ${{ runner.os }}- + + - name: "Honeycomb: Record cache setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Bundler Setup + run: | + buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems + buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 + buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 + buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install + buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Bundler Setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Remove test environment + if: ${{ always() }} + run: | + if [ -f inventory.yaml ]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' + + slack-workflow-status: + if: always() + name: Post Workflow Status To Slack + needs: + - Acceptance + runs-on: ubuntu-20.04 + steps: + - name: Slack Workflow Notification + uses: Gamesight/slack-workflow-status@88ee95b73b4669825883ddf22747966204663e58 # pin@master + with: + # Required Input + repo_token: ${{ secrets.GITHUB_TOKEN }} + slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} + # Optional Input + channel: '#team-ia-bots' + name: 'GABot' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml new file mode 100644 index 0000000000..2b5ab1f576 --- /dev/null +++ b/.github/workflows/pr_test.yml @@ -0,0 +1,198 @@ +name: "PR Testing" + +on: [pull_request] + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=0 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: actions/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + + - name: Cache gems + uses: actions/cache@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + path: vendor/gems + key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} + restore-keys: | + ${{ runner.os }}-${{ github.event_name }}- + ${{ runner.os }}- + + - name: Install gems + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems + buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 + buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 + buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install + buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + + - name: Setup Acceptance Test Matrix + id: get-matrix + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Acceptance: + needs: + - setup_matrix + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start recording" + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: actions/setup-ruby@v1 + with: + ruby-version: "2.7" + + - name: Cache gems + uses: actions/cache@v2 + with: + path: vendor/gems + key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} + restore-keys: | + ${{ runner.os }}-${{ github.event_name }}- + ${{ runner.os }}- + + - name: "Honeycomb: Record cache setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Bundler Setup + run: | + buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems + buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 + buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 + buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install + buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Bundler Setup time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Remove test environment + if: ${{ always() }} + run: | + if [ -f inventory.yaml ]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 8424781b14..0000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: "release" - -on: - push: - branches: - - 'release' - -jobs: - LitmusAcceptancePuppet5: - env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - runs-on: self-hosted - strategy: - matrix: - ruby_version: [2.5.x] - puppet_gem_version: [~> 6.0] - platform: [release_checks_5] - agent_family: ['puppet5'] - - steps: - - uses: actions/checkout@v1 - - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@main - with: - platform: ${{ matrix.platform }} - agent_family: ${{ matrix.agent_family }} - LitmusAcceptancePuppet6: - env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - runs-on: self-hosted - strategy: - matrix: - ruby_version: [2.5.x] - puppet_gem_version: [~> 6.0] - platform: [release_checks_6] - agent_family: ['puppet6'] - - steps: - - uses: actions/checkout@v1 - - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@main - with: - platform: ${{ matrix.platform }} - agent_family: ${{ matrix.agent_family }} - Spec: - runs-on: self-hosted - strategy: - matrix: - check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] - ruby_version: [2.5.x] - puppet_gem_version: [~> 5.0, ~> 6.0] - exclude: - - puppet_gem_version: ~> 5.0 - check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' - - ruby_version: 2.5.x - puppet_gem_version: ~> 5.0 - steps: - - uses: actions/checkout@v1 - - name: Spec Tests - uses: puppetlabs/action-litmus_spec@main - with: - puppet_gem_version: ${{ matrix.puppet_gem_version }} - check: ${{ matrix.check }} diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml deleted file mode 100644 index 2df6c9131d..0000000000 --- a/.github/workflows/weekly.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: "weekly" - -on: - schedule: - - cron: '0 3 * * 1' - -jobs: - LitmusAcceptancePuppet5: - env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - runs-on: self-hosted - strategy: - matrix: - ruby_version: [2.5.x] - puppet_gem_version: [~> 6.0] - platform: [release_checks_5] - agent_family: ['puppet5'] - - steps: - - uses: actions/checkout@v1 - - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@main - with: - platform: ${{ matrix.platform }} - agent_family: ${{ matrix.agent_family }} - LitmusAcceptancePuppet6: - env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - runs-on: self-hosted - strategy: - matrix: - ruby_version: [2.5.x] - puppet_gem_version: [~> 6.0] - platform: [release_checks_6] - agent_family: ['puppet6'] - - steps: - - uses: actions/checkout@v1 - - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@main - with: - platform: ${{ matrix.platform }} - agent_family: ${{ matrix.agent_family }} - Spec: - runs-on: self-hosted - strategy: - matrix: - check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] - ruby_version: [2.5.x] - puppet_gem_version: [~> 5.0, ~> 6.0] - exclude: - - puppet_gem_version: ~> 5.0 - check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' - - ruby_version: 2.5.x - puppet_gem_version: ~> 5.0 - steps: - - uses: actions/checkout@v1 - - name: Spec Tests - uses: puppetlabs/action-litmus_spec@main - with: - puppet_gem_version: ${{ matrix.puppet_gem_version }} - check: ${{ matrix.check }} diff --git a/.pdkignore b/.pdkignore index e6215cd0cb..254808c8f3 100644 --- a/.pdkignore +++ b/.pdkignore @@ -32,6 +32,7 @@ /.gitignore /.gitlab-ci.yml /.pdkignore +/.puppet-lint.rc /Rakefile /rakelib/ /.rspec @@ -40,3 +41,4 @@ /.yardopts /spec/ /.vscode/ +/.sync.yml diff --git a/.rubocop.yml b/.rubocop.yml index 5307849e37..33c33fa52a 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,12 +1,12 @@ --- require: +- rubocop-performance - rubocop-rspec -- rubocop-i18n AllCops: DisplayCopNames: true - TargetRubyVersion: '2.1' + TargetRubyVersion: '2.4' Include: - - "./**/*.rb" + - "**/*.rb" Exclude: - bin/* - ".vendor/**/*" @@ -18,16 +18,9 @@ AllCops: - "**/Puppetfile" - "**/Vagrantfile" - "**/Guardfile" -Metrics/LineLength: +Layout/LineLength: Description: People have wide screens, use them. Max: 200 -GetText: - Enabled: false -GetText/DecorateString: - Description: We don't want to decorate test output. - Exclude: - - spec/**/* - Enabled: false RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. @@ -40,10 +33,6 @@ Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. EnforcedStyle: braces_for_chaining -Style/BracesAroundHashParameters: - Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0. - See https://github.com/rubocop-hq/rubocop/pull/7643 - Enabled: true Style/ClassAndModuleChildren: Description: Compact style reduces the required amount of indentation. EnforcedStyle: compact @@ -72,7 +61,7 @@ Style/TrailingCommaInArguments: Description: Prefer always trailing comma on multiline argument lists. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma -Style/TrailingCommaInLiteral: +Style/TrailingCommaInArrayLiteral: Description: Prefer always trailing comma on multiline literals. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma @@ -87,21 +76,219 @@ Style/Documentation: - spec/**/* Style/WordArray: EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/Caller: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/Casecmp: + Enabled: true +Performance/CollectionLiteralInLoop: + Enabled: true +Performance/CompareWithBlock: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/Count: + Enabled: true +Performance/Detect: + Enabled: true +Performance/DoubleStartEndWith: + Enabled: true +Performance/EndWith: + Enabled: true +Performance/FixedSize: + Enabled: true +Performance/FlatMap: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RangeInclude: + Enabled: true +Performance/RedundantBlockCall: + Enabled: true +Performance/RedundantMatch: + Enabled: true +Performance/RedundantMerge: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/RegexpMatch: + Enabled: true +Performance/ReverseEach: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/Size: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StartWith: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/StringReplacement: + Enabled: true +Performance/Sum: + Enabled: true +Performance/TimesMap: + Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true -GetText/DecorateFunctionMessage: +Bundler/InsecureProtocolSource: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: Enabled: false -GetText/DecorateStringFormattingUsingInterpolation: +Gemspec/RequiredRubyVersion: Enabled: false -GetText/DecorateStringFormattingUsingPercent: +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: Enabled: false Layout/EndOfLine: Enabled: false -Layout/IndentHeredoc: +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: Enabled: false Metrics/AbcSize: Enabled: false @@ -119,19 +306,229 @@ Metrics/ParameterLists: Enabled: false Metrics/PerceivedComplexity: Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Capybara/CurrentPathExpectation: + Enabled: false +RSpec/Capybara/FeatureMethods: + Enabled: false +RSpec/Capybara/VisibilityMatcher: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false RSpec/DescribeClass: Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false RSpec/ExampleLength: Enabled: false -RSpec/MessageExpectation: +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/FactoryBot/AttributeDefinedStatically: + Enabled: false +RSpec/FactoryBot/CreateList: + Enabled: false +RSpec/FactoryBot/FactoryClassName: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false RSpec/NestedGroups: Enabled: false +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false Style/AsciiComments: Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: false Style/IfUnlessModifier: Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false +Style/SwapValues: + Enabled: false Style/SymbolProc: Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false diff --git a/.sync.yml b/.sync.yml index e8a645eee3..286882468e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -48,3 +48,7 @@ Rakefile: spec/spec_helper.rb: mock_with: ":rspec" coverage_report: true +.github/workflows/nightly.yml: + unmanaged: false +.github/workflows/pr_test.yml: + unmanaged: false diff --git a/.travis.yml b/.travis.yml index 4b002857f4..35cff761e8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,72 +27,86 @@ stages: jobs: fast_finish: true include: - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_ub_6_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_ub_5_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_deb_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el7_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" + env: PLATFORMS=travis_el8_puppet5 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_deb_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el7_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance + - bundler_args: --with system_tests + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" + env: PLATFORMS=travis_el8_puppet6 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static diff --git a/Gemfile b/Gemfile index 4f6e33b02d..99ff40bf08 100644 --- a/Gemfile +++ b/Gemfile @@ -17,19 +17,19 @@ ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') end +group :system_tests do + gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] +end puppet_version = ENV['PUPPET_GEM_VERSION'] facter_version = ENV['FACTER_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 74bd255b4b..598993bfd7 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-gd610ead" + "template-ref": "heads/main-0-g28e5206" } diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index f854973bad..75af9d9740 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,12 +2,11 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgresql::server' do +describe 'postgresql::server', skip: 'IAC-1286' do it 'on an alternative port' do pp = <<-MANIFEST class { 'postgresql::server': port => '55433', manage_selinux => true } MANIFEST - idempotent_apply(pp) end diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 862b2b036e..2f0a117056 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,7 +1,10 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::recovery' do +describe 'postgresql::server::recovery' , skip: 'IAC-1286' do describe 'should manage recovery' do + before(:all) do + pre_run + end after(:all) do pp = <<-MANIFEST.unindent file { '/tmp/recovery.conf': diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb index 62252cdaa1..8cee7e0a3f 100644 --- a/spec/acceptance/sql_task_spec.rb +++ b/spec/acceptance/sql_task_spec.rb @@ -12,6 +12,7 @@ class { 'postgresql::server': } -> MANIFEST it 'sets up a postgres db' do + export_locales('en_US.UTF-8 ') apply_manifest(pp, catch_failures: true) end diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index 9493e6e4b6..1743a38ad9 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server' do +describe 'postgresql::server', skip: 'IAC-1286' do let(:pp) do <<-MANIFEST class { 'postgresql::globals': @@ -12,6 +12,7 @@ class { 'postgresql::server': } end it 'with defaults' do + export_locales('en_NG.UTF8') idempotent_apply(pp) expect(port(5432)).to be_listening expect(psql('--command="\l" postgres', 'postgres').stdout).to match(%r{List of databases}) diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index aada31883b..b2f7938012 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -3,7 +3,7 @@ # These tests ensure that postgres can change itself to an alternative pgdata # location properly. -describe 'postgresql::server' do +describe 'postgresql::server', skip: 'IAC-1286' do before(:each) do if os[:family] == 'sles' skip "These test's currently do not work on SLES/Suse modules" diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 18ebc3ee60..92d18a3346 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -19,12 +19,40 @@ def unindent end end +def export_locales(locale) + LitmusHelper.instance.run_shell('echo export PATH="/opt/puppetlabs/bin:$PATH" > ~/.bashrc') + LitmusHelper.instance.run_shell('echo export LC_ALL="C" > /etc/profile.d/my-custom.lang.sh') + LitmusHelper.instance.run_shell("echo \"## #{locale} ##\" >> /etc/profile.d/my-custom.lang.sh") + LitmusHelper.instance.run_shell("echo export LANG=#{locale} >> /etc/profile.d/my-custom.lang.sh") + LitmusHelper.instance.run_shell("echo export LANGUAGE=#{locale} >> /etc/profile.d/my-custom.lang.sh") + LitmusHelper.instance.run_shell('echo export LC_COLLATE=C >> /etc/profile.d/my-custom.lang.sh') + LitmusHelper.instance.run_shell("echo export LC_CTYPE=#{locale} >> /etc/profile.d/my-custom.lang.sh") + LitmusHelper.instance.run_shell('source /etc/profile.d/my-custom.lang.sh') + LitmusHelper.instance.run_shell('echo export LC_ALL="C" >> ~/.bashrc') + LitmusHelper.instance.run_shell('source ~/.bashrc') +end + +def pre_run + LitmusHelper.instance.apply_manifest("class { 'postgresql::server': postgres_password => 'postgres' }", catch_failures: true) +end + def install_dependencies iproute2 = <<-MANIFEST package { 'iproute2': ensure => installed } MANIFEST LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') + netstat = <<-MANIFEST + # needed for netstat, for serverspec checks + if $::osfamily == 'SLES' or $::osfamily == 'SUSE' { + package { 'net-tools-deprecated': + ensure => 'latest', + } + } + MANIFEST + + LitmusHelper.instance.apply_manifest(netstat) + return unless os[:family] == 'redhat' && os[:release].start_with?('6', '7', '8') policycoreutils_pkg = 'policycoreutils-python' if os[:release].start_with?('6', '7') @@ -35,6 +63,7 @@ def install_dependencies MANIFEST LitmusHelper.instance.apply_manifest(selinux) + LitmusHelper.instance.run_shell('sudo setenforce 0', expect_failures: true) if os[:family] =~ %r{redhat|oracle} end def postgresql_version From 73134aed1c395c39455c009df3cf249ab9b7443c Mon Sep 17 00:00:00 2001 From: sheena Date: Tue, 15 Dec 2020 18:37:28 +0000 Subject: [PATCH 0574/1000] (maint) fixing rubocop erros --- .rubocop.yml | 1 + .rubocop_todo.yml | 4 + .sync.yml | 5 + .travis.yml | 20 -- .../postgresql_acls_to_resources_hash.rb | 2 +- .../functions/postgresql/postgresql_escape.rb | 6 +- .../postgresql_replication_slot/ruby.rb | 2 +- lib/puppet/type/postgresql_psql.rb | 8 +- lib/puppet/util/postgresql_validator.rb | 2 +- spec/acceptance/server/grant_role_spec.rb | 48 ++-- spec/acceptance/server/grant_spec.rb | 214 ++++++++---------- .../server/reassign_owned_by_spec.rb | 32 ++- spec/acceptance/server/recovery_spec.rb | 2 +- spec/spec_helper_acceptance_local.rb | 2 +- .../postgresql_replication_slot/ruby_spec.rb | 3 +- .../puppet/type/postgresql_conn_validator.rb | 2 +- spec/unit/puppet/type/postgresql_psql_spec.rb | 8 +- spec/unit/type/postgresql_conf_spec.rb | 4 +- 18 files changed, 164 insertions(+), 201 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 33c33fa52a..33efb87f7d 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -68,6 +68,7 @@ Style/TrailingCommaInArrayLiteral: Style/SymbolArray: Description: Using percent style obscures symbolic intent of array's contents. EnforcedStyle: brackets +inherit_from: ".rubocop_todo.yml" RSpec/MessageSpies: EnforcedStyle: receive Style/Documentation: diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index e69de29bb2..cea7cf84e4 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -0,0 +1,4 @@ +Style/FrozenStringLiteralComment: + Enabled: false + Exclude: + - lib/* diff --git a/.sync.yml b/.sync.yml index 286882468e..6577c062d1 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,6 +1,11 @@ --- ".gitlab-ci.yml": delete: true +".rubocop.yml": + default_configs: + inherit_from: ".rubocop_todo.yml" + require: + - rubocop-rspec ".travis.yml": global_env: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" diff --git a/.travis.yml b/.travis.yml index 35cff761e8..af7c43f202 100644 --- a/.travis.yml +++ b/.travis.yml @@ -67,16 +67,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el8_puppet5 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" @@ -97,16 +87,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el8_puppet6 - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 9625454f86..520ec50842 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -39,7 +39,7 @@ def default_impl(acls, id, offset) if parts.length > 4 resource['auth_option'] = parts.last(parts.length - 4).join(' ') end - elsif parts[4] =~ %r{^\d} + elsif %r{^\d}.match?(parts[4]) resource['address'] = parts[3] + ' ' + parts[4] resource['auth_method'] = parts[5] diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb index 223ad7018f..a773b9acc2 100644 --- a/lib/puppet/functions/postgresql/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -17,14 +17,12 @@ def default_impl(input_string) # Keep generating possible values for tag until we find one that doesn't appear in the input string tag = Digest::MD5.hexdigest(input_string)[0..5].gsub(%r{\d}, '') - until input_string !~ %r{#{tag}} - tag = Digest::MD5.hexdigest(tag)[0..5].gsub(%r{\d}, '') - end + tag = Digest::MD5.hexdigest(tag)[0..5].gsub(%r{\d}, '') until input_string !~ %r{#{tag}} "$#{tag}$#{input_string}$#{tag}$" end def tag_needed?(input_string) - input_string =~ %r{\$\$} || input_string.end_with?('$') + input_string =~ %r{\$\$} || input_string.end_with?('$') # rubocop:disable Performance/StringInclude end end diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index d163f40375..e8b0e4cba2 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -3,7 +3,7 @@ commands psql: 'psql' def self.instances - run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ %r{\|} }.map do |l| + run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ %r{\|} }.map do |l| # rubocop:disable Performance/StringInclude name, *_others = l.strip.split(%r{\s+\|\s+}) new(name: name, ensure: :present) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 715c4ce7d0..f131ee4c7f 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -21,7 +21,7 @@ def retrieve def sync output, status = provider.run_sql_command(value) - raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/NumericPredicate + raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 end end @@ -36,7 +36,6 @@ def sync # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) - # rubocop:disable Style/NumericPredicate fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/SignalException # rubocop:enable Style/NumericPredicate @@ -59,8 +58,7 @@ def matches(value) output, status = provider.run_unless_sql_command(value) status = output.exitcode if status.nil? - raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/NumericPredicate - + raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'onlyif' clause") result_count > 0 @@ -110,7 +108,7 @@ def matches(value) validate do |values| Array(values).each do |value| - unless value =~ %r{\w+=} + unless %r{\w+=}.match?(value) raise ArgumentError, "Invalid environment setting '#{value}'" end end diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index 972f936515..a238671041 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -41,7 +41,7 @@ def attempt_connection(sleep_length, tries) Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" result = execute_command if result && !result.empty? - Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match %r{PGDATABASE} }} successful!" + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match %r{PGDATABASE} }} successful!" # rubocop:disable Performance/StringInclude return true else Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 3b2647550b..69d1f0bf68 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -157,42 +157,36 @@ class { 'postgresql::server': } end it 'grants a role to a user/superuser' do - begin - idempotent_apply(pp_one) - - ## Check that the role was granted to the user - psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end - ## Check that the role was granted to the user - psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| # rubocop:disable Metrics/LineLength - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + idempotent_apply(pp_one) + + ## Check that the role was granted to the user + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + ## Check that the role was granted to the user + psql('--command="SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = \'test_group\' AND r_role.rolname = \'psql_grant_role_tester\'" grant_role_test', 'psql_grant_role_tester') do |r| # rubocop:disable Layout/LineLength + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end it 'revokes a role from a user' do - begin - apply_manifest(pp_two, catch_failures: true) - apply_manifest(pp_two, expect_changes: true) - - psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(%r{\(0 rows\)}) - expect(r.stderr).to eq('') - end + apply_manifest(pp_two, catch_failures: true) + apply_manifest(pp_two, expect_changes: true) + + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') end end it 'does not grant permission to a nonexistent user' do - begin - apply_manifest(pp_three, expect_failures: true) + apply_manifest(pp_three, expect_failures: true) - psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| - expect(r.stdout).to match(%r{\(0 rows\)}) - expect(r.stderr).to eq('') - end + psql('--command="SELECT 1 WHERE pg_has_role(\'psql_grant_role_tester\', \'test_group\', \'MEMBER\') = true" grant_role_test', 'psql_grant_role_tester') do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') end end end diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 95b31e2f9a..bc0a26e8fc 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -129,21 +129,19 @@ class { 'postgresql::server': } end it 'grants usage/update on a sequence to a user' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end end @@ -184,21 +182,19 @@ class { 'postgresql::server': } end it 'grants usage on all sequences to a user' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) - ## Check that the privileges were granted to the user, this check is not available on postgresql_version < 9.0 - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privileges were granted to the user, this check is not available on postgresql_version < 9.0 + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'USAGE') AND has_sequence_privilege('#{user}', 'test_seq3', 'USAGE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end - ## Check that the privileges were granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privileges were granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_sequence_privilege('#{user}', 'test_seq2', 'UPDATE') AND has_sequence_privilege('#{user}', 'test_seq3', 'UPDATE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end end @@ -247,28 +243,24 @@ class { 'postgresql::server': } end it 'grants execute on a function to a user' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func()', 'EXECUTE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func()', 'EXECUTE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end end it 'grants execute on a function with argument to a user' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp) - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func_with_arg(integer)', 'EXECUTE')\"", user) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_function_privilege('#{user}', 'test_func_with_arg(integer)', 'EXECUTE')\"", user) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end end @@ -303,8 +295,7 @@ class { 'postgresql::server': } end it 'grant select on a table to a user' do - begin - pp_grant = pp_setup + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant select on test_tbl': privilege => 'SELECT', @@ -324,7 +315,7 @@ class { 'postgresql::server': } } EOS - pp_revoke = pp_setup + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke select on test_tbl': ensure => absent, @@ -346,36 +337,34 @@ class { 'postgresql::server': } } EOS - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - idempotent_apply(pp_create_table) - idempotent_apply(pp_grant) - - ## Check that the SELECT privilege was granted to the user - psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| - expect(r.stdout).to match(%r{t}) - expect(r.stderr).to eq('') - end - - ## Check that the INSERT privilege was granted to the user - psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'INSERT')\"", user) do |r| - expect(r.stdout).to match(%r{t}) - end - - idempotent_apply(pp_create_table) - idempotent_apply(pp_revoke) - - ## Check that the SELECT privilege was revoked from the user - psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| - expect(r.stdout).to match(%r{f}) - expect(r.stderr).to eq('') - end + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) + + ## Check that the SELECT privilege was granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| + expect(r.stdout).to match(%r{t}) + expect(r.stderr).to eq('') + end + + ## Check that the INSERT privilege was granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'INSERT')\"", user) do |r| + expect(r.stdout).to match(%r{t}) + end + + idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) + + ## Check that the SELECT privilege was revoked from the user + psql("-d #{db} --tuples-only --command=\"SELECT * FROM has_table_privilege('#{user}', 'test_tbl', 'SELECT')\"", user) do |r| + expect(r.stdout).to match(%r{f}) + expect(r.stderr).to eq('') end end end it 'grant update on all tables to a user' do - begin - pp_grant = pp_setup + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant update on all tables': privilege => 'UPDATE', @@ -387,7 +376,7 @@ class { 'postgresql::server': } } EOS - pp_revoke = pp_setup + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke update on all tables': ensure => absent, @@ -400,36 +389,34 @@ class { 'postgresql::server': } } EOS - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one - idempotent_apply(pp_create_table) - idempotent_apply(pp_grant) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) - ## Check that all privileges were granted to the user - psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants + ## Check that all privileges were granted to the user + psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants WHERE grantee = '#{user}' AND table_schema = 'public' AND privilege_type='UPDATE'\"", user) do |r| - expect(r.stdout).to match(%r{test_tbl[ |]*UPDATE}) - expect(r.stdout).to match(%r{test_tbl2[ |]*UPDATE}) - expect(r.stdout).to match(%r{\(2 rows\)}) - expect(r.stderr).to eq('') - end + expect(r.stdout).to match(%r{test_tbl[ |]*UPDATE}) + expect(r.stdout).to match(%r{test_tbl2[ |]*UPDATE}) + expect(r.stdout).to match(%r{\(2 rows\)}) + expect(r.stderr).to eq('') + end - ## idempotent_apply(pp_create_table) - idempotent_apply(pp_revoke) + ## idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) - ## Check that all privileges were revoked from the user - psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants + ## Check that all privileges were revoked from the user + psql("-d #{db} --command=\"SELECT table_name,privilege_type FROM information_schema.role_table_grants WHERE grantee = '#{user}' AND table_schema = 'public' AND privilege_type='UPDATE'\"", user) do |r| - expect(r.stdout).to match(%r{\(0 rows\)}) - expect(r.stderr).to eq('') - end + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') end end end it 'grant all on all tables to a user' do - begin - pp_grant = pp_setup + <<-EOS.unindent + pp_grant = pp_setup + <<-EOS.unindent postgresql::server::grant { 'grant all on all tables': privilege => 'ALL', @@ -441,7 +428,7 @@ class { 'postgresql::server': } } EOS - pp_revoke = pp_setup + <<-EOS.unindent + pp_revoke = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke all on all tables': ensure => absent, @@ -454,30 +441,29 @@ class { 'postgresql::server': } } EOS - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one - idempotent_apply(pp_create_table) - idempotent_apply(pp_grant) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one + idempotent_apply(pp_create_table) + idempotent_apply(pp_grant) - ## Check that all privileges were granted to the user - psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants + ## Check that all privileges were granted to the user + psql("-d #{db} --tuples-only --command=\"SELECT table_name,count(privilege_type) FROM information_schema.role_table_grants WHERE grantee = '#{user}' AND table_schema = 'public' AND privilege_type IN ('SELECT','UPDATE','INSERT','DELETE','TRIGGER','REFERENCES','TRUNCATE') GROUP BY table_name\"", user) do |r| - expect(r.stdout).to match(%r{test_tbl[ |]*7$}) - expect(r.stdout).to match(%r{test_tbl2[ |]*7$}) - expect(r.stderr).to eq('') - end + expect(r.stdout).to match(%r{test_tbl[ |]*7$}) + expect(r.stdout).to match(%r{test_tbl2[ |]*7$}) + expect(r.stderr).to eq('') + end - ## idempotent_apply(pp_create_table) - idempotent_apply(pp_revoke) + ## idempotent_apply(pp_create_table) + idempotent_apply(pp_revoke) - ## Check that all privileges were revoked from the user - psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants + ## Check that all privileges were revoked from the user + psql("-d #{db} --command=\"SELECT table_name FROM information_schema.role_table_grants WHERE grantee = '#{user}' AND table_schema = 'public'\"", user) do |r| - expect(r.stdout).to match(%r{\(0 rows\)}) - expect(r.stderr).to eq('') - end + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') end end end @@ -486,10 +472,9 @@ class { 'postgresql::server': } context 'database' do describe 'REVOKE ... ON DATABASE...' do it 'do not fail on revoke connect from non-existant user' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.1.24') - apply_manifest(pp_setup, catch_failures: true) - pp = pp_setup + <<-EOS.unindent + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.1.24') + apply_manifest(pp_setup, catch_failures: true) + pp = pp_setup + <<-EOS.unindent postgresql::server::grant { 'revoke connect on db from norole': ensure => absent, privilege => 'CONNECT', @@ -498,8 +483,7 @@ class { 'postgresql::server': } role => '#{user}_does_not_exist', } EOS - idempotent_apply(pp) - end + idempotent_apply(pp) end end end diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 0e1bd8c277..c006f5714c 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -103,27 +103,25 @@ class { 'postgresql::server': } end it 'reassigns all objects to new_owner' do - begin - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') - apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') + apply_manifest(pp_setup + pp_db_old_owner + pp_setup_objects, catch_failures: true) - idempotent_apply(pp_setup + pp_db_no_owner + pp_reassign_owned_by) + idempotent_apply(pp_setup + pp_db_no_owner + pp_reassign_owned_by) - ## Check that the ownership was transferred - psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| - expect(r.stdout).to match(%r{test_tbl.#{new_owner}}) - expect(r.stderr).to eq('') - end - psql("-d #{db} --tuples-only --no-align --command=\"SELECT relname,pg_get_userbyid(relowner) FROM pg_catalog.pg_class c WHERE relkind='S'\"", superuser) do |r| - expect(r.stdout).to match(%r{test_seq.#{new_owner}}) + ## Check that the ownership was transferred + psql("-d #{db} --tuples-only --no-align --command=\"SELECT tablename,tableowner FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema')\"", superuser) do |r| + expect(r.stdout).to match(%r{test_tbl.#{new_owner}}) + expect(r.stderr).to eq('') + end + psql("-d #{db} --tuples-only --no-align --command=\"SELECT relname,pg_get_userbyid(relowner) FROM pg_catalog.pg_class c WHERE relkind='S'\"", superuser) do |r| + expect(r.stdout).to match(%r{test_seq.#{new_owner}}) + expect(r.stderr).to eq('') + end + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.3') + psql("-d #{db} --tuples-only --no-align --command=\"SELECT pg_get_userbyid(datdba) FROM pg_database WHERE datname = current_database()\"", superuser) do |r| + expect(r.stdout).to match(%r{#{new_owner}}) expect(r.stderr).to eq('') end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.3') - psql("-d #{db} --tuples-only --no-align --command=\"SELECT pg_get_userbyid(datdba) FROM pg_database WHERE datname = current_database()\"", superuser) do |r| - expect(r.stdout).to match(%r{#{new_owner}}) - expect(r.stderr).to eq('') - end - end end end end # it should reassign all objects diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 2f0a117056..0a39162263 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'postgresql::server::recovery' , skip: 'IAC-1286' do +describe 'postgresql::server::recovery', skip: 'IAC-1286' do describe 'should manage recovery' do before(:all) do pre_run diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 92d18a3346..41d48bec43 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -63,7 +63,7 @@ def install_dependencies MANIFEST LitmusHelper.instance.apply_manifest(selinux) - LitmusHelper.instance.run_shell('sudo setenforce 0', expect_failures: true) if os[:family] =~ %r{redhat|oracle} + #LitmusHelper.instance.run_shell('sudo setenforce 0', expect_failures: true) if %r{redhat|oracle}.match?(os[:family]) end def postgresql_version diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index e5c6c1cbf8..d311926d62 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -8,6 +8,7 @@ def success? true end end + # class FailStatus class FailStatus def success? @@ -29,7 +30,7 @@ def | | physical | | | t | | | 0/ context 'when listing instances' do before(:each) do - expect(provider.class).to receive(:run_command).with( # rubocop:disable RSpec/ExpectInHook + expect(provider.class).to receive(:run_command).with( ['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], 'postgres', 'postgres' ).and_return([sql_instances, nil]) diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 663ce3ad04..31a90acf0b 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -10,7 +10,7 @@ describe 'when validating attributes' do [:name, :db_name, :db_username, :command, :host, :port, :connect_settings, :sleep, :tries, :psql_path].each do |param| - it "should have a #{param} parameter" do + it "has a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) end end diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index d479df6dd7..fe7a8d2615 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -3,13 +3,13 @@ describe Puppet::Type.type(:postgresql_psql) do # rubocop:disable RSpec/MultipleDescribes context 'when validating attributes' do [:name, :unless, :db, :psql_path, :psql_user, :psql_group, :connect_settings].each do |attr| - it "should have a #{attr} parameter" do + it "has a #{attr} parameter" do expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) end end [:command].each do |attr| - it "should have a #{attr} property" do + it "has a #{attr} property" do expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:property) end end @@ -164,7 +164,7 @@ end describe "#should_run_sql with matching 'unless'" do - before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(true) } # rubocop:disable RSpec/ExpectInHook + before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(true) } [true, :true].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do @@ -206,7 +206,7 @@ end describe "#should_run_sql when not matching 'unless'" do - before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(false) } # rubocop:disable RSpec/ExpectInHook + before(:each) { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(false) } [true, :true].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 0cbab1052f..5feab6ed85 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -22,13 +22,13 @@ describe 'when validating attributes' do [:name, :provider].each do |param| - it "should have a #{param} parameter" do + it "has a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) end end [:value, :target].each do |property| - it "should have a #{property} property" do + it "has a #{property} property" do expect(described_class.attrtype(property)).to eq(:property) end end From 344dcb9d97bca1b33206ff4b8200117136d6d0ce Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 16 Dec 2020 10:25:11 +0000 Subject: [PATCH 0575/1000] (maint) disable selinux tests for redhat8 --- spec/acceptance/alternative_port_spec.rb | 14 ++++++++++---- spec/spec_helper_acceptance_local.rb | 1 - 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 75af9d9740..4486d1fb0c 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -2,12 +2,18 @@ # These tests ensure that postgres can change itself to an alternative port # properly. -describe 'postgresql::server', skip: 'IAC-1286' do +describe 'postgresql::server' do it 'on an alternative port' do pp = <<-MANIFEST - class { 'postgresql::server': port => '55433', manage_selinux => true } - MANIFEST - idempotent_apply(pp) + class { 'postgresql::server': port => '55433', manage_selinux => true } + MANIFEST + if os[:family] == 'redhat' && os[:release].start_with?('8') + apply_manifest(pp, expect_failures: false) + # GCP failures on redhat8 IAC-1286 - idempotency failing + # apply_manifest(pp, catch_changes: true) + else + idempotent_apply(pp) + end end describe port(55_433) do diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 41d48bec43..9dc7bcebaf 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -63,7 +63,6 @@ def install_dependencies MANIFEST LitmusHelper.instance.apply_manifest(selinux) - #LitmusHelper.instance.run_shell('sudo setenforce 0', expect_failures: true) if %r{redhat|oracle}.match?(os[:family]) end def postgresql_version From d9751c7b3b62807e16ca7db908f5c90e7cd41545 Mon Sep 17 00:00:00 2001 From: Disha-maker Date: Fri, 18 Dec 2020 12:27:42 +0000 Subject: [PATCH 0576/1000] (IAC-1351) Remove CentOS 5 & RHEL 5 from provision.yaml file --- provision.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/provision.yaml b/provision.yaml index 69fc622dac..fcf0a18424 100644 --- a/provision.yaml +++ b/provision.yaml @@ -40,11 +40,9 @@ travis_el8: release_checks_5: provisioner: abs images: - - redhat-5-x86_64 - redhat-6-x86_64 - redhat-7-x86_64 - redhat-8-x86_64 - - centos-5-x86_64 - centos-6-x86_64 - centos-7-x86_64 - centos-8-x86_64 @@ -63,11 +61,9 @@ release_checks_5: release_checks_6: provisioner: abs images: - - redhat-5-x86_64 - redhat-6-x86_64 - redhat-7-x86_64 - redhat-8-x86_64 - - centos-5-x86_64 - centos-6-x86_64 - centos-7-x86_64 - centos-8-x86_64 From 3a565403cefcc56808b17005f973cbd30c5d8b0e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 22 Dec 2020 18:12:48 +0100 Subject: [PATCH 0577/1000] Use OS major version numbers in globals This is a code simplification for distributions that don't change the PostgreSQL version in a major release. As a bonus fact, it adds support for CentOS 8 Stream which identifies itself without a minor version. For completeness, the OS facts from CentOS 8 Stream: # facter os { architecture => "x86_64", family => "RedHat", hardware => "x86_64", name => "CentOS", release => { full => "8", major => "8" }, selinux => { enabled => false } } --- manifests/globals.pp | 26 +++++++++---------- manifests/params.pp | 14 +++++----- manifests/server/config.pp | 2 +- manifests/server/config_entry.pp | 4 +-- manifests/server/initdb.pp | 2 +- spec/unit/classes/client_spec.rb | 2 +- spec/unit/classes/globals_spec.rb | 2 +- spec/unit/classes/lib/devel_spec.rb | 6 ++--- spec/unit/classes/lib/java_spec.rb | 4 +-- spec/unit/classes/lib/perl_spec.rb | 4 +-- spec/unit/classes/lib/pgdocs_spec.rb | 2 +- spec/unit/classes/lib/python_spec.rb | 4 +-- spec/unit/classes/params_spec.rb | 2 +- spec/unit/classes/server/contrib_spec.rb | 2 +- spec/unit/classes/server/initdb_spec.rb | 10 +++---- spec/unit/classes/server/plperl_spec.rb | 2 +- spec/unit/classes/server/plpython_spec.rb | 2 +- spec/unit/classes/server/postgis_spec.rb | 2 +- spec/unit/defines/server/config_entry_spec.rb | 4 +-- .../defines/server/database_grant_spec.rb | 2 +- spec/unit/defines/server/database_spec.rb | 2 +- spec/unit/defines/server/db_spec.rb | 2 +- spec/unit/defines/server/extension_spec.rb | 6 ++--- spec/unit/defines/server/grant_role_spec.rb | 2 +- spec/unit/defines/server/grant_spec.rb | 2 +- spec/unit/defines/server/pg_hba_rule_spec.rb | 2 +- .../unit/defines/server/pg_ident_rule_spec.rb | 2 +- .../defines/server/reassign_owned_by_spec.rb | 2 +- spec/unit/defines/server/recovery_spec.rb | 2 +- spec/unit/defines/server/role_spec.rb | 2 +- spec/unit/defines/server/schema_spec.rb | 2 +- spec/unit/defines/server/table_grant_spec.rb | 2 +- spec/unit/defines/server/tablespace_spec.rb | 2 +- .../defines/validate_db_connection_spec.rb | 2 +- 34 files changed, 65 insertions(+), 65 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5069976f8c..e774752ade 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -159,7 +159,7 @@ # class. $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { - 'Fedora' => $facts['os']['release']['full'] ? { + 'Fedora' => $facts['os']['release']['major'] ? { /^(32|33)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', @@ -174,24 +174,24 @@ default => undef, }, 'Amazon' => '9.2', - default => $facts['os']['release']['full'] ? { - /^8\./ => '10', - /^7\./ => '9.2', - /^6\./ => '8.4', - /^5\./ => '8.1', + default => $facts['os']['release']['major'] ? { + '8' => '10', + '7' => '9.2', + '6' => '8.4', + '5' => '8.1', default => undef, }, }, 'Debian' => $facts['os']['name'] ? { - 'Debian' => $facts['os']['release']['full'] ? { - /^(squeeze|6\.)/ => '8.4', - /^(wheezy|7\.)/ => '9.1', - /^(jessie|8\.)/ => '9.4', - /^(stretch|9\.)/ => '9.6', - /^(buster|10\.)/ => '11', + 'Debian' => $facts['os']['release']['major'] ? { + '6' => '8.4', + '7' => '9.1', + '8' => '9.4', + '9' => '9.6', + '10' => '11', default => undef, }, - 'Ubuntu' => $facts['os']['release']['full'] ? { + 'Ubuntu' => $facts['os']['release']['major'] ? { /^(10.04|10.10|11.04)$/ => '8.4', /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(14.04)$/ => '9.3', diff --git a/manifests/params.pp b/manifests/params.pp index 26f9c1efd3..de3eccf40b 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -90,7 +90,7 @@ # RHEL 5 uses SysV init, RHEL 6 uses upstart. RHEL 7 and 8 both use systemd. 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { - if $facts['os']['release']['full'] =~ /^[78].*/ { + if $facts['os']['release']['major'] in ['7', '8'] { $service_reload = "systemctl reload ${service_name}" $service_status = "systemctl status ${service_name}" } else { @@ -113,7 +113,7 @@ if $postgresql::globals::postgis_package_name { $postgis_package_name = $postgresql::globals::postgis_package_name - } elsif $facts['os']['release']['full'] =~ /^5\./ { + } elsif $facts['os']['release']['major'] == '5' { $postgis_package_name = 'postgis' } elsif $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = "postgis${package_version}" @@ -175,7 +175,7 @@ $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") - if $facts['os']['name'] == 'Debian' and $facts['os']['release']['full'] =~ /^10/ and $postgresql::globals::manage_package_repo != true { + if $facts['os']['name'] == 'Debian' and $facts['os']['release']['major'] == '10' and $postgresql::globals::manage_package_repo != true { $contrib_package_name = pick($contrib_package_name, 'postgresql-contrib') } else { $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") @@ -189,8 +189,8 @@ } $devel_package_name = pick($devel_package_name, 'libpq-dev') $java_package_name = $facts['os']['name'] ? { - 'Debian' => $facts['os']['release']['full'] ? { - /^6/ => pick($java_package_name, 'libpg-java'), + 'Debian' => $facts['os']['release']['major'] ? { + '6' => pick($java_package_name, 'libpg-java'), default => pick($java_package_name, 'libpostgresql-jdbc-java'), }, default => pick($java_package_name, 'libpostgresql-jdbc-java'), @@ -203,10 +203,10 @@ $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") $confdir = pick($confdir, "/etc/postgresql/${version}/main") - if $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['full'], '8.0') >= 0 { + if $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'], '8') >= 0 { # Jessie uses systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") - } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '15.04') >= 0 { + } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'], '15.04') >= 0 { # Ubuntu releases since vivid use systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name} status") } else { diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 2c4770c08f..1e8ca8fb4a 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -186,7 +186,7 @@ # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['full'] !~ /^7|^8/) and ($facts['os']['name'] != 'Fedora') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] !~ /^(7|8)$/) and ($facts['os']['name'] != 'Fedora') { file { '/etc/sysconfig/pgsql/postgresql': ensure => file, replace => false, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index faf3410cf5..133a3b0236 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -97,7 +97,7 @@ # a systemd override for the port or update the sysconfig file, but this # is managed for us in postgresql::server::config. if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { - if $name == 'port' and ( $facts['os']['release']['full'] =~ /^6/ or $facts['os']['release']['full'] =~ /^10\.04/ ) { + if $name == 'port' and $facts['os']['release']['major'] in ['6', '10.04'] { exec { "postgresql_stop_${name}": command => "service ${postgresql::server::service_name} stop", onlyif => "service ${postgresql::server::service_name} status", @@ -117,7 +117,7 @@ } } if $facts['os']['family'] == 'RedHat' { - if ! ($facts['os']['release']['full'] =~ /^7|^8/ or $facts['os']['name'] == 'Fedora') { + if ! ($facts['os']['release']['major'] in ['7', '8'] or $facts['os']['name'] == 'Fedora') { if $name == 'port' { # We need to force postgresql to stop before updating the port # because puppet becomes confused and is unable to manage the diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 2da021a27c..3385704872 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -149,7 +149,7 @@ # The package will take care of this for us the first time, but if we # ever need to init a new db we need to copy these files explicitly if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { - if $facts['os']['release']['full'] =~ /^6/ or $facts['os']['release']['full'] =~ /^7/ or $facts['os']['release']['full'] =~ /^10\.04/ or $facts['os']['release']['full'] =~ /^12\.04/ { + if $facts['os']['release']['major'] in ['6', '7', '10.04', '12.04'] { file { 'server.crt': ensure => file, path => "${datadir}/server.crt", diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 0d810bda9d..5d007b7cc8 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index 5d841133e5..3b2a37b214 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -44,7 +44,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '7.1' }, + release: { 'full' => '7.1', 'major' => '7' }, }, osfamily: 'RedHat', } diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 0efe0f69a4..b29796358d 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end @@ -37,7 +37,7 @@ os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.3' }, + release: { 'full' => '6.3', 'major' => '6' }, }, } end @@ -51,7 +51,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.3' }, + release: { 'full' => '6.3', 'major' => '6' }, }, } end diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 6b8f5fad28..da908cd399 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -7,7 +7,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end @@ -27,7 +27,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { 'full' => '6.4', 'major' => '6' }, }, } end diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/unit/classes/lib/perl_spec.rb index 2e7e1bfc06..b94877f6d2 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/unit/classes/lib/perl_spec.rb @@ -7,7 +7,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { 'full' => '6.4', 'major' => '6' }, }, } end @@ -26,7 +26,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/unit/classes/lib/pgdocs_spec.rb index 29153b5458..fa4f98402c 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/unit/classes/lib/pgdocs_spec.rb @@ -7,7 +7,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { 'full' => '6.4', 'major' => '6' }, }, } end diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index f2e781cc15..8018e576b1 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -7,7 +7,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { 'full' => '6.4', 'major' => '6' }, }, } end @@ -26,7 +26,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end diff --git a/spec/unit/classes/params_spec.rb b/spec/unit/classes/params_spec.rb index 8636ae73a0..8a6381c9da 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/unit/classes/params_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index c177a02a8b..feb2cd3993 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -10,7 +10,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 156246225b..761ee6b089 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -11,7 +11,7 @@ os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -51,7 +51,7 @@ class {'postgresql::server': os: { family: 'RedHat', name: 'Amazon', - release: { 'full' => '1.0' }, + release: { 'full' => '1.0', 'major' => '1' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -83,7 +83,7 @@ class {'postgresql::server': os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -114,7 +114,7 @@ class { 'postgresql::server': } os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -144,7 +144,7 @@ class { 'postgresql::server': } os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index ca3a8299ff..95e904e3f9 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index b1619ed47a..a105b53e88 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -6,7 +6,7 @@ os: { family: 'RedHat', name: 'CentOS', - release: { 'full' => '6.8' }, + release: { 'full' => '6.8', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index e3449b7843..80ff73d8e0 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -10,7 +10,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 9c6154b4f3..c4d6bd3acb 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -43,7 +43,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '6.4' }, + release: { 'full' => '6.4', 'major' => '6' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', @@ -115,7 +115,7 @@ os: { family: 'RedHat', name: 'RedHat', - release: { 'full' => '7.0' }, + release: { 'full' => '7.0', 'major' => '7' }, selinux: { 'enabled' => true }, }, kernel: 'Linux', diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index f2c4c3452f..6c0e22c093 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 1b1eee6d72..1bb0eec56f 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 0db5ff62f1..f4045d1bd0 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 8d566288d7..9dfe0b5ec2 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -13,7 +13,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', @@ -130,7 +130,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, }, kernel: 'Linux', id: 'root', @@ -164,7 +164,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '6.0' }, + release: { 'full' => '6.0', 'major' => '6' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 2ddd9a16b2..6cf797cbbd 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -10,7 +10,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 7130903836..e4d57a72a1 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 63a3167b58..3b3d5eb920 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index 57f687205e..c350e3a50b 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 5c933944ac..6a519baa37 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index 48af4c1a9b..642b12d047 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 54f81b64fe..e272cd6c3c 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index 76d1fcdad0..a8cf54fa82 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index 2188509899..d23c696cbd 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 6a99e6f8ff..b6e548f00c 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, kernel: 'Linux', id: 'root', diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index 4a4ec15a41..671900ff97 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -6,7 +6,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '8.0' }, + release: { 'full' => '8.0', 'major' => '8' }, }, } end From 0e7dca87e93e7cef35c6145773f0b6b5f83df482 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 10 Jan 2021 16:34:49 +0100 Subject: [PATCH 0578/1000] Remove redundant selector for Archlinux Both branches of the selector have the same version so it's redundant. --- manifests/globals.pp | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index e774752ade..ffccc22466 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -204,10 +204,7 @@ }, default => undef, }, - 'Archlinux' => $facts['os']['name'] ? { - /Archlinux/ => '9.2', - default => '9.2', - }, + 'Archlinux' => '9.2', 'Gentoo' => '9.5', 'FreeBSD' => '93', 'OpenBSD' => $facts['os']['release']['full'] ? { From 1daaa90fd3bf43b9a05bd877f03273a90d547e1a Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 16 Dec 2020 14:13:08 +0000 Subject: [PATCH 0579/1000] Update to pdk-templates and puppet-module-gems 1.0.0 --- .rubocop.yml | 118 +++++++++++++++++++---------------------------- .sync.yml | 5 -- .travis.yml | 20 ++++++++ Gemfile | 2 +- Rakefile | 1 - data/common.yaml | 1 + hiera.yaml | 21 +++++++++ 7 files changed, 91 insertions(+), 77 deletions(-) create mode 100644 data/common.yaml create mode 100644 hiera.yaml diff --git a/.rubocop.yml b/.rubocop.yml index 33efb87f7d..17e798bd27 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -83,66 +83,26 @@ Performance/BigDecimalWithNumericArgument: Enabled: true Performance/BlockGivenWithExplicitBlock: Enabled: true -Performance/Caller: - Enabled: true Performance/CaseWhenSplat: Enabled: true -Performance/Casecmp: - Enabled: true -Performance/CollectionLiteralInLoop: - Enabled: true -Performance/CompareWithBlock: - Enabled: true Performance/ConstantRegexp: Enabled: true -Performance/Count: - Enabled: true -Performance/Detect: - Enabled: true -Performance/DoubleStartEndWith: - Enabled: true -Performance/EndWith: - Enabled: true -Performance/FixedSize: - Enabled: true -Performance/FlatMap: - Enabled: true Performance/MethodObjectAsBlock: Enabled: true -Performance/RangeInclude: - Enabled: true -Performance/RedundantBlockCall: - Enabled: true -Performance/RedundantMatch: - Enabled: true -Performance/RedundantMerge: - Enabled: true Performance/RedundantSortBlock: Enabled: true Performance/RedundantStringChars: Enabled: true -Performance/RegexpMatch: - Enabled: true -Performance/ReverseEach: - Enabled: true Performance/ReverseFirst: Enabled: true -Performance/Size: - Enabled: true Performance/SortReverse: Enabled: true Performance/Squeeze: Enabled: true -Performance/StartWith: - Enabled: true Performance/StringInclude: Enabled: true -Performance/StringReplacement: - Enabled: true Performance/Sum: Enabled: true -Performance/TimesMap: - Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: @@ -199,20 +159,12 @@ Lint/DeprecatedOpenSSLConstant: Enabled: false Lint/DisjunctiveAssignmentInConstructor: Enabled: false -Lint/DuplicateBranch: - Enabled: false Lint/DuplicateElsifCondition: Enabled: false -Lint/DuplicateRegexpCharacterClassElement: - Enabled: false Lint/DuplicateRequire: Enabled: false Lint/DuplicateRescueException: Enabled: false -Lint/EmptyBlock: - Enabled: false -Lint/EmptyClass: - Enabled: false Lint/EmptyConditionalBody: Enabled: false Lint/EmptyFile: @@ -233,8 +185,6 @@ Lint/MixedRegexpCaptureTypes: Enabled: false Lint/NestedPercentLiteral: Enabled: false -Lint/NoReturnInBeginEndBlocks: - Enabled: false Lint/NonDeterministicRequireOrder: Enabled: false Lint/OrderedMagicComments: @@ -269,18 +219,12 @@ Lint/ShadowedArgument: Enabled: false Lint/StructNewOverride: Enabled: false -Lint/ToEnumArguments: - Enabled: false Lint/ToJSON: Enabled: false Lint/TopLevelReturnWithArgument: Enabled: false Lint/TrailingCommaInAttributeDeclaration: Enabled: false -Lint/UnexpectedBlockArity: - Enabled: false -Lint/UnmodifiedReduceAccumulator: - Enabled: false Lint/UnreachableLoop: Enabled: false Lint/UriEscapeUnescape: @@ -295,6 +239,8 @@ Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false +Metrics/BlockNesting: + Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: @@ -309,6 +255,8 @@ Metrics/PerceivedComplexity: Enabled: false Migration/DepartmentName: Enabled: false +Naming/AccessorMethodName: + Enabled: false Naming/BlockParameterName: Enabled: false Naming/HeredocDelimiterCase: @@ -321,6 +269,18 @@ Naming/MethodParameterName: Enabled: false Naming/RescuedExceptionsVariableName: Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false RSpec/Be: Enabled: false RSpec/Capybara/CurrentPathExpectation: @@ -409,8 +369,6 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false -Style/ArgumentsForwarding: - Enabled: false Style/AsciiComments: Enabled: false Style/BisectedAttrAccessor: @@ -419,8 +377,6 @@ Style/CaseLikeIf: Enabled: false Style/ClassEqualityComparison: Enabled: false -Style/CollectionCompact: - Enabled: false Style/ColonMethodDefinition: Enabled: false Style/CombinableLoops: @@ -429,8 +385,6 @@ Style/CommentedKeyword: Enabled: false Style/Dir: Enabled: false -Style/DocumentDynamicEvalDefinition: - Enabled: false Style/DoubleCopDisableDirective: Enabled: false Style/EmptyBlockParameter: @@ -469,12 +423,8 @@ Style/MixinUsage: Enabled: false Style/MultilineWhenThen: Enabled: false -Style/NegatedIfElseCondition: - Enabled: false Style/NegatedUnless: Enabled: false -Style/NilLambda: - Enabled: false Style/NumericPredicate: Enabled: false Style/OptionalBooleanParameter: @@ -483,8 +433,6 @@ Style/OrAssignment: Enabled: false Style/RandomWithOffset: Enabled: false -Style/RedundantArgument: - Enabled: false Style/RedundantAssignment: Enabled: false Style/RedundantCondition: @@ -517,8 +465,6 @@ Style/StringConcatenation: Enabled: false Style/Strip: Enabled: false -Style/SwapValues: - Enabled: false Style/SymbolProc: Enabled: false Style/TrailingBodyOnClass: @@ -533,3 +479,35 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NilLambda: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/.sync.yml b/.sync.yml index 6577c062d1..d8d2bdff5e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -43,12 +43,7 @@ Gemfile: optional: ":development": - gem: github_changelog_generator - git: https://github.com/skywinder/github-changelog-generator - ref: 20ee04ba1234e9e83eb2ffb5056e23d641c7a018 - condition: Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') Rakefile: - extras: - "FastGettext.default_text_domain = 'default-text-domain'" changelog_user: puppetlabs spec/spec_helper.rb: mock_with: ":rspec" diff --git a/.travis.yml b/.travis.yml index af7c43f202..35cff761e8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -67,6 +67,16 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance + - bundler_args: --with system_tests + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet5]'" + - "bundle exec rake litmus:install_module" + env: PLATFORMS=travis_el8_puppet5 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" @@ -87,6 +97,16 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance + - bundler_args: --with system_tests + before_script: + - "bundle exec rake 'litmus:provision_list[travis_el8]'" + - "bundle exec rake 'litmus:install_agent[puppet6]'" + - "bundle exec rake litmus:install_module" + env: PLATFORMS=travis_el8_puppet6 + rvm: 2.5.7 + script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] + services: docker + stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static diff --git a/Gemfile b/Gemfile index 99ff40bf08..ae2b430dc2 100644 --- a/Gemfile +++ b/Gemfile @@ -24,7 +24,7 @@ group :development do gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') + gem "github_changelog_generator", require: false end group :system_tests do gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] diff --git a/Rakefile b/Rakefile index c4f6f86fad..c7fbda0b91 100644 --- a/Rakefile +++ b/Rakefile @@ -85,4 +85,3 @@ EOM end end -FastGettext.default_text_domain = 'default-text-domain' diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 0000000000..2fbf0ffd71 --- /dev/null +++ b/data/common.yaml @@ -0,0 +1 @@ +--- {} diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 0000000000..545fff3272 --- /dev/null +++ b/hiera.yaml @@ -0,0 +1,21 @@ +--- +version: 5 + +defaults: # Used for any hierarchy level that omits these keys. + datadir: data # This path is relative to hiera.yaml's directory. + data_hash: yaml_data # Use the built-in YAML backend. + +hierarchy: + - name: "osfamily/major release" + paths: + # Used to distinguish between Debian and Ubuntu + - "os/%{facts.os.name}/%{facts.os.release.major}.yaml" + - "os/%{facts.os.family}/%{facts.os.release.major}.yaml" + # Used for Solaris + - "os/%{facts.os.family}/%{facts.kernelrelease}.yaml" + - name: "osfamily" + paths: + - "os/%{facts.os.name}.yaml" + - "os/%{facts.os.family}.yaml" + - name: 'common' + path: 'common.yaml' From 27c3fd7ffaaa80cdf87f7dca95752d25250c438d Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 16 Dec 2020 14:13:20 +0000 Subject: [PATCH 0580/1000] Add the FrozenStrings magic comment --- .../postgresql/postgresql_acls_to_resources_hash.rb | 2 ++ lib/puppet/functions/postgresql/postgresql_escape.rb | 2 ++ lib/puppet/functions/postgresql/postgresql_password.rb | 2 ++ lib/puppet/functions/postgresql_escape.rb | 2 ++ lib/puppet/functions/postgresql_password.rb | 2 ++ lib/puppet/provider/postgresql_conf/parsed.rb | 2 ++ lib/puppet/provider/postgresql_conn_validator/ruby.rb | 2 ++ lib/puppet/provider/postgresql_psql/ruby.rb | 4 +++- lib/puppet/provider/postgresql_replication_slot/ruby.rb | 2 ++ lib/puppet/type/postgresql_conf.rb | 2 ++ lib/puppet/type/postgresql_conn_validator.rb | 2 ++ lib/puppet/type/postgresql_psql.rb | 2 ++ lib/puppet/type/postgresql_replication_slot.rb | 2 ++ lib/puppet/util/postgresql_validator.rb | 2 ++ spec/acceptance/alternative_port_spec.rb | 2 ++ spec/acceptance/db_spec.rb | 4 +++- spec/acceptance/default_parameters_spec.rb | 2 ++ spec/acceptance/overridden_settings_spec.rb | 2 ++ spec/acceptance/postgresql_conn_validator_spec.rb | 2 ++ spec/acceptance/postgresql_psql_spec.rb | 2 ++ spec/acceptance/server/config_entry_spec.rb | 2 ++ spec/acceptance/server/grant_role_spec.rb | 2 ++ spec/acceptance/server/grant_spec.rb | 2 ++ spec/acceptance/server/reassign_owned_by_spec.rb | 2 ++ spec/acceptance/server/recovery_spec.rb | 2 ++ spec/acceptance/server/schema_spec.rb | 2 ++ spec/acceptance/sql_task_spec.rb | 2 ++ spec/acceptance/utf8_encoding_spec.rb | 2 ++ spec/acceptance/z_alternative_pgdata_spec.rb | 2 ++ spec/functions/postgresql_escape_spec.rb | 2 ++ spec/functions/postgresql_password_spec.rb | 2 ++ .../postgresql_postgresql_acls_to_resources_hash_spec.rb | 2 ++ spec/functions/postgresql_postgresql_escape_spec.rb | 2 ++ spec/functions/postgresql_postgresql_password_spec.rb | 2 ++ spec/spec_helper_local.rb | 2 ++ spec/unit/classes/client_spec.rb | 2 ++ spec/unit/classes/globals_spec.rb | 2 ++ spec/unit/classes/lib/devel_spec.rb | 2 ++ spec/unit/classes/lib/java_spec.rb | 2 ++ spec/unit/classes/lib/perl_spec.rb | 2 ++ spec/unit/classes/lib/pgdocs_spec.rb | 2 ++ spec/unit/classes/lib/python_spec.rb | 2 ++ spec/unit/classes/params_spec.rb | 2 ++ spec/unit/classes/repo_spec.rb | 2 ++ spec/unit/classes/server/config_spec.rb | 2 ++ spec/unit/classes/server/contrib_spec.rb | 2 ++ spec/unit/classes/server/initdb_spec.rb | 2 ++ spec/unit/classes/server/plperl_spec.rb | 2 ++ spec/unit/classes/server/plpython_spec.rb | 2 ++ spec/unit/classes/server/postgis_spec.rb | 2 ++ spec/unit/classes/server_spec.rb | 2 ++ spec/unit/defines/server/config_entry_spec.rb | 2 ++ spec/unit/defines/server/database_grant_spec.rb | 2 ++ spec/unit/defines/server/database_spec.rb | 2 ++ spec/unit/defines/server/db_spec.rb | 2 ++ spec/unit/defines/server/extension_spec.rb | 2 ++ spec/unit/defines/server/grant_role_spec.rb | 8 +++++--- spec/unit/defines/server/grant_spec.rb | 4 +++- spec/unit/defines/server/pg_hba_rule_spec.rb | 2 ++ spec/unit/defines/server/pg_ident_rule_spec.rb | 2 ++ spec/unit/defines/server/reassign_owned_by_spec.rb | 2 ++ spec/unit/defines/server/recovery_spec.rb | 4 +++- spec/unit/defines/server/role_spec.rb | 2 ++ spec/unit/defines/server/schema_spec.rb | 2 ++ spec/unit/defines/server/table_grant_spec.rb | 2 ++ spec/unit/defines/server/tablespace_spec.rb | 2 ++ spec/unit/defines/validate_db_connection_spec.rb | 2 ++ spec/unit/provider/postgresql_conf/parsed_spec.rb | 2 ++ .../provider/postgresql_conn_validator/ruby_spec.rb | 2 ++ spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb | 2 ++ .../provider/postgresql_replication_slot/ruby_spec.rb | 2 ++ spec/unit/puppet/type/postgresql_conn_validator.rb | 2 ++ spec/unit/puppet/type/postgresql_psql_spec.rb | 2 ++ spec/unit/puppet/type/postgresql_replication_slot_spec.rb | 2 ++ spec/unit/type/postgresql_conf_spec.rb | 2 ++ tasks/sql.rb | 2 ++ 76 files changed, 159 insertions(+), 7 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 520ec50842..0a208af6f4 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. # @api private Puppet::Functions.create_function(:'postgresql::postgresql_acls_to_resources_hash') do diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb index a773b9acc2..3ffd0b5842 100644 --- a/lib/puppet/functions/postgresql/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'digest/md5' # @summary This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 43b8bf8969..30b1bfcf80 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary This function returns the postgresql password hash from the clear text username / password Puppet::Functions.create_function(:'postgresql::postgresql_password') do # @param username diff --git a/lib/puppet/functions/postgresql_escape.rb b/lib/puppet/functions/postgresql_escape.rb index 1e366d2d06..56288f2636 100644 --- a/lib/puppet/functions/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql_escape.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. Puppet::Functions.create_function(:postgresql_escape) do dispatch :deprecation_gen do diff --git a/lib/puppet/functions/postgresql_password.rb b/lib/puppet/functions/postgresql_password.rb index e098ebe8d5..e6799f1856 100644 --- a/lib/puppet/functions/postgresql_password.rb +++ b/lib/puppet/functions/postgresql_password.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. Puppet::Functions.create_function(:postgresql_password) do dispatch :deprecation_gen do diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index 34709dfa42..99bdefeb96 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'puppet/provider/parsedfile' Puppet::Type.type(:postgresql_conf).provide( diff --git a/lib/puppet/provider/postgresql_conn_validator/ruby.rb b/lib/puppet/provider/postgresql_conn_validator/ruby.rb index 6e26e529d5..79b8cff1ff 100644 --- a/lib/puppet/provider/postgresql_conn_validator/ruby.rb +++ b/lib/puppet/provider/postgresql_conn_validator/ruby.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', '..', '..')) require 'puppet/util/postgresql_validator' diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index dfad4cdf64..878bd49cf9 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.type(:postgresql_psql).provide(:ruby) do desc 'Postgres psql provider' def run_unless_sql_command(sql) @@ -29,7 +31,7 @@ def run_sql_command(sql) private - def get_environment # rubocop:disable Style/AccessorMethodName : Refactor does not work correctly + def get_environment # rubocop:disable Naming/AccessorMethodName : Refactor does not work correctly environment = (resource[:connect_settings] || {}).dup envlist = resource[:environment] return environment unless envlist diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index e8b0e4cba2..7b5a24cd8d 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.type(:postgresql_replication_slot).provide(:ruby) do desc 'For confinement' commands psql: 'psql' diff --git a/lib/puppet/type/postgresql_conf.rb b/lib/puppet/type/postgresql_conf.rb index bef52c2161..b27862236b 100644 --- a/lib/puppet/type/postgresql_conf.rb +++ b/lib/puppet/type/postgresql_conf.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:postgresql_conf) do @doc = 'This type allows puppet to manage postgresql.conf parameters.' diff --git a/lib/puppet/type/postgresql_conn_validator.rb b/lib/puppet/type/postgresql_conn_validator.rb index e617e351c3..8c8cd49e9e 100644 --- a/lib/puppet/type/postgresql_conn_validator.rb +++ b/lib/puppet/type/postgresql_conn_validator.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:postgresql_conn_validator) do @doc = <<-EOS @summary Verify if a connection can be successfully established diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index f131ee4c7f..43e2fe8782 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:postgresql_psql) do newparam(:name) do desc 'An arbitrary tag for your own reference; the name of the message.' diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index f0bb991d89..f54157d3a9 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:postgresql_replication_slot) do @doc = <<-EOS @summary Manages Postgresql replication slots. diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index a238671041..85e3950d66 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + module Puppet::Util # postgresql_validator.rb class PostgresqlValidator diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 4486d1fb0c..1441a010df 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' # These tests ensure that postgres can change itself to an alternative port diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index c17931d31f..1980816f5b 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::db' do @@ -37,7 +39,7 @@ class { 'postgresql::server': else 'obj_description' end - result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Metrics/LineLength + result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Layout/LineLength expect(result.stdout).to match(%r{\(1 row\)}) ensure psql('--command=\'drop database "postgresql-test-db"\'') diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index ea4ccc8ba8..c69a3c6dd2 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' # These tests are designed to ensure that the module, when ran with defaults, diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 246180b1b2..1127a6c2c5 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' # These tests are designed to ensure that the module, when ran overrides, diff --git a/spec/acceptance/postgresql_conn_validator_spec.rb b/spec/acceptance/postgresql_conn_validator_spec.rb index 94101c0911..81eab7a8da 100644 --- a/spec/acceptance/postgresql_conn_validator_spec.rb +++ b/spec/acceptance/postgresql_conn_validator_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql_conn_validator' do diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index fe13cdb2a3..686d91653c 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql_psql' do diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index bcbfe01325..20c14ef627 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::config_entry' do diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 69d1f0bf68..c9935f0c16 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::grant_role:' do diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index bc0a26e8fc..6ac18f97d8 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::grant:' do diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index c006f5714c..80a4807f21 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::reassign_owned_by:' do diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 0a39162263..5c789b7db0 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::recovery', skip: 'IAC-1286' do diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index da813602b5..368337ac72 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server::schema:' do diff --git a/spec/acceptance/sql_task_spec.rb b/spec/acceptance/sql_task_spec.rb index 8cee7e0a3f..571ec35768 100644 --- a/spec/acceptance/sql_task_spec.rb +++ b/spec/acceptance/sql_task_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # run a test task require 'spec_helper_acceptance' diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index 1743a38ad9..886d1e9fcf 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'postgresql::server', skip: 'IAC-1286' do diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index b2f7938012..c3b581f02f 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' # These tests ensure that postgres can change itself to an alternative pgdata diff --git a/spec/functions/postgresql_escape_spec.rb b/spec/functions/postgresql_escape_spec.rb index a00f05eecd..2c140d96ea 100644 --- a/spec/functions/postgresql_escape_spec.rb +++ b/spec/functions/postgresql_escape_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql_escape' do diff --git a/spec/functions/postgresql_password_spec.rb b/spec/functions/postgresql_password_spec.rb index 7133c004d3..0cd765d6b8 100644 --- a/spec/functions/postgresql_password_spec.rb +++ b/spec/functions/postgresql_password_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql_password' do diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 21a1ee1842..726bbdbbbd 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::postgresql_acls_to_resources_hash' do diff --git a/spec/functions/postgresql_postgresql_escape_spec.rb b/spec/functions/postgresql_postgresql_escape_spec.rb index 329ae8521a..5c458f7d40 100644 --- a/spec/functions/postgresql_postgresql_escape_spec.rb +++ b/spec/functions/postgresql_postgresql_escape_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::postgresql_escape' do diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb index ac24fe43ed..d70feaf15b 100644 --- a/spec/functions/postgresql_postgresql_password_spec.rb +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::postgresql_password' do diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index a5ed86af90..d7b12539d6 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + RSpec.configure do |c| c.mock_with :rspec diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 0d810bda9d..34b4aee5ed 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::client', type: :class do diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index 5d841133e5..a6d11289ec 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::globals', type: :class do diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/unit/classes/lib/devel_spec.rb index 0efe0f69a4..03e23625a2 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/unit/classes/lib/devel_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::lib::devel', type: :class do diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/unit/classes/lib/java_spec.rb index 6b8f5fad28..6e6aef3044 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/unit/classes/lib/java_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::lib::java', type: :class do diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/unit/classes/lib/perl_spec.rb index 2e7e1bfc06..05ea03cebc 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/unit/classes/lib/perl_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::lib::perl', type: :class do diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/unit/classes/lib/pgdocs_spec.rb index 29153b5458..ba15fe4b3b 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/unit/classes/lib/pgdocs_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::lib::docs', type: :class do diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index f2e781cc15..08445832f5 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::lib::python', type: :class do diff --git a/spec/unit/classes/params_spec.rb b/spec/unit/classes/params_spec.rb index 8636ae73a0..a763af50ae 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/unit/classes/params_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::params', type: :class do diff --git a/spec/unit/classes/repo_spec.rb b/spec/unit/classes/repo_spec.rb index f9e0421892..28e8419602 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/unit/classes/repo_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::repo', type: :class do diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index eb741d8dcb..1e413b08d2 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::config', type: :class do diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index c177a02a8b..93a0266e9c 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::contrib', type: :class do diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 156246225b..165e4331af 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::initdb', type: :class do diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/unit/classes/server/plperl_spec.rb index ca3a8299ff..a828d0dd9d 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/unit/classes/server/plperl_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::plperl', type: :class do diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index b1619ed47a..953a6614e4 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::plpython', type: :class do diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/unit/classes/server/postgis_spec.rb index e3449b7843..0dd746e7f1 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/unit/classes/server/postgis_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::postgis', type: :class do diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 1151946d29..29240ed300 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server', type: :class do diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 9c6154b4f3..cb227e635b 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::config_entry', type: :define do diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/unit/defines/server/database_grant_spec.rb index f2c4c3452f..bc8d5a2beb 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/unit/defines/server/database_grant_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::database_grant', type: :define do diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index 1b1eee6d72..6507b627f3 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::database', type: :define do diff --git a/spec/unit/defines/server/db_spec.rb b/spec/unit/defines/server/db_spec.rb index 0db5ff62f1..74c46292f6 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/unit/defines/server/db_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::db', type: :define do diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 8d566288d7..c0e996d108 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::extension', type: :define do # rubocop:disable RSpec/MultipleDescribes diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/unit/defines/server/grant_role_spec.rb index 2ddd9a16b2..c00b2ad626 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/unit/defines/server/grant_role_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::grant_role', type: :define do @@ -31,7 +33,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}") .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true") # rubocop:disable Metrics/LineLength + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true") # rubocop:disable Layout/LineLength .that_requires('Class[postgresql::server]') } end @@ -46,7 +48,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}") .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", - unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", # rubocop:disable Metrics/LineLength + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", # rubocop:disable Layout/LineLength db: params[:psql_db], psql_user: params[:psql_user], port: params[:port]).that_requires('Class[postgresql::server]') } @@ -60,7 +62,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}") .with(command: "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", - unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true") # rubocop:disable Metrics/LineLength + unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true") # rubocop:disable Layout/LineLength .that_requires('Class[postgresql::server]') } end diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 7130903836..f010fc3dca 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::grant', type: :define do @@ -100,7 +102,7 @@ it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m) - .with_unless(%r{SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)}m) # rubocop:disable Metrics/LineLength + .with_unless(%r{SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)}m) # rubocop:disable Layout/LineLength end end diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/unit/defines/server/pg_hba_rule_spec.rb index 63a3167b58..914473f03d 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/unit/defines/server/pg_hba_rule_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::pg_hba_rule', type: :define do diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/unit/defines/server/pg_ident_rule_spec.rb index 57f687205e..09fdd17c90 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/unit/defines/server/pg_ident_rule_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::pg_ident_rule', type: :define do diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 5c933944ac..cfb4765e1b 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::reassign_owned_by', type: :define do diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/unit/defines/server/recovery_spec.rb index 48af4c1a9b..9cae22854f 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/unit/defines/server/recovery_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::recovery', type: :define do @@ -110,7 +112,7 @@ class { 'postgresql::server': } it do is_expected.to contain_concat__fragment('recovery.conf') - .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Metrics/LineLength + .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Layout/LineLength end end end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 54f81b64fe..47a96c2ab9 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::role', type: :define do diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/unit/defines/server/schema_spec.rb index 76d1fcdad0..03b11a4e2e 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/unit/defines/server/schema_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::schema', type: :define do diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/unit/defines/server/table_grant_spec.rb index 2188509899..c1de50c996 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/unit/defines/server/table_grant_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::table_grant', type: :define do diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 6a99e6f8ff..7ab6ed19c8 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::server::tablespace', type: :define do diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/unit/defines/validate_db_connection_spec.rb index 4a4ec15a41..b0eaac77d5 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/unit/defines/validate_db_connection_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'postgresql::validate_db_connection', type: :define do diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index 511f6c88f1..b931ef2f71 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' require 'tempfile' diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 88cab60f66..7c21483550 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_conn_validator).provider(:ruby) do diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index 725f755f05..6a04d930c6 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_psql).provider(:ruby) do diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index d311926d62..828b63e933 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' type = Puppet::Type.type(:postgresql_replication_slot) diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 31a90acf0b..2315e9568d 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -1,4 +1,6 @@ #! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_conn_validator) do diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index fe7a8d2615..cc448bb711 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_psql) do # rubocop:disable RSpec/MultipleDescribes diff --git a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb index 37d85a631b..27423bcad5 100644 --- a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb +++ b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_replication_slot) do diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 5feab6ed85..6ded102200 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -1,4 +1,6 @@ #! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission +# frozen_string_literal: true + require 'spec_helper' describe Puppet::Type.type(:postgresql_conf) do diff --git a/tasks/sql.rb b/tasks/sql.rb index dc407c9d6a..d27c931d70 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -1,4 +1,6 @@ #!/opt/puppetlabs/puppet/bin/ruby +# frozen_string_literal: true + require 'json' require 'open3' require 'puppet' From 72d2496b96da3619373f8b9953341195d7400796 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Thu, 17 Dec 2020 17:40:24 +0000 Subject: [PATCH 0581/1000] Apply remaining rubocop fixes --- lib/puppet/functions/postgresql/postgresql_escape.rb | 2 +- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- lib/puppet/provider/postgresql_replication_slot/ruby.rb | 2 +- lib/puppet/util/postgresql_validator.rb | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_escape.rb b/lib/puppet/functions/postgresql/postgresql_escape.rb index 3ffd0b5842..10c19e11af 100644 --- a/lib/puppet/functions/postgresql/postgresql_escape.rb +++ b/lib/puppet/functions/postgresql/postgresql_escape.rb @@ -25,6 +25,6 @@ def default_impl(input_string) end def tag_needed?(input_string) - input_string =~ %r{\$\$} || input_string.end_with?('$') # rubocop:disable Performance/StringInclude + input_string.include?('$$') || input_string.end_with?('$') end end diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 878bd49cf9..2ab73a16b6 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -31,7 +31,7 @@ def run_sql_command(sql) private - def get_environment # rubocop:disable Naming/AccessorMethodName : Refactor does not work correctly + def get_environment environment = (resource[:connect_settings] || {}).dup envlist = resource[:environment] return environment unless envlist diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index 7b5a24cd8d..932ce48d0e 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -5,7 +5,7 @@ commands psql: 'psql' def self.instances - run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ %r{\|} }.map do |l| # rubocop:disable Performance/StringInclude + run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l.include('|') }.map do |l| name, *_others = l.strip.split(%r{\s+\|\s+}) new(name: name, ensure: :present) diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index 85e3950d66..5e641769ab 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -43,7 +43,7 @@ def attempt_connection(sleep_length, tries) Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" result = execute_command if result && !result.empty? - Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.match %r{PGDATABASE} }} successful!" # rubocop:disable Performance/StringInclude + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.include?('PGDATABASE') }} successful!" return true else Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" From 0b9b5934086b12bb987988c26128fe90819b2944 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 4 Jan 2021 14:57:08 +0000 Subject: [PATCH 0582/1000] Remove Style/FrozenStringLiteralComment todo; update to latest templates again --- .rubocop.yml | 119 +++++++++++++++++++++++++++------------------- .rubocop_todo.yml | 4 -- .sync.yml | 5 -- metadata.json | 2 +- 4 files changed, 71 insertions(+), 59 deletions(-) delete mode 100644 .rubocop_todo.yml diff --git a/.rubocop.yml b/.rubocop.yml index 17e798bd27..33c33fa52a 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -68,7 +68,6 @@ Style/TrailingCommaInArrayLiteral: Style/SymbolArray: Description: Using percent style obscures symbolic intent of array's contents. EnforcedStyle: brackets -inherit_from: ".rubocop_todo.yml" RSpec/MessageSpies: EnforcedStyle: receive Style/Documentation: @@ -83,26 +82,66 @@ Performance/BigDecimalWithNumericArgument: Enabled: true Performance/BlockGivenWithExplicitBlock: Enabled: true +Performance/Caller: + Enabled: true Performance/CaseWhenSplat: Enabled: true +Performance/Casecmp: + Enabled: true +Performance/CollectionLiteralInLoop: + Enabled: true +Performance/CompareWithBlock: + Enabled: true Performance/ConstantRegexp: Enabled: true +Performance/Count: + Enabled: true +Performance/Detect: + Enabled: true +Performance/DoubleStartEndWith: + Enabled: true +Performance/EndWith: + Enabled: true +Performance/FixedSize: + Enabled: true +Performance/FlatMap: + Enabled: true Performance/MethodObjectAsBlock: Enabled: true +Performance/RangeInclude: + Enabled: true +Performance/RedundantBlockCall: + Enabled: true +Performance/RedundantMatch: + Enabled: true +Performance/RedundantMerge: + Enabled: true Performance/RedundantSortBlock: Enabled: true Performance/RedundantStringChars: Enabled: true +Performance/RegexpMatch: + Enabled: true +Performance/ReverseEach: + Enabled: true Performance/ReverseFirst: Enabled: true +Performance/Size: + Enabled: true Performance/SortReverse: Enabled: true Performance/Squeeze: Enabled: true +Performance/StartWith: + Enabled: true Performance/StringInclude: Enabled: true +Performance/StringReplacement: + Enabled: true Performance/Sum: Enabled: true +Performance/TimesMap: + Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: @@ -159,12 +198,20 @@ Lint/DeprecatedOpenSSLConstant: Enabled: false Lint/DisjunctiveAssignmentInConstructor: Enabled: false +Lint/DuplicateBranch: + Enabled: false Lint/DuplicateElsifCondition: Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false Lint/DuplicateRequire: Enabled: false Lint/DuplicateRescueException: Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false Lint/EmptyConditionalBody: Enabled: false Lint/EmptyFile: @@ -185,6 +232,8 @@ Lint/MixedRegexpCaptureTypes: Enabled: false Lint/NestedPercentLiteral: Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false Lint/NonDeterministicRequireOrder: Enabled: false Lint/OrderedMagicComments: @@ -219,12 +268,18 @@ Lint/ShadowedArgument: Enabled: false Lint/StructNewOverride: Enabled: false +Lint/ToEnumArguments: + Enabled: false Lint/ToJSON: Enabled: false Lint/TopLevelReturnWithArgument: Enabled: false Lint/TrailingCommaInAttributeDeclaration: Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false Lint/UnreachableLoop: Enabled: false Lint/UriEscapeUnescape: @@ -239,8 +294,6 @@ Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false -Metrics/BlockNesting: - Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: @@ -255,8 +308,6 @@ Metrics/PerceivedComplexity: Enabled: false Migration/DepartmentName: Enabled: false -Naming/AccessorMethodName: - Enabled: false Naming/BlockParameterName: Enabled: false Naming/HeredocDelimiterCase: @@ -269,18 +320,6 @@ Naming/MethodParameterName: Enabled: false Naming/RescuedExceptionsVariableName: Enabled: false -Performance/BindCall: - Enabled: false -Performance/DeletePrefix: - Enabled: false -Performance/DeleteSuffix: - Enabled: false -Performance/InefficientHashSearch: - Enabled: false -Performance/UnfreezeString: - Enabled: false -Performance/UriDefaultParser: - Enabled: false RSpec/Be: Enabled: false RSpec/Capybara/CurrentPathExpectation: @@ -369,6 +408,8 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false +Style/ArgumentsForwarding: + Enabled: false Style/AsciiComments: Enabled: false Style/BisectedAttrAccessor: @@ -377,6 +418,8 @@ Style/CaseLikeIf: Enabled: false Style/ClassEqualityComparison: Enabled: false +Style/CollectionCompact: + Enabled: false Style/ColonMethodDefinition: Enabled: false Style/CombinableLoops: @@ -385,6 +428,8 @@ Style/CommentedKeyword: Enabled: false Style/Dir: Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false Style/DoubleCopDisableDirective: Enabled: false Style/EmptyBlockParameter: @@ -423,8 +468,12 @@ Style/MixinUsage: Enabled: false Style/MultilineWhenThen: Enabled: false +Style/NegatedIfElseCondition: + Enabled: false Style/NegatedUnless: Enabled: false +Style/NilLambda: + Enabled: false Style/NumericPredicate: Enabled: false Style/OptionalBooleanParameter: @@ -433,6 +482,8 @@ Style/OrAssignment: Enabled: false Style/RandomWithOffset: Enabled: false +Style/RedundantArgument: + Enabled: false Style/RedundantAssignment: Enabled: false Style/RedundantCondition: @@ -465,6 +516,8 @@ Style/StringConcatenation: Enabled: false Style/Strip: Enabled: false +Style/SwapValues: + Enabled: false Style/SymbolProc: Enabled: false Style/TrailingBodyOnClass: @@ -479,35 +532,3 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false -Lint/DuplicateBranch: - Enabled: false -Lint/DuplicateRegexpCharacterClassElement: - Enabled: false -Lint/EmptyBlock: - Enabled: false -Lint/EmptyClass: - Enabled: false -Lint/NoReturnInBeginEndBlocks: - Enabled: false -Lint/ToEnumArguments: - Enabled: false -Lint/UnexpectedBlockArity: - Enabled: false -Lint/UnmodifiedReduceAccumulator: - Enabled: false -Performance/CollectionLiteralInLoop: - Enabled: false -Style/ArgumentsForwarding: - Enabled: false -Style/CollectionCompact: - Enabled: false -Style/DocumentDynamicEvalDefinition: - Enabled: false -Style/NegatedIfElseCondition: - Enabled: false -Style/NilLambda: - Enabled: false -Style/RedundantArgument: - Enabled: false -Style/SwapValues: - Enabled: false diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml deleted file mode 100644 index cea7cf84e4..0000000000 --- a/.rubocop_todo.yml +++ /dev/null @@ -1,4 +0,0 @@ -Style/FrozenStringLiteralComment: - Enabled: false - Exclude: - - lib/* diff --git a/.sync.yml b/.sync.yml index d8d2bdff5e..c84e0b752a 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,11 +1,6 @@ --- ".gitlab-ci.yml": delete: true -".rubocop.yml": - default_configs: - inherit_from: ".rubocop_todo.yml" - require: - - rubocop-rspec ".travis.yml": global_env: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" diff --git a/metadata.json b/metadata.json index 598993bfd7..61a627f4f9 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g28e5206" + "template-ref": "heads/main-0-g4543421" } From 229b42a61cd3047cc8fc8fd488f8605ab8d7c26e Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 4 Jan 2021 15:03:51 +0000 Subject: [PATCH 0583/1000] Fix typos and frozen string modification --- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- lib/puppet/provider/postgresql_replication_slot/ruby.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 2ab73a16b6..18a160b5c0 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -5,7 +5,7 @@ def run_unless_sql_command(sql) # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', # which makes it easier to parse and process the output. - run_sql_command('SELECT COUNT(*) FROM (' << sql << ') count') + run_sql_command('SELECT COUNT(*) FROM (' + sql + ') count') end def run_sql_command(sql) diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index 932ce48d0e..0c7adc74ce 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -5,7 +5,7 @@ commands psql: 'psql' def self.instances - run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l.include('|') }.map do |l| + run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l.include?('|') }.map do |l| name, *_others = l.strip.split(%r{\s+\|\s+}) new(name: name, ensure: :present) From ae52c221e2ebd25c6c719beb247d33daa0f1bb1c Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Mon, 4 Jan 2021 16:07:03 +0000 Subject: [PATCH 0584/1000] Fix Naming/AccessorMethodName issue --- lib/puppet/provider/postgresql_psql/ruby.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 18a160b5c0..3e982e8f12 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -18,7 +18,7 @@ def run_sql_command(sql) command.push('-p', resource[:port]) if resource[:port] command.push('-t', '-X', '-c', '"' + sql.gsub('"', '\"') + '"') - environment = get_environment + environment = fetch_environment if resource[:cwd] Dir.chdir resource[:cwd] do @@ -31,7 +31,7 @@ def run_sql_command(sql) private - def get_environment + def fetch_environment environment = (resource[:connect_settings] || {}).dup envlist = resource[:environment] return environment unless envlist From 7581d216f1c7d6f5c112b237adfce5f122e831e2 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Tue, 12 Jan 2021 14:49:06 +0000 Subject: [PATCH 0585/1000] Update to newest template version --- .github/workflows/nightly.yml | 6 +- .github/workflows/pr_test.yml | 6 +- .rubocop.yml | 120 ++++++++++++++-------------------- .travis.yml | 56 +++++++++------- Gemfile | 12 ++-- metadata.json | 2 +- 6 files changed, 95 insertions(+), 107 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 4021da7645..cbb36a1a3f 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -17,7 +17,7 @@ jobs: steps: - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} @@ -90,7 +90,7 @@ jobs: echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} @@ -207,7 +207,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Slack Workflow Notification - uses: Gamesight/slack-workflow-status@88ee95b73b4669825883ddf22747966204663e58 # pin@master + uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 with: # Required Input repo_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 2b5ab1f576..00215d47fc 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -15,7 +15,7 @@ jobs: steps: - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} @@ -57,7 +57,6 @@ jobs: - name: Setup Acceptance Test Matrix id: get-matrix - if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata @@ -73,6 +72,7 @@ jobs: Acceptance: needs: - setup_matrix + if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} runs-on: ubuntu-20.04 strategy: @@ -88,7 +88,7 @@ jobs: echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} diff --git a/.rubocop.yml b/.rubocop.yml index 33c33fa52a..8dcd675f4b 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -82,66 +82,26 @@ Performance/BigDecimalWithNumericArgument: Enabled: true Performance/BlockGivenWithExplicitBlock: Enabled: true -Performance/Caller: - Enabled: true Performance/CaseWhenSplat: Enabled: true -Performance/Casecmp: - Enabled: true -Performance/CollectionLiteralInLoop: - Enabled: true -Performance/CompareWithBlock: - Enabled: true Performance/ConstantRegexp: Enabled: true -Performance/Count: - Enabled: true -Performance/Detect: - Enabled: true -Performance/DoubleStartEndWith: - Enabled: true -Performance/EndWith: - Enabled: true -Performance/FixedSize: - Enabled: true -Performance/FlatMap: - Enabled: true Performance/MethodObjectAsBlock: Enabled: true -Performance/RangeInclude: - Enabled: true -Performance/RedundantBlockCall: - Enabled: true -Performance/RedundantMatch: - Enabled: true -Performance/RedundantMerge: - Enabled: true Performance/RedundantSortBlock: Enabled: true Performance/RedundantStringChars: Enabled: true -Performance/RegexpMatch: - Enabled: true -Performance/ReverseEach: - Enabled: true Performance/ReverseFirst: Enabled: true -Performance/Size: - Enabled: true Performance/SortReverse: Enabled: true Performance/Squeeze: Enabled: true -Performance/StartWith: - Enabled: true Performance/StringInclude: Enabled: true -Performance/StringReplacement: - Enabled: true Performance/Sum: Enabled: true -Performance/TimesMap: - Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: @@ -198,20 +158,12 @@ Lint/DeprecatedOpenSSLConstant: Enabled: false Lint/DisjunctiveAssignmentInConstructor: Enabled: false -Lint/DuplicateBranch: - Enabled: false Lint/DuplicateElsifCondition: Enabled: false -Lint/DuplicateRegexpCharacterClassElement: - Enabled: false Lint/DuplicateRequire: Enabled: false Lint/DuplicateRescueException: Enabled: false -Lint/EmptyBlock: - Enabled: false -Lint/EmptyClass: - Enabled: false Lint/EmptyConditionalBody: Enabled: false Lint/EmptyFile: @@ -232,8 +184,6 @@ Lint/MixedRegexpCaptureTypes: Enabled: false Lint/NestedPercentLiteral: Enabled: false -Lint/NoReturnInBeginEndBlocks: - Enabled: false Lint/NonDeterministicRequireOrder: Enabled: false Lint/OrderedMagicComments: @@ -268,18 +218,12 @@ Lint/ShadowedArgument: Enabled: false Lint/StructNewOverride: Enabled: false -Lint/ToEnumArguments: - Enabled: false Lint/ToJSON: Enabled: false Lint/TopLevelReturnWithArgument: Enabled: false Lint/TrailingCommaInAttributeDeclaration: Enabled: false -Lint/UnexpectedBlockArity: - Enabled: false -Lint/UnmodifiedReduceAccumulator: - Enabled: false Lint/UnreachableLoop: Enabled: false Lint/UriEscapeUnescape: @@ -294,6 +238,8 @@ Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false +Metrics/BlockNesting: + Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: @@ -308,6 +254,8 @@ Metrics/PerceivedComplexity: Enabled: false Migration/DepartmentName: Enabled: false +Naming/AccessorMethodName: + Enabled: false Naming/BlockParameterName: Enabled: false Naming/HeredocDelimiterCase: @@ -320,6 +268,20 @@ Naming/MethodParameterName: Enabled: false Naming/RescuedExceptionsVariableName: Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false RSpec/Be: Enabled: false RSpec/Capybara/CurrentPathExpectation: @@ -408,8 +370,6 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false -Style/ArgumentsForwarding: - Enabled: false Style/AsciiComments: Enabled: false Style/BisectedAttrAccessor: @@ -418,8 +378,6 @@ Style/CaseLikeIf: Enabled: false Style/ClassEqualityComparison: Enabled: false -Style/CollectionCompact: - Enabled: false Style/ColonMethodDefinition: Enabled: false Style/CombinableLoops: @@ -428,8 +386,6 @@ Style/CommentedKeyword: Enabled: false Style/Dir: Enabled: false -Style/DocumentDynamicEvalDefinition: - Enabled: false Style/DoubleCopDisableDirective: Enabled: false Style/EmptyBlockParameter: @@ -468,12 +424,8 @@ Style/MixinUsage: Enabled: false Style/MultilineWhenThen: Enabled: false -Style/NegatedIfElseCondition: - Enabled: false Style/NegatedUnless: Enabled: false -Style/NilLambda: - Enabled: false Style/NumericPredicate: Enabled: false Style/OptionalBooleanParameter: @@ -482,8 +434,6 @@ Style/OrAssignment: Enabled: false Style/RandomWithOffset: Enabled: false -Style/RedundantArgument: - Enabled: false Style/RedundantAssignment: Enabled: false Style/RedundantCondition: @@ -516,8 +466,6 @@ Style/StringConcatenation: Enabled: false Style/Strip: Enabled: false -Style/SwapValues: - Enabled: false Style/SymbolProc: Enabled: false Style/TrailingBodyOnClass: @@ -532,3 +480,35 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NilLambda: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/.travis.yml b/.travis.yml index 35cff761e8..a6157db9d5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,82 +27,90 @@ stages: jobs: fast_finish: true include: - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_ub_6_puppet6 + env: + PLATFORMS: travis_ub_6_puppet6 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_ub_5_puppet5 + env: + PLATFORMS: travis_ub_5_puppet5 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_deb_puppet5 + env: + PLATFORMS: travis_deb_puppet5 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el7_puppet5 + env: + PLATFORMS: travis_el7_puppet5 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_el8]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el8_puppet5 + env: + PLATFORMS: travis_el8_puppet5 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_deb_puppet6 + env: + PLATFORMS: travis_deb_puppet6 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el7_puppet6 + env: + PLATFORMS: travis_el7_puppet6 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - bundler_args: --with system_tests - before_script: + - before_script: - "bundle exec rake 'litmus:provision_list[travis_el8]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - env: PLATFORMS=travis_el8_puppet6 + env: + PLATFORMS: travis_el8_puppet6 + BUNDLE_WITH: system_tests rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker diff --git a/Gemfile b/Gemfile index ae2b430dc2..94dc647a06 100644 --- a/Gemfile +++ b/Gemfile @@ -16,6 +16,10 @@ end ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') +puppet_version = ENV['PUPPET_GEM_VERSION'] +facter_version = ENV['FACTER_GEM_VERSION'] +hiera_version = ENV['HIERA_GEM_VERSION'] + group :development do gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) @@ -27,14 +31,10 @@ group :development do gem "github_changelog_generator", require: false end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] if Gem::Requirement.create(['>= 6.11.0', '< 8.0.0']).satisfied_by?(Gem::Version.new(puppet_version.dup)) || puppet_version.nil? + gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] if Gem::Requirement.create(['>= 6.11.0', '< 8.0.0']).satisfied_by?(Gem::Version.new(puppet_version.dup)) || puppet_version.nil? end -puppet_version = ENV['PUPPET_GEM_VERSION'] -facter_version = ENV['FACTER_GEM_VERSION'] -hiera_version = ENV['HIERA_GEM_VERSION'] - gems = {} gems['puppet'] = location_for(puppet_version) diff --git a/metadata.json b/metadata.json index 61a627f4f9..32c31ffa1c 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g4543421" + "template-ref": "heads/main-0-gdace7b2" } From d338b7713b2f6c0bc2dbd3535e42fec40270f774 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 13 Jan 2021 15:25:53 +0000 Subject: [PATCH 0586/1000] More FrozenString fixes --- tasks/sql.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/sql.rb b/tasks/sql.rb index d27c931d70..7b2e425d37 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -8,10 +8,10 @@ def get(sql, database, user, port, password, host) env_hash = { 'PGPASSWORD' => password } unless password.nil? cmd_string = "psql -c \"#{sql}\"" - cmd_string << " --dbname=#{database}" unless database.nil? - cmd_string << " --username=#{user}" unless user.nil? - cmd_string << " --port=#{port}" unless port.nil? - cmd_string << " --host=#{host}" unless host.nil? + cmd_string += " --dbname=#{database}" unless database.nil? + cmd_string += " --username=#{user}" unless user.nil? + cmd_string += " --port=#{port}" unless port.nil? + cmd_string += " --host=#{host}" unless host.nil? stdout, stderr, status = Open3.capture3(env_hash, cmd_string) raise Puppet::Error, stderr if status != 0 { status: stdout.strip } From 257f4a98256417047a49f2a7e2cf78b7279db20b Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 13 Jan 2021 16:31:56 +0000 Subject: [PATCH 0587/1000] Remove translations They're causing `Current textdomain ("master_domain") was not added, use FastGettext.add_text_domain !` error on `rake syntax` through the gettext initialisation in https://github.com/puppetlabs/puppetlabs_spec_helper/blob/172300a4c125b9089c43a39ebed9743db5416063/lib/puppetlabs_spec_helper/rake_tasks.rb#L376 --- locales/config.yaml | 26 -------------------------- locales/ja/puppetlabs-postgresql.po | 21 --------------------- locales/puppetlabs-postgresql.pot | 18 ------------------ 3 files changed, 65 deletions(-) delete mode 100644 locales/config.yaml delete mode 100644 locales/ja/puppetlabs-postgresql.po delete mode 100644 locales/puppetlabs-postgresql.pot diff --git a/locales/config.yaml b/locales/config.yaml deleted file mode 100644 index cf3c4832ef..0000000000 --- a/locales/config.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# This is the project-specific configuration file for setting up -# fast_gettext for your project. -gettext: - # This is used for the name of the .pot and .po files; they will be - # called .pot? - project_name: puppetlabs-postgresql - # This is used in comments in the .pot and .po files to indicate what - # project the files belong to and should bea little more desctiptive than - # - package_name: puppetlabs-postgresql - # The locale that the default messages in the .pot file are in - default_locale: en - # The email used for sending bug reports. - bugs_address: docs@puppet.com - # The holder of the copyright. - copyright_holder: Puppet, Inc. - # This determines which comments in code should be eligible for translation. - # Any comments that start with this string will be externalized. (Leave - # empty to include all.) - comments_tag: TRANSLATOR - # Patterns for +Dir.glob+ used to find all files that might contain - # translatable content, relative to the project root directory - source_files: - - './lib/**/*.rb' - diff --git a/locales/ja/puppetlabs-postgresql.po b/locales/ja/puppetlabs-postgresql.po deleted file mode 100644 index bb4d7317fe..0000000000 --- a/locales/ja/puppetlabs-postgresql.po +++ /dev/null @@ -1,21 +0,0 @@ -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-03-21 14:19+0100\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: Eriko Kashiwagi , 2017\n" -"Language-Team: Japanese (Japan) (https://www.transifex.com/puppet/teams/29089/ja_JP/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ja_JP\n" -"Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Translate Toolkit 2.0.0\n" - -#. metadata.json -#: .summary -msgid "Offers support for basic management of PostgreSQL databases." -msgstr "PostgreSQLデータベースの基本的な管理を支援します。" diff --git a/locales/puppetlabs-postgresql.pot b/locales/puppetlabs-postgresql.pot deleted file mode 100644 index 4d8c4566c8..0000000000 --- a/locales/puppetlabs-postgresql.pot +++ /dev/null @@ -1,18 +0,0 @@ -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-03-21 14:19+0100\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME \n" -"Language-Team: LANGUAGE \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Generator: Translate Toolkit 2.0.0\n" - -#. metadata.json -#: .summary -msgid "Offers support for basic management of PostgreSQL databases." -msgstr "" From 206a890d66ed99abbee6403b57b2cd5697dd9a59 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Wed, 13 Jan 2021 16:52:25 +0000 Subject: [PATCH 0588/1000] Revert the faulty gem exclusion for now --- Gemfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index 94dc647a06..ee7cc76a8c 100644 --- a/Gemfile +++ b/Gemfile @@ -31,8 +31,8 @@ group :development do gem "github_changelog_generator", require: false end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] if Gem::Requirement.create(['>= 6.11.0', '< 8.0.0']).satisfied_by?(Gem::Version.new(puppet_version.dup)) || puppet_version.nil? - gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] if Gem::Requirement.create(['>= 6.11.0', '< 8.0.0']).satisfied_by?(Gem::Version.new(puppet_version.dup)) || puppet_version.nil? + gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] end gems = {} From 9b66c16c89148242e52280f83bacdf5c235ec67e Mon Sep 17 00:00:00 2001 From: olevole Date: Fri, 15 Jan 2021 16:29:54 +0300 Subject: [PATCH 0589/1000] Set default PostgresQL version for FreeBSD FreeBSD uses Postgresql 12 by default Ref: https://svnweb.freebsd.org/ports/branches/2021Q1/Mk/bsd.default-versions.mk?revision=560000&view=markup#l100 --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 5069976f8c..bafc88d22a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -209,7 +209,7 @@ default => '9.2', }, 'Gentoo' => '9.5', - 'FreeBSD' => '93', + 'FreeBSD' => '12', 'OpenBSD' => $facts['os']['release']['full'] ? { /5\.6/ => '9.3', /5\.[7-9]/ => '9.4', From ddac1e1517cfa0c59d38e81dcf035efcf79d3d03 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Mon, 18 Jan 2021 11:18:22 +0000 Subject: [PATCH 0590/1000] Release version 6.9.0 --- CHANGELOG.md | 17 +- REFERENCE.md | 1125 +++++++++++++++++++++++++++++++++---------------- metadata.json | 2 +- 3 files changed, 768 insertions(+), 376 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a2b02daa32..62cdc8fd06 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) (2021-01-18) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.8.0...v6.9.0) + +### Added + +- pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) +- Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) + +### Fixed + +- \(maint\) updated defaults for rhel7 policycoreutils [\#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) +- \(IAC-1189\) - Fix for SLES 15 SP 1 and later [\#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) +- Change - Use systemd drop-in directory for unit overrides [\#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) + ## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) (2020-09-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.7.0...v6.8.0) @@ -1228,4 +1243,4 @@ Notable features: [5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/REFERENCE.md b/REFERENCE.md index ae0ca38742..ab2c80a71a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -80,7 +80,7 @@ ## Classes -### `postgresql::client` +### `postgresql::client` Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. @@ -88,9 +88,14 @@ Installs PostgreSQL client software. Set the following parameters if you have a #### Parameters -The following parameters are available in the `postgresql::client` class. +The following parameters are available in the `postgresql::client` class: -##### `file_ensure` +* [`file_ensure`](#file_ensure) +* [`validcon_script_path`](#validcon_script_path) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) + +##### `file_ensure` Data type: `Enum['file', 'absent']` @@ -98,7 +103,7 @@ Ensure the connection validation script is present Default value: `'file'` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Stdlib::Absolutepath` @@ -106,7 +111,7 @@ Optional. Absolute path for the postgresql connection validation script. Default value: `$postgresql::params::validcon_script_path` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -114,7 +119,7 @@ Sets the name of the PostgreSQL client package. Default value: `$postgresql::params::client_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -122,7 +127,7 @@ Ensure the client package is installed Default value: `'present'` -### `postgresql::globals` +### `postgresql::globals` Class for setting cross-class global overrides. @@ -131,9 +136,63 @@ This class should be used only if you are using a non-standard OS, or if you are #### Parameters -The following parameters are available in the `postgresql::globals` class. - -##### `client_package_name` +The following parameters are available in the `postgresql::globals` class: + +* [`client_package_name`](#client_package_name) +* [`server_package_name`](#server_package_name) +* [`contrib_package_name`](#contrib_package_name) +* [`devel_package_name`](#devel_package_name) +* [`java_package_name`](#java_package_name) +* [`docs_package_name`](#docs_package_name) +* [`perl_package_name`](#perl_package_name) +* [`plperl_package_name`](#plperl_package_name) +* [`plpython_package_name`](#plpython_package_name) +* [`python_package_name`](#python_package_name) +* [`postgis_package_name`](#postgis_package_name) +* [`service_name`](#service_name) +* [`service_provider`](#service_provider) +* [`service_status`](#service_status) +* [`default_database`](#default_database) +* [`validcon_script_path`](#validcon_script_path) +* [`initdb_path`](#initdb_path) +* [`createdb_path`](#createdb_path) +* [`psql_path`](#psql_path) +* [`pg_hba_conf_path`](#pg_hba_conf_path) +* [`pg_ident_conf_path`](#pg_ident_conf_path) +* [`postgresql_conf_path`](#postgresql_conf_path) +* [`postgresql_conf_mode`](#postgresql_conf_mode) +* [`recovery_conf_path`](#recovery_conf_path) +* [`default_connect_settings`](#default_connect_settings) +* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) +* [`datadir`](#datadir) +* [`confdir`](#confdir) +* [`bindir`](#bindir) +* [`xlogdir`](#xlogdir) +* [`logdir`](#logdir) +* [`log_line_prefix`](#log_line_prefix) +* [`user`](#user) +* [`group`](#group) +* [`version`](#version) +* [`postgis_version`](#postgis_version) +* [`repo_proxy`](#repo_proxy) +* [`repo_baseurl`](#repo_baseurl) +* [`needs_initdb`](#needs_initdb) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`data_checksums`](#data_checksums) +* [`timezone`](#timezone) +* [`manage_pg_hba_conf`](#manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#manage_pg_ident_conf) +* [`manage_recovery_conf`](#manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`manage_datadir`](#manage_datadir) +* [`manage_logdir`](#manage_logdir) +* [`manage_xlogdir`](#manage_xlogdir) +* [`manage_package_repo`](#manage_package_repo) +* [`module_workdir`](#module_workdir) +* [`manage_selinux`](#manage_selinux) + +##### `client_package_name` Data type: `Any` @@ -141,7 +200,7 @@ Overrides the default PostgreSQL client package name. Default value: ``undef`` -##### `server_package_name` +##### `server_package_name` Data type: `Any` @@ -149,7 +208,7 @@ Overrides the default PostgreSQL server package name. Default value: ``undef`` -##### `contrib_package_name` +##### `contrib_package_name` Data type: `Any` @@ -157,7 +216,7 @@ Overrides the default PostgreSQL contrib package name. Default value: ``undef`` -##### `devel_package_name` +##### `devel_package_name` Data type: `Any` @@ -165,7 +224,7 @@ Overrides the default PostgreSQL devel package name. Default value: ``undef`` -##### `java_package_name` +##### `java_package_name` Data type: `Any` @@ -173,7 +232,7 @@ Overrides the default PostgreSQL java package name. Default value: ``undef`` -##### `docs_package_name` +##### `docs_package_name` Data type: `Any` @@ -181,7 +240,7 @@ Overrides the default PostgreSQL docs package name. Default value: ``undef`` -##### `perl_package_name` +##### `perl_package_name` Data type: `Any` @@ -189,7 +248,7 @@ Overrides the default PostgreSQL Perl package name. Default value: ``undef`` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Any` @@ -197,7 +256,7 @@ Overrides the default PostgreSQL PL/Perl package name. Default value: ``undef`` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Any` @@ -205,7 +264,7 @@ Overrides the default PostgreSQL PL/Python package name. Default value: ``undef`` -##### `python_package_name` +##### `python_package_name` Data type: `Any` @@ -213,7 +272,7 @@ Overrides the default PostgreSQL Python package name. Default value: ``undef`` -##### `postgis_package_name` +##### `postgis_package_name` Data type: `Any` @@ -221,7 +280,7 @@ Overrides the default PostgreSQL PostGIS package name. Default value: ``undef`` -##### `service_name` +##### `service_name` Data type: `Any` @@ -229,7 +288,7 @@ Overrides the default PostgreSQL service name. Default value: ``undef`` -##### `service_provider` +##### `service_provider` Data type: `Any` @@ -237,7 +296,7 @@ Overrides the default PostgreSQL service provider. Default value: ``undef`` -##### `service_status` +##### `service_status` Data type: `Any` @@ -245,7 +304,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: ``undef`` -##### `default_database` +##### `default_database` Data type: `Any` @@ -253,7 +312,7 @@ Specifies the name of the default database to connect with. Default value: ``undef`` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Any` @@ -261,7 +320,7 @@ Scipt path for the connection validation check. Default value: ``undef`` -##### `initdb_path` +##### `initdb_path` Data type: `Any` @@ -269,7 +328,7 @@ Path to the initdb command. Default value: ``undef`` -##### `createdb_path` +##### `createdb_path` Data type: `Any` @@ -277,7 +336,7 @@ Deprecated. Path to the createdb command. Default value: ``undef`` -##### `psql_path` +##### `psql_path` Data type: `Any` @@ -285,7 +344,7 @@ Sets the path to the psql command. Default value: ``undef`` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Any` @@ -293,7 +352,7 @@ Specifies the path to your pg_hba.conf file. Default value: ``undef`` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Any` @@ -301,7 +360,7 @@ Specifies the path to your pg_ident.conf file. Default value: ``undef`` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Any` @@ -309,7 +368,15 @@ Sets the path to your postgresql.conf file. Default value: ``undef`` -##### `recovery_conf_path` +##### `postgresql_conf_mode` + +Data type: `Optional[Stdlib::Filemode]` + +Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. + +Default value: ``undef`` + +##### `recovery_conf_path` Data type: `Any` @@ -317,7 +384,7 @@ Path to your recovery.conf file. Default value: ``undef`` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Any` @@ -325,7 +392,7 @@ Default connection settings. Default value: `{}` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Any` @@ -333,7 +400,7 @@ Disables the defaults supplied with the module for pg_hba.conf if set to false. Default value: ``undef`` -##### `datadir` +##### `datadir` Data type: `Any` @@ -345,7 +412,7 @@ Warning! If datadir is changed from the default, Puppet does not manage purging Default value: ``undef`` -##### `confdir` +##### `confdir` Data type: `Any` @@ -353,7 +420,7 @@ Overrides the default PostgreSQL configuration directory for the target platform Default value: ``undef`` -##### `bindir` +##### `bindir` Data type: `Any` @@ -361,7 +428,7 @@ Overrides the default PostgreSQL binaries directory for the target platform. Default value: ``undef`` -##### `xlogdir` +##### `xlogdir` Data type: `Any` @@ -369,7 +436,7 @@ Overrides the default PostgreSQL xlog directory. Default value: ``undef`` -##### `logdir` +##### `logdir` Data type: `Any` @@ -377,7 +444,7 @@ Overrides the default PostgreSQL log directory. Default value: ``undef`` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Any` @@ -385,7 +452,7 @@ Overrides the default PostgreSQL log prefix. Default value: ``undef`` -##### `user` +##### `user` Data type: `Any` @@ -393,7 +460,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: ``undef`` -##### `group` +##### `group` Data type: `Any` @@ -401,7 +468,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: ``undef`` -##### `version` +##### `version` Data type: `Any` @@ -409,7 +476,7 @@ The version of PostgreSQL to install and manage. Default value: ``undef`` -##### `postgis_version` +##### `postgis_version` Data type: `Any` @@ -417,7 +484,7 @@ Defines the version of PostGIS to install, if you install PostGIS. Default value: ``undef`` -##### `repo_proxy` +##### `repo_proxy` Data type: `Any` @@ -425,7 +492,7 @@ Sets the proxy option for the official PostgreSQL yum-repositories only. Default value: ``undef`` -##### `repo_baseurl` +##### `repo_baseurl` Data type: `Any` @@ -433,7 +500,7 @@ Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirr Default value: ``undef`` -##### `needs_initdb` +##### `needs_initdb` Data type: `Any` @@ -441,7 +508,7 @@ Explicitly calls the initdb operation after the server package is installed and Default value: ``undef`` -##### `encoding` +##### `encoding` Data type: `Any` @@ -450,7 +517,7 @@ On certain operating systems, this is also used during the template1 initializat Default value: ``undef`` -##### `locale` +##### `locale` Data type: `Any` @@ -460,7 +527,7 @@ On Debian, you'll need to ensure that the 'locales-all' package is installed for Default value: ``undef`` -##### `data_checksums` +##### `data_checksums` Data type: `Any` @@ -469,7 +536,7 @@ Warning: This option is used during initialization by initdb, and cannot be chan Default value: ``undef`` -##### `timezone` +##### `timezone` Data type: `Any` @@ -477,7 +544,7 @@ Sets the default timezone of the postgresql server. The postgresql built-in defa Default value: ``undef`` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Any` @@ -485,7 +552,7 @@ Allow Puppet to manage the pg_hba.conf file. Default value: ``undef`` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Any` @@ -493,7 +560,7 @@ Allow Puppet to manage the pg_ident.conf file. Default value: ``undef`` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Any` @@ -501,7 +568,17 @@ Allow Puppet to manage the recovery.conf file. Default value: ``undef`` -##### `manage_datadir` +##### `manage_postgresql_conf_perms` + +Data type: `Any` + +Whether to manage the postgresql conf file permissions. This means owner, +group and mode. Contents are not managed but should be managed through +postgresql::server::config_entry. + +Default value: ``undef`` + +##### `manage_datadir` Data type: `Any` @@ -509,7 +586,7 @@ Set to false if you have file{ $datadir: } already defined Default value: ``undef`` -##### `manage_logdir` +##### `manage_logdir` Data type: `Any` @@ -517,7 +594,7 @@ Set to false if you have file{ $logdir: } already defined Default value: ``undef`` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Any` @@ -525,7 +602,7 @@ Set to false if you have file{ $xlogdir: } already defined Default value: ``undef`` -##### `manage_package_repo` +##### `manage_package_repo` Data type: `Any` @@ -533,7 +610,7 @@ Sets up official PostgreSQL repositories on your host if set to true. Default value: ``undef`` -##### `module_workdir` +##### `module_workdir` Data type: `Any` @@ -541,7 +618,7 @@ Specifies working directory under which the psql command should be executed. May Default value: ``undef`` -##### `manage_selinux` +##### `manage_selinux` Data type: `Any` @@ -549,15 +626,19 @@ Data type: `Any` Default value: ``undef`` -### `postgresql::lib::devel` +### `postgresql::lib::devel` This class installs postgresql development libraries. #### Parameters -The following parameters are available in the `postgresql::lib::devel` class. +The following parameters are available in the `postgresql::lib::devel` class: + +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`link_pg_config`](#link_pg_config) -##### `package_name` +##### `package_name` Data type: `String` @@ -565,7 +646,7 @@ Override devel package name Default value: `$postgresql::params::devel_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -573,7 +654,7 @@ Ensure the development libraries are installed Default value: `'present'` -##### `link_pg_config` +##### `link_pg_config` Data type: `Boolean` @@ -581,7 +662,7 @@ If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/b Default value: `$postgresql::params::link_pg_config` -### `postgresql::lib::docs` +### `postgresql::lib::docs` Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -589,9 +670,12 @@ Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if #### Parameters -The following parameters are available in the `postgresql::lib::docs` class. +The following parameters are available in the `postgresql::lib::docs` class: -##### `package_name` +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) + +##### `package_name` Data type: `String` @@ -599,7 +683,7 @@ Specifies the name of the PostgreSQL docs package. Default value: `$postgresql::params::docs_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -607,7 +691,7 @@ Whether the PostgreSQL docs package resource should be present. Default value: `'present'` -### `postgresql::lib::java` +### `postgresql::lib::java` This class installs the postgresql jdbc connector. @@ -615,9 +699,12 @@ This class installs the postgresql jdbc connector. #### Parameters -The following parameters are available in the `postgresql::lib::java` class. +The following parameters are available in the `postgresql::lib::java` class: + +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -625,7 +712,7 @@ Specifies the name of the PostgreSQL java package. Default value: `$postgresql::params::java_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -633,15 +720,18 @@ Specifies whether the package is present. Default value: `'present'` -### `postgresql::lib::perl` +### `postgresql::lib::perl` This class installs the perl libs for postgresql. #### Parameters -The following parameters are available in the `postgresql::lib::perl` class. +The following parameters are available in the `postgresql::lib::perl` class: + +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -649,7 +739,7 @@ Specifies the name of the PostgreSQL perl package to install. Default value: `$postgresql::params::perl_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -657,15 +747,18 @@ Ensure the perl libs for postgresql are installed. Default value: `'present'` -### `postgresql::lib::python` +### `postgresql::lib::python` This class installs the python libs for postgresql. #### Parameters -The following parameters are available in the `postgresql::lib::python` class. +The following parameters are available in the `postgresql::lib::python` class: -##### `package_name` +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) + +##### `package_name` Data type: `String[1]` @@ -673,7 +766,7 @@ The name of the PostgreSQL Python package. Default value: `$postgresql::params::python_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -681,15 +774,72 @@ Ensure the python libs for postgresql are installed. Default value: `'present'` -### `postgresql::server` +### `postgresql::server` This installs a PostgreSQL server #### Parameters -The following parameters are available in the `postgresql::server` class. - -##### `postgres_password` +The following parameters are available in the `postgresql::server` class: + +* [`postgres_password`](#postgres_password) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`plperl_package_name`](#plperl_package_name) +* [`plpython_package_name`](#plpython_package_name) +* [`service_ensure`](#service_ensure) +* [`service_enable`](#service_enable) +* [`service_manage`](#service_manage) +* [`service_name`](#service_name) +* [`service_restart_on_change`](#service_restart_on_change) +* [`service_provider`](#service_provider) +* [`service_reload`](#service_reload) +* [`service_status`](#service_status) +* [`default_database`](#default_database) +* [`default_connect_settings`](#default_connect_settings) +* [`listen_addresses`](#listen_addresses) +* [`port`](#port) +* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) +* [`ipv4acls`](#ipv4acls) +* [`ipv6acls`](#ipv6acls) +* [`initdb_path`](#initdb_path) +* [`createdb_path`](#createdb_path) +* [`psql_path`](#psql_path) +* [`pg_hba_conf_path`](#pg_hba_conf_path) +* [`pg_ident_conf_path`](#pg_ident_conf_path) +* [`postgresql_conf_path`](#postgresql_conf_path) +* [`postgresql_conf_mode`](#postgresql_conf_mode) +* [`recovery_conf_path`](#recovery_conf_path) +* [`datadir`](#datadir) +* [`xlogdir`](#xlogdir) +* [`logdir`](#logdir) +* [`log_line_prefix`](#log_line_prefix) +* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) +* [`user`](#user) +* [`group`](#group) +* [`needs_initdb`](#needs_initdb) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`data_checksums`](#data_checksums) +* [`timezone`](#timezone) +* [`manage_pg_hba_conf`](#manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#manage_pg_ident_conf) +* [`manage_recovery_conf`](#manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`module_workdir`](#module_workdir) +* [`manage_datadir`](#manage_datadir) +* [`manage_logdir`](#manage_logdir) +* [`manage_xlogdir`](#manage_xlogdir) +* [`roles`](#roles) +* [`config_entries`](#config_entries) +* [`pg_hba_rules`](#pg_hba_rules) +* [`version`](#version) +* [`extra_systemd_config`](#extra_systemd_config) +* [`manage_selinux`](#manage_selinux) +* [`password_encryption`](#password_encryption) + +##### `postgres_password` Data type: `Any` @@ -697,7 +847,7 @@ Sets the password for the postgres user to your specified value. By default, thi Default value: ``undef`` -##### `package_name` +##### `package_name` Data type: `Any` @@ -705,7 +855,7 @@ Specifies the name of the package to use for installing the server software. Default value: `$postgresql::params::server_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Any` @@ -713,7 +863,7 @@ Passes a value through to the package resource when creating the server instance Default value: `$postgresql::params::package_ensure` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Any` @@ -721,7 +871,7 @@ Sets the default package name for the PL/Perl extension. Default value: `$postgresql::params::plperl_package_name` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Any` @@ -729,7 +879,7 @@ Sets the default package name for the PL/Python extension. Default value: `$postgresql::params::plpython_package_name` -##### `service_ensure` +##### `service_ensure` Data type: `Any` @@ -737,7 +887,7 @@ Ensure service is installed Default value: `$postgresql::params::service_ensure` -##### `service_enable` +##### `service_enable` Data type: `Any` @@ -745,7 +895,7 @@ Enable the PostgreSQL service Default value: `$postgresql::params::service_enable` -##### `service_manage` +##### `service_manage` Data type: `Any` @@ -753,7 +903,7 @@ Defines whether or not Puppet should manage the service. Default value: `$postgresql::params::service_manage` -##### `service_name` +##### `service_name` Data type: `Any` @@ -761,7 +911,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::params::service_name` -##### `service_restart_on_change` +##### `service_restart_on_change` Data type: `Any` @@ -769,7 +919,7 @@ Overrides the default behavior to restart your PostgreSQL service when a config Default value: `$postgresql::params::service_restart_on_change` -##### `service_provider` +##### `service_provider` Data type: `Any` @@ -777,7 +927,7 @@ Overrides the default PostgreSQL service provider. Default value: `$postgresql::params::service_provider` -##### `service_reload` +##### `service_reload` Data type: `Any` @@ -785,7 +935,7 @@ Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::params::service_reload` -##### `service_status` +##### `service_status` Data type: `Any` @@ -793,7 +943,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::params::service_status` -##### `default_database` +##### `default_database` Data type: `Any` @@ -801,7 +951,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::params::default_database` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Any` @@ -809,7 +959,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::globals::default_connect_settings` -##### `listen_addresses` +##### `listen_addresses` Data type: `Any` @@ -817,7 +967,7 @@ Address list on which the PostgreSQL service will listen Default value: `$postgresql::params::listen_addresses` -##### `port` +##### `port` Data type: `Any` @@ -826,7 +976,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` -##### `ip_mask_deny_postgres_user` +##### `ip_mask_deny_postgres_user` Data type: `Any` @@ -835,7 +985,7 @@ Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::params::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` Data type: `Any` @@ -845,7 +995,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -853,7 +1003,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::params::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -861,7 +1011,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::params::ipv6acls` -##### `initdb_path` +##### `initdb_path` Data type: `Any` @@ -869,7 +1019,7 @@ Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` -##### `createdb_path` +##### `createdb_path` Data type: `Any` @@ -877,7 +1027,7 @@ Deprecated. Specifies the path to the createdb command. Default value: `$postgresql::params::createdb_path` -##### `psql_path` +##### `psql_path` Data type: `Any` @@ -885,7 +1035,7 @@ Specifies the path to the psql command. Default value: `$postgresql::params::psql_path` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Any` @@ -893,7 +1043,7 @@ Specifies the path to your pg_hba.conf file. Default value: `$postgresql::params::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Any` @@ -901,7 +1051,7 @@ Specifies the path to your pg_ident.conf file. Default value: `$postgresql::params::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Any` @@ -909,7 +1059,15 @@ Specifies the path to your postgresql.conf file. Default value: `$postgresql::params::postgresql_conf_path` -##### `recovery_conf_path` +##### `postgresql_conf_mode` + +Data type: `Optional[Stdlib::Filemode]` + +Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. + +Default value: `$postgresql::params::postgresql_conf_mode` + +##### `recovery_conf_path` Data type: `Any` @@ -917,7 +1075,7 @@ Specifies the path to your recovery.conf file. Default value: `$postgresql::params::recovery_conf_path` -##### `datadir` +##### `datadir` Data type: `Any` @@ -925,7 +1083,7 @@ PostgreSQL data directory Default value: `$postgresql::params::datadir` -##### `xlogdir` +##### `xlogdir` Data type: `Any` @@ -933,7 +1091,7 @@ PostgreSQL xlog directory Default value: `$postgresql::params::xlogdir` -##### `logdir` +##### `logdir` Data type: `Any` @@ -941,7 +1099,7 @@ PostgreSQL log directory Default value: `$postgresql::params::logdir` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Any` @@ -949,7 +1107,7 @@ PostgreSQL log line prefix Default value: `$postgresql::params::log_line_prefix` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Any` @@ -957,7 +1115,7 @@ If false, disables the defaults supplied with the module for pg_hba.conf. This i Default value: `$postgresql::params::pg_hba_conf_defaults` -##### `user` +##### `user` Data type: `Any` @@ -965,7 +1123,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::params::user` -##### `group` +##### `group` Data type: `Any` @@ -973,7 +1131,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::params::group` -##### `needs_initdb` +##### `needs_initdb` Data type: `Any` @@ -981,7 +1139,7 @@ Explicitly calls the initdb operation after server package is installed, and bef Default value: `$postgresql::params::needs_initdb` -##### `encoding` +##### `encoding` Data type: `Any` @@ -989,7 +1147,7 @@ Sets the default encoding for all databases created with this module. On certain Default value: `$postgresql::params::encoding` -##### `locale` +##### `locale` Data type: `Any` @@ -997,7 +1155,7 @@ Sets the default database locale for all databases created with this module. On Default value: `$postgresql::params::locale` -##### `data_checksums` +##### `data_checksums` Data type: `Any` @@ -1006,7 +1164,7 @@ Warning: This option is used during initialization by initdb, and cannot be chan Default value: `$postgresql::params::data_checksums` -##### `timezone` +##### `timezone` Data type: `Any` @@ -1014,7 +1172,7 @@ Set timezone for the PostgreSQL instance Default value: `$postgresql::params::timezone` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Any` @@ -1022,7 +1180,7 @@ Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::params::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Any` @@ -1030,7 +1188,7 @@ Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::params::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Any` @@ -1038,7 +1196,17 @@ Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::params::manage_recovery_conf` -##### `module_workdir` +##### `manage_postgresql_conf_perms` + +Data type: `Boolean` + +Whether to manage the postgresql conf file permissions. This means owner, +group and mode. Contents are not managed but should be managed through +postgresql::server::config_entry. + +Default value: `$postgresql::params::manage_postgresql_conf_perms` + +##### `module_workdir` Data type: `Any` @@ -1046,7 +1214,7 @@ Working directory for the PostgreSQL module Default value: `$postgresql::params::module_workdir` -##### `manage_datadir` +##### `manage_datadir` Data type: `Any` @@ -1054,7 +1222,7 @@ Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::params::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` Data type: `Any` @@ -1062,7 +1230,7 @@ Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::params::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Any` @@ -1070,7 +1238,7 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::params::manage_xlogdir` -##### `roles` +##### `roles` Data type: `Hash[String, Hash]` @@ -1078,7 +1246,7 @@ Specifies a hash from which to generate postgresql::server::role resources. Default value: `{}` -##### `config_entries` +##### `config_entries` Data type: `Hash[String, Any]` @@ -1086,7 +1254,7 @@ Specifies a hash from which to generate postgresql::server::config_entry resourc Default value: `{}` -##### `pg_hba_rules` +##### `pg_hba_rules` Data type: `Hash[String, Hash]` @@ -1094,7 +1262,7 @@ Specifies a hash from which to generate postgresql::server::pg_hba_rule resource Default value: `{}` -##### `version` +##### `version` Data type: `Any` @@ -1102,7 +1270,7 @@ Deprecated. Use postgresql::globals instead. Sets PostgreSQL version Default value: ``undef`` -##### `extra_systemd_config` +##### `extra_systemd_config` Data type: `Any` @@ -1110,7 +1278,7 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::params::extra_systemd_config` -##### `manage_selinux` +##### `manage_selinux` Data type: `Boolean` @@ -1118,7 +1286,7 @@ Data type: `Boolean` Default value: `$postgresql::params::manage_selinux` -##### `password_encryption` +##### `password_encryption` Data type: `Any` @@ -1126,15 +1294,18 @@ Data type: `Any` Default value: `$postgresql::params::password_encryption` -### `postgresql::server::contrib` +### `postgresql::server::contrib` Install the contrib postgresql packaging. #### Parameters -The following parameters are available in the `postgresql::server::contrib` class. +The following parameters are available in the `postgresql::server::contrib` class: + +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -1142,7 +1313,7 @@ The name of the PostgreSQL contrib package. Default value: `$postgresql::params::contrib_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -1150,15 +1321,18 @@ Ensure the contrib package is installed. Default value: `'present'` -### `postgresql::server::plperl` +### `postgresql::server::plperl` This class installs the PL/Perl procedural language for postgresql. #### Parameters -The following parameters are available in the `postgresql::server::plperl` class. +The following parameters are available in the `postgresql::server::plperl` class: + +* [`package_ensure`](#package_ensure) +* [`package_name`](#package_name) -##### `package_ensure` +##### `package_ensure` Data type: `Any` @@ -1166,7 +1340,7 @@ The ensure parameter passed on to PostgreSQL PL/Perl package resource. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Any` @@ -1174,15 +1348,18 @@ The name of the PostgreSQL PL/Perl package. Default value: `$postgresql::server::plperl_package_name` -### `postgresql::server::plpython` +### `postgresql::server::plpython` This class installs the PL/Python procedural language for postgresql. #### Parameters -The following parameters are available in the `postgresql::server::plpython` class. +The following parameters are available in the `postgresql::server::plpython` class: -##### `package_ensure` +* [`package_ensure`](#package_ensure) +* [`package_name`](#package_name) + +##### `package_ensure` Data type: `Any` @@ -1190,7 +1367,7 @@ Specifies whether the package is present. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Any` @@ -1198,15 +1375,18 @@ Specifies the name of the postgresql PL/Python package. Default value: `$postgresql::server::plpython_package_name` -### `postgresql::server::postgis` +### `postgresql::server::postgis` Install the postgis postgresql packaging. #### Parameters -The following parameters are available in the `postgresql::server::postgis` class. +The following parameters are available in the `postgresql::server::postgis` class: + +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -1214,7 +1394,7 @@ Sets the package name. Default value: `$postgresql::params::postgis_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `String[1]` @@ -1224,15 +1404,19 @@ Default value: `'present'` ## Defined types -### `postgresql::server::config_entry` +### `postgresql::server::config_entry` Manage a postgresql.conf entry. #### Parameters -The following parameters are available in the `postgresql::server::config_entry` defined type. +The following parameters are available in the `postgresql::server::config_entry` defined type: -##### `ensure` +* [`ensure`](#ensure) +* [`value`](#value) +* [`path`](#path) + +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1240,7 +1424,7 @@ Removes an entry if set to 'absent'. Default value: `'present'` -##### `value` +##### `value` Data type: `Any` @@ -1248,7 +1432,7 @@ Defines the value for the setting. Default value: ``undef`` -##### `path` +##### `path` Data type: `Any` @@ -1256,15 +1440,25 @@ Path for postgresql.conf Default value: ``false`` -### `postgresql::server::database` +### `postgresql::server::database` Define for creating a database. #### Parameters -The following parameters are available in the `postgresql::server::database` defined type. +The following parameters are available in the `postgresql::server::database` defined type: -##### `comment` +* [`comment`](#comment) +* [`dbname`](#dbname) +* [`owner`](#owner) +* [`tablespace`](#tablespace) +* [`template`](#template) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`istemplate`](#istemplate) +* [`connect_settings`](#connect_settings) + +##### `comment` Data type: `Any` @@ -1272,7 +1466,7 @@ Sets a comment on the database. Default value: ``undef`` -##### `dbname` +##### `dbname` Data type: `Any` @@ -1280,7 +1474,7 @@ Sets the name of the database. Default value: `$title` -##### `owner` +##### `owner` Data type: `Any` @@ -1288,7 +1482,7 @@ Sets name of the database owner. Default value: ``undef`` -##### `tablespace` +##### `tablespace` Data type: `Any` @@ -1296,7 +1490,7 @@ Sets tablespace for where to create this database. Default value: ``undef`` -##### `template` +##### `template` Data type: `Any` @@ -1304,7 +1498,7 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `encoding` +##### `encoding` Data type: `Any` @@ -1312,7 +1506,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Any` @@ -1320,7 +1514,7 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `istemplate` +##### `istemplate` Data type: `Any` @@ -1328,7 +1522,7 @@ Defines the database as a template if set to true. Default value: ``false`` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -1336,33 +1530,41 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::database_grant` +### `postgresql::server::database_grant` Manage a database grant. #### Parameters -The following parameters are available in the `postgresql::server::database_grant` defined type. +The following parameters are available in the `postgresql::server::database_grant` defined type: + +* [`privilege`](#privilege) +* [`db`](#db) +* [`role`](#role) +* [`ensure`](#ensure) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`connect_settings`](#connect_settings) -##### `privilege` +##### `privilege` Data type: `Any` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. -##### `db` +##### `db` Data type: `Any` Specifies the database to which you are granting access. -##### `role` +##### `role` Data type: `Any` Specifies the role or user whom you are granting access to. -##### `ensure` +##### `ensure` Data type: `Any` @@ -1370,7 +1572,7 @@ Specifies whether to grant or revoke the privilege. Revoke or 'absent' works onl Default value: ``undef`` -##### `psql_db` +##### `psql_db` Data type: `Any` @@ -1378,7 +1580,7 @@ Defines the database to execute the grant against. This should not ordinarily be Default value: ``undef`` -##### `psql_user` +##### `psql_user` Data type: `Any` @@ -1386,7 +1588,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -1394,27 +1596,39 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: ``undef`` -### `postgresql::server::db` +### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correctpermissions. #### Parameters -The following parameters are available in the `postgresql::server::db` defined type. +The following parameters are available in the `postgresql::server::db` defined type: -##### `user` +* [`user`](#user) +* [`password`](#password) +* [`comment`](#comment) +* [`dbname`](#dbname) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`grant`](#grant) +* [`tablespace`](#tablespace) +* [`template`](#template) +* [`istemplate`](#istemplate) +* [`owner`](#owner) + +##### `user` Data type: `Any` User to create and assign access to the database upon creation. Mandatory. -##### `password` +##### `password` Data type: `Any` Required Sets the password for the created user. -##### `comment` +##### `comment` Data type: `Any` @@ -1422,7 +1636,7 @@ Defines a comment to be stored about the database using the PostgreSQL COMMENT c Default value: ``undef`` -##### `dbname` +##### `dbname` Data type: `Any` @@ -1430,7 +1644,7 @@ Sets the name of the database to be created. Default value: `$title` -##### `encoding` +##### `encoding` Data type: `Any` @@ -1438,7 +1652,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Any` @@ -1446,7 +1660,7 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `grant` +##### `grant` Data type: `Any` @@ -1454,7 +1668,7 @@ Specifies the permissions to grant during creation. Default value: 'ALL'. Default value: `'ALL'` -##### `tablespace` +##### `tablespace` Data type: `Any` @@ -1462,7 +1676,7 @@ Defines the name of the tablespace to allocate the created database to. Default value: ``undef`` -##### `template` +##### `template` Data type: `Any` @@ -1470,7 +1684,7 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `istemplate` +##### `istemplate` Data type: `Any` @@ -1478,7 +1692,7 @@ Specifies that the database is a template, if set to true. Default value: ``false`` -##### `owner` +##### `owner` Data type: `Any` @@ -1486,21 +1700,32 @@ Sets a user as the owner of the database. Default value: ``undef`` -### `postgresql::server::extension` +### `postgresql::server::extension` Activate an extension on a postgresql database. #### Parameters -The following parameters are available in the `postgresql::server::extension` defined type. +The following parameters are available in the `postgresql::server::extension` defined type: -##### `database` +* [`database`](#database) +* [`extension`](#extension) +* [`schema`](#schema) +* [`version`](#version) +* [`ensure`](#ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`port`](#port) +* [`connect_settings`](#connect_settings) +* [`database_resource_name`](#database_resource_name) + +##### `database` Data type: `Any` Specifies the database on which to activate the extension. -##### `extension` +##### `extension` Data type: `Any` @@ -1508,7 +1733,7 @@ Specifies the extension to activate. If left blank, uses the name of the resourc Default value: `$name` -##### `schema` +##### `schema` Data type: `Optional[String[1]]` @@ -1516,7 +1741,7 @@ Specifies the schema on which to activate the extension. Default value: ``undef`` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -1529,7 +1754,7 @@ version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and Default value: ``undef`` -##### `ensure` +##### `ensure` Data type: `String[1]` @@ -1537,7 +1762,7 @@ Specifies whether to activate or deactivate the extension. Valid options: 'prese Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Any` @@ -1545,7 +1770,7 @@ Specifies a package to install prior to activating the extension. Default value: ``undef`` -##### `package_ensure` +##### `package_ensure` Data type: `Any` @@ -1553,7 +1778,7 @@ Overrides default package deletion behavior. By default, the package specified w Default value: ``undef`` -##### `port` +##### `port` Data type: `Optional[Integer]` @@ -1561,7 +1786,7 @@ Port to use when connecting. Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -1569,7 +1794,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `postgresql::default('default_connect_settings')` -##### `database_resource_name` +##### `database_resource_name` Data type: `Any` @@ -1577,27 +1802,42 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` -### `postgresql::server::grant` +### `postgresql::server::grant` Define for granting permissions to roles. #### Parameters -The following parameters are available in the `postgresql::server::grant` defined type. - -##### `role` +The following parameters are available in the `postgresql::server::grant` defined type: + +* [`role`](#role) +* [`db`](#db) +* [`privilege`](#privilege) +* [`object_type`](#object_type) +* [`object_name`](#object_name) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`onlyif_exists`](#onlyif_exists) +* [`connect_settings`](#connect_settings) +* [`ensure`](#ensure) +* [`group`](#group) +* [`psql_path`](#psql_path) +* [`object_arguments`](#object_arguments) + +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `privilege` +##### `privilege` Data type: `String` @@ -1605,7 +1845,7 @@ Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'obj Default value: `''` -##### `object_type` +##### `object_type` Data type: `Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, @@ -1627,7 +1867,7 @@ Specifies the type of object to which you are granting privileges. Valid options Default value: `'database'` -##### `object_name` +##### `object_name` Data type: `Optional[Variant[ Array[String,2,2], @@ -1638,7 +1878,7 @@ Specifies name of object_type to which to grant access, can be either a string o Default value: ``undef`` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -1646,7 +1886,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -1654,7 +1894,7 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Integer` @@ -1662,7 +1902,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Boolean` @@ -1670,7 +1910,7 @@ Create grant only if doesn't exist Default value: ``false`` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -1678,7 +1918,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent' @@ -1688,7 +1928,7 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: `'present'` -##### `group` +##### `group` Data type: `String` @@ -1696,7 +1936,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `String` @@ -1704,7 +1944,7 @@ Sets the path to psql command Default value: `$postgresql::server::psql_path` -##### `object_arguments` +##### `object_arguments` Data type: `Array[String[1],0]` @@ -1712,21 +1952,29 @@ Data type: `Array[String[1],0]` Default value: `[]` -### `postgresql::server::grant_role` +### `postgresql::server::grant_role` Define for granting membership to a role. #### Parameters -The following parameters are available in the `postgresql::server::grant_role` defined type. +The following parameters are available in the `postgresql::server::grant_role` defined type: + +* [`group`](#group) +* [`role`](#role) +* [`ensure`](#ensure) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`connect_settings`](#connect_settings) -##### `group` +##### `group` Data type: `String[1]` Specifies the group role to which you are assigning a role. -##### `role` +##### `role` Data type: `String[1]` @@ -1734,7 +1982,7 @@ Specifies the role you want to assign to a group. If left blank, uses the name o Default value: `$name` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1742,7 +1990,7 @@ Specifies whether to grant or revoke the membership. Valid options: 'present' or Default value: `'present'` -##### `psql_db` +##### `psql_db` Data type: `Any` @@ -1750,7 +1998,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `Any` @@ -1758,7 +2006,7 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Any` @@ -1766,7 +2014,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -1774,40 +2022,51 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::pg_hba_rule` +### `postgresql::server::pg_hba_rule` This resource manages an individual rule that applies to the file defined in target. #### Parameters -The following parameters are available in the `postgresql::server::pg_hba_rule` defined type. +The following parameters are available in the `postgresql::server::pg_hba_rule` defined type: + +* [`type`](#type) +* [`database`](#database) +* [`user`](#user) +* [`auth_method`](#auth_method) +* [`address`](#address) +* [`description`](#description) +* [`auth_option`](#auth_option) +* [`order`](#order) +* [`target`](#target) +* [`postgresql_version`](#postgresql_version) -##### `type` +##### `type` Data type: `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc']` Sets the type of rule. Enum['local','host','hostssl','hostnossl','hostgssenc']. -##### `database` +##### `database` Data type: `String` Sets a comma-separated list of databases that this rule matches. -##### `user` +##### `user` Data type: `String` Sets a comma-separated list of users that this rule matches. -##### `auth_method` +##### `auth_method` Data type: `String` Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -##### `address` +##### `address` Data type: `Optional[String]` @@ -1815,7 +2074,7 @@ Sets a CIDR based address for this rule matching when the type is not 'local'. Default value: ``undef`` -##### `description` +##### `description` Data type: `String` @@ -1823,7 +2082,7 @@ Defines a longer description for this rule, if required. This description is pla Default value: `'none'` -##### `auth_option` +##### `auth_option` Data type: `Optional[String]` @@ -1831,7 +2090,7 @@ For certain auth_method settings there are extra options that can be passed. Con Default value: ``undef`` -##### `order` +##### `order` Data type: `Variant[String, Integer]` @@ -1839,7 +2098,7 @@ Sets an order for placing the rule in pg_hba.conf. This can be either a string o Default value: `150` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -1847,7 +2106,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::pg_hba_conf_path` -##### `postgresql_version` +##### `postgresql_version` Data type: `String` @@ -1855,33 +2114,40 @@ Manages pg_hba.conf without managing the entire PostgreSQL instance. Default value: `$postgresql::server::_version` -### `postgresql::server::pg_ident_rule` +### `postgresql::server::pg_ident_rule` This resource manages an individual rule that applies to the file defined in target. #### Parameters -The following parameters are available in the `postgresql::server::pg_ident_rule` defined type. +The following parameters are available in the `postgresql::server::pg_ident_rule` defined type: -##### `map_name` +* [`map_name`](#map_name) +* [`system_username`](#system_username) +* [`database_username`](#database_username) +* [`description`](#description) +* [`order`](#order) +* [`target`](#target) + +##### `map_name` Data type: `Any` Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. -##### `system_username` +##### `system_username` Data type: `Any` Specifies the operating system user name (the user name used to connect to the database). -##### `database_username` +##### `database_username` Data type: `Any` Specifies the user name of the database user. The system_username is mapped to this user name. -##### `description` +##### `description` Data type: `Any` @@ -1889,7 +2155,7 @@ Sets a longer description for this rule if required. This description is placed Default value: `'none'` -##### `order` +##### `order` Data type: `Any` @@ -1897,7 +2163,7 @@ Defines an order for placing the mapping in pg_ident.conf. Default value: 150. Default value: `'150'` -##### `target` +##### `target` Data type: `Any` @@ -1905,7 +2171,7 @@ Provides the target for the rule and is generally an internal only property. Use Default value: `$postgresql::server::pg_ident_conf_path` -### `postgresql::server::reassign_owned_by` +### `postgresql::server::reassign_owned_by` Define for reassigning the ownership of objects within a database. @@ -1913,27 +2179,34 @@ Define for reassigning the ownership of objects within a database. #### Parameters -The following parameters are available in the `postgresql::server::reassign_owned_by` defined type. +The following parameters are available in the `postgresql::server::reassign_owned_by` defined type: -##### `old_role` +* [`old_role`](#old_role) +* [`new_role`](#new_role) +* [`db`](#db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`connect_settings`](#connect_settings) + +##### `old_role` Data type: `String` Specifies the role or user who is the current owner of the objects in the specified db -##### `new_role` +##### `new_role` Data type: `String` Specifies the role or user who will be the new owner of these objects -##### `db` +##### `db` Data type: `String` Specifies the database to which the 'REASSIGN OWNED' will be applied -##### `psql_user` +##### `psql_user` Data type: `String` @@ -1941,7 +2214,7 @@ Specifies the OS user for running psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Integer` @@ -1949,7 +2222,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -1957,7 +2230,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::recovery` +### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -1968,9 +2241,26 @@ Only the specified parameters are recognized in the template. The recovery.conf #### Parameters -The following parameters are available in the `postgresql::server::recovery` defined type. +The following parameters are available in the `postgresql::server::recovery` defined type: + +* [`restore_command`](#restore_command) +* [`archive_cleanup_command`](#archive_cleanup_command) +* [`recovery_end_command`](#recovery_end_command) +* [`recovery_target_name`](#recovery_target_name) +* [`recovery_target_time`](#recovery_target_time) +* [`recovery_target_xid`](#recovery_target_xid) +* [`recovery_target_inclusive`](#recovery_target_inclusive) +* [`recovery_target`](#recovery_target) +* [`recovery_target_timeline`](#recovery_target_timeline) +* [`pause_at_recovery_target`](#pause_at_recovery_target) +* [`standby_mode`](#standby_mode) +* [`primary_conninfo`](#primary_conninfo) +* [`primary_slot_name`](#primary_slot_name) +* [`trigger_file`](#trigger_file) +* [`recovery_min_apply_delay`](#recovery_min_apply_delay) +* [`target`](#target) -##### `restore_command` +##### `restore_command` Data type: `Any` @@ -1978,7 +2268,7 @@ The shell command to execute to retrieve an archived segment of the WAL file ser Default value: ``undef`` -##### `archive_cleanup_command` +##### `archive_cleanup_command` Data type: `Any` @@ -1986,7 +2276,7 @@ This optional parameter specifies a shell command that will be executed at every Default value: ``undef`` -##### `recovery_end_command` +##### `recovery_end_command` Data type: `Any` @@ -1994,7 +2284,7 @@ This parameter specifies a shell command that will be executed once only at the Default value: ``undef`` -##### `recovery_target_name` +##### `recovery_target_name` Data type: `Any` @@ -2002,7 +2292,7 @@ This parameter specifies the named restore point (created with pg_create_restore Default value: ``undef`` -##### `recovery_target_time` +##### `recovery_target_time` Data type: `Any` @@ -2010,7 +2300,7 @@ This parameter specifies the time stamp up to which recovery will proceed. Default value: ``undef`` -##### `recovery_target_xid` +##### `recovery_target_xid` Data type: `Any` @@ -2018,7 +2308,7 @@ This parameter specifies the transaction ID up to which recovery will proceed. Default value: ``undef`` -##### `recovery_target_inclusive` +##### `recovery_target_inclusive` Data type: `Any` @@ -2026,7 +2316,7 @@ Specifies whether to stop just after the specified recovery target (true), or ju Default value: ``undef`` -##### `recovery_target` +##### `recovery_target` Data type: `Any` @@ -2034,7 +2324,7 @@ This parameter specifies that recovery should end as soon as a consistent state Default value: ``undef`` -##### `recovery_target_timeline` +##### `recovery_target_timeline` Data type: `Any` @@ -2042,7 +2332,7 @@ Specifies recovering into a particular timeline. Default value: ``undef`` -##### `pause_at_recovery_target` +##### `pause_at_recovery_target` Data type: `Any` @@ -2050,7 +2340,7 @@ Specifies whether recovery should pause when the recovery target is reached. Default value: ``undef`` -##### `standby_mode` +##### `standby_mode` Data type: `Any` @@ -2058,7 +2348,7 @@ Specifies whether to start the PostgreSQL server as a standby. Default value: ``undef`` -##### `primary_conninfo` +##### `primary_conninfo` Data type: `Any` @@ -2066,7 +2356,7 @@ Specifies a connection string to be used for the standby server to connect with Default value: ``undef`` -##### `primary_slot_name` +##### `primary_slot_name` Data type: `Any` @@ -2074,7 +2364,7 @@ Optionally specifies an existing replication slot to be used when connecting to Default value: ``undef`` -##### `trigger_file` +##### `trigger_file` Data type: `Any` @@ -2082,7 +2372,7 @@ Specifies a trigger file whose presence ends recovery in the standby. Default value: ``undef`` -##### `recovery_min_apply_delay` +##### `recovery_min_apply_delay` Data type: `Any` @@ -2090,7 +2380,7 @@ This parameter allows you to delay recovery by a fixed period of time, measured Default value: ``undef`` -##### `target` +##### `target` Data type: `Any` @@ -2098,15 +2388,34 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::recovery_conf_path` -### `postgresql::server::role` +### `postgresql::server::role` Define for creating a database role. #### Parameters -The following parameters are available in the `postgresql::server::role` defined type. +The following parameters are available in the `postgresql::server::role` defined type: + +* [`update_password`](#update_password) +* [`password_hash`](#password_hash) +* [`createdb`](#createdb) +* [`createrole`](#createrole) +* [`db`](#db) +* [`port`](#port) +* [`login`](#login) +* [`inherit`](#inherit) +* [`superuser`](#superuser) +* [`replication`](#replication) +* [`connection_limit`](#connection_limit) +* [`username`](#username) +* [`connect_settings`](#connect_settings) +* [`ensure`](#ensure) +* [`psql_user`](#psql_user) +* [`psql_group`](#psql_group) +* [`psql_path`](#psql_path) +* [`module_workdir`](#module_workdir) -##### `update_password` +##### `update_password` Data type: `Any` @@ -2114,7 +2423,7 @@ If set to true, updates the password on changes. Set this to false to not modify Default value: ``true`` -##### `password_hash` +##### `password_hash` Data type: `Any` @@ -2122,7 +2431,7 @@ Sets the hash to use during password creation. Default value: ``false`` -##### `createdb` +##### `createdb` Data type: `Any` @@ -2130,7 +2439,7 @@ Specifies whether to grant the ability to create new databases with this role. Default value: ``false`` -##### `createrole` +##### `createrole` Data type: `Any` @@ -2138,7 +2447,7 @@ Specifies whether to grant the ability to create new roles with this role. Default value: ``false`` -##### `db` +##### `db` Data type: `Any` @@ -2146,7 +2455,7 @@ Database used to connect to. Default value: `$postgresql::server::default_database` -##### `port` +##### `port` Data type: `Any` @@ -2154,7 +2463,7 @@ Port to use when connecting. Default value: ``undef`` -##### `login` +##### `login` Data type: `Any` @@ -2162,7 +2471,7 @@ Specifies whether to grant login capability for the new role. Default value: ``true`` -##### `inherit` +##### `inherit` Data type: `Any` @@ -2170,7 +2479,7 @@ Specifies whether to grant inherit capability for the new role. Default value: ``true`` -##### `superuser` +##### `superuser` Data type: `Any` @@ -2178,7 +2487,7 @@ Specifies whether to grant super user capability for the new role. Default value: ``false`` -##### `replication` +##### `replication` Data type: `Any` @@ -2186,7 +2495,7 @@ Provides provides replication capabilities for this role if set to true. Default value: ``false`` -##### `connection_limit` +##### `connection_limit` Data type: `Any` @@ -2194,7 +2503,7 @@ Specifies how many concurrent connections the role can make. Default value: '-1' Default value: `'-1'` -##### `username` +##### `username` Data type: `Any` @@ -2202,7 +2511,7 @@ Defines the username of the role to create. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -2210,7 +2519,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2218,7 +2527,7 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: `'present'` -##### `psql_user` +##### `psql_user` Data type: `Any` @@ -2226,7 +2535,7 @@ Sets the OS user to run psql Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `Any` @@ -2234,7 +2543,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Any` @@ -2242,7 +2551,7 @@ Sets path to psql command Default value: `$postgresql::server::psql_path` -##### `module_workdir` +##### `module_workdir` Data type: `Any` @@ -2250,7 +2559,7 @@ Specifies working directory under which the psql command should be executed. May Default value: `$postgresql::server::module_workdir` -### `postgresql::server::schema` +### `postgresql::server::schema` Create a new schema. @@ -2268,9 +2577,14 @@ postgresql::server::schema {'private': #### Parameters -The following parameters are available in the `postgresql::server::schema` defined type. +The following parameters are available in the `postgresql::server::schema` defined type: -##### `db` +* [`db`](#db) +* [`owner`](#owner) +* [`schema`](#schema) +* [`connect_settings`](#connect_settings) + +##### `db` Data type: `Any` @@ -2278,7 +2592,7 @@ Required. Sets the name of the database in which to create this schema. Default value: `$postgresql::server::default_database` -##### `owner` +##### `owner` Data type: `Any` @@ -2286,7 +2600,7 @@ Sets the default owner of the schema. Default value: ``undef`` -##### `schema` +##### `schema` Data type: `Any` @@ -2294,7 +2608,7 @@ Sets the name of the schema. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -2302,39 +2616,50 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::table_grant` +### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. #### Parameters -The following parameters are available in the `postgresql::server::table_grant` defined type. +The following parameters are available in the `postgresql::server::table_grant` defined type: + +* [`privilege`](#privilege) +* [`table`](#table) +* [`db`](#db) +* [`role`](#role) +* [`ensure`](#ensure) +* [`port`](#port) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`connect_settings`](#connect_settings) +* [`onlyif_exists`](#onlyif_exists) -##### `privilege` +##### `privilege` Data type: `Any` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. -##### `table` +##### `table` Data type: `Any` Specifies the table to which you are granting access. -##### `db` +##### `db` Data type: `Any` Specifies which database the table is in. -##### `role` +##### `role` Data type: `Any` Specifies the role or user to whom you are granting access. -##### `ensure` +##### `ensure` Data type: `Any` @@ -2342,7 +2667,7 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: ``undef`` -##### `port` +##### `port` Data type: `Any` @@ -2350,7 +2675,7 @@ Port to use when connecting. Default value: ``undef`` -##### `psql_db` +##### `psql_db` Data type: `Any` @@ -2358,7 +2683,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: ``undef`` -##### `psql_user` +##### `psql_user` Data type: `Any` @@ -2366,7 +2691,7 @@ Specifies the OS user for running psql. Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -2374,7 +2699,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: ``undef`` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Any` @@ -2382,21 +2707,27 @@ Create grant only if it doesn't exist. Default value: ``false`` -### `postgresql::server::tablespace` +### `postgresql::server::tablespace` This module creates tablespace. #### Parameters -The following parameters are available in the `postgresql::server::tablespace` defined type. +The following parameters are available in the `postgresql::server::tablespace` defined type: + +* [`location`](#location) +* [`manage_location`](#manage_location) +* [`owner`](#owner) +* [`spcname`](#spcname) +* [`connect_settings`](#connect_settings) -##### `location` +##### `location` Data type: `Any` Specifies the path to locate this tablespace. -##### `manage_location` +##### `manage_location` Data type: `Any` @@ -2404,7 +2735,7 @@ Set to false if you have file{ $location: } already defined Default value: ``true`` -##### `owner` +##### `owner` Data type: `Any` @@ -2412,7 +2743,7 @@ Specifies the default owner of the tablespace. Default value: ``undef`` -##### `spcname` +##### `spcname` Data type: `Any` @@ -2420,7 +2751,7 @@ Specifies the name of the tablespace. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -2428,7 +2759,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::validate_db_connection` +### `postgresql::validate_db_connection` This validated if the postgres connection can be established between the node on which this resource is run and a specified postgres @@ -2436,9 +2767,20 @@ instance (host/port/user/password/database name). #### Parameters -The following parameters are available in the `postgresql::validate_db_connection` defined type. +The following parameters are available in the `postgresql::validate_db_connection` defined type: -##### `database_host` +* [`database_host`](#database_host) +* [`database_name`](#database_name) +* [`database_password`](#database_password) +* [`database_username`](#database_username) +* [`database_port`](#database_port) +* [`connect_settings`](#connect_settings) +* [`run_as`](#run_as) +* [`sleep`](#sleep) +* [`tries`](#tries) +* [`create_db_first`](#create_db_first) + +##### `database_host` Data type: `Any` @@ -2446,7 +2788,7 @@ Database host address Default value: ``undef`` -##### `database_name` +##### `database_name` Data type: `Any` @@ -2454,7 +2796,7 @@ Specifies the name of the database you wish to test. Default value: ``undef`` -##### `database_password` +##### `database_password` Data type: `Any` @@ -2462,7 +2804,7 @@ Specifies the password to connect with. Default value: ``undef`` -##### `database_username` +##### `database_username` Data type: `Any` @@ -2470,7 +2812,7 @@ Specifies the username to connect with. Default value: ``undef`` -##### `database_port` +##### `database_port` Data type: `Any` @@ -2478,7 +2820,7 @@ Defines the port to use when connecting. Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Any` @@ -2486,7 +2828,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: ``undef`` -##### `run_as` +##### `run_as` Data type: `Any` @@ -2494,7 +2836,7 @@ Specifies the user to run the psql command as. Default value: ``undef`` -##### `sleep` +##### `sleep` Data type: `Any` @@ -2502,7 +2844,7 @@ Sets the number of seconds to sleep for before trying again after a failure. Default value: `2` -##### `tries` +##### `tries` Data type: `Any` @@ -2510,7 +2852,7 @@ Sets the number of attempts after failure before giving up and failing the resou Default value: `10` -##### `create_db_first` +##### `create_db_first` Data type: `Any` @@ -2520,7 +2862,7 @@ Default value: ``true`` ## Resource types -### `postgresql_conf` +### `postgresql_conf` This type allows puppet to manage postgresql.conf parameters. @@ -2548,7 +2890,10 @@ The value to set for this parameter. The following parameters are available in the `postgresql_conf` type. -##### `name` +* [`name`](#name) +* [`provider`](#provider) + +##### `name` Valid values: `%r{^[\w\.]+$}` @@ -2556,12 +2901,12 @@ namevar The postgresql parameter name to manage. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -### `postgresql_conn_validator` +### `postgresql_conn_validator` Verify that a connection can be successfully established between a node and the PostgreSQL server. Its primary use is as a precondition to @@ -2585,68 +2930,82 @@ Default value: `present` The following parameters are available in the `postgresql_conn_validator` type. -##### `command` +* [`command`](#command) +* [`connect_settings`](#connect_settings) +* [`db_name`](#db_name) +* [`db_password`](#db_password) +* [`db_username`](#db_username) +* [`host`](#host) +* [`name`](#name) +* [`port`](#port) +* [`provider`](#provider) +* [`psql_path`](#psql_path) +* [`run_as`](#run_as) +* [`sleep`](#sleep) +* [`tries`](#tries) + +##### `command` Command to run against target database. Default value: `SELECT 1` -##### `connect_settings` +##### `connect_settings` Hash of environment variables for connection to a db. -##### `db_name` +##### `db_name` The name of the database you are trying to validate a connection with. -##### `db_password` +##### `db_password` The password required to access the target PostgreSQL database. -##### `db_username` +##### `db_username` A user that has access to the target PostgreSQL database. -##### `host` +##### `host` The DNS name or IP address of the server where PostgreSQL should be running. -##### `name` +##### `name` namevar An arbitrary name used as the identity of the resource. -##### `port` +##### `port` The port that the PostgreSQL server should be listening on. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conn_validator` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_path` +##### `psql_path` Path to the psql command. -##### `run_as` +##### `run_as` System user that will run the psql command. -##### `sleep` +##### `sleep` The length of sleep time between connection tries. Default value: `2` -##### `tries` +##### `tries` The number of tries to validate the connection to the target PostgreSQL database. Default value: `10` -### `postgresql_psql` +### `postgresql_psql` An arbitrary tag for your own reference; the name of the message. @@ -2662,67 +3021,82 @@ The SQL command to execute via psql. The following parameters are available in the `postgresql_psql` type. -##### `connect_settings` +* [`connect_settings`](#connect_settings) +* [`cwd`](#cwd) +* [`db`](#db) +* [`environment`](#environment) +* [`name`](#name) +* [`onlyif`](#onlyif) +* [`port`](#port) +* [`provider`](#provider) +* [`psql_group`](#psql_group) +* [`psql_path`](#psql_path) +* [`psql_user`](#psql_user) +* [`refreshonly`](#refreshonly) +* [`search_path`](#search_path) +* [`unless`](#unless) + +##### `connect_settings` Connection settings that will be used when connecting to postgres -##### `cwd` +##### `cwd` The working directory under which the psql command should be executed. Default value: `/tmp` -##### `db` +##### `db` The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings -##### `environment` +##### `environment` Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. -##### `name` +##### `name` namevar An arbitrary tag for your own reference; the name of the message. -##### `onlyif` +##### `onlyif` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -##### `port` +##### `port` The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_psql` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_group` +##### `psql_group` The system user group account under which the psql command should be executed. Default value: `postgres` -##### `psql_path` +##### `psql_path` The path to psql executable. Default value: `psql` -##### `psql_user` +##### `psql_user` The system user account under which the psql command should be executed. Default value: `postgres` -##### `refreshonly` +##### `refreshonly` Valid values: ``true``, ``false`` @@ -2730,18 +3104,18 @@ If 'true', then the SQL will only be executed via a notify/subscribe event. Default value: ``false`` -##### `search_path` +##### `search_path` The schema search path to use when executing the SQL command -##### `unless` +##### `unless` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all.' -### `postgresql_replication_slot` +### `postgresql_replication_slot` This type allows to create and destroy replication slots to register warm standby replication on a Postgresql @@ -2763,7 +3137,10 @@ Default value: `present` The following parameters are available in the `postgresql_replication_slot` type. -##### `name` +* [`name`](#name) +* [`provider`](#provider) + +##### `name` Valid values: `%r{^[a-z0-9_]+$}` @@ -2771,14 +3148,14 @@ namevar The name of the slot to create. Must be a valid replication slot name. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_replication_slot` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. ## Functions -### `postgresql::default` +### `postgresql::default` Type: Puppet Language @@ -2812,7 +3189,7 @@ Data type: `String` -### `postgresql::postgresql_escape` +### `postgresql::postgresql_escape` Type: Ruby 4.x API @@ -2830,7 +3207,7 @@ Data type: `String[1]` The unescaped string you want to escape using `dollar quoting` -### `postgresql::postgresql_password` +### `postgresql::postgresql_password` Type: Ruby 4.x API @@ -2854,7 +3231,7 @@ Data type: `Variant[String[1],Integer]` The clear text `password` -### `postgresql_escape` +### `postgresql_escape` Type: Ruby 4.x API @@ -2872,7 +3249,7 @@ Data type: `Any` -### `postgresql_password` +### `postgresql_password` Type: Ruby 4.x API @@ -2892,7 +3269,7 @@ Data type: `Any` ## Tasks -### `sql` +### `sql` Allows you to execute arbitary SQL diff --git a/metadata.json b/metadata.json index 32c31ffa1c..6d678d405a 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.8.0", + "version": "6.9.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 1ef50d28e2dc585afdb9570a7a2e1500b91e1964 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Tue, 26 Jan 2021 17:16:54 +0000 Subject: [PATCH 0591/1000] (maint) Update github actions --- .github/workflows/nightly.yml | 67 ++++++++++++----------------------- .github/workflows/pr_test.yml | 67 ++++++++++++----------------------- Gemfile | 8 ++--- Rakefile | 1 + metadata.json | 6 ++-- 5 files changed, 52 insertions(+), 97 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index cbb36a1a3f..0c1fd28b9c 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -25,7 +25,7 @@ jobs: - name: "Honeycomb: Start first step" run: | - echo STEP_ID=0 >> $GITHUB_ENV + echo STEP_ID=setup-environment >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source @@ -33,29 +33,25 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} - name: Activate Ruby 2.7 - uses: actions/setup-ruby@v1 + uses: ruby/setup-ruby@v1 if: ${{ github.repository_owner == 'puppetlabs' }} with: ruby-version: "2.7" + bundler-cache: true - - name: Cache gems - uses: actions/cache@v2 + - name: Print bundle environment if: ${{ github.repository_owner == 'puppetlabs' }} - with: - path: vendor/gems - key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} - restore-keys: | - ${{ runner.os }}-${{ github.event_name }}- - ${{ runner.os }}- + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: - - name: Install gems + - name: "Honeycomb: Record Setup Environment time" if: ${{ github.repository_owner == 'puppetlabs' }} run: | - buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems - buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 - buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 - buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install - buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Setup Acceptance Test Matrix id: get-matrix @@ -67,7 +63,7 @@ jobs: echo "::set-output name=matrix::{}" fi - - name: "Honeycomb: Record setup time" + - name: "Honeycomb: Record Setup Test Matrix time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' @@ -106,42 +102,22 @@ jobs: uses: actions/checkout@v2 - name: Activate Ruby 2.7 - uses: actions/setup-ruby@v1 + uses: ruby/setup-ruby@v1 with: ruby-version: "2.7" + bundler-cache: true - - name: Cache gems - uses: actions/cache@v2 - with: - path: vendor/gems - key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} - restore-keys: | - ${{ runner.os }}-${{ github.event_name }}- - ${{ runner.os }}- - - - name: "Honeycomb: Record cache setup time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Bundler Setup + - name: Print bundle environment run: | - buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems - buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 - buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 - buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install - buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - - name: "Honeycomb: Record Bundler Setup time" + - name: "Honeycomb: Record Setup Environment time" if: ${{ always() }} run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment @@ -168,7 +144,7 @@ jobs: run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: @@ -180,11 +156,12 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment if: ${{ always() }} + continue-on-error: true run: | if [ -f inventory.yaml ]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 00215d47fc..207dfcadd5 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -23,7 +23,7 @@ jobs: - name: "Honeycomb: Start first step" run: | - echo STEP_ID=0 >> $GITHUB_ENV + echo STEP_ID=setup-environment >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source @@ -31,29 +31,25 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} - name: Activate Ruby 2.7 - uses: actions/setup-ruby@v1 + uses: ruby/setup-ruby@v1 if: ${{ github.repository_owner == 'puppetlabs' }} with: ruby-version: "2.7" + bundler-cache: true - - name: Cache gems - uses: actions/cache@v2 + - name: Print bundle environment if: ${{ github.repository_owner == 'puppetlabs' }} - with: - path: vendor/gems - key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} - restore-keys: | - ${{ runner.os }}-${{ github.event_name }}- - ${{ runner.os }}- + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: - - name: Install gems + - name: "Honeycomb: Record Setup Environment time" if: ${{ github.repository_owner == 'puppetlabs' }} run: | - buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems - buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 - buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 - buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install - buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Setup Acceptance Test Matrix id: get-matrix @@ -64,7 +60,7 @@ jobs: echo "::set-output name=matrix::{}" fi - - name: "Honeycomb: Record setup time" + - name: "Honeycomb: Record Setup Test Matrix time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' @@ -104,42 +100,22 @@ jobs: uses: actions/checkout@v2 - name: Activate Ruby 2.7 - uses: actions/setup-ruby@v1 + uses: ruby/setup-ruby@v1 with: ruby-version: "2.7" + bundler-cache: true - - name: Cache gems - uses: actions/cache@v2 - with: - path: vendor/gems - key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} - restore-keys: | - ${{ runner.os }}-${{ github.event_name }}- - ${{ runner.os }}- - - - name: "Honeycomb: Record cache setup time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Bundler Setup + - name: Print bundle environment run: | - buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems - buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 - buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 - buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install - buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - - name: "Honeycomb: Record Bundler Setup time" + - name: "Honeycomb: Record Setup Environment time" if: ${{ always() }} run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment @@ -166,7 +142,7 @@ jobs: run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: @@ -178,11 +154,12 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment if: ${{ always() }} + continue-on-error: true run: | if [ -f inventory.yaml ]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' diff --git a/Gemfile b/Gemfile index ee7cc76a8c..ae2b430dc2 100644 --- a/Gemfile +++ b/Gemfile @@ -16,10 +16,6 @@ end ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') -puppet_version = ENV['PUPPET_GEM_VERSION'] -facter_version = ENV['FACTER_GEM_VERSION'] -hiera_version = ENV['HIERA_GEM_VERSION'] - group :development do gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) @@ -35,6 +31,10 @@ group :system_tests do gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] end +puppet_version = ENV['PUPPET_GEM_VERSION'] +facter_version = ENV['FACTER_GEM_VERSION'] +hiera_version = ENV['HIERA_GEM_VERSION'] + gems = {} gems['puppet'] = location_for(puppet_version) diff --git a/Rakefile b/Rakefile index c7fbda0b91..68362aa8fd 100644 --- a/Rakefile +++ b/Rakefile @@ -1,5 +1,6 @@ # frozen_string_literal: true +require 'bundler' require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' diff --git a/metadata.json b/metadata.json index 6d678d405a..a3ce6af760 100644 --- a/metadata.json +++ b/metadata.json @@ -87,7 +87,7 @@ "version_requirement": ">= 5.5.10 < 8.0.0" } ], - "pdk-version": "1.18.1", - "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-gdace7b2" + "pdk-version": "1.19.0.pre (47)", + "template-url": "https://github.com/puppetlabs/pdk-templates.git#main", + "template-ref": "heads/main-0-g1862b96" } From b852434269acfa21ff9e35e0408a0a5b1af383a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 13 Jan 2021 12:54:21 -1000 Subject: [PATCH 0592/1000] Fix postgresql::sql task when password is not set When password is not set, `{ 'PGPASSWORD' => password } unless password.nil?` evaluates to `nil`, setting `env_hash` to `nil`. `nil` is then passed as the first argument of `Open3.capture3` which result in an exception: ``` /opt/puppetlabs/puppet/lib/ruby/2.7.0/open3.rb:213:in `spawn': no implicit conversion of nil into String (TypeError) from /opt/puppetlabs/puppet/lib/ruby/2.7.0/open3.rb:213:in `popen_run' from /opt/puppetlabs/puppet/lib/ruby/2.7.0/open3.rb:101:in `popen3' from /opt/puppetlabs/puppet/lib/ruby/2.7.0/open3.rb:281:in `capture3' from /opt/puppetlabs/mcollective/tasks-spool/899e9e0635bb53f1a09b4716548ff69f/files/sql.rb:13:in `get' from /opt/puppetlabs/mcollective/tasks-spool/899e9e0635bb53f1a09b4716548ff69f/files/sql.rb:27:in `
' ``` Make sure `env_hash` is always a hash to fix this issue. --- tasks/sql.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tasks/sql.rb b/tasks/sql.rb index 7b2e425d37..03ce440691 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -6,7 +6,8 @@ require 'puppet' def get(sql, database, user, port, password, host) - env_hash = { 'PGPASSWORD' => password } unless password.nil? + env_hash = {} + env_hash['PGPASSWORD'] = password unless password.nil? cmd_string = "psql -c \"#{sql}\"" cmd_string += " --dbname=#{database}" unless database.nil? cmd_string += " --username=#{user}" unless user.nil? From 1b44ad012922a0ba32c17c377cca0ab5cf73dc2f Mon Sep 17 00:00:00 2001 From: sheena Date: Mon, 1 Feb 2021 13:50:57 +0000 Subject: [PATCH 0593/1000] (IAC-1136) disable centos8 on travis --- .sync.yml | 1 - .travis.yml | 22 ---------------------- metadata.json | 4 ++-- 3 files changed, 2 insertions(+), 25 deletions(-) diff --git a/.sync.yml b/.sync.yml index c84e0b752a..92340c5530 100644 --- a/.sync.yml +++ b/.sync.yml @@ -16,7 +16,6 @@ - ---travis_el - travis_deb - travis_el7 - - travis_el8 complex: - collection: puppet_collection: diff --git a/.travis.yml b/.travis.yml index a6157db9d5..8ee33917e3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -71,17 +71,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_el8_puppet5 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" @@ -104,17 +93,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_el8_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static diff --git a/metadata.json b/metadata.json index a3ce6af760..e31c0dc08d 100644 --- a/metadata.json +++ b/metadata.json @@ -87,7 +87,7 @@ "version_requirement": ">= 5.5.10 < 8.0.0" } ], - "pdk-version": "1.19.0.pre (47)", - "template-url": "https://github.com/puppetlabs/pdk-templates.git#main", + "pdk-version": "1.18.1", + "template-url": "https://github.com/puppetlabs/pdk-templates#main", "template-ref": "heads/main-0-g1862b96" } From 4a06537932367ad7b265e85db34ec5f7bda72422 Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 27 Jan 2021 09:23:41 +0000 Subject: [PATCH 0594/1000] (bug) reload the service after the deletion of old unit file --- manifests/server/config.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 1e8ca8fb4a..898529e01d 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -229,6 +229,7 @@ command => 'systemctl daemon-reload', refreshonly => true, path => '/bin:/usr/bin:/usr/local/bin', + before => Class['postgresql::server::service'], } $systemd_notify = [Exec['restart-systemd'], Class['postgresql::server::service']] } From 3d4783285e3a8aa9e6c8d03aff88af2c171f380f Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 5 Feb 2021 15:15:46 +0100 Subject: [PATCH 0595/1000] Also perform systemd daemon-reload on Puppet 6.1+ The way daemon-reload is implemented in Puppet 6.1 is by calling systemctl show --property=NeedDaemonReload -- $SERVICE If that returns yes then it performs systemctl daemon-reload. However, this doesn't work reliable because of the particular case. # systemctl show --property=NeedDaemonReload -- postgresql Failed to get properties: Access denied This is probably because the original unit file is removed. --- manifests/server/config.pp | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 898529e01d..1d27eda845 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -224,17 +224,17 @@ # - $datadir # - @extra_systemd_config - if (versioncmp($facts['puppetversion'], '6.1.0') < 0) { - exec { 'restart-systemd': - command => 'systemctl daemon-reload', - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin', - before => Class['postgresql::server::service'], - } - $systemd_notify = [Exec['restart-systemd'], Class['postgresql::server::service']] - } - else { - $systemd_notify = Class['postgresql::server::service'] + # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd + # doesn't appear to report that correctly. This is probably because its + # unit file is actually removed. + # + # This can be removed when Puppet < 6.1 support is dropped *and* the file + # old-systemd-override is removed. + exec { 'restart-systemd': + command => 'systemctl daemon-reload', + refreshonly => true, + path => '/bin:/usr/bin:/usr/local/bin', + before => Class['postgresql::server::service'], } file { @@ -242,7 +242,7 @@ ensure => file, owner => root, group => root, - notify => $systemd_notify, + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], before => Class['postgresql::server::reload'], ; From 18e7cf6d7f44009088cde7929ca92797b38d6cb6 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 5 Feb 2021 15:46:48 +0100 Subject: [PATCH 0596/1000] Move the Template uses comment to the actual template This moves it so it's closer to the actual call to template() --- manifests/server/config.pp | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 1d27eda845..46c6ee5429 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -216,14 +216,6 @@ # RHEL 7 and 8 both support drop-in files for systemd units. The old include directive is deprecated and may be removed in future systemd releases. # Gentoo also supports drop-in files. if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { - # Template uses: - # - $facts['os']['name'] - # - $facts['os']['release']['major'] - # - $service_name - # - $port - # - $datadir - # - @extra_systemd_config - # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd # doesn't appear to report that correctly. This is probably because its # unit file is actually removed. @@ -244,7 +236,6 @@ group => root, notify => [Exec['restart-systemd'], Class['postgresql::server::service']], before => Class['postgresql::server::reload'], - ; 'systemd-conf-dir': @@ -252,6 +243,13 @@ path => "/etc/systemd/system/${service_name}.service.d", ; + # Template uses: + # - $facts['os']['name'] + # - $facts['os']['release']['major'] + # - $service_name + # - $port + # - $datadir + # - $extra_systemd_config 'systemd-override': path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", content => template('postgresql/systemd-override.erb'), From 75cdb52abd11df603062b1eb3f8c9805b5ca718e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 5 Feb 2021 16:04:49 +0100 Subject: [PATCH 0597/1000] Improve systemctl daemon-reload comment wording Co-authored-by: Evgeni Golov --- manifests/server/config.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 46c6ee5429..038e1c5de7 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -217,8 +217,9 @@ # Gentoo also supports drop-in files. if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd - # doesn't appear to report that correctly. This is probably because its - # unit file is actually removed. + # doesn't appear to report that correctly in all cases. + # One such case seems to be when an overriding unit file is removed from /etc + # and the original one from /lib *should* be used again. # # This can be removed when Puppet < 6.1 support is dropped *and* the file # old-systemd-override is removed. From 653631d680dfe666572ab776a8574b2bdea2cff5 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Fri, 5 Feb 2021 09:42:17 +0000 Subject: [PATCH 0598/1000] Release version 6.10.0 --- CHANGELOG.md | 15 +++++++++++++++ metadata.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 62cdc8fd06..22da249b18 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-05) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.9.0...v6.10.0) + +### Added + +- Set default PostgreSQL version for FreeBSD [\#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) +- Clean up globals logic to support CentOS 8 stream [\#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) + +### Fixed + +- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) +- \(bug\) fix systemd daemon-reload order when updating service files [\#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) +- Fix postgresql::sql task when password is not set [\#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) + ## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) (2021-01-18) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.8.0...v6.9.0) diff --git a/metadata.json b/metadata.json index e31c0dc08d..9ddc302095 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.9.0", + "version": "6.10.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 9f7bef86cea22e9580f2ceb0f642a54a02cbbfbc Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Tue, 17 Nov 2020 21:22:27 +0000 Subject: [PATCH 0599/1000] Update pdk-templates for gitpod and codespaces support --- .github/workflows/auto_release.yml | 99 ++++++++++++++++++++++++++++++ .gitpod.Dockerfile | 18 ++++++ .gitpod.yml | 9 +++ .sync.yml | 4 ++ metadata.json | 2 +- 5 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/auto_release.yml create mode 100644 .gitpod.Dockerfile create mode 100644 .gitpod.yml diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml new file mode 100644 index 0000000000..bc33d4c38a --- /dev/null +++ b/.github/workflows/auto_release.yml @@ -0,0 +1,99 @@ +name: "Auto release" + +on: + schedule: + - cron: '0 3 * * 6' + workflow_dispatch: + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + auto_release: + name: "Automatic release prep" + runs-on: ubuntu-20.04 + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID="auto-release" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "Checkout Source" + if: ${{ github.repository_owner == 'puppetlabs' }} + uses: actions/checkout@v2 + with: + fetch-depth: 0 + persist-credentials: false + + - name: Append PDK to Gemfile + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo "gem 'pdk'" >> Gemfile + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Bundler Setup time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' + echo STEP_ID="auto_release_setup" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "PDK Release prep" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'pdk release prep' -- bundle exec pdk release prep --force + + - name: "Commit changes" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git add . + git commit -m "Auto-Release prep" + + - name: "Get Version" + if: ${{ github.repository_owner == 'puppetlabs' }} + id: gv + run: | + echo "::set-output name=ver::$(cat metadata.json | jq .version)" + + - name: Create Pull Request + id: cpr + uses: puppetlabs/peter-evans-create-pull-request@v3 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: "Release prep v${{ steps.gv.outputs.ver }}" + branch: "release-prep" + delete-branch: true + title: "Release prep v${{ steps.gv.outputs.ver }}" + labels: "maintenance" + + - name: PR outputs + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" + echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" diff --git a/.gitpod.Dockerfile b/.gitpod.Dockerfile new file mode 100644 index 0000000000..0814c5e61f --- /dev/null +++ b/.gitpod.Dockerfile @@ -0,0 +1,18 @@ +FROM gitpod/workspace-full +RUN sudo wget https://apt.puppet.com/puppet-tools-release-bionic.deb && \ + wget https://apt.puppetlabs.com/puppet6-release-bionic.deb && \ + sudo dpkg -i puppet6-release-bionic.deb && \ + sudo dpkg -i puppet-tools-release-bionic.deb && \ + sudo apt-get update && \ + sudo apt-get install -y pdk zsh puppet-agent && \ + sudo apt-get clean && \ + sudo rm -rf /var/lib/apt/lists/* +RUN sudo usermod -s $(which zsh) gitpod && \ + sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" && \ + echo "plugins=(git gitignore github gem pip bundler python ruby docker docker-compose)" >> /home/gitpod/.zshrc && \ + echo 'PATH="$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/puppetlabs/bin:/opt/puppetlabs/puppet/bin"' >> /home/gitpod/.zshrc && \ + sudo /opt/puppetlabs/puppet/bin/gem install puppet-debugger hub -N && \ + mkdir -p /home/gitpod/.config/puppet && \ + /opt/puppetlabs/puppet/bin/ruby -r yaml -e "puts ({'disabled' => true}).to_yaml" > /home/gitpod/.config/puppet/analytics.yml +RUN rm -f puppet6-release-bionic.deb puppet-tools-release-bionic.deb +ENTRYPOINT /usr/bin/zsh diff --git a/.gitpod.yml b/.gitpod.yml new file mode 100644 index 0000000000..18406c5086 --- /dev/null +++ b/.gitpod.yml @@ -0,0 +1,9 @@ +image: + file: .gitpod.Dockerfile + +tasks: + - init: pdk bundle install + +vscode: + extensions: + - puppet.puppet-vscode@1.0.0:oSzfTkDf6Cmc1jOjgW33VA== diff --git a/.sync.yml b/.sync.yml index 92340c5530..b82a40cf8e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -46,3 +46,7 @@ spec/spec_helper.rb: unmanaged: false .github/workflows/pr_test.yml: unmanaged: false +.gitpod.Dockerfile: + unmanaged: false +.gitpod.yml: + unmanaged: false diff --git a/metadata.json b/metadata.json index e31c0dc08d..0247d0c323 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g1862b96" + "template-ref": "heads/main-0-gec9c129" } From 88a7c019528308d39e1a7b7314ea6f5a7f1642f5 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Tue, 9 Feb 2021 09:29:43 +0000 Subject: [PATCH 0600/1000] Release version 6.10.1 --- CHANGELOG.md | 11 +++++++++-- metadata.json | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 22da249b18..7991677ec1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-05) +## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) (2021-02-09) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.0...v6.10.1) + +### Fixed + +- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) + +## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-08) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.9.0...v6.10.0) @@ -13,7 +21,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed -- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) - \(bug\) fix systemd daemon-reload order when updating service files [\#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) - Fix postgresql::sql task when password is not set [\#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) diff --git a/metadata.json b/metadata.json index 200667b75b..0cb22b5baf 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.10.0", + "version": "6.10.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 2c2c1c5e2417e142c9479b823ab5d72b22d613c8 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 15 Feb 2021 17:20:05 +0200 Subject: [PATCH 0601/1000] Remove Puppet 5 testing --- .travis.yml | 37 ------------------------------------- provision.yaml | 27 --------------------------- 2 files changed, 64 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8ee33917e3..ecea11d0ae 100644 --- a/.travis.yml +++ b/.travis.yml @@ -38,39 +38,6 @@ jobs: script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_ub_5_puppet5 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_deb]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_deb_puppet5 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el7]'" - - "bundle exec rake 'litmus:install_agent[puppet5]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_el7_puppet5 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" @@ -96,10 +63,6 @@ jobs: - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 - stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec rvm: 2.5.7 diff --git a/provision.yaml b/provision.yaml index fcf0a18424..8f49cafadb 100644 --- a/provision.yaml +++ b/provision.yaml @@ -14,12 +14,6 @@ travis_deb: - litmusimage/debian:8 - litmusimage/debian:9 - litmusimage/debian:10 -travis_ub_5: - provisioner: docker - images: - - litmusimage/ubuntu:14.04 - - litmusimage/ubuntu:16.04 - - litmusimage/ubuntu:18.04 travis_ub_6: provisioner: docker images: @@ -37,27 +31,6 @@ travis_el8: provisioner: docker images: - litmusimage/centos:8 -release_checks_5: - provisioner: abs - images: - - redhat-6-x86_64 - - redhat-7-x86_64 - - redhat-8-x86_64 - - centos-6-x86_64 - - centos-7-x86_64 - - centos-8-x86_64 - - oracle-5-x86_64 - - oracle-6-x86_64 - - oracle-7-x86_64 - - scientific-6-x86_64 - - scientific-7-x86_64 - - debian-8-x86_64 - - debian-9-x86_64 - - debian-10-x86_64 - - sles-12-x86_64 - - ubuntu-1404-x86_64 - - ubuntu-1604-x86_64 - - ubuntu-1804-x86_64 release_checks_6: provisioner: abs images: From 6b017d9cb74a9ac256821aa063f99343bc380e0e Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 15 Feb 2021 17:36:27 +0200 Subject: [PATCH 0602/1000] Bump minimal puppet version to 6.0.0 in metadata.json --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 0cb22b5baf..8af4d0089d 100644 --- a/metadata.json +++ b/metadata.json @@ -84,7 +84,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 5.5.10 < 8.0.0" + "version_requirement": ">= 6.0.0 < 8.0.0" } ], "pdk-version": "1.18.1", From 27fc4f88a9fb230b6e37d0555a460c79edbccd5f Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 16 Feb 2021 09:50:58 +0200 Subject: [PATCH 0603/1000] Update .sync.yml --- .sync.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.sync.yml b/.sync.yml index b82a40cf8e..5e373be67f 100644 --- a/.sync.yml +++ b/.sync.yml @@ -22,11 +22,6 @@ - puppet6 provision_list: - travis_ub_6 - - collection: - puppet_collection: - - puppet5 - provision_list: - - travis_ub_5 simplecov: true notifications: slack: From ffb7669f2c46df57892eebe76f944337bde34e8a Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 16 Feb 2021 15:36:51 +0200 Subject: [PATCH 0604/1000] pdk update --- .github/workflows/auto_release.yml | 48 ++++++++++-------------------- .rubocop.yml | 5 ++++ metadata.json | 2 +- 3 files changed, 21 insertions(+), 34 deletions(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index bc33d4c38a..a88b99ca17 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -35,36 +35,18 @@ jobs: fetch-depth: 0 persist-credentials: false - - name: Append PDK to Gemfile - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo "gem 'pdk'" >> Gemfile - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} + - name: "PDK Release prep" + uses: docker://puppet/pdk:nightly with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Bundler Setup time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' - echo STEP_ID="auto_release_setup" >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV + args: 'release prep --force' + env: + CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: "PDK Release prep" + - name: "Get Version" if: ${{ github.repository_owner == 'puppetlabs' }} + id: gv run: | - buildevents cmd $TRACE_ID $STEP_ID 'pdk release prep' -- bundle exec pdk release prep --force + echo "::set-output name=ver::$(cat metadata.json | jq .version | tr -d \")" - name: "Commit changes" if: ${{ github.repository_owner == 'puppetlabs' }} @@ -72,13 +54,7 @@ jobs: git config --local user.email "action@github.com" git config --local user.name "GitHub Action" git add . - git commit -m "Auto-Release prep" - - - name: "Get Version" - if: ${{ github.repository_owner == 'puppetlabs' }} - id: gv - run: | - echo "::set-output name=ver::$(cat metadata.json | jq .version)" + git commit -m "Release prep v${{ steps.gv.outputs.ver }}" - name: Create Pull Request id: cpr @@ -90,6 +66,7 @@ jobs: branch: "release-prep" delete-branch: true title: "Release prep v${{ steps.gv.outputs.ver }}" + body: "Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb)" labels: "maintenance" - name: PR outputs @@ -97,3 +74,8 @@ jobs: run: | echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" + + - name: "Honeycomb: Record finish step" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Finished auto release workflow' diff --git a/.rubocop.yml b/.rubocop.yml index 8dcd675f4b..8f782e7415 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -29,6 +29,9 @@ RSpec/BeforeAfterAll: RSpec/HookArgument: Description: Prefer explicit :each argument, matching existing module's style EnforcedStyle: each +RSpec/DescribeSymbol: + Exclude: + - spec/unit/facter/**/*.rb Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. @@ -404,6 +407,8 @@ Style/ExponentialNotation: Enabled: false Style/FloatDivision: Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false Style/GlobalStdStream: Enabled: false Style/HashAsLastArrayItem: diff --git a/metadata.json b/metadata.json index 8af4d0089d..2a395b0239 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-gec9c129" + "template-ref": "heads/main-0-g44cc7ed" } From 8d0efec9fb5a5df42ed64375c71a11d8b6f90b4c Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 16 Feb 2021 14:12:59 +0100 Subject: [PATCH 0605/1000] Add DNF module management On EL8 and Fedora DNF can manage modules. This is a method of providing multiple versions on the same OS. Only one DNF module can be active at the same time. --- manifests/dnfmodule.pp | 20 ++++++++++++++++ manifests/globals.pp | 11 +++++++++ manifests/params.pp | 2 +- spec/unit/classes/client_spec.rb | 12 ++++++++++ spec/unit/classes/server_spec.rb | 41 ++++++++++++++++++++++++++++++++ 5 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 manifests/dnfmodule.pp diff --git a/manifests/dnfmodule.pp b/manifests/dnfmodule.pp new file mode 100644 index 0000000000..a1cb4b9a1f --- /dev/null +++ b/manifests/dnfmodule.pp @@ -0,0 +1,20 @@ +# @summary Manage the DNF module +# +# On EL8 and Fedora DNF can manage modules. This is a method of providing +# multiple versions on the same OS. Only one DNF module can be active at the +# same time. +# +# @api private +class postgresql::dnfmodule ( + String[1] $ensure = 'installed', + String[1] $module = 'postgresql', +) { + package { 'postgresql dnf module': + ensure => $ensure, + name => $module, + enable_only => true, + provider => 'dnfmodule', + } + + Package['postgresql dnf module'] -> Package<|tag == 'puppetlabs-postgresql'|> +} diff --git a/manifests/globals.pp b/manifests/globals.pp index b4d73a2aa9..db39f1c9f5 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -86,6 +86,10 @@ # @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined # # @param manage_package_repo Sets up official PostgreSQL repositories on your host if set to true. +# @param manage_dnf_module +# Manage the DNF module. This only makes sense on distributions that use DNF +# package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or +# Puppet 6.15.0+ since they ship the dnfmodule provider. # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. # # @@ -153,6 +157,7 @@ $manage_selinux = undef, $manage_package_repo = undef, + Boolean $manage_dnf_module = false, $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo @@ -265,4 +270,10 @@ baseurl => $repo_baseurl, } } + + if $manage_dnf_module { + class { 'postgresql::dnfmodule': + ensure => $globals_version, + } + } } diff --git a/manifests/params.pp b/manifests/params.pp index de3eccf40b..f557b27046 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -41,7 +41,7 @@ $version_parts = split($version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" - if $version == $postgresql::globals::default_version and $facts['os']['name'] != 'Amazon' { + if $version == $postgresql::globals::default_version and $facts['os']['name'] != 'Amazon' or $postgresql::globals::manage_dnf_module { $client_package_name = pick($client_package_name, 'postgresql') $server_package_name = pick($server_package_name, 'postgresql-server') $contrib_package_name = pick($contrib_package_name,'postgresql-contrib') diff --git a/spec/unit/classes/client_spec.rb b/spec/unit/classes/client_spec.rb index 5ee4dbc1e2..a01311f9c7 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/unit/classes/client_spec.rb @@ -43,6 +43,18 @@ end end + describe 'with manage_dnf_module true' do + let(:pre_condition) do + <<-PUPPET + class { 'postgresql::globals': + manage_dnf_module => true, + } + PUPPET + end + + it { is_expected.to contain_package('postgresql dnf module').that_comes_before('Package[postgresql-client]') } + end + describe 'with client package name explicitly set undef' do let :params do { diff --git a/spec/unit/classes/server_spec.rb b/spec/unit/classes/server_spec.rb index 29240ed300..a44c96f924 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/unit/classes/server_spec.rb @@ -35,6 +35,47 @@ end end + describe 'with manage_dnf_module true' do + let(:facts) do + { + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '8.3', 'major' => '8' }, + selinux: { + enabled: true, + } + }, + osfamily: 'RedHat', + } + end + + let(:pre_condition) do + <<-PUPPET + class { 'postgresql::globals': + manage_dnf_module => true, + } + PUPPET + end + + it { is_expected.to contain_package('postgresql dnf module').with_ensure('10').that_comes_before('Package[postgresql-server]') } + it { is_expected.to contain_package('postgresql-server').with_name('postgresql-server') } + + describe 'with version set' do + let(:pre_condition) do + <<-PUPPET + class { 'postgresql::globals': + manage_dnf_module => true, + version => '12', + } + PUPPET + end + + it { is_expected.to contain_package('postgresql dnf module').with_ensure('12').that_comes_before('Package[postgresql-server]') } + it { is_expected.to contain_package('postgresql-server').with_name('postgresql-server') } + end + end + describe 'service_ensure => running' do let(:params) do { From 7f915922b98f83c7f431701c5cae37d751eb2c58 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Tue, 16 Feb 2021 19:19:05 +0200 Subject: [PATCH 0606/1000] Add auto_release.yml to sync.yml --- .sync.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.sync.yml b/.sync.yml index 5e373be67f..3ffd1198f7 100644 --- a/.sync.yml +++ b/.sync.yml @@ -45,3 +45,5 @@ spec/spec_helper.rb: unmanaged: false .gitpod.yml: unmanaged: false +.github/workflows/auto_release.yml: + unmanaged: false From 34f566fae79dc240483fcf85a019263cb4279c81 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 19 Feb 2021 09:54:19 +0000 Subject: [PATCH 0607/1000] Clean up postgresql validator for better perf and robustness --- lib/puppet/util/postgresql_validator.rb | 55 +++++++++++-------------- 1 file changed, 23 insertions(+), 32 deletions(-) diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index 5e641769ab..87ba7353c9 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -10,40 +10,41 @@ def initialize(resource) end def build_psql_cmd - final_cmd = [] - - cmd_init = "#{@resource[:psql_path]} --tuples-only --quiet --no-psqlrc" - - final_cmd.push cmd_init - - cmd_parts = { - host: "--host #{@resource[:host]}", - port: "--port #{@resource[:port]}", - db_username: "--username #{@resource[:db_username]}", - db_name: "--dbname #{@resource[:db_name]}", - command: "--command '#{@resource[:command]}'", + cmd = [@resource[:psql_path], '--tuples-only', '--quiet', '--no-psqlrc'] + + args = { + host: '--host', + port: '--port', + db_username: '--username', + db_name: '--dbname', + command: '--command', } - cmd_parts.each do |k, v| - final_cmd.push v if @resource[k] + args.each do |k, v| + if @resource[k] + cmd.push v + cmd.push @resource[k] + end end - final_cmd.join ' ' + cmd end - def parse_connect_settings - c_settings = @resource[:connect_settings] || {} - c_settings['PGPASSWORD'] = @resource[:db_password] if @resource[:db_password] - c_settings.map { |k, v| "#{k}=#{v}" } + def connect_settings + result = @resource[:connect_settings] || {} + result['PGPASSWORD'] = @resource[:db_password] if @resource[:db_password] + result end def attempt_connection(sleep_length, tries) (0..tries - 1).each do |_try| Puppet.debug "PostgresqlValidator.attempt_connection: Attempting connection to #{@resource[:db_name]}" - Puppet.debug "PostgresqlValidator.attempt_connection: #{build_validate_cmd}" - result = execute_command + cmd = build_psql_cmd + Puppet.debug "PostgresqlValidator.attempt_connection: #{cmd.inspect}" + result = Execution.execute(cmd, custom_environment: connect_settings, uid: @resource[:run_as]) + if result && !result.empty? - Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || parse_connect_settings.select { |elem| elem.include?('PGDATABASE') }} successful!" + Puppet.debug "PostgresqlValidator.attempt_connection: Connection to #{@resource[:db_name] || connect_settings.select { |elem| elem.include?('PGDATABASE') }} successful!" return true else Puppet.warning "PostgresqlValidator.attempt_connection: Sleeping for #{sleep_length} seconds" @@ -52,15 +53,5 @@ def attempt_connection(sleep_length, tries) end false end - - private - - def execute_command - Execution.execute(build_validate_cmd, uid: @resource[:run_as]) - end - - def build_validate_cmd - "#{parse_connect_settings.join(' ')} #{build_psql_cmd} " - end end end From 841187b0ec29726c0fe39ea2ad710a5ead42d2e0 Mon Sep 17 00:00:00 2001 From: Daiana_Mezdrea Date: Fri, 19 Feb 2021 13:42:54 +0200 Subject: [PATCH 0608/1000] Fix quotes to avoid shell injection --- lib/puppet/provider/postgresql_psql/ruby.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 3e982e8f12..d563b73fed 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -16,7 +16,7 @@ def run_sql_command(sql) command = [resource[:psql_path]] command.push('-d', resource[:db]) if resource[:db] command.push('-p', resource[:port]) if resource[:port] - command.push('-t', '-X', '-c', '"' + sql.gsub('"', '\"') + '"') + command.push('-t', '-X', '-c', sql) environment = fetch_environment @@ -57,7 +57,6 @@ def fetch_environment end def run_command(command, user, group, environment) - command = command.join ' ' output = Puppet::Util::Execution.execute(command, uid: user, gid: group, failonfail: false, From 18d89f1394843896d12ccd206cc142c8bcd3a8bf Mon Sep 17 00:00:00 2001 From: sheena Date: Fri, 19 Feb 2021 11:41:05 +0000 Subject: [PATCH 0609/1000] fix shell command escaping in sql task and spec_helper --- spec/spec_helper_local.rb | 2 +- tasks/sql.rb | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index d7b12539d6..0137edd85b 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -33,7 +33,7 @@ # this could definitely be optimized add_filter do |f| # system returns true if exit status is 0, which with git-check-ignore means file is ignored - system("git check-ignore --quiet #{f.filename}") + system('git', 'check-ignore', '--quiet', f.filename) end end end diff --git a/tasks/sql.rb b/tasks/sql.rb index 03ce440691..21028794c9 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -8,12 +8,12 @@ def get(sql, database, user, port, password, host) env_hash = {} env_hash['PGPASSWORD'] = password unless password.nil? - cmd_string = "psql -c \"#{sql}\"" - cmd_string += " --dbname=#{database}" unless database.nil? - cmd_string += " --username=#{user}" unless user.nil? - cmd_string += " --port=#{port}" unless port.nil? - cmd_string += " --host=#{host}" unless host.nil? - stdout, stderr, status = Open3.capture3(env_hash, cmd_string) + cmd_string = ['psql', '-c', sql] + cmd_string << "--dbname=#{database}" unless database.nil? + cmd_string << "--username=#{user}" unless user.nil? + cmd_string << "--port=#{port}" unless port.nil? + cmd_string << "--host=#{host}" unless host.nil? + stdout, stderr, status = Open3.capture3(env_hash, *cmd_string) raise Puppet::Error, stderr if status != 0 { status: stdout.strip } end From 62e322ea474eb921530b9e8d60913b174301cae6 Mon Sep 17 00:00:00 2001 From: sheena Date: Fri, 19 Feb 2021 14:55:11 +0000 Subject: [PATCH 0610/1000] update unit tests --- .../postgresql_conn_validator/ruby_spec.rb | 16 ++++++---------- .../puppet/provider/postgresql_psql/ruby_spec.rb | 12 ++++++------ 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 7c21483550..8cd71e3913 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -30,37 +30,33 @@ describe '#build_psql_cmd' do it 'contains expected commandline options' do - expect(provider.validator.build_psql_cmd).to match %r{/usr/bin/psql.*--host.*--port.*--username.*} + expect(provider.validator.build_psql_cmd).to eq(['/usr/bin/psql', '--tuples-only', '--quiet', '--no-psqlrc', '--host', 'db.test.com', '--port', 4444, '--username', 'testuser', '--command', + 'SELECT 1']) end end - describe '#parse_connect_settings' do + describe 'connect_settings' do it 'returns array if password is present' do - expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass']) + expect(provider.validator.connect_settings).to eq({ 'PGPASSWORD' => 'testpass' }) end it 'returns an empty array if password is nil' do attributes.delete(:db_password) - expect(provider.validator.parse_connect_settings).to eq([]) + expect(provider.validator.connect_settings).to eq({}) end it 'returns an array of settings' do attributes.delete(:db_password) attributes.merge! connect_settings - expect(provider.validator.parse_connect_settings).to eq(['PGPASSWORD=testpass', 'PGHOST=db.test.com', 'PGPORT=1234']) + expect(provider.validator.connect_settings).to eq({ PGHOST: 'db.test.com', PGPASSWORD: 'testpass', PGPORT: '1234' }) end end describe '#attempt_connection' do let(:sleep_length) { 1 } let(:tries) { 3 } - let(:exec) do - provider.validator.stub(:execute_command).and_return(true) - end it 'tries the correct number of times' do - expect(provider.validator).to receive(:execute_command).exactly(3).times - provider.validator.attempt_connection(sleep_length, tries) end end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index 6a04d930c6..5e05cc2886 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -15,7 +15,7 @@ it 'executes with the given psql_path on the given DB' do expect(provider).to receive(:run_command).with(['psql', '-d', - attributes[:db], '-t', '-X', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', + attributes[:db], '-t', '-X', '-c', 'SELECT \'something\' as "Custom column"'], 'postgres', 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -35,7 +35,7 @@ it 'executes with the given psql_path on the given DB' do expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], - '-d', attributes[:db], '-t', '-X', '-c', '"SELECT \'something\' as \"Custom column\""'], + '-d', attributes[:db], '-t', '-X', '-c', 'SELECT \'something\' as "Custom column"'], attributes[:psql_user], attributes[:psql_group], {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -50,7 +50,7 @@ it 'executes with the given search_path' do expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', - '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], + 'set search_path to schema1; SELECT \'something\' as "Custom column"'], 'postgres', 'postgres', {}) provider.run_sql_command('SELECT \'something\' as "Custom column"') @@ -65,7 +65,7 @@ it 'executes with the given search_path' do expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', - '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], + 'set search_path to schema1,schema2; SELECT \'something\' as "Custom column"'], 'postgres', 'postgres', {}) @@ -79,7 +79,7 @@ it 'executes with the given port' do expect(provider).to receive(:run_command).with(['psql', '-p', '5555', - '-t', '-X', '-c', '"SELECT something"'], + '-t', '-X', '-c', 'SELECT something'], 'postgres', 'postgres', {}) provider.run_sql_command('SELECT something') @@ -91,7 +91,7 @@ it 'executes with the given host' do expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', - '"SELECT something"'], + 'SELECT something'], 'postgres', 'postgres', 'PGHOST' => '127.0.0.1') provider.run_sql_command('SELECT something') From c73a37b9cd6ed79efa2b27b06877f7d27584ec3f Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 19 Feb 2021 15:45:30 +0000 Subject: [PATCH 0611/1000] Implement a `sensitive` param for postgresql_psql --- lib/puppet/provider/postgresql_psql/ruby.rb | 3 +- lib/puppet/type/postgresql_psql.rb | 7 ++++ manifests/server/role.pp | 12 +++---- spec/acceptance/postgresql_psql_spec.rb | 38 +++++++-------------- 4 files changed, 26 insertions(+), 34 deletions(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index d563b73fed..715d9b5273 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -62,7 +62,8 @@ def run_command(command, user, group, environment) failonfail: false, combine: true, override_locale: true, - custom_environment: environment) + custom_environment: environment, + sensitive: resource[:sensitive] == :true) [output, $CHILD_STATUS.dup] end end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 43e2fe8782..d335e70026 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -124,6 +124,13 @@ def matches(value) newvalues(:true, :false) end + newparam(:sensitive, boolean: true) do + desc "If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing through." + + defaultto(:false) + newvalues(:true, :false) + end + autorequire(:class) { ['Postgresql::Server::Service'] } def should_run_sql(refreshing = false) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index c2dc4b40a7..c1f6f4b6cc 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -3,8 +3,8 @@ # @param update_password If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. # @param password_hash Sets the hash to use during password creation. # @param createdb Specifies whether to grant the ability to create new databases with this role. -# @param createrole Specifies whether to grant the ability to create new roles with this role. -# @param db Database used to connect to. +# @param createrole Specifies whether to grant the ability to create new roles with this role. +# @param db Database used to connect to. # @param port Port to use when connecting. # @param login Specifies whether to grant login capability for the new role. # @param inherit Specifies whether to grant inherit capability for the new role. @@ -76,18 +76,16 @@ $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } $replication_sql = $replication ? { true => 'REPLICATION', default => '' } if ($password_hash != false) { - $environment = "NEWPGPASSWD=${password_hash}" - $password_sql = "ENCRYPTED PASSWORD '\$NEWPGPASSWD'" + $password_sql = "ENCRYPTED PASSWORD '${password_hash}'" } else { $password_sql = '' - $environment = [] } postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", - environment => $environment, require => undef, + sensitive => true, } postgresql_psql { "ALTER ROLE \"${username}\" ${superuser_sql}": @@ -136,7 +134,7 @@ postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": command => "ALTER ROLE \"${username}\" ${password_sql}", unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'", - environment => $environment, + sensitive => true, } } } else { diff --git a/spec/acceptance/postgresql_psql_spec.rb b/spec/acceptance/postgresql_psql_spec.rb index 686d91653c..571d111d51 100644 --- a/spec/acceptance/postgresql_psql_spec.rb +++ b/spec/acceptance/postgresql_psql_spec.rb @@ -134,39 +134,25 @@ class { 'postgresql::server': } -> apply_manifest(pp_nine, expect_changes: true) end - context 'with secure password passing by environment' do - it 'runs SQL that contanins password passed by environment' do - select = "select \\'$PASS_TO_EMBED\\'" - pp = <<-MANIFEST.unindent + context 'when setting sensitive => true' do + it 'runs queries without leaking to the log' do + select = "select \\'pa$swD\\'" + pp = <<~MANIFEST class { 'postgresql::server': } -> - postgresql_psql { 'password embedded by environment: #{select}': + postgresql_psql { 'password protected by sensitive: #{select}': db => 'postgres', psql_user => 'postgres', + sensitive => true, command => '#{select}', - environment => [ - 'PASS_TO_EMBED=pa$swD', - ], - } - MANIFEST - apply_manifest(pp, catch_failures: true) - apply_manifest(pp, expect_changes: false) - end - it 'runs SQL that contanins password passed by environment in check' do - select = "select 1 where \\'$PASS_TO_EMBED\\'=\\'passwD\\'" - pp = <<-MANIFEST.unindent - class { 'postgresql::server': } -> - postgresql_psql { 'password embedded by environment in check: #{select}': - db => 'postgres', - psql_user => 'postgres', - command => 'invalid sql query', - unless => '#{select}', - environment => [ - 'PASS_TO_EMBED=passwD', - ], } MANIFEST + result = apply_manifest(pp, catch_failures: true, debug: true) + expect(result.stdout).not_to contain('pa$swD') + expect(result.stderr).not_to contain('pa$swD') - idempotent_apply(pp) + result = apply_manifest(pp, expect_changes: false, debug: true) + expect(result.stdout).not_to contain('pa$swD') + expect(result.stderr).not_to contain('pa$swD') end end end From 08a175217adcb6466ab468c2ae5d7f7c3409f270 Mon Sep 17 00:00:00 2001 From: David Schmitt Date: Fri, 19 Feb 2021 17:08:51 +0000 Subject: [PATCH 0612/1000] Add more sensitive protection and testing --- manifests/server/role.pp | 6 +++--- spec/unit/defines/server/role_spec.rb | 30 +++++++++++++-------------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index c1f6f4b6cc..0ef4651531 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -82,7 +82,7 @@ } postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": - command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", + command => Sensitive("CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}"), unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", require => undef, sensitive => true, @@ -132,8 +132,8 @@ $pwd_hash_sql = "md5${pwd_md5}" } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": - command => "ALTER ROLE \"${username}\" ${password_sql}", - unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'", + command => Sensitive("ALTER ROLE \"${username}\" ${password_sql}"), + unless => Sensitive("SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'"), sensitive => true, } } diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index faf6071e1e..5e3e005dfa 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -33,16 +33,16 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", - 'environment' => 'NEWPGPASSWD=new-pa$s', + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", - 'environment' => 'NEWPGPASSWD=new-pa$s', - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', 'port' => '5432') end @@ -64,8 +64,8 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with_command("CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1") - .with_environment('NEWPGPASSWD=new-pa$s') + .with_command('Sensitive [value redacted]') + .with_sensitive('true') .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") .with_port(5432) .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') @@ -73,8 +73,8 @@ end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => 'NEWPGPASSWD=new-pa$s', - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", 'port' => '5432', + .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', 'port' => '5432', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end @@ -99,15 +99,15 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", - 'environment' => 'NEWPGPASSWD=new-pa$s', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', + 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => 'NEWPGPASSWD=new-pa$s', - 'unless' => "SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa'", + .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end From 259b8e7be7b5c61f8794b5e7a5a7d70482631640 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Mon, 22 Feb 2021 09:52:54 +0000 Subject: [PATCH 0613/1000] Release version 6.10.2 --- CHANGELOG.md | 8 ++++++++ REFERENCE.md | 10 ++++++++++ metadata.json | 2 +- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7991677ec1..421a454ad1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) (2021-02-22) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) + +### Fixed + +- Fix command shell escaping [\#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) + ## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) (2021-02-09) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.0...v6.10.1) diff --git a/REFERENCE.md b/REFERENCE.md index ab2c80a71a..e7943af230 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -3034,6 +3034,7 @@ The following parameters are available in the `postgresql_psql` type. * [`psql_user`](#psql_user) * [`refreshonly`](#refreshonly) * [`search_path`](#search_path) +* [`sensitive`](#sensitive) * [`unless`](#unless) ##### `connect_settings` @@ -3108,6 +3109,15 @@ Default value: ``false`` The schema search path to use when executing the SQL command +##### `sensitive` + +Valid values: ``true``, ``false`` + +If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing +through. + +Default value: ``false`` + ##### `unless` An optional SQL command to execute prior to the main :command; diff --git a/metadata.json b/metadata.json index 0cb22b5baf..5b84c111cb 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.10.1", + "version": "6.10.2", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 50f0f85f02e361f72bc17edef9a7413224e23145 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Mon, 22 Feb 2021 16:40:44 +0000 Subject: [PATCH 0614/1000] (maint) Update major dependencies prior to release --- metadata.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/metadata.json b/metadata.json index ddee07ad79..c78e423e82 100644 --- a/metadata.json +++ b/metadata.json @@ -10,15 +10,15 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 7.0.0" + "version_requirement": ">= 4.13.1 < 8.0.0" }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 8.0.0" + "version_requirement": ">= 2.0.0 < 9.0.0" }, { "name": "puppetlabs/concat", - "version_requirement": ">= 4.1.0 < 7.0.0" + "version_requirement": ">= 4.1.0 < 8.0.0" } ], "operatingsystem_support": [ From 0f461489b48d88717549bc2a71d1a5fea7fc116c Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Wed, 24 Feb 2021 13:56:21 +0000 Subject: [PATCH 0615/1000] (MAINT) Remove RHEL 5 OS family support --- metadata.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/metadata.json b/metadata.json index ddee07ad79..f5e5f5d355 100644 --- a/metadata.json +++ b/metadata.json @@ -25,7 +25,6 @@ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "5", "6", "7", "8" @@ -34,7 +33,6 @@ { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "5", "6", "7", "8" @@ -43,7 +41,6 @@ { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ - "5", "6", "7" ] From f7cd69b97cdaee8d07c98a5c05b9649cd1b177c5 Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Wed, 24 Feb 2021 16:23:58 +0000 Subject: [PATCH 0616/1000] (MAINT) Remove SLES 11 support --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index ddee07ad79..bc26a2398a 100644 --- a/metadata.json +++ b/metadata.json @@ -66,7 +66,6 @@ { "operatingsystem": "SLES", "operatingsystemrelease": [ - "11", "12", "15" ] From 9ddf7acdea9d126de65d04acf60329dba6e9c846 Mon Sep 17 00:00:00 2001 From: Ciaran McCrisken Date: Thu, 25 Feb 2021 16:14:54 +0000 Subject: [PATCH 0617/1000] (MAINT) pdk update --- .github/workflows/auto_release.yml | 6 +++--- .github/workflows/nightly.yml | 19 +++++++++++-------- .github/workflows/pr_test.yml | 18 ++++++++++-------- metadata.json | 2 +- 4 files changed, 25 insertions(+), 20 deletions(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index a88b99ca17..56b38d5242 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -46,12 +46,12 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} id: gv run: | - echo "::set-output name=ver::$(cat metadata.json | jq .version | tr -d \")" + echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" - name: "Commit changes" if: ${{ github.repository_owner == 'puppetlabs' }} run: | - git config --local user.email "action@github.com" + git config --local user.email "${{ github.repository_owner }}@users.noreply.github.com" git config --local user.name "GitHub Action" git add . git commit -m "Release prep v${{ steps.gv.outputs.ver }}" @@ -66,7 +66,7 @@ jobs: branch: "release-prep" delete-branch: true title: "Release prep v${{ steps.gv.outputs.ver }}" - body: "Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb)" + body: "Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb) from commit ${{ github.sha }}" labels: "maintenance" - name: PR outputs diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 0c1fd28b9c..abf8e7d7a6 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -58,7 +58,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 else echo "::set-output name=matrix::{}" fi @@ -69,6 +69,7 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" needs: - setup_matrix @@ -82,8 +83,10 @@ jobs: steps: - run: | - echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 @@ -91,11 +94,11 @@ jobs: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} - matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - name: "Honeycomb: start first step" run: | - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source @@ -117,12 +120,12 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' echo ::group::=== REQUEST === cat request.json || true echo @@ -144,7 +147,7 @@ jobs: run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: @@ -156,7 +159,7 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 207dfcadd5..fb9ff97650 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -55,7 +55,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 else echo "::set-output name=matrix::{}" fi @@ -66,6 +66,7 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" needs: - setup_matrix if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} @@ -80,8 +81,9 @@ jobs: steps: - run: | - echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 @@ -89,11 +91,11 @@ jobs: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} - matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - name: "Honeycomb: start first step" run: | - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source @@ -115,12 +117,12 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' echo ::group::=== REQUEST === cat request.json || true echo @@ -142,7 +144,7 @@ jobs: run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: @@ -154,7 +156,7 @@ jobs: if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment diff --git a/metadata.json b/metadata.json index ddee07ad79..f65b95c26b 100644 --- a/metadata.json +++ b/metadata.json @@ -89,5 +89,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g44cc7ed" + "template-ref": "heads/main-0-g2bf2de6" } From 0b87dae6cf6619a360092d1c2836eebcb0e946dd Mon Sep 17 00:00:00 2001 From: Auto-release Date: Thu, 4 Mar 2021 14:45:24 +0000 Subject: [PATCH 0618/1000] Release version 7.0.0 --- CHANGELOG.md | 19 +++++++++++++++---- REFERENCE.md | 12 ++++++++++++ metadata.json | 2 +- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 421a454ad1..4b70c6d50e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) (2021-03-04) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) + +### Changed + +- pdksync - \(MAINT\) Remove SLES 11 support [\#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) + +### Added + +- Add DNF module management [\#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) + ## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) (2021-02-22) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) @@ -40,6 +54,7 @@ All notable changes to this project will be documented in this file. The format - pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) - Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) ### Fixed @@ -64,10 +79,6 @@ All notable changes to this project will be documented in this file. The format [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) -### Added - -- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) - ### Fixed - Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) diff --git a/REFERENCE.md b/REFERENCE.md index e7943af230..472d529551 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -23,6 +23,7 @@ #### Private Classes +* `postgresql::dnfmodule`: Manage the DNF module * `postgresql::params` * `postgresql::repo` * `postgresql::repo::apt_postgresql_org` @@ -189,6 +190,7 @@ The following parameters are available in the `postgresql::globals` class: * [`manage_logdir`](#manage_logdir) * [`manage_xlogdir`](#manage_xlogdir) * [`manage_package_repo`](#manage_package_repo) +* [`manage_dnf_module`](#manage_dnf_module) * [`module_workdir`](#module_workdir) * [`manage_selinux`](#manage_selinux) @@ -610,6 +612,16 @@ Sets up official PostgreSQL repositories on your host if set to true. Default value: ``undef`` +##### `manage_dnf_module` + +Data type: `Boolean` + +Manage the DNF module. This only makes sense on distributions that use DNF +package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or +Puppet 6.15.0+ since they ship the dnfmodule provider. + +Default value: ``false`` + ##### `module_workdir` Data type: `Any` diff --git a/metadata.json b/metadata.json index 721d2b3133..6e8106fee5 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "6.10.2", + "version": "7.0.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 5b14a1208c45a9913d36d1fc1d69d15c59fa2f9a Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 6 Mar 2021 12:31:38 +0100 Subject: [PATCH 0619/1000] Ensure port is a string in psql command In 841187b0ec29726c0fe39ea2ad710a5ead42d2e0 a shell execution vulnerability was fixed by passing an array. In my environment (Debian 10, Ruby 2.5, Puppet 5) it was failing because port was an Integer and command execution only allows Strings. This explicitly converts the port to a string. Fixes: 841187b0ec29726c0fe39ea2ad710a5ead42d2e0 --- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 715d9b5273..1cfbbca094 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -15,7 +15,7 @@ def run_sql_command(sql) command = [resource[:psql_path]] command.push('-d', resource[:db]) if resource[:db] - command.push('-p', resource[:port]) if resource[:port] + command.push('-p', resource[:port].to_s) if resource[:port] command.push('-t', '-X', '-c', sql) environment = fetch_environment From 2d30354ddcbb8ac1c66f241313d44e8c151cf037 Mon Sep 17 00:00:00 2001 From: Auto-release Date: Mon, 8 Mar 2021 11:29:03 +0000 Subject: [PATCH 0620/1000] Release version 7.0.1 --- CHANGELOG.md | 8 ++++++++ metadata.json | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b70c6d50e..32cc4d9cf4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) (2021-03-08) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.0...v7.0.1) + +### Fixed + +- Ensure port is a string in psql command [\#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) + ## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) (2021-03-04) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) diff --git a/metadata.json b/metadata.json index 6e8106fee5..0f0a7eec25 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.0.0", + "version": "7.0.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 769240b88ebde510fb199cc4cbbf233e7c5a230f Mon Sep 17 00:00:00 2001 From: sheena Date: Wed, 10 Mar 2021 17:28:48 +0000 Subject: [PATCH 0621/1000] (MODULES-10957)override the set_sensitive_parameters method --- lib/puppet/type/postgresql_psql.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index d335e70026..2ae079715a 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -145,4 +145,15 @@ def should_run_sql(refreshing = false) def refresh property(:command).sync if should_run_sql(true) end + + private + + def set_sensitive_parameters(sensitive_parameters) + # Respect sensitive commands + if sensitive_parameters.include?(:unless) + sensitive_parameters.delete(:unless) + parameter(:unless).sensitive = true + end + super(sensitive_parameters) + end end From 90b556543203d57195f30190db2e6b801ee5027d Mon Sep 17 00:00:00 2001 From: Auto-release Date: Mon, 15 Mar 2021 10:02:55 +0000 Subject: [PATCH 0622/1000] Release version 7.0.2 --- CHANGELOG.md | 8 ++++++++ metadata.json | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 32cc4d9cf4..3c719e65a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) (2021-03-15) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.1...v7.0.2) + +### Fixed + +- \(MODULES-10957\) Override the set\_sensitive\_parameters method [\#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) + ## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) (2021-03-08) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.0...v7.0.1) diff --git a/metadata.json b/metadata.json index 0f0a7eec25..553f23afd3 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.0.1", + "version": "7.0.2", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 6a91c45c4cfd0fc930272b108ee8217eaca8cc61 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 15 Mar 2021 18:45:25 +0200 Subject: [PATCH 0623/1000] Replace Travis and Appveyor with Github Actions --- .github/workflows/auto_release.yml | 2 +- .github/workflows/nightly.yml | 11 ++- .github/workflows/pr_test.yml | 11 ++- .github/workflows/release.yml | 47 +++++++++++ .github/workflows/spec.yml | 128 +++++++++++++++++++++++++++++ .pdkignore | 1 + .sync.yml | 33 ++------ .travis.yml | 87 -------------------- metadata.json | 2 +- 9 files changed, 204 insertions(+), 118 deletions(-) create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/spec.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index 56b38d5242..affeca9071 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -36,7 +36,7 @@ jobs: persist-credentials: false - name: "PDK Release prep" - uses: docker://puppet/pdk:nightly + uses: docker://puppet/iac_release:ci with: args: 'release prep --force' env: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index abf8e7d7a6..865578cfd2 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -131,7 +131,14 @@ jobs: echo echo ::endgroup:: echo ::group::=== INVENTORY === - sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true echo ::endgroup:: - name: Install agent @@ -166,7 +173,7 @@ jobs: if: ${{ always() }} continue-on-error: true run: | - if [ -f inventory.yaml ]; then + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' echo ::group::=== REQUEST === cat request.json || true diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index fb9ff97650..69e414b558 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -128,7 +128,14 @@ jobs: echo echo ::endgroup:: echo ::group::=== INVENTORY === - sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true echo ::endgroup:: - name: Install agent @@ -163,7 +170,7 @@ jobs: if: ${{ always() }} continue-on-error: true run: | - if [ -f inventory.yaml ]; then + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' echo ::group::=== REQUEST === cat request.json || true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..1509f6e91f --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,47 @@ +name: "Publish module" + +on: + workflow_dispatch: + +jobs: + create-github-release: + name: Deploy GitHub Release + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + fetch-depth: 0 + - name: Get Version + id: gv + run: | + echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" + - name: Create Release + uses: actions/create-release@v1 + id: create_release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: "v${{ steps.gv.outputs.ver }}" + draft: false + prerelease: false + + deploy-forge: + name: Deploy to Forge + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + - name: "PDK Build" + uses: docker://puppet/pdk:nightly + with: + args: 'build' + - name: "Push to Forge" + uses: docker://puppet/pdk:nightly + with: + args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force' diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml new file mode 100644 index 0000000000..03e2cb8d3e --- /dev/null +++ b/.github/workflows/spec.yml @@ -0,0 +1,128 @@ +name: "Spec Tests" + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + pull_request: + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + spec_matrix: ${{ steps.get-matrix.outputs.spec_matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Setup Spec Test Matrix + id: get-matrix + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + else + echo "::set-output name=spec_matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Spec: + name: "Spec Tests (Puppet: ${{matrix.puppet_version}}, Ruby Ver: ${{matrix.ruby_version}})" + needs: + - setup_matrix + if: ${{ needs.setup_matrix.outputs.spec_matrix != '{}' }} + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.spec_matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + PUPPET_GEM_VERSION: ${{ matrix.puppet_version }} + + steps: + - run: | + echo "SANITIZED_PUPPET_VERSION=$(echo '${{ matrix.puppet_version }}' | sed 's/~> //g')" >> $GITHUB_ENV + + - run: | + echo 'puppet_version=${{ env.SANITIZED_PUPPET_VERSION }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start first step" + run: | + echo "STEP_ID=${{ env.SANITIZED_PUPPET_VERSION }}-spec" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ env.SANITIZED_PUPPET_VERSION }} + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: "Activate Ruby ${{ matrix.ruby_version }}" + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{matrix.ruby_version}} + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: Run Static & Syntax Tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + + - name: Run parallel_spec tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec diff --git a/.pdkignore b/.pdkignore index 254808c8f3..a74c4c4f32 100644 --- a/.pdkignore +++ b/.pdkignore @@ -42,3 +42,4 @@ /spec/ /.vscode/ /.sync.yml +/.devcontainer/ diff --git a/.sync.yml b/.sync.yml index 3ffd1198f7..50a547c6aa 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,33 +1,9 @@ --- ".gitlab-ci.yml": delete: true -".travis.yml": - global_env: - - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" - deploy_to_forge: - enabled: false - user: puppet - secure: '' - branches: - - release - use_litmus: true - litmus: - provision_list: - - ---travis_el - - travis_deb - - travis_el7 - complex: - - collection: - puppet_collection: - - puppet6 - provision_list: - - travis_ub_6 - simplecov: true - notifications: - slack: - secure: sulU0RHAFNMVQyQnqcyRHLRjL7Zl1Ao7ywuObL/qTsCiIweRsFiHX0BdTrurxobhjgdHQizx9G2IakkvhE120AOlLbCV9Nw45tvyuzdV4HhdPSKtwdWWKXgU4IvP2tSblZ4hCOEG4CuEKPvFtoY8UEW2ODmvvwFlQz+GOYOBYMw= appveyor.yml: delete: true + Gemfile: optional: ":development": @@ -47,3 +23,10 @@ spec/spec_helper.rb: unmanaged: false .github/workflows/auto_release.yml: unmanaged: false +.github/workflows/spec.yml: + checks: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' + unmanaged: false +.github/workflows/release.yml: + unmanaged: false +.travis.yml: + delete: true diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index ecea11d0ae..0000000000 --- a/.travis.yml +++ /dev/null @@ -1,87 +0,0 @@ ---- -os: linux -dist: xenial -language: ruby -cache: bundler -before_install: - - bundle -v - - rm -f Gemfile.lock - - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" - - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - - gem --version - - bundle -v -script: - - 'SIMPLECOV=yes bundle exec rake $CHECK' -bundler_args: --without system_tests -rvm: - - 2.5.7 -env: - global: - - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" -stages: - - static - - spec - - acceptance -jobs: - fast_finish: true - include: - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_ub_6_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_deb]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_deb_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el7]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_el7_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" - stage: static - - - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.7 - stage: spec -branches: - only: - - main - - /^v\d/ - - release -notifications: - email: false - slack: - secure: sulU0RHAFNMVQyQnqcyRHLRjL7Zl1Ao7ywuObL/qTsCiIweRsFiHX0BdTrurxobhjgdHQizx9G2IakkvhE120AOlLbCV9Nw45tvyuzdV4HhdPSKtwdWWKXgU4IvP2tSblZ4hCOEG4CuEKPvFtoY8UEW2ODmvvwFlQz+GOYOBYMw= -deploy: - provider: puppetforge - username: puppet - password: - secure: "" - on: - tags: true - all_branches: true - condition: "$DEPLOY_TO_FORGE = yes" diff --git a/metadata.json b/metadata.json index 0f0a7eec25..e65b9adcec 100644 --- a/metadata.json +++ b/metadata.json @@ -85,5 +85,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g2bf2de6" + "template-ref": "heads/main-0-g7be43a3" } From 1cf5c45eb41dd184c1b965aeaf802b0cccfe5f74 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Fri, 2 Apr 2021 14:19:38 +0300 Subject: [PATCH 0624/1000] PDK Update for release prep workflow --- .github/workflows/auto_release.yml | 7 ++++++- Gemfile | 10 ---------- metadata.json | 2 +- 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index affeca9071..d15d148d99 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -66,7 +66,12 @@ jobs: branch: "release-prep" delete-branch: true title: "Release prep v${{ steps.gv.outputs.ver }}" - body: "Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb) from commit ${{ github.sha }}" + body: | + Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb) from commit ${{ github.sha }}. + Please verify before merging: + - [ ] last [nightly](https://github.com/${{ github.repository }}/actions/workflows/nightly.yml) run is green + - [ ] [Changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) is readable and has no unlabeled pull requests + - [ ] Ensure the [changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) version and [metadata](https://github.com/${{ github.repository }}/blob/release-prep/metadata.json) version match labels: "maintenance" - name: PR outputs diff --git a/Gemfile b/Gemfile index ae2b430dc2..135373d02b 100644 --- a/Gemfile +++ b/Gemfile @@ -45,16 +45,6 @@ gems['puppet'] = location_for(puppet_version) gems['facter'] = location_for(facter_version) if facter_version gems['hiera'] = location_for(hiera_version) if hiera_version -if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} - # If we're using a Puppet gem on Windows which handles its own win32-xxx gem - # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). - gems['win32-dir'] = ['<= 0.4.9', require: false] - gems['win32-eventlog'] = ['<= 0.6.5', require: false] - gems['win32-process'] = ['<= 0.7.5', require: false] - gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['0.8.8', require: false] -end - gems.each do |gem_name, gem_params| gem gem_name, *gem_params end diff --git a/metadata.json b/metadata.json index 4a24ce9034..e592c82cd3 100644 --- a/metadata.json +++ b/metadata.json @@ -85,5 +85,5 @@ ], "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g7be43a3" + "template-ref": "heads/main-0-g12a5dea" } From 13d7fe8b816c6103b1d70ca9d7aad9405c4e2092 Mon Sep 17 00:00:00 2001 From: Jo Rhett Date: Wed, 2 Sep 2020 23:32:47 -0700 Subject: [PATCH 0625/1000] Add new common Yum repo which contains add-ons Details in https://yum.postgresql.org/news/new-repo-rpms-released/ --- manifests/globals.pp | 9 ++++++--- manifests/repo.pp | 1 + manifests/repo/yum_postgresql_org.pp | 11 +++++++++++ spec/unit/classes/globals_spec.rb | 13 +++++++++++-- 4 files changed, 29 insertions(+), 5 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index db39f1c9f5..48a2d1e9f8 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -57,6 +57,7 @@ # @param repo_proxy Sets the proxy option for the official PostgreSQL yum-repositories only. # # @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. +# @param yum_repo_commonurl Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. # # @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. # @@ -142,6 +143,7 @@ $postgis_version = undef, $repo_proxy = undef, $repo_baseurl = undef, + $yum_repo_commonurl = undef, $needs_initdb = undef, @@ -265,9 +267,10 @@ # Setup of the repo only makes sense globally, so we are doing this here. if($manage_package_repo) { class { 'postgresql::repo': - version => $globals_version, - proxy => $repo_proxy, - baseurl => $repo_baseurl, + version => $globals_version, + proxy => $repo_proxy, + baseurl => $repo_baseurl, + commonurl => $yum_repo_commonurl, } } diff --git a/manifests/repo.pp b/manifests/repo.pp index 2f422eaac5..a7803d9687 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -3,6 +3,7 @@ $version = undef, $proxy = undef, $baseurl = undef, + $commonurl = undef, ) { case $facts['os']['family'] { 'RedHat', 'Linux': { diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 9d0ee191ce..319751d3b8 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -20,8 +20,10 @@ $label2 = 'rhel' } $default_baseurl = "https://download.postgresql.org/pub/repos/yum/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch" + $default_commonurl = "https://download.postgresql.org/pub/repos/yum/common/${label1}/${label2}-\$releasever-\$basearch" $_baseurl = pick($postgresql::repo::baseurl, $default_baseurl) + $_commonurl = pick($postgresql::repo::commonurl, $default_commonurl) yumrepo { 'yum.postgresql.org': descr => "PostgreSQL ${postgresql::repo::version} \$releasever - \$basearch", @@ -32,5 +34,14 @@ proxy => $postgresql::repo::proxy, } + yumrepo { 'pgdg-common': + descr => "PostgreSQL common RPMs \$releasever - \$basearch", + baseurl => $_commonurl, + enabled => 1, + gpgcheck => 1, + gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", + proxy => $postgresql::repo::proxy, + } + Yumrepo['yum.postgresql.org'] -> Package<|tag == 'puppetlabs-postgresql'|> } diff --git a/spec/unit/classes/globals_spec.rb b/spec/unit/classes/globals_spec.rb index a978ba3deb..1ad320c5dd 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/unit/classes/globals_spec.rb @@ -75,6 +75,10 @@ 'enabled' => '1', 'proxy' => 'http://proxy-server:8080', ) + is_expected.to contain_yumrepo('pgdg-common').with( + 'enabled' => '1', + 'proxy' => 'http://proxy-server:8080', + ) end end @@ -82,7 +86,8 @@ let(:params) do { manage_package_repo: true, - repo_baseurl: 'http://mirror.localrepo.com', + repo_baseurl: 'http://mirror.localrepo.com/pgdg-postgresql', + yum_repo_commonurl: 'http://mirror.localrepo.com/pgdg-common', } end @@ -93,7 +98,11 @@ it do is_expected.to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', - 'baseurl' => 'http://mirror.localrepo.com', + 'baseurl' => 'http://mirror.localrepo.com/pgdg-postgresql', + ) + is_expected.to contain_yumrepo('pgdg-common').with( + 'enabled' => '1', + 'baseurl' => 'http://mirror.localrepo.com/pgdg-common', ) end end From ce26e51f073a1783f62ad048ac5499a77f8fc8ed Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 12 Apr 2021 09:28:28 +0000 Subject: [PATCH 0626/1000] Release prep v7.0.3 --- CHANGELOG.md | 17 ++++++++++------- metadata.json | 2 +- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3c719e65a4..39e857ebec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -70,7 +70,6 @@ All notable changes to this project will be documented in this file. The format - pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) - Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) -- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) ### Fixed @@ -95,6 +94,10 @@ All notable changes to this project will be documented in this file. The format [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) +### Added + +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) + ### Fixed - Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) @@ -118,9 +121,9 @@ All notable changes to this project will be documented in this file. The format ### Added - service\_ensure =\> true is now an allowed value \(aliased to running\) [\#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) -- Finish conversion of `postgresql\_acls\_to\_resources\_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql\_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql\_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_acls_to_resources_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) - Allow usage of grant and role when not managing postgresql::server [\#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) - Add version configs for SLES 12 SP 3 to 5 [\#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) - Add extra parameter "extra\_systemd\_config" [\#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) @@ -307,7 +310,7 @@ All notable changes to this project will be documented in this file. The format ### Added -- Parameters `roles`, `config\_entires`, and `pg\_hba\_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) +- Parameters `roles`, `config_entires`, and `pg_hba_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) ## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-22) @@ -316,11 +319,11 @@ All notable changes to this project will be documented in this file. The format ### Added - \(MODULES-6330\) PDK convert 1.4.1 [\#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) -- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database\_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) +- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) ### Fixed -- Documentation error, `reassign\_owned\_by` uses `\*\_role` not `\*\_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) +- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) ## 5.3.0 ### Summary diff --git a/metadata.json b/metadata.json index e592c82cd3..fdae91d772 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.0.2", + "version": "7.0.3", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 7d5e232ab1386fa5c239e1ca5c875ca16abdecc0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 12 Apr 2021 12:29:06 +0000 Subject: [PATCH 0627/1000] Release prep v7.1.0 --- CHANGELOG.md | 12 ++++++++++++ REFERENCE.md | 9 +++++++++ metadata.json | 2 +- 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39e857ebec..82dca8f275 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) (2021-04-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.3...v7.1.0) + +### Added + +- Add new common repo which contains add-ons [\#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) + +## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) (2021-04-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.2...v7.0.3) + ## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) (2021-03-15) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.1...v7.0.2) diff --git a/REFERENCE.md b/REFERENCE.md index 472d529551..37b25d5d07 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -177,6 +177,7 @@ The following parameters are available in the `postgresql::globals` class: * [`postgis_version`](#postgis_version) * [`repo_proxy`](#repo_proxy) * [`repo_baseurl`](#repo_baseurl) +* [`yum_repo_commonurl`](#yum_repo_commonurl) * [`needs_initdb`](#needs_initdb) * [`encoding`](#encoding) * [`locale`](#locale) @@ -502,6 +503,14 @@ Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirr Default value: ``undef`` +##### `yum_repo_commonurl` + +Data type: `Any` + +Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. + +Default value: ``undef`` + ##### `needs_initdb` Data type: `Any` diff --git a/metadata.json b/metadata.json index fdae91d772..f1e0161f42 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.0.3", + "version": "7.1.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 7b295fbae0f5f4977390839b0062b8198e47b80c Mon Sep 17 00:00:00 2001 From: Manuel Tancoigne Date: Tue, 30 Mar 2021 10:36:46 +0200 Subject: [PATCH 0628/1000] Support grants and revokes for PUBLIC pseudo role --- manifests/server/grant.pp | 18 ++++++++++++------ spec/unit/defines/server/grant_spec.rb | 2 +- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 4382c6b396..64be3ad617 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -52,17 +52,23 @@ case $ensure { default: { # default is 'present' - $sql_command = 'GRANT %s ON %s "%s%s" TO "%s"' - $sql_command_unquoted = 'GRANT %s ON %s %s%s TO "%s"' + $sql_command = 'GRANT %s ON %s "%s%s" TO %s' + $sql_command_unquoted = 'GRANT %s ON %s %s%s TO %s' $unless_is = true } 'absent': { - $sql_command = 'REVOKE %s ON %s "%s%s" FROM "%s"' - $sql_command_unquoted = 'REVOKE %s ON %s %s%s FROM "%s"' + $sql_command = 'REVOKE %s ON %s "%s%s" FROM %s' + $sql_command_unquoted = 'REVOKE %s ON %s %s%s FROM %s' $unless_is = false } } + # Quote the role if not PUBLIC + $_query_role = $role ? { + 'PUBLIC' => 'PUBLIC', + default => "\"${role}\"" + } + if ! $object_name { $_object_name = $db } else { @@ -453,8 +459,8 @@ } $grant_cmd = $_enquote_object ? { - false => sprintf($sql_command_unquoted, $_privilege, $_object_type, $_togrant_object, $arguments, $role), - default => sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $role), + false => sprintf($sql_command_unquoted, $_privilege, $_object_type, $_togrant_object, $arguments, $_query_role), + default => sprintf($sql_command, $_privilege, $_object_type, $_togrant_object, $arguments, $_query_role), } postgresql_psql { "grant:${name}": diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index 510e063703..fa61e48ebc 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -240,7 +240,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do is_expected.to contain_postgresql_psql('grant:test') - .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "PUBLIC"}m) + .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* PUBLIC}m) .with_unless(%r{SELECT 1 WHERE has_table_privilege\('public',\s*'myschema.mytable', 'INSERT'\)}m) end end From f98404b44b3b1151e2c51e2f9ddfe93734c677c1 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Mon, 26 Apr 2021 21:07:56 +0100 Subject: [PATCH 0629/1000] (maint) Running a pdk update to consume latest pdk-template changes --- .github/workflows/release.yml | 4 ++-- .gitignore | 1 + .gitpod.yml | 2 +- .pdkignore | 1 + metadata.json | 4 ++-- 5 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1509f6e91f..76cf31ca13 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,10 +38,10 @@ jobs: ref: ${{ github.ref }} clean: true - name: "PDK Build" - uses: docker://puppet/pdk:nightly + uses: docker://puppet/pdk:2.1.0.0 with: args: 'build' - name: "Push to Forge" - uses: docker://puppet/pdk:nightly + uses: docker://puppet/pdk:2.1.0.0 with: args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force' diff --git a/.gitignore b/.gitignore index 2767022cd6..988dcbbe62 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml diff --git a/.gitpod.yml b/.gitpod.yml index 18406c5086..9d89d9faa2 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -6,4 +6,4 @@ tasks: vscode: extensions: - - puppet.puppet-vscode@1.0.0:oSzfTkDf6Cmc1jOjgW33VA== + - puppet.puppet-vscode@1.2.0:f5iEPbmOj6FoFTOV6q8LTg== diff --git a/.pdkignore b/.pdkignore index a74c4c4f32..33a13477bd 100644 --- a/.pdkignore +++ b/.pdkignore @@ -25,6 +25,7 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml /appveyor.yml /.fixtures.yml /Gemfile diff --git a/metadata.json b/metadata.json index f1e0161f42..e40152db8f 100644 --- a/metadata.json +++ b/metadata.json @@ -83,7 +83,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "1.18.1", + "pdk-version": "2.0.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g12a5dea" + "template-ref": "heads/main-0-ge04486b" } From 0fdee2126a040a6441dedc20c949d0589f36ba1f Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Sat, 8 May 2021 21:41:17 +0200 Subject: [PATCH 0630/1000] added default version for fedora 34 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 48a2d1e9f8..3aec3aa062 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -167,6 +167,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { + /^(34)$/ => '13', /^(32|33)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', From 36ee5f747a71d6a3c684297e812c8c1572ef22b6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 22 May 2021 03:13:11 +0000 Subject: [PATCH 0631/1000] Release prep v7.2.0 --- CHANGELOG.md | 9 +++++++++ metadata.json | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82dca8f275..3e2499bd36 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-22) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.1.0...v7.2.0) + +### Added + +- \(MODULES-11069\) add default version for fedora 34 [\#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) +- MODULES-11047 - Allow managing rights for PUBLIC role [\#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) + ## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) (2021-04-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.3...v7.1.0) diff --git a/metadata.json b/metadata.json index e40152db8f..702978a860 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.1.0", + "version": "7.2.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 79fa35591e099a7b6981b873b930b943e5dc1827 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 26 May 2021 18:11:59 +0200 Subject: [PATCH 0632/1000] Autorequire the service in postgresql_psql In d69ff1ec91d02337415911fac35d8a1fa5a906fa I changed the require to be an autorequire. However, even in the PR I noted[1] it may not work. Now I realize this may not work because you can't autorequire on a class. In the same way, you can't collect classes. I started to see this on my Puppet 7 testing (edited for brevity): Notice: /Stage[main]/Postgresql::Client/Package[postgresql-client]/ensure: created Notice: /Stage[main]/Postgresql::Client/File[/usr/local/bin/validate_postgresql_connection.sh]/ensure: defined content as '{sha256}f34c53aa433754c6343e6382cd994e33f2887f9eb54503421eb0db55a55e14a6' Notice: /Stage[main]/Postgresql::Server::Install/Package[postgresql-server]/ensure: created Notice: /Stage[main]/Postgresql::Server::Initdb/File[/var/lib/pgsql/data]/ensure: created Notice: /Stage[main]/Postgresql::Server::Initdb/Exec[postgresql_initdb]/returns: The files belonging to this database system will be owned by user "postgres". Notice: /Stage[main]/Postgresql::Server::Initdb/Exec[postgresql_initdb]/returns: This user must also own the server process. Notice: /Stage[main]/Postgresql::Server::Initdb/Exec[postgresql_initdb]/returns: Notice: /Stage[main]/Postgresql::Server::Initdb/Exec[postgresql_initdb]/returns: initdb: error: invalid locale settings; check LANG and LC_* environment variables Error: '/usr/bin/initdb --pgdata '/var/lib/pgsql/data'' returned 1 instead of one of [0] Error: /Stage[main]/Postgresql::Server::Initdb/Exec[postgresql_initdb]/returns: change from 'notrun' to ['0'] failed: '/usr/bin/initdb --pgdata '/var/lib/pgsql/data'' returned 1 instead of one of [0] Info: Class[Postgresql::Server::Initdb]: Unscheduling all events on Class[Postgresql::Server::Initdb] Notice: /Stage[main]/Postgresql::Server::Config/File[/var/lib/pgsql/data/postgresql.conf]: Dependency Exec[postgresql_initdb] has failures: true Warning: /Stage[main]/Postgresql::Server::Config/File[/var/lib/pgsql/data/postgresql.conf]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/File[systemd-conf-dir]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/File[systemd-override]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/File[old-systemd-override]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Exec[restart-systemd]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_hba.conf]/Concat_file[/var/lib/pgsql/data/pg_hba.conf]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_hba.conf]/File[/var/lib/pgsql/data/pg_hba.conf]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_hba.conf]/Concat_fragment[/var/lib/pgsql/data/pg_hba.conf_header]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Config_entry[port]/Postgresql_conf[port]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Config_entry[data_directory]/Postgresql_conf[data_directory]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_ident.conf]/Concat_file[/var/lib/pgsql/data/pg_ident.conf]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_ident.conf]/File[/var/lib/pgsql/data/pg_ident.conf]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Concat[/var/lib/pgsql/data/pg_ident.conf]/Concat_fragment[/var/lib/pgsql/data/pg_ident.conf_header]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[local access as postgres user]/Concat::Fragment[pg_hba_rule_local access as postgres user]/Concat_fragment[pg_hba_rule_local access as postgres user]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[local access to database with same name]/Concat::Fragment[pg_hba_rule_local access to database with same name]/Concat_fragment[pg_hba_rule_local access to database with same name]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[allow localhost TCP access to postgresql user]/Concat::Fragment[pg_hba_rule_allow localhost TCP access to postgresql user]/Concat_fragment[pg_hba_rule_allow localhost TCP access to postgresql user]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[deny access to postgresql user]/Concat::Fragment[pg_hba_rule_deny access to postgresql user]/Concat_fragment[pg_hba_rule_deny access to postgresql user]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[allow access to all users]/Concat::Fragment[pg_hba_rule_allow access to all users]/Concat_fragment[pg_hba_rule_allow access to all users]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Pg_hba_rule[allow access to ipv6 localhost]/Concat::Fragment[pg_hba_rule_allow access to ipv6 localhost]/Concat_fragment[pg_hba_rule_allow access to ipv6 localhost]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Service/Anchor[postgresql::server::service::begin]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Service/Service[postgresqld]: Skipping because of failed dependencies Info: Class[Postgresql::Server]: Unscheduling all events on Class[Postgresql::Server] Warning: /Stage[main]/Postgresql::Server::Service/Postgresql_conn_validator[validate_service_is_running]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Service/Anchor[postgresql::server::service::end]: Skipping because of failed dependencies Warning: /Stage[main]/Postgresql::Server::Reload/Exec[postgresql_reload]: Skipping because of failed dependencies Info: Class[Foreman::Database::Postgresql]: Scheduling refresh of Postgresql::Server::Db[foreman] Info: Postgresql::Server::Db[foreman]: Scheduling refresh of Postgresql::Server::Database[foreman] Info: Postgresql::Server::Db[foreman]: Scheduling refresh of Postgresql::Server::Role[foreman] Info: Postgresql::Server::Db[foreman]: Scheduling refresh of Postgresql::Server::Database_grant[GRANT foreman - ALL - foreman] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[CREATE ROLE foreman ENCRYPTED PASSWORD ****] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" NOSUPERUSER] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" NOCREATEDB] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" NOCREATEROLE] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" LOGIN] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" INHERIT] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" NOREPLICATION] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE "foreman" CONNECTION LIMIT -1] Info: Postgresql::Server::Role[foreman]: Scheduling refresh of Postgresql_psql[ALTER ROLE foreman ENCRYPTED PASSWORD ****] Info: Postgresql::Server::Database_grant[GRANT foreman - ALL - foreman]: Scheduling refresh of Postgresql::Server::Grant[database:GRANT foreman - ALL - foreman] Error: /Stage[main]/Foreman::Database::Postgresql/Postgresql::Server::Db[foreman]/Postgresql::Server::Role[foreman]/Postgresql_psql[CREATE ROLE foreman ENCRYPTED PASSWORD ****]: Could not evaluate: Error evaluating 'unless' clause, returned pid 1676 exit 2: 'psql: error: could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"? ' As can be seen, various resources are correctly skipped due to failed dependencies but Postgresql_psql isn't. This changes it to an autorequire on the service. This should work since the name of the service resource is static. There is an edge case where the service isn't managed. For that the anchor is also auto-required. This gives less guarantee, but it's a best-effort for those users. [1]: https://github.com/puppetlabs/puppetlabs-postgresql/pull/950#issuecomment-377516861 Fixes: d69ff1ec91d02337415911fac35d8a1fa5a906fa --- lib/puppet/type/postgresql_psql.rb | 3 ++- spec/unit/defines/server/database_spec.rb | 2 +- spec/unit/defines/server/grant_spec.rb | 2 +- spec/unit/defines/server/reassign_owned_by_spec.rb | 2 +- spec/unit/defines/server/role_spec.rb | 4 ++-- spec/unit/defines/server/tablespace_spec.rb | 2 +- 6 files changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 2ae079715a..8e04be47e8 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -131,7 +131,8 @@ def matches(value) newvalues(:true, :false) end - autorequire(:class) { ['Postgresql::Server::Service'] } + autorequire(:anchor) { ['postgresql::server::service::begin'] } + autorequire(:service) { ['postgresqld'] } def should_run_sql(refreshing = false) onlyif_param = @parameters[:onlyif] diff --git a/spec/unit/defines/server/database_spec.rb b/spec/unit/defines/server/database_spec.rb index f0984f79bf..3290dc7ce4 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/unit/defines/server/database_spec.rb @@ -24,7 +24,7 @@ end it { is_expected.to contain_postgresql__server__database('test') } - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"') } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').that_requires('Service[postgresqld]') } context "with comment set to 'test comment'" do let(:params) { { comment: 'test comment' } } diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/unit/defines/server/grant_spec.rb index fa61e48ebc..e2d12d5e0e 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/unit/defines/server/grant_spec.rb @@ -213,7 +213,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do is_expected.to contain_postgresql_psql('grant:test') \ - .that_requires(['Class[postgresql::server::service]', 'Postgresql::Server::Role[test]']) + .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) end end diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/unit/defines/server/reassign_owned_by_spec.rb index 62174a172c..19ea8f1ad1 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/unit/defines/server/reassign_owned_by_spec.rb @@ -42,6 +42,6 @@ class {'postgresql::server':} is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_command('REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_onlyif(%r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) - .that_requires('Class[Postgresql::Server::Service]') + .that_requires('Service[postgresqld]') } end diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 5e3e005dfa..7180ec2bc5 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -69,7 +69,7 @@ .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") .with_port(5432) .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') - .that_requires('Class[postgresql::server::service]') + .that_requires('Service[postgresqld]') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') @@ -142,7 +142,7 @@ end it 'has drop role for "test" user if ensure absent' do - is_expected.to contain_postgresql_psql('DROP ROLE "test"').that_requires('Class[postgresql::server::service]') + is_expected.to contain_postgresql_psql('DROP ROLE "test"').that_requires('Service[postgresqld]') end end diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/unit/defines/server/tablespace_spec.rb index 6d7bc49c01..336a4f773b 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/unit/defines/server/tablespace_spec.rb @@ -32,7 +32,7 @@ it { is_expected.to contain_file('/srv/data/foo').with_ensure('directory') } it { is_expected.to contain_postgresql__server__tablespace('test') } - it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Class[postgresql::server::service]') } + it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Service[postgresqld]') } context 'with different owner' do let :params do From d7bd677b2255abbfe07ad22b3848c4c046363597 Mon Sep 17 00:00:00 2001 From: Daniel Carabas Date: Mon, 7 Jun 2021 13:07:23 +0300 Subject: [PATCH 0633/1000] (maint) pdksync - PDK Update --- .github/workflows/auto_release.yml | 2 -- .github/workflows/release.yml | 4 ++-- .github/workflows/spec.yml | 1 + .pdkignore | 1 + metadata.json | 4 ++-- spec/spec_helper.rb | 12 ++++++++++++ 6 files changed, 18 insertions(+), 6 deletions(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index d15d148d99..e028483600 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -1,8 +1,6 @@ name: "Auto release" on: - schedule: - - cron: '0 3 * * 6' workflow_dispatch: env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 76cf31ca13..1509f6e91f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,10 +38,10 @@ jobs: ref: ${{ github.ref }} clean: true - name: "PDK Build" - uses: docker://puppet/pdk:2.1.0.0 + uses: docker://puppet/pdk:nightly with: args: 'build' - name: "Push to Forge" - uses: docker://puppet/pdk:2.1.0.0 + uses: docker://puppet/pdk:nightly with: args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force' diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 03e2cb8d3e..16f9316035 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -83,6 +83,7 @@ jobs: env: BUILDEVENT_FILE: '../buildevents.txt' PUPPET_GEM_VERSION: ${{ matrix.puppet_version }} + FACTER_GEM_VERSION: 'https://github.com/puppetlabs/facter#main' steps: - run: | diff --git a/.pdkignore b/.pdkignore index 33a13477bd..c538bea8bd 100644 --- a/.pdkignore +++ b/.pdkignore @@ -27,6 +27,7 @@ /inventory.yaml /spec/fixtures/litmus_inventory.yaml /appveyor.yml +/.editorconfig /.fixtures.yml /Gemfile /.gitattributes diff --git a/metadata.json b/metadata.json index 702978a860..7642d798fe 100644 --- a/metadata.json +++ b/metadata.json @@ -83,7 +83,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.0.0", + "pdk-version": "2.1.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-ge04486b" + "template-ref": "heads/main-0-g03daa92" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 16764b6ff1..07db73426e 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -48,6 +48,18 @@ c.after(:suite) do RSpec::Puppet::Coverage.report!(0) end + + # Filter backtrace noise + backtrace_exclusion_patterns = [ + %r{spec_helper}, + %r{gems}, + ] + + if c.respond_to?(:backtrace_exclusion_patterns) + c.backtrace_exclusion_patterns = backtrace_exclusion_patterns + elsif c.respond_to?(:backtrace_clean_patterns) + c.backtrace_clean_patterns = backtrace_exclusion_patterns + end end # Ensures that a module is defined From c96b073b40b7d48ac5c7a4e68796b4f87ba65abd Mon Sep 17 00:00:00 2001 From: Manuel Tancoigne Date: Wed, 14 Apr 2021 17:38:03 +0200 Subject: [PATCH 0634/1000] Implement default privileges changes --- README.md | 13 + manifests/server/default_privileges.pp | 157 ++++++++++ .../server/default_privileges_spec.rb | 93 ++++++ .../defines/server/default_privileges_spec.rb | 288 ++++++++++++++++++ 4 files changed, 551 insertions(+) create mode 100644 manifests/server/default_privileges.pp create mode 100644 spec/acceptance/server/default_privileges_spec.rb create mode 100644 spec/unit/defines/server/default_privileges_spec.rb diff --git a/README.md b/README.md index 5499099647..31f2681932 100644 --- a/README.md +++ b/README.md @@ -131,6 +131,19 @@ This applies to objects within the nominated database, 'test_db' only. For Postgresql >= 9.3, the ownership of the database is also updated. +### Manage default permissions (PostgreSQL >= 9.6) + +To change default permissions for newly created objects using ALTER DEFAULT PRIVILEGES: + +```puppet +postgresql::server::default_privileges { 'marmot access to new tables on test_db': + db => 'test_db', + role => 'marmot', + privilege => 'ALL', + object_type => 'TABLES', +} +``` + ### Override defaults The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing. diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp new file mode 100644 index 0000000000..7311d5eb1a --- /dev/null +++ b/manifests/server/default_privileges.pp @@ -0,0 +1,157 @@ +# @summary Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. +# +# @param ensure Specifies whether to grant or revoke the privilege. +# @param role Specifies the role or user whom you are granting access to. +# @param db Specifies the database to which you are granting access. +# @param object_type Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. +# @param privilege Specifies comma-separated list of privileges to grant. Valid options: depends on object type. +# @param schema Target schema. Defaults to 'public'. +# @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default. +# @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. +# @param psql_path Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. +# @param port Specifies the port to access the server. Default value: The default user for the module, usually '5432'. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param psql_path Specifies the path to the psql command. +define postgresql::server::default_privileges ( + String $role, + String $db, + String $privilege, + Pattern[ + /(?i:^FUNCTIONS$)/, + /(?i:^ROUTINES$)/, + /(?i:^SEQUENCES$)/, + /(?i:^TABLES$)/, + /(?i:^TYPES$)/ + ] $object_type, + String $schema = 'public', + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Integer $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', + 'absent' + ] $ensure = 'present', + String $group = $postgresql::server::group, + String $psql_path = $postgresql::server::psql_path, +) { + + # If possible use the version of the remote database, otherwise + # fallback to our local DB version + if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + $version = $connect_settings['DBVERSION'] + } else { + $version = $postgresql::server::_version + } + + if (versioncmp($version, '9.6') == -1) { + fail 'Default_privileges is only useable with PostgreSQL >= 9.6' + } + + case $ensure { + default: { + # default is 'present' + $sql_command = 'ALTER DEFAULT PRIVILEGES IN SCHEMA %s GRANT %s ON %s TO "%s"' + $unless_is = true + } + 'absent': { + $sql_command = 'ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE %s ON %s FROM "%s"' + $unless_is = false + } + } + + # + # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port + # + if $port != undef { + $port_override = $port + } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + $port_override = undef + } else { + $port_override = $postgresql::server::port + } + + ## Munge the input values + $_object_type = upcase($object_type) + $_privilege = upcase($privilege) + + case $_object_type { + # Routines and functions ends up with the same definition + Pattern[ + /^ROUTINES$/, + /^FUNCTIONS$/, + ]: { + case $_privilege { + Pattern[ + /^ALL$/, + /^EXECUTE$/, + ]: { + $_check_privilege = 'X' + } + default: { fail('Illegal value for $privilege parameter') } + } + $_check_type = 'f' + } + 'SEQUENCES': { + case $_privilege { + /^(ALL)$/: { $_check_privilege = 'rwU' } + /^SELECT$/: { $_check_privilege = 'r'} + /^UPDATE$/: { $_check_privilege = 'w'} + /^USAGE$/: { $_check_privilege = 'U'} + default: { fail('Illegal value for $privilege parameter') } + } + $_check_type = 'S' + } + 'TABLES': { + case $_privilege { + /^ALL$/: { $_check_privilege = 'arwdDxt' } + /^DELETE$/: { $_check_privilege = 'd' } + /^INSERT$/: { $_check_privilege = 'a' } + /^REFERENCES$/: { $_check_privilege = 'x' } + /^SELECT$/: { $_check_privilege = 'r' } + /^TRIGGER$/: { $_check_privilege = 'd' } + /^TRUNCATE$/: { $_check_privilege = 'D' } + /^UPDATE$/: { $_check_privilege = 'w' } + default: { fail('Illegal value for $privilege parameter') } + } + $_check_type = 'r' + } + 'TYPES': { + case $_privilege { + /^(ALL|USAGE)$/: { $_check_privilege = 'U'} + default: { fail('Illegal value for $privilege parameter') } + } + $_check_type = 'T' + } + default: { + fail("Missing privilege validation for object type ${_object_type}") + } + } + + $_unless = $ensure ? { + 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')", + default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')" + } + + $unless_cmd = sprintf($_unless, $role, $_check_privilege, $schema, $_check_type) + $grant_cmd = sprintf($sql_command, $schema, $_privilege, $_object_type, $role) + + postgresql_psql { "default_privileges:${name}": + command => $grant_cmd, + db => $db, + port => $port_override, + connect_settings => $connect_settings, + psql_user => $psql_user, + psql_group => $group, + psql_path => $psql_path, + unless => $unless_cmd, + environment => "PGOPTIONS=--client-min-messages=error" + } + + if($role != undef and defined(Postgresql::Server::Role[$role])) { + Postgresql::Server::Role[$role]->Postgresql_psql["default_privileges:${name}"] + } + + if($db != undef and defined(Postgresql::Server::Database[$db])) { + Postgresql::Server::Database[$db]->Postgresql_psql["default_privileges:${name}"] + } +} diff --git a/spec/acceptance/server/default_privileges_spec.rb b/spec/acceptance/server/default_privileges_spec.rb new file mode 100644 index 0000000000..d5d9f259c5 --- /dev/null +++ b/spec/acceptance/server/default_privileges_spec.rb @@ -0,0 +1,93 @@ +# frozen_string_literal: true + +require 'spec_helper_acceptance' + +describe 'postgresql::server::default_privileges:' do + let(:db) { 'grant_role_test' } + let(:user) { 'psql_grant_role_tester' } + let(:group) { 'test_group' } + let(:password) { 'psql_grant_role_pw' } + + # Check that the default privileges were revoked + let(:check_command) do + "SELECT * FROM pg_default_acl a JOIN pg_namespace b ON a.defaclnamespace = b.oid WHERE '#{user}=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r';" + end + + let(:pp_one) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Set default privileges on tables + postgresql::server::default_privileges { "alter default privileges grant all on tables to ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'TABLES', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + let(:pp_two) do + <<-MANIFEST + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Removes default privileges on tables + postgresql::server::default_privileges { "alter default privileges revoke all on tables for ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'TABLES', + ensure => 'absent', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + + it 'grants default privileges to an user' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + idempotent_apply(pp_one) + + psql("--command=\"SET client_min_messages = 'error';#{check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + + it 'revokes default privileges for an user' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + apply_manifest(pp_one, catch_failures: true) + apply_manifest(pp_two, expect_changes: true) + + psql("--command=\"SET client_min_messages = 'error';#{check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') + end + end + end +end diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb new file mode 100644 index 0000000000..8fb98eb95f --- /dev/null +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -0,0 +1,288 @@ +# frozen_string_literal: true + +require 'spec_helper' +require 'spec_helper_acceptance' + +describe 'postgresql::server::default_privileges', type: :define do + let :facts do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '9.0', 'major' => '9' }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :title do + 'test' + end + + context 'with unsupported PostgreSQL version' do + let(:facts) do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0', 'major' => '8' }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + } + end + + let :pre_condition do + "class {'postgresql::server': }" + end + + it { is_expected.to compile.and_raise_error(%r{Default_privileges is only useable with PostgreSQL >= 9.6}m) } + end + + context 'case insensitive object_type and privilege match' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'aLl', + object_type: 'TaBlEs', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') + end + end + end + + context 'invalid object_type' do + context 'tables' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'wrong_type', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.and_raise_error(%r{parameter 'object_type' expects a match for Pattern}) } + end + end + end + + context 'valid object_type' do + context 'supported privilege' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength + end + end + end + + context 'unsupported privilege' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'wrong_privilege', + object_type: 'tables', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.and_raise_error(%r{Illegal value for \$privilege parameter}) } + end + end + end + + context 'with specific db connection settings - default port' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.6' }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql_psql('default_privileges:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6').with_port(5432) } + end + + context 'with specific db connection settings - including port' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.6', + 'PGPORT' => '1234' }, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql_psql('default_privileges:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', 'PGPORT' => '1234') } + end + + context 'with specific db connection settings - port overriden by explicit parameter' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.6', + 'PGPORT' => '1234' }, + port: 5678, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql_psql('default_privileges:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', 'PGPORT' => '1234').with_port('5678') } + end + + context 'with specific schema name' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + schema: 'my_schema' + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength + end + end + end + + context 'with a role defined' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + } + end + + let :pre_condition do + <<-EOS + class {'postgresql::server':} + postgresql::server::role { 'test': } + EOS + end + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql__server__role('test') } + it do + is_expected.to contain_postgresql_psql('default_privileges:test') \ + .that_requires(['Class[postgresql::server::service]', 'Postgresql::Server::Role[test]']) + end + end + end + + context 'standalone not managing server' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'execute', + object_type: 'functions', + group: 'postgresql', + psql_path: '/usr/bin', + psql_user: 'postgres', + psql_db: 'db', + port: 1542, + connect_settings: { 'DBVERSION' => '9.6' }, + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.not_to contain_class('postgresql::server') } + end +end From b21cb9e777461f34a0833d6c40731f84ecf2e9d9 Mon Sep 17 00:00:00 2001 From: sheena Date: Mon, 28 Jun 2021 17:07:41 +0100 Subject: [PATCH 0635/1000] (maint) update test with the changes from Autorequire the service --- spec/unit/defines/server/default_privileges_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb index 8fb98eb95f..df8abf5b01 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -261,7 +261,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do is_expected.to contain_postgresql_psql('default_privileges:test') \ - .that_requires(['Class[postgresql::server::service]', 'Postgresql::Server::Role[test]']) + .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) end end end From bcc1181117ffed351a127eaab7c53900b4d3622f Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Mon, 21 Jun 2021 17:20:09 +0100 Subject: [PATCH 0636/1000] (maint) Updating changelog generator config --- .github_changelog_generator | 3 --- metadata.json | 4 ++-- 2 files changed, 2 insertions(+), 5 deletions(-) delete mode 100644 .github_changelog_generator diff --git a/.github_changelog_generator b/.github_changelog_generator deleted file mode 100644 index 7c3fb127ea..0000000000 --- a/.github_changelog_generator +++ /dev/null @@ -1,3 +0,0 @@ -user=puppetlabs -project=puppetlabs-postgresql -since_tag=5.3.0 diff --git a/metadata.json b/metadata.json index 7642d798fe..add8a0d753 100644 --- a/metadata.json +++ b/metadata.json @@ -83,7 +83,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.1.0", + "pdk-version": "2.1.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g03daa92" + "template-ref": "tags/2.1.1-0-g03daa92" } From 0e3e17af39a32c134d85c18ae94b672e066430ed Mon Sep 17 00:00:00 2001 From: Pavel Sapezhko Date: Fri, 2 Jul 2021 11:30:18 +0300 Subject: [PATCH 0637/1000] Do not add version component to repo definition --- manifests/repo/apt_postgresql_org.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 9bea6e2b93..22b5bd0c24 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -17,7 +17,7 @@ -> apt::source { 'apt.postgresql.org': location => $_baseurl, release => "${facts['os']['distro']['codename']}-pgdg", - repos => "main ${postgresql::repo::version}", + repos => 'main', key => { id => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', From e08a303ee7c5c9658a242054e0fedb22b26ae93c Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Tue, 20 Jul 2021 15:28:55 +0100 Subject: [PATCH 0638/1000] (maint) Updating CONTRIBUTING guidelines --- CONTRIBUTING.md | 270 +----------------------------------------------- 1 file changed, 1 insertion(+), 269 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9c171f9949..e7a3a7c3fe 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,271 +1,3 @@ # Contributing to Puppet modules -So you want to contribute to a Puppet module: Great! Below are some instructions to get you started doing -that very thing while setting expectations around code quality as well as a few tips for making the -process as easy as possible. - -### Table of Contents - -1. [Getting Started](#getting-started) -1. [Commit Checklist](#commit-checklist) -1. [Submission](#submission) -1. [More about commits](#more-about-commits) -1. [Testing](#testing) - - [Running Tests](#running-tests) - - [Writing Tests](#writing-tests) -1. [Get Help](#get-help) - -## Getting Started - -- Fork the module repository on GitHub and clone to your workspace - -- Make your changes! - -## Commit Checklist - -### The Basics - -- [x] my commit is a single logical unit of work - -- [x] I have checked for unnecessary whitespace with "git diff --check" - -- [x] my commit does not include commented out code or unneeded files - -### The Content - -- [x] my commit includes tests for the bug I fixed or feature I added - -- [x] my commit includes appropriate documentation changes if it is introducing a new feature or changing existing functionality - -- [x] my code passes existing test suites - -### The Commit Message - -- [x] the first line of my commit message includes: - - - [x] an issue number (if applicable), e.g. "(MODULES-xxxx) This is the first line" - - - [x] a short description (50 characters is the soft limit, excluding ticket number(s)) - -- [x] the body of my commit message: - - - [x] is meaningful - - - [x] uses the imperative, present tense: "change", not "changed" or "changes" - - - [x] includes motivation for the change, and contrasts its implementation with the previous behavior - -## Submission - -### Pre-requisites - -- Make sure you have a [GitHub account](https://github.com/join) - -- [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. - -### Push and PR - -- Push your changes to your fork - -- [Open a Pull Request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) against the repository in the puppetlabs organization - -## More about commits - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "main". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - 3. Update the related JIRA issue. - - If there is a JIRA issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -# Testing - -## Getting Started - -Our Puppet modules provide [`Gemfile`](./Gemfile)s, which can tell a Ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, and then use it to -install all dependencies needed for this project in the project root by running - -```shell -% bundle install --path .bundle/gems -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE: some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -## Running Tests - -With all dependencies in place and up-to-date, run the tests: - -### Unit Tests - -```shell -% bundle exec rake spec -``` - -This executes all the [rspec tests](http://rspec-puppet.com/) in the directories defined [here](https://github.com/puppetlabs/puppetlabs_spec_helper/blob/699d9fbca1d2489bff1736bb254bb7b7edb32c74/lib/puppetlabs_spec_helper/rake_tasks.rb#L17) and so on. -rspec tests may have the same kind of dependencies as the module they are testing. Although the module defines these dependencies in its [metadata.json](./metadata.json), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -### Acceptance Tests - -Some Puppet modules also come with acceptance tests, which use [beaker][]. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/), controlled with [Vagrant](http://www.vagrantup.com/), to simulate scripted test -scenarios. In order to run these, you need both Virtualbox and Vagrant installed on your system. - -Run the tests by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install Puppet, copy this module, and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -## Writing Tests - -### Unit Tests - -When writing unit tests for Puppet, [rspec-puppet][] is your best friend. It provides tons of helper methods for testing your manifests against a -catalog (e.g. contain_file, contain_package, with_params, etc). It would be ridiculous to try and top rspec-puppet's [documentation][rspec-puppet_docs] -but here's a tiny sample: - -Sample manifest: - -```puppet -file { "a test file": - ensure => present, - path => "/etc/sample", -} -``` - -Sample test: - -```ruby -it 'does a thing' do - expect(subject).to contain_file("a test file").with({:path => "/etc/sample"}) -end -``` - -### Acceptance Tests - -Writing acceptance tests for Puppet involves [beaker][] and its cousin [beaker-rspec][]. A common pattern for acceptance tests is to create a test manifest, apply it -twice to check for idempotency or errors, then run expectations. - -```ruby -it 'does an end-to-end thing' do - pp = <<-EOF - file { 'a test file': - ensure => present, - path => "/etc/sample", - content => "test string", - } - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - -end - -describe file("/etc/sample") do - it { is_expected.to contain "test string" } -end - -``` - -# If you have commit access to the repository - -Even if you have commit access to the repository, you still need to go through the process above, and have someone else review and merge -in your changes. The rule is that **all changes must be reviewed by a project developer that did not write the code to ensure that -all changes go through a code review process.** - -The record of someone performing the merge is the record that they performed the code review. Again, this should be someone other than the author of the topic branch. - -# Get Help - -### On the web -* [Puppet help messageboard](http://puppet.com/community/get-help) -* [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) -* [General GitHub documentation](http://help.github.com/) -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - -### On chat -* Slack (slack.puppet.com) #forge-modules, #puppet-dev, #windows, #voxpupuli -* IRC (freenode) #puppet-dev, #voxpupuli - - -[rspec-puppet]: http://rspec-puppet.com/ -[rspec-puppet_docs]: http://rspec-puppet.com/documentation/ -[beaker]: https://github.com/puppetlabs/beaker -[beaker-rspec]: https://github.com/puppetlabs/beaker-rspec +Check out our [Contributing to Supported Modules Blog Post](https://puppetlabs.github.io/iac/docs/contributing_to_a_module.html) to find all the information that you will need. From 15a431824b9647c4f6dae5400ebde7f067072894 Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 3 Aug 2021 09:37:02 +0100 Subject: [PATCH 0639/1000] (maint) - Set max_issues for changelog generator to 500 --- .sync.yml | 1 + Rakefile | 1 + 2 files changed, 2 insertions(+) diff --git a/.sync.yml b/.sync.yml index 50a547c6aa..ce0b038531 100644 --- a/.sync.yml +++ b/.sync.yml @@ -10,6 +10,7 @@ Gemfile: - gem: github_changelog_generator Rakefile: changelog_user: puppetlabs + changelog_max_issues: 500 spec/spec_helper.rb: mock_with: ":rspec" coverage_report: true diff --git a/Rakefile b/Rakefile index 68362aa8fd..14251287c2 100644 --- a/Rakefile +++ b/Rakefile @@ -48,6 +48,7 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" config.project = "#{changelog_project}" + config.max_issues = 500 config.future_release = "#{changelog_future_release}" config.exclude_labels = ['maintenance'] config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." From b429781ac5137fa934042c5bee634ca0c2855adb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 3 Aug 2021 12:25:03 +0000 Subject: [PATCH 0640/1000] Release prep v7.3.0 --- CHANGELOG.md | 15 +++++- REFERENCE.md | 125 ++++++++++++++++++++++++++++++++++++++++++++++++++ metadata.json | 2 +- 3 files changed, 140 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e2499bd36..b4ff892674 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-22) +## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) (2021-08-03) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.2.0...v7.3.0) + +### Added + +- MODULES-11049 - Implement default privileges changes [\#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) + +### Fixed + +- Do not add version component to repo definition [\#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) +- \(MODULES-8700\) Autorequire the service in postgresql\_psql [\#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) + +## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.1.0...v7.2.0) diff --git a/REFERENCE.md b/REFERENCE.md index 37b25d5d07..e464a74fe2 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -41,6 +41,7 @@ * [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. * [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. * [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correctpermissions. +* [`postgresql::server::default_privileges`](#postgresqlserverdefault_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. * [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. * [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. * [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. @@ -1721,6 +1722,130 @@ Sets a user as the owner of the database. Default value: ``undef`` +### `postgresql::server::default_privileges` + +Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. + +#### Parameters + +The following parameters are available in the `postgresql::server::default_privileges` defined type: + +* [`ensure`](#ensure) +* [`role`](#role) +* [`db`](#db) +* [`object_type`](#object_type) +* [`privilege`](#privilege) +* [`schema`](#schema) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`psql_path`](#psql_path) +* [`port`](#port) +* [`connect_settings`](#connect_settings) +* [`psql_path`](#psql_path) +* [`group`](#group) + +##### `ensure` + +Data type: `Enum['present', + 'absent' + ]` + +Specifies whether to grant or revoke the privilege. + +Default value: `'present'` + +##### `role` + +Data type: `String` + +Specifies the role or user whom you are granting access to. + +##### `db` + +Data type: `String` + +Specifies the database to which you are granting access. + +##### `object_type` + +Data type: `Pattern[ + /(?i:^FUNCTIONS$)/, + /(?i:^ROUTINES$)/, + /(?i:^SEQUENCES$)/, + /(?i:^TABLES$)/, + /(?i:^TYPES$)/ + ]` + +Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. + +##### `privilege` + +Data type: `String` + +Specifies comma-separated list of privileges to grant. Valid options: depends on object type. + +##### `schema` + +Data type: `String` + +Target schema. Defaults to 'public'. + +Default value: `'public'` + +##### `psql_db` + +Data type: `String` + +Defines the database to execute the grant against. This should not ordinarily be changed from the default. + +Default value: `$postgresql::server::default_database` + +##### `psql_user` + +Data type: `String` + +Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. + +Default value: `$postgresql::server::user` + +##### `psql_path` + +Data type: `String` + +Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. + +Default value: `$postgresql::server::psql_path` + +##### `port` + +Data type: `Integer` + +Specifies the port to access the server. Default value: The default user for the module, usually '5432'. + +Default value: `$postgresql::server::port` + +##### `connect_settings` + +Data type: `Hash` + +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: `$postgresql::server::default_connect_settings` + +##### `psql_path` + +Specifies the path to the psql command. + +Default value: `$postgresql::server::psql_path` + +##### `group` + +Data type: `String` + + + +Default value: `$postgresql::server::group` + ### `postgresql::server::extension` Activate an extension on a postgresql database. diff --git a/metadata.json b/metadata.json index add8a0d753..e3c3c8f3dc 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.2.0", + "version": "7.3.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From c8303fd1791ac66633429be0682b7a583b16d391 Mon Sep 17 00:00:00 2001 From: adrianiurca Date: Wed, 11 Aug 2021 15:57:07 +0300 Subject: [PATCH 0641/1000] Reflect change of default in ensure_packages https://github.com/puppetlabs/puppetlabs-stdlib/commit/77a9c07c9e64f03b12a4d8068941609f44829c8b changed the default for ensure_packages() in stdlib. This change updates the tests to match that default change. --- spec/unit/classes/server/config_spec.rb | 8 ++++---- spec/unit/defines/server/extension_spec.rb | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 1e413b08d2..a1ce20efab 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -32,7 +32,7 @@ end it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python') .with(ensure: 'present') + is_expected.to contain_package('policycoreutils-python').with(ensure: 'installed') is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') @@ -141,7 +141,7 @@ class { 'postgresql::server': } end it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') @@ -214,7 +214,7 @@ class { 'postgresql::server': } end it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python-utils') .with(ensure: 'present') + is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') @@ -282,7 +282,7 @@ class { 'postgresql::server': } end it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils') .with(ensure: 'present') + is_expected.to contain_package('policycoreutils').with(ensure: 'installed') is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 6c889601c0..04899982cd 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -54,7 +54,7 @@ it { is_expected.to contain_package('postgis') - .with(ensure: 'present', name: 'postgis').that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') + .with(ensure: 'installed', name: 'postgis').that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') } end @@ -86,7 +86,7 @@ it { is_expected.to contain_package('postgis') - .with(ensure: 'present', name: 'postgis').that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') + .with(ensure: 'installed', name: 'postgis').that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') } end end From fc01e83f5a62dfe673e6f8428c6aa6bbee4e059f Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 15 Aug 2021 20:28:32 +0200 Subject: [PATCH 0642/1000] Remove use of spec_helper_acceptance in unit tests In c96b073b40b7d48ac5c7a4e68796b4f87ba65abd the acceptance helper was included in the unit tests. This should never happen and breaks the tests. It appears it was included to have a postgresql_version but that should be defined in let blocks. The acceptance helper only works if there is an actual target machine. Fixes: c96b073b40b7d48ac5c7a4e68796b4f87ba65abd --- .../defines/server/default_privileges_spec.rb | 71 ++++++++----------- 1 file changed, 29 insertions(+), 42 deletions(-) diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb index df8abf5b01..9b47538159 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -1,7 +1,6 @@ # frozen_string_literal: true require 'spec_helper' -require 'spec_helper_acceptance' describe 'postgresql::server::default_privileges', type: :define do let :facts do @@ -65,13 +64,11 @@ "class {'postgresql::server':}" end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql__server__default_privileges('test') } - it do - is_expected.to contain_postgresql_psql('default_privileges:test') - .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') - end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') end end @@ -90,9 +87,7 @@ "class {'postgresql::server':}" end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.and_raise_error(%r{parameter 'object_type' expects a match for Pattern}) } - end + it { is_expected.to compile.and_raise_error(%r{parameter 'object_type' expects a match for Pattern}) } end end @@ -111,16 +106,14 @@ "class {'postgresql::server':}" end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql__server__default_privileges('test') } - it do - # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') - .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') - .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") - # rubocop:enable Layout/LineLength - end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength end end @@ -138,9 +131,7 @@ "class {'postgresql::server':}" end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.and_raise_error(%r{Illegal value for \$privilege parameter}) } - end + it { is_expected.to compile.and_raise_error(%r{Illegal value for \$privilege parameter}) } end end @@ -225,16 +216,14 @@ "class {'postgresql::server':}" end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql__server__default_privileges('test') } - it do - # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') - .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema GRANT ALL ON TABLES TO "test"') - .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") - # rubocop:enable Layout/LineLength - end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength end end @@ -255,14 +244,12 @@ class {'postgresql::server':} EOS end - if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_postgresql__server__default_privileges('test') } - it { is_expected.to contain_postgresql__server__role('test') } - it do - is_expected.to contain_postgresql_psql('default_privileges:test') \ - .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) - end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql__server__role('test') } + it do + is_expected.to contain_postgresql_psql('default_privileges:test') \ + .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) end end From 4b77cf3721c01bc1b213812f091b1ef6128ea2d4 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 4 Aug 2021 15:42:32 +0100 Subject: [PATCH 0643/1000] (IAC-1709) - Add Support for Debian 11 --- metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e3c3c8f3dc..d56b0cc50a 100644 --- a/metadata.json +++ b/metadata.json @@ -57,7 +57,8 @@ "operatingsystemrelease": [ "8", "9", - "10" + "10", + "11" ] }, { From f469118e1fdffc312ae00e238bc88ff167a87cee Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 11 Aug 2021 10:17:05 +0100 Subject: [PATCH 0644/1000] (IAC-1727) - Set default Postgresql version for Debian 11 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 3aec3aa062..866bae314b 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -197,6 +197,7 @@ '8' => '9.4', '9' => '9.6', '10' => '11', + '11' => '13', default => undef, }, 'Ubuntu' => $facts['os']['release']['major'] ? { From d878d13f030cdd872cbb04c43ad0f065fec0b923 Mon Sep 17 00:00:00 2001 From: Cocker Koch Date: Sat, 12 Jun 2021 23:01:20 +0200 Subject: [PATCH 0645/1000] Use Puppet-Datatype Sensitive for Passwords - add Parameter "sensitive" to Function postgresql_password to decide if its Returnvalue should be of Datatype Sensitive - let defined Type postgresql::server::role accept Datatype Sensitive for $password_hash - let defined Type postgresql::server::db accept Datatype Sensitive for $password - let Class postgresql::server accept Datatype Sensitive for $postgres_password - let defined Type postgresql::validate_db_connection accept Sensitive for $database_password --- .sync.yml | 3 + REFERENCE.md | 24 ++++--- .../postgresql/postgresql_password.rb | 20 ++++-- manifests/server.pp | 2 +- manifests/server/db.pp | 4 +- manifests/server/default_privileges.pp | 2 +- manifests/server/passwd.pp | 7 +- manifests/server/role.pp | 33 ++++++---- manifests/validate_db_connection.pp | 18 ++++-- spec/unit/defines/server/role_spec.rb | 64 +++++++++++++------ 10 files changed, 120 insertions(+), 57 deletions(-) diff --git a/.sync.yml b/.sync.yml index ce0b038531..7fa2304791 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,6 +1,9 @@ --- ".gitlab-ci.yml": delete: true +.puppet-lint.rc: + extra_disabled_lint_checks: + - 140chars-check appveyor.yml: delete: true diff --git a/REFERENCE.md b/REFERENCE.md index e464a74fe2..8b5439bab1 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -863,7 +863,7 @@ The following parameters are available in the `postgresql::server` class: ##### `postgres_password` -Data type: `Any` +Data type: `Variant[String, Sensitive[String]]` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. @@ -1646,7 +1646,7 @@ User to create and assign access to the database upon creation. Mandatory. ##### `password` -Data type: `Any` +Data type: `Variant[String, Sensitive[String]]` Required Sets the password for the created user. @@ -2571,7 +2571,7 @@ Default value: ``true`` ##### `password_hash` -Data type: `Any` +Data type: `Variant[String, Sensitive[String]]` Sets the hash to use during password creation. @@ -2713,7 +2713,7 @@ Create a new schema. #### Examples -##### +##### ```puppet postgresql::server::schema {'private': @@ -2944,7 +2944,7 @@ Default value: ``undef`` ##### `database_password` -Data type: `Any` +Data type: `Variant[String, Sensitive[String]]` Specifies the password to connect with. @@ -3106,6 +3106,8 @@ The name of the database you are trying to validate a connection with. ##### `db_password` +Data type: `Variant[String, Sensitive[String]]` + The password required to access the target PostgreSQL database. ##### `db_username` @@ -3319,7 +3321,7 @@ This function pull default values from the `params` class or `globals` class if #### Examples -##### +##### ```puppet postgresql::default('variable') @@ -3333,7 +3335,7 @@ Returns: `Any` ##### Examples -###### +###### ```puppet postgresql::default('variable') @@ -3369,7 +3371,7 @@ Type: Ruby 4.x API This function returns the postgresql password hash from the clear text username / password -#### `postgresql::postgresql_password(Variant[String[1],Integer] $username, Variant[String[1],Integer] $password)` +#### `postgresql::postgresql_password(Variant[String[1],Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password)` The postgresql::postgresql_password function. @@ -3387,6 +3389,12 @@ Data type: `Variant[String[1],Integer]` The clear text `password` +##### `sensitive` + +Data type: `Boolean` + +If the Postgresql-Passwordhash should be of Datatype Sensitive[String] + ### `postgresql_escape` Type: Ruby 4.x API diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 30b1bfcf80..f22db18f05 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -6,15 +6,25 @@ # The clear text `username` # @param password # The clear text `password` + # @param sensitive + # If the Postgresql-Passwordhash should be of Datatype Sensitive[String] # - # @return [String] + # @return # The postgresql password hash from the clear text username / password. dispatch :default_impl do - param 'Variant[String[1],Integer]', :username - param 'Variant[String[1],Integer]', :password + required_param 'Variant[String[1], Integer]', :username + required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password + optional_param 'Boolean', :sensitive + return_type 'Variant[String, Sensitive[String]]' end - def default_impl(username, password) - 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + def default_impl(username, password, sensitive = false) + password = password.unwrap if password.respond_to?(:unwrap) + result_string = 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + if sensitive + Puppet::Pops::Types::PSensitiveType::Sensitive.new(result_string) + else + result_string + end end end diff --git a/manifests/server.pp b/manifests/server.pp index 07bbff49c1..5b9af035cb 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -83,7 +83,7 @@ # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # class postgresql::server ( - $postgres_password = undef, + Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = undef, $package_name = $postgresql::params::server_package_name, $package_ensure = $postgresql::params::package_ensure, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index f98de6f268..3024c2909c 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,5 +1,5 @@ # @summary Define for conveniently creating a role, database and assigning the correctpermissions. -# +# # @param user User to create and assign access to the database upon creation. Mandatory. # @param password Required Sets the password for the created user. # @param comment Defines a comment to be stored about the database using the PostgreSQL COMMENT command. @@ -13,7 +13,7 @@ # @param owner Sets a user as the owner of the database. define postgresql::server::db ( $user, - $password, + Variant[String, Sensitive[String]] $password, $comment = undef, $dbname = $title, $encoding = $postgresql::server::encoding, diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 7311d5eb1a..87e079a146 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -144,7 +144,7 @@ psql_group => $group, psql_path => $psql_path, unless => $unless_cmd, - environment => "PGOPTIONS=--client-min-messages=error" + environment => 'PGOPTIONS=--client-min-messages=error' } if($role != undef and defined(Postgresql::Server::Role[$role])) { diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index a2f52ba18b..93ceb96966 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -1,6 +1,11 @@ # @api private class postgresql::server::passwd { - $postgres_password = $postgresql::server::postgres_password + $postgres_password = if $postgresql::server::postgres_password =~ Sensitive { + $postgresql::server::postgres_password.unwrap + } else { + $postgresql::server::postgres_password + } + $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 0ef4651531..cba36ec54c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -20,7 +20,7 @@ # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. define postgresql::server::role ( $update_password = true, - $password_hash = false, + Variant[Boolean, String, Sensitive[String]] $password_hash = false, $createdb = false, $createrole = false, $db = $postgresql::server::default_database, @@ -38,6 +38,11 @@ $module_workdir = $postgresql::server::module_workdir, Enum['present', 'absent'] $ensure = 'present', ) { + $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { + $password_hash.unwrap + } else { + $password_hash + } # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # @@ -75,17 +80,17 @@ $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } $replication_sql = $replication ? { true => 'REPLICATION', default => '' } - if ($password_hash != false) { - $password_sql = "ENCRYPTED PASSWORD '${password_hash}'" + if ($password_hash_unsensitive != false) { + $password_sql = "ENCRYPTED PASSWORD '${password_hash_unsensitive}'" } else { $password_sql = '' } postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": - command => Sensitive("CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}"), - unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", - require => undef, - sensitive => true, + command => Sensitive("CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}"), + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", + require => undef, + sensitive => true, } postgresql_psql { "ALTER ROLE \"${username}\" ${superuser_sql}": @@ -124,17 +129,17 @@ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } - if $password_hash and $update_password { - if($password_hash =~ /^md5.+/) { - $pwd_hash_sql = $password_hash + if $password_hash_unsensitive and $update_password { + if($password_hash_unsensitive =~ /^md5.+/) { + $pwd_hash_sql = $password_hash_unsensitive } else { - $pwd_md5 = md5("${password_hash}${username}") + $pwd_md5 = md5("${password_hash_unsensitive}${username}") $pwd_hash_sql = "md5${pwd_md5}" } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": - command => Sensitive("ALTER ROLE \"${username}\" ${password_sql}"), - unless => Sensitive("SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'"), - sensitive => true, + command => Sensitive("ALTER ROLE \"${username}\" ${password_sql}"), + unless => Sensitive("SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'"), + sensitive => true, } } } else { diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 2a382006a6..7478fd4397 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -1,5 +1,5 @@ # @summary This type validates that a successful postgres connection. -# +# # @note # This validated if the postgres connection can be established # between the node on which this resource is run and a specified postgres @@ -20,7 +20,7 @@ define postgresql::validate_db_connection ( $database_host = undef, $database_name = undef, - $database_password = undef, + Optional[Variant[String, Sensitive[String]]] $database_password = undef, $database_username = undef, $database_port = undef, $connect_settings = undef, @@ -34,6 +34,12 @@ warning('postgresql::validate_db_connection is deprecated, please use postgresql_conn_validator.') + $database_password_unsensitive = if $database_password =~ Sensitive[String] { + $database_password.unwrap + } else { + $database_password + } + $psql_path = $postgresql::params::psql_path $module_workdir = $postgresql::params::module_workdir $validcon_script_path = $postgresql::client::validcon_script_path @@ -55,9 +61,9 @@ undef => "--dbname ${postgresql::params::default_database} ", default => "--dbname ${database_name} ", } - $pass_env = $database_password ? { + $pass_env = $database_password_unsensitive ? { undef => undef, - default => "PGPASSWORD=${database_password}", + default => "PGPASSWORD=${database_password_unsensitive}", } $cmd = join([$cmd_init, $cmd_host, $cmd_user, $cmd_port, $cmd_dbname], ' ') $validate_cmd = "${validcon_script_path} ${sleep} ${tries} '${cmd}'" @@ -66,8 +72,8 @@ # time it takes to run each psql command. $timeout = (($sleep + 2) * $tries) - # Combine $database_password and $connect_settings into an array of environment - # variables, ensure $database_password is last, allowing it to override a password + # Combine $database_password_unsensitive and $connect_settings into an array of environment + # variables, ensure $database_password_unsensitive is last, allowing it to override a password # from the $connect_settings hash if $connect_settings != undef { if $pass_env != undef { diff --git a/spec/unit/defines/server/role_spec.rb b/spec/unit/defines/server/role_spec.rb index 7180ec2bc5..53f2e93553 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/unit/defines/server/role_spec.rb @@ -20,30 +20,56 @@ 'test' end - let :params do - { - password_hash: 'new-pa$s', - } - end - let :pre_condition do "class {'postgresql::server':}" end - it { is_expected.to contain_postgresql__server__role('test') } - it 'has create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => '5432') + context 'with Password Datatype String' do + let :params do + { + password_hash: 'new-pa$s', + } + end + + it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432') + end + it 'has alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', + 'port' => '5432') + end end - it 'has alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', - 'port' => '5432') + + context 'with Password Datatype Sensitive[String]' do + let :params do + { + password_hash: sensitive('new-pa$s'), + } + end + + it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432') + end + it 'has alter role for "test" user with password as ****' do + is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', + 'port' => '5432') + end end context 'with specific db connection settings - default port' do From 8cc1660c009d54ee35ab751175901adb6a9da9e5 Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Thu, 12 Aug 2021 08:30:55 +0200 Subject: [PATCH 0646/1000] drop code for Debian 6/7 and Ubuntu 10.04/12.04 Support for these was dropped in 3d1e1e31 and e61579ff, but the code remained. --- manifests/globals.pp | 4 ---- manifests/server/config_entry.pp | 11 +--------- manifests/server/initdb.pp | 24 ---------------------- spec/unit/defines/server/extension_spec.rb | 10 ++++----- 4 files changed, 6 insertions(+), 43 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 3aec3aa062..59f2523525 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -192,16 +192,12 @@ }, 'Debian' => $facts['os']['name'] ? { 'Debian' => $facts['os']['release']['major'] ? { - '6' => '8.4', - '7' => '9.1', '8' => '9.4', '9' => '9.6', '10' => '11', default => undef, }, 'Ubuntu' => $facts['os']['release']['major'] ? { - /^(10.04|10.10|11.04)$/ => '8.4', - /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(14.04)$/ => '9.3', /^(14.10|15.04|15.10)$/ => '9.4', /^(16.04|16.10)$/ => '9.5', diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 133a3b0236..25f3528267 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -97,16 +97,7 @@ # a systemd override for the port or update the sysconfig file, but this # is managed for us in postgresql::server::config. if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { - if $name == 'port' and $facts['os']['release']['major'] in ['6', '10.04'] { - exec { "postgresql_stop_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep 'port = ${value}' ${postgresql::server::postgresql_conf_path}", - path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', - before => Postgresql_conf[$name], - } - } - elsif $name == 'data_directory' { + if $name == 'data_directory' { exec { "postgresql_stop_${name}": command => "service ${postgresql::server::service_name} stop", onlyif => "service ${postgresql::server::service_name} status", diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 3385704872..2454a43c62 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -146,30 +146,6 @@ require => File[$require_before_initdb], cwd => $module_workdir, } - # The package will take care of this for us the first time, but if we - # ever need to init a new db we need to copy these files explicitly - if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { - if $facts['os']['release']['major'] in ['6', '7', '10.04', '12.04'] { - file { 'server.crt': - ensure => file, - path => "${datadir}/server.crt", - source => 'file:///etc/ssl/certs/ssl-cert-snakeoil.pem', - owner => $postgresql::server::user, - group => $postgresql::server::group, - mode => '0644', - require => Exec['postgresql_initdb'], - } - file { 'server.key': - ensure => file, - path => "${datadir}/server.key", - source => 'file:///etc/ssl/private/ssl-cert-snakeoil.key', - owner => $postgresql::server::user, - group => $postgresql::server::group, - mode => '0600', - require => Exec['postgresql_initdb'], - } - } - } } elsif $encoding != undef { # [workaround] # by default pg_createcluster encoding derived from locale diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/unit/defines/server/extension_spec.rb index 04899982cd..44454e8216 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/unit/defines/server/extension_spec.rb @@ -132,7 +132,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '6.0', 'major' => '6' }, + release: { 'full' => '10.0', 'major' => '10' }, }, kernel: 'Linux', id: 'root', @@ -148,9 +148,9 @@ } end - it { is_expected.to contain_file('/var/lib/postgresql/8.4/main') } # FIXME: be more precise - it { is_expected.to contain_concat('/etc/postgresql/8.4/main/pg_hba.conf') } # FIXME: be more precise - it { is_expected.to contain_concat('/etc/postgresql/8.4/main/pg_ident.conf') } # FIXME: be more precise + it { is_expected.to contain_file('/var/lib/postgresql/11/main') } # FIXME: be more precise + it { is_expected.to contain_concat('/etc/postgresql/11/main/pg_hba.conf') } # FIXME: be more precise + it { is_expected.to contain_concat('/etc/postgresql/11/main/pg_ident.conf') } # FIXME: be more precise context 'with mandatory arguments only' do it { @@ -166,7 +166,7 @@ os: { family: 'Debian', name: 'Debian', - release: { 'full' => '6.0', 'major' => '6' }, + release: { 'full' => '10.0', 'major' => '10' }, }, kernel: 'Linux', id: 'root', From f96548c69038e942c11226722adfe1603ae95ae7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 24 Aug 2021 13:27:36 +0000 Subject: [PATCH 0647/1000] Release prep v7.4.0 --- CHANGELOG.md | 12 ++++++++++++ metadata.json | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4ff892674..b7541c73ca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) (2021-08-24) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.3.0...v7.4.0) + +### Added + +- pdksync - \(IAC-1709\) - Add Support for Debian 11 [\#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [\#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) + ## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) (2021-08-03) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.2.0...v7.3.0) diff --git a/metadata.json b/metadata.json index d56b0cc50a..c2d050f789 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.3.0", + "version": "7.4.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 02704a104e16283c986ca664e23804b7f36e1a58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Tue, 24 Aug 2021 17:36:19 -1000 Subject: [PATCH 0648/1000] (maint) Allow stdlib 8.0.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index c2d050f789..b1eb3f451a 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 8.0.0" + "version_requirement": ">= 4.13.1 < 9.0.0" }, { "name": "puppetlabs/apt", From 0d1daca86edec9d444efe3423e7aa8b981831a97 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 25 Aug 2021 09:33:47 +0000 Subject: [PATCH 0649/1000] Release prep v7.4.1 --- CHANGELOG.md | 8 ++++++++ metadata.json | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b7541c73ca..3e68fbf4ce 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) (2021-08-25) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.0...v7.4.1) + +### Fixed + +- \(maint\) Allow stdlib 8.0.0 [\#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) + ## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) (2021-08-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.3.0...v7.4.0) diff --git a/metadata.json b/metadata.json index b1eb3f451a..fdf271f3fa 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.4.0", + "version": "7.4.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 16dbd14749e797c4ac95c29062cccfc058b35247 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Tue, 7 Sep 2021 16:11:08 -1000 Subject: [PATCH 0650/1000] Fix changing default encoding Starting with 79fa35591e099a7b6981b873b930b943e5dc1827 it is not possible to set a custom encoding on systems where initdb is not needed (e.g. Debian). The autorequire introduce a circular dependency: ``` dependency cycles found: (Anchor[postgresql::server::service::begin] => Postgresql_psql[Set template1 encoding to UTF-8] => Class[Postgresql::Server::Initdb] => Postgresql_conf[listen_addresses] => Class[Postgresql::Server::Service] => Anchor[postgresql::server::service::begin]) ``` Move the relevant code from postgresql::server::initdb to postgresql::server::late_initdb and include it when applicable so that the postgresql_psql command gets run after the service has started up. --- manifests/server/initdb.pp | 27 +---------------------- manifests/server/late_initdb.pp | 39 +++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 26 deletions(-) create mode 100644 manifests/server/late_initdb.pp diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 2454a43c62..5aabd0426d 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -13,19 +13,8 @@ $data_checksums = $postgresql::server::data_checksums $group = $postgresql::server::group $user = $postgresql::server::user - $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port $module_workdir = $postgresql::server::module_workdir - # Set the defaults for the postgresql_psql resource - Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, - cwd => $module_workdir, - } - if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' $logdir_type = 'postgresql_log_t' @@ -147,20 +136,6 @@ cwd => $module_workdir, } } elsif $encoding != undef { - # [workaround] - # by default pg_createcluster encoding derived from locale - # but it do does not work by installing postgresql via puppet because puppet - # always override LANG to 'C' - postgresql_psql { "Set template1 encoding to ${encoding}": - command => "UPDATE pg_database - SET datistemplate = FALSE - WHERE datname = 'template1' - ; - UPDATE pg_database - SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE - WHERE datname = 'template1'", - unless => "SELECT datname FROM pg_database WHERE - datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", - } + include postgresql::server::late_initdb } } diff --git a/manifests/server/late_initdb.pp b/manifests/server/late_initdb.pp new file mode 100644 index 0000000000..ea7b0a8624 --- /dev/null +++ b/manifests/server/late_initdb.pp @@ -0,0 +1,39 @@ +# @summary Manage the default encoding when database initialization is managed by the package +# +# @api private +class postgresql::server::late_initdb { + assert_private() + + $encoding = $postgresql::server::encoding + $user = $postgresql::server::user + $group = $postgresql::server::group + $psql_path = $postgresql::server::psql_path + $port = $postgresql::server::port + $module_workdir = $postgresql::server::module_workdir + + # Set the defaults for the postgresql_psql resource + Postgresql_psql { + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + port => $port, + cwd => $module_workdir, + } + + # [workaround] + # by default pg_createcluster encoding derived from locale + # but it do does not work by installing postgresql via puppet because puppet + # always override LANG to 'C' + postgresql_psql { "Set template1 encoding to ${encoding}": + command => "UPDATE pg_database + SET datistemplate = FALSE + WHERE datname = 'template1' + ; + UPDATE pg_database + SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE + WHERE datname = 'template1'", + unless => "SELECT datname FROM pg_database WHERE + datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", + before => Anchor['postgresql::server::service::end'] + } +} From 929e063514a30472feeadd36aaaf81e1eec37714 Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 15 Sep 2021 13:43:39 +0100 Subject: [PATCH 0651/1000] (IAC-1598) - Remove Support for Debian 8 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index fdf271f3fa..7b5838204e 100644 --- a/metadata.json +++ b/metadata.json @@ -55,7 +55,6 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "8", "9", "10", "11" From 11ab36bfa062440fb0eeab51a66d68ae6dd0ab72 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 16 Sep 2021 14:02:29 +0200 Subject: [PATCH 0652/1000] Inline file contents in the catalog The file() function can read a file form a module and return the content. This happens server side and is included in the catalog. This saves a request to the fileserver at runtime. That request can fail for various reasons (it's still a network). It also means that a cached catalog is sufficient and an agent can reapply it without a Puppetserver running. These files are small enough to inline in the catalog. --- manifests/client.pp | 10 +++++----- manifests/repo/yum_postgresql_org.pp | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index 7bb31a8309..3cb26ce81a 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -26,10 +26,10 @@ } file { $validcon_script_path: - ensure => $file_ensure, - source => 'puppet:///modules/postgresql/validate_postgresql_connection.sh', - owner => 0, - group => 0, - mode => '0755', + ensure => $file_ensure, + content => file('postgresql/validate_postgresql_connection.sh'), + owner => 0, + group => 0, + mode => '0755', } } diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index 319751d3b8..be7e26820b 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -5,11 +5,11 @@ $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" file { $gpg_key_path: - source => 'puppet:///modules/postgresql/RPM-GPG-KEY-PGDG', - owner => 'root', - group => 'root', - mode => '0644', - before => Yumrepo['yum.postgresql.org'], + content => file('postgresql/RPM-GPG-KEY-PGDG'), + owner => 'root', + group => 'root', + mode => '0644', + before => Yumrepo['yum.postgresql.org'], } if($facts['os']['name'] == 'Fedora') { From a3670a50c4ecd048e926b88e0b9990e7ab1a67da Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 27 Sep 2021 14:49:54 +0000 Subject: [PATCH 0653/1000] Release prep v7.5.0 --- CHANGELOG.md | 14 ++++++++++++++ REFERENCE.md | 25 ++++++++++++------------- metadata.json | 2 +- pdk.yaml | 2 ++ 4 files changed, 29 insertions(+), 14 deletions(-) create mode 100644 pdk.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e68fbf4ce..16e0bd37b5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-27) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.1...v7.5.0) + +### Added + +- Use Puppet-Datatype Sensitive for Passwords [\#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) + +### Fixed + +- \(IAC-1598\) - Remove Support for Debian 8 [\#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) +- Inline file contents in the catalog [\#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) +- Fix changing default encoding [\#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) + ## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) (2021-08-25) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.0...v7.4.1) diff --git a/REFERENCE.md b/REFERENCE.md index 8b5439bab1..d4babcca97 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -31,6 +31,7 @@ * `postgresql::server::config` * `postgresql::server::initdb` * `postgresql::server::install` +* `postgresql::server::late_initdb`: Manage the default encoding when database initialization is managed by the package * `postgresql::server::passwd` * `postgresql::server::reload` * `postgresql::server::service` @@ -863,7 +864,7 @@ The following parameters are available in the `postgresql::server` class: ##### `postgres_password` -Data type: `Variant[String, Sensitive[String]]` +Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. @@ -2571,7 +2572,7 @@ Default value: ``true`` ##### `password_hash` -Data type: `Variant[String, Sensitive[String]]` +Data type: `Variant[Boolean, String, Sensitive[String]]` Sets the hash to use during password creation. @@ -2713,7 +2714,7 @@ Create a new schema. #### Examples -##### +##### ```puppet postgresql::server::schema {'private': @@ -2944,7 +2945,7 @@ Default value: ``undef`` ##### `database_password` -Data type: `Variant[String, Sensitive[String]]` +Data type: `Optional[Variant[String, Sensitive[String]]]` Specifies the password to connect with. @@ -3106,8 +3107,6 @@ The name of the database you are trying to validate a connection with. ##### `db_password` -Data type: `Variant[String, Sensitive[String]]` - The password required to access the target PostgreSQL database. ##### `db_username` @@ -3321,7 +3320,7 @@ This function pull default values from the `params` class or `globals` class if #### Examples -##### +##### ```puppet postgresql::default('variable') @@ -3335,7 +3334,7 @@ Returns: `Any` ##### Examples -###### +###### ```puppet postgresql::default('variable') @@ -3371,27 +3370,27 @@ Type: Ruby 4.x API This function returns the postgresql password hash from the clear text username / password -#### `postgresql::postgresql_password(Variant[String[1],Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password)` +#### `postgresql::postgresql_password(Variant[String[1], Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password, Optional[Boolean] $sensitive)` The postgresql::postgresql_password function. -Returns: `String` The postgresql password hash from the clear text username / password. +Returns: `Variant[String, Sensitive[String]]` The postgresql password hash from the clear text username / password. ##### `username` -Data type: `Variant[String[1],Integer]` +Data type: `Variant[String[1], Integer]` The clear text `username` ##### `password` -Data type: `Variant[String[1],Integer]` +Data type: `Variant[String[1], Sensitive[String[1]], Integer]` The clear text `password` ##### `sensitive` -Data type: `Boolean` +Data type: `Optional[Boolean]` If the Postgresql-Passwordhash should be of Datatype Sensitive[String] diff --git a/metadata.json b/metadata.json index 7b5838204e..7146f83496 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.4.1", + "version": "7.5.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", diff --git a/pdk.yaml b/pdk.yaml new file mode 100644 index 0000000000..4bef4bd0f9 --- /dev/null +++ b/pdk.yaml @@ -0,0 +1,2 @@ +--- +ignore: [] From da9f338b9fd81d8cfa95a4dab693212e6981041c Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 30 Sep 2021 13:09:21 +0200 Subject: [PATCH 0654/1000] Drop further code for Debian 6 and Ubuntu 10 8cc1660c009d54ee35ab751175901adb6a9da9e5 dropped support for these OS versions, but left this code in. This greatly simplifies the code. Fixes: 8cc1660c009d54ee35ab751175901adb6a9da9e5 --- manifests/params.pp | 30 ++++-------------------------- 1 file changed, 4 insertions(+), 26 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index f557b27046..006a4e8b57 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -158,28 +158,12 @@ $user = pick($user, 'postgres') $group = pick($group, 'postgres') - if $postgresql::globals::manage_package_repo == true { - $needs_initdb = pick($needs_initdb, true) - $service_name = pick($service_name, 'postgresql') - } else { - $needs_initdb = pick($needs_initdb, false) - $service_name = $facts['os']['name'] ? { - 'Debian' => pick($service_name, 'postgresql'), - 'Ubuntu' => $::lsbmajdistrelease ? { - /^10/ => pick($service_name, "postgresql-${version}"), - default => pick($service_name, 'postgresql'), - }, - default => undef - } - } + $needs_initdb = pick($needs_initdb, $postgresql::globals::manage_package_repo == true) + $service_name = pick($service_name, 'postgresql') $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") - if $facts['os']['name'] == 'Debian' and $facts['os']['release']['major'] == '10' and $postgresql::globals::manage_package_repo != true { - $contrib_package_name = pick($contrib_package_name, 'postgresql-contrib') - } else { - $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") - } + $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") if $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") } elsif $postgis_version and versioncmp($postgis_version, '3') >= 0 { @@ -188,13 +172,7 @@ $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } $devel_package_name = pick($devel_package_name, 'libpq-dev') - $java_package_name = $facts['os']['name'] ? { - 'Debian' => $facts['os']['release']['major'] ? { - '6' => pick($java_package_name, 'libpg-java'), - default => pick($java_package_name, 'libpostgresql-jdbc-java'), - }, - default => pick($java_package_name, 'libpostgresql-jdbc-java'), - } + $java_package_name = pick($java_package_name, 'libpostgresql-jdbc-java') $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") $plpython_package_name = pick($plpython_package_name, "postgresql-plpython-${version}") From 2f6ab27e32565c5b246a5fdc0578c1a5d230d440 Mon Sep 17 00:00:00 2001 From: Moritz Kraus Date: Wed, 29 Sep 2021 17:01:24 +0200 Subject: [PATCH 0655/1000] add service_status for Ubuntu 18.04 and later --- manifests/params.pp | 2 ++ spec/unit/classes/server/service_spec.rb | 22 ++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 spec/unit/classes/server/service_spec.rb diff --git a/manifests/params.pp b/manifests/params.pp index 006a4e8b57..c63ac771fd 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -184,6 +184,8 @@ if $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'], '8') >= 0 { # Jessie uses systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") + } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'], '18.04') >= 0 { + $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'], '15.04') >= 0 { # Ubuntu releases since vivid use systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name} status") diff --git a/spec/unit/classes/server/service_spec.rb b/spec/unit/classes/server/service_spec.rb new file mode 100644 index 0000000000..ad81957c88 --- /dev/null +++ b/spec/unit/classes/server/service_spec.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::service', type: :class do + let :pre_condition do + 'include postgresql::server' + end + + let :facts do + { + os: { + family: 'Debian', + name: 'Ubuntu', + release: { 'full' => '18.04', 'major' => '18.04' }, + }, + } + end + + it { is_expected.to contain_class('postgresql::server::service') } + it { is_expected.to contain_service('postgresqld').with_name('postgresql').with_status('/usr/sbin/service postgresql@*-main status') } +end From 64a7753d5ed949c492e65b59de9452fa43f06625 Mon Sep 17 00:00:00 2001 From: Chris Le Sueur Date: Wed, 15 Sep 2021 14:48:00 +0100 Subject: [PATCH 0656/1000] Support target_role in default_privileges ALTER DEFAULT PRIVILEGES supports the FOR ROLE argument, without which the statement applies only to objects created by the *current* role, which may not be most useful. Support specifying the target role. --- manifests/server/default_privileges.pp | 22 +++- .../server/default_privileges_spec.rb | 122 ++++++++++++++++++ .../defines/server/default_privileges_spec.rb | 30 +++++ 3 files changed, 168 insertions(+), 6 deletions(-) diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 7311d5eb1a..0410d803a9 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -1,5 +1,6 @@ # @summary Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. # +# @param target_role Target role whose created objects will receive the default privileges. Defaults to the current user. # @param ensure Specifies whether to grant or revoke the privilege. # @param role Specifies the role or user whom you are granting access to. # @param db Specifies the database to which you are granting access. @@ -13,6 +14,7 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param psql_path Specifies the path to the psql command. define postgresql::server::default_privileges ( + Optional[String] $target_role = undef, String $role, String $db, String $privilege, @@ -50,11 +52,11 @@ case $ensure { default: { # default is 'present' - $sql_command = 'ALTER DEFAULT PRIVILEGES IN SCHEMA %s GRANT %s ON %s TO "%s"' + $sql_command = 'ALTER DEFAULT PRIVILEGES%s IN SCHEMA %s GRANT %s ON %s TO "%s"' $unless_is = true } 'absent': { - $sql_command = 'ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE %s ON %s FROM "%s"' + $sql_command = 'ALTER DEFAULT PRIVILEGES%s IN SCHEMA %s REVOKE %s ON %s FROM "%s"' $unless_is = false } } @@ -70,6 +72,14 @@ $port_override = $postgresql::server::port } + if $target_role != undef { + $_target_role = " FOR ROLE $target_role" + $_check_target_role = "/$target_role" + } else { + $_target_role = '' + $_check_target_role = '' + } + ## Munge the input values $_object_type = upcase($object_type) $_privilege = upcase($privilege) @@ -128,12 +138,12 @@ } $_unless = $ensure ? { - 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')", - default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')" + 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')", + default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')" } - $unless_cmd = sprintf($_unless, $role, $_check_privilege, $schema, $_check_type) - $grant_cmd = sprintf($sql_command, $schema, $_privilege, $_object_type, $role) + $unless_cmd = sprintf($_unless, $role, $_check_privilege, $_check_target_role, $schema, $_check_type) + $grant_cmd = sprintf($sql_command, $_target_role, $schema, $_privilege, $_object_type, $role) postgresql_psql { "default_privileges:${name}": command => $grant_cmd, diff --git a/spec/acceptance/server/default_privileges_spec.rb b/spec/acceptance/server/default_privileges_spec.rb index d5d9f259c5..51d5e564a2 100644 --- a/spec/acceptance/server/default_privileges_spec.rb +++ b/spec/acceptance/server/default_privileges_spec.rb @@ -68,6 +68,105 @@ class { 'postgresql::server': } MANIFEST end + let(:target_user) { 'target_role_user' } + let(:target_password) { 'target_role_password' } + + let(:target_check_command) do + "SELECT 1 FROM pg_default_acl a LEFT JOIN pg_namespace AS b ON a.defaclnamespace = b.oid WHERE '#{user}=arwdDxt/#{target_user}' = ANY (defaclacl) AND nspname = 'public' AND defaclobjtype = 'r';" + end + + let(:pp_target_role) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + $target_user = #{target_user} + $target_password = #{target_password} + + user {$user: + ensure => present, + } + postgresql::server::database_grant { "allow connect for ${user}": + privilege => 'CONNECT', + db => $db, + role => $user, + } + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + + postgresql::server::role { $target_user: + password_hash => postgresql::postgresql_password($target_user, $target_password), + } + + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Set default privileges on tables + postgresql::server::default_privileges { "alter default privileges grant all on tables to ${user}": + db => $db, + role => $user, + target_role => $target_user, + psql_user => 'postgres', + privilege => 'ALL', + object_type => 'TABLES', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + + let(:pp_target_role_revoke) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + $target_user = #{target_user} + $target_password = #{target_password} + + user {$user: + ensure => present, + } + postgresql::server::database_grant { "allow connect for ${user}": + privilege => 'CONNECT', + db => $db, + role => $user, + } + + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + + postgresql::server::role { $target_user: + password_hash => postgresql::postgresql_password($target_user, $target_password), + } + + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Set default privileges on tables + postgresql::server::default_privileges { "alter default privileges grant all on tables to ${user}": + db => $db, + role => $user, + target_role => $target_user, + psql_user => 'postgres', + privilege => 'ALL', + object_type => 'TABLES', + ensure => 'absent', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + it 'grants default privileges to an user' do if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') idempotent_apply(pp_one) @@ -90,4 +189,27 @@ class { 'postgresql::server': } end end end + + it 'grants default privileges to a user on a specific target role' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + idempotent_apply(pp_target_role) + + psql("--command=\"SET client_min_messages = 'error'; #{target_check_command}\" --db=#{db}", user) do |r| + expect(r.stdout).to match(%r{^\(1 row\)$}) + expect(r.stderr).to eq('') + end + end + end + + it 'revokes default privileges from a user on a specific target role' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + idempotent_apply(pp_target_role) + idempotent_apply(pp_target_role_revoke) + + psql("--command=\"SET client_min_messages = 'error'; #{target_check_command}\" --db=#{db}", user) do |r| + expect(r.stdout).to match(%r{^\(0 rows\)$}) + expect(r.stderr).to eq('') + end + end + end end diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb index 9b47538159..c21c7ba81e 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -253,6 +253,36 @@ class {'postgresql::server':} end end + context 'with a target role' do + let :params do + { + target_role: 'target', + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + } + end + + let :pre_condition do + <<-EOS + class {'postgresql::server':} + postgresql::server::role { 'target': } + EOS + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it { is_expected.to contain_postgresql__server__role('target') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES FOR ROLE target IN SCHEMA public GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt/target' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength + end + end + context 'standalone not managing server' do let :params do { From 6aaa1cf90b08e513aa16c094afc187819b8f7e9e Mon Sep 17 00:00:00 2001 From: Chris Le Sueur Date: Wed, 15 Sep 2021 15:16:58 +0100 Subject: [PATCH 0657/1000] Support setting default_privileges on all schemas The Postgres default is for the absent specification of a schema name when altering default privileges to apply to all schemas. Support that behaviour, but keep the current default behaviour for an unset schema parameter. --- manifests/server/default_privileges.pp | 22 +++-- .../server/default_privileges_spec.rb | 86 ++++++++++++++++++- .../defines/server/default_privileges_spec.rb | 32 ++++++- 3 files changed, 129 insertions(+), 11 deletions(-) diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 80d2348d9d..9cc90935bf 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -6,7 +6,7 @@ # @param db Specifies the database to which you are granting access. # @param object_type Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. # @param privilege Specifies comma-separated list of privileges to grant. Valid options: depends on object type. -# @param schema Target schema. Defaults to 'public'. +# @param schema Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas. # @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default. # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param psql_path Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. @@ -52,11 +52,11 @@ case $ensure { default: { # default is 'present' - $sql_command = 'ALTER DEFAULT PRIVILEGES%s IN SCHEMA %s GRANT %s ON %s TO "%s"' + $sql_command = 'ALTER DEFAULT PRIVILEGES%s%s GRANT %s ON %s TO "%s"' $unless_is = true } 'absent': { - $sql_command = 'ALTER DEFAULT PRIVILEGES%s IN SCHEMA %s REVOKE %s ON %s FROM "%s"' + $sql_command = 'ALTER DEFAULT PRIVILEGES%s%s REVOKE %s ON %s FROM "%s"' $unless_is = false } } @@ -80,6 +80,14 @@ $_check_target_role = '' } + if $schema != '' { + $_schema = " IN SCHEMA $schema" + $_check_schema = " AND nspname = '$schema'" + } else { + $_schema = '' + $_check_schema = ' AND nspname IS NULL' + } + ## Munge the input values $_object_type = upcase($object_type) $_privilege = upcase($privilege) @@ -138,12 +146,12 @@ } $_unless = $ensure ? { - 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')", - default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl) AND nspname = '%s' and defaclobjtype = '%s')" + 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')", + default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')" } - $unless_cmd = sprintf($_unless, $role, $_check_privilege, $_check_target_role, $schema, $_check_type) - $grant_cmd = sprintf($sql_command, $_target_role, $schema, $_privilege, $_object_type, $role) + $unless_cmd = sprintf($_unless, $role, $_check_privilege, $_check_target_role, $_check_schema, $_check_type) + $grant_cmd = sprintf($sql_command, $_target_role, $_schema, $_privilege, $_object_type, $role) postgresql_psql { "default_privileges:${name}": command => $grant_cmd, diff --git a/spec/acceptance/server/default_privileges_spec.rb b/spec/acceptance/server/default_privileges_spec.rb index 51d5e564a2..db474da87b 100644 --- a/spec/acceptance/server/default_privileges_spec.rb +++ b/spec/acceptance/server/default_privileges_spec.rb @@ -10,7 +10,7 @@ # Check that the default privileges were revoked let(:check_command) do - "SELECT * FROM pg_default_acl a JOIN pg_namespace b ON a.defaclnamespace = b.oid WHERE '#{user}=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r';" + "SELECT * FROM pg_default_acl a LEFT JOIN pg_namespace b ON a.defaclnamespace = b.oid WHERE '#{user}=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r';" end let(:pp_one) do @@ -167,6 +167,67 @@ class { 'postgresql::server': } MANIFEST end + let(:all_schemas_check_command) do + "SELECT * FROM pg_default_acl a WHERE '#{user}=arwdDxt' = ANY (defaclacl) AND defaclnamespace = 0 and defaclobjtype = 'r';" + end + + let(:pp_unset_schema) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Set default privileges on tables + postgresql::server::default_privileges { "alter default privileges grant all on tables to ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'TABLES', + schema => '', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + let(:pp_unset_schema_revoke) do + <<-MANIFEST + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Removes default privileges on tables + postgresql::server::default_privileges { "alter default privileges revoke all on tables for ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'TABLES', + schema => '', + ensure => 'absent', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + it 'grants default privileges to an user' do if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') idempotent_apply(pp_one) @@ -212,4 +273,27 @@ class { 'postgresql::server': } end end end + + it 'grants default privileges on all schemas to a user' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + idempotent_apply(pp_unset_schema) + + psql("--command=\"SET client_min_messages = 'error';#{all_schemas_check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + + it 'revokes default privileges on all schemas for a user' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') + apply_manifest(pp_unset_schema, catch_failures: true) + apply_manifest(pp_unset_schema_revoke, expect_changes: true) + + psql("--command=\"SET client_min_messages = 'error';#{all_schemas_check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') + end + end + end end diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb index c21c7ba81e..d6612ff14b 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -112,7 +112,7 @@ # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') - .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength end end @@ -222,7 +222,33 @@ # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema GRANT ALL ON TABLES TO "test"') - .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") + # rubocop:enable Layout/LineLength + end + end + + context 'with unset schema name' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'tables', + schema: '' + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES GRANT ALL ON TABLES TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname IS NULL and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength end end @@ -278,7 +304,7 @@ class {'postgresql::server':} # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES FOR ROLE target IN SCHEMA public GRANT ALL ON TABLES TO "test"') - .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt/target' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt/target' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength end end From 8ec63d792037f6b33b537816665ad9d96a8e0a66 Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 28 Sep 2021 10:32:55 +0100 Subject: [PATCH 0658/1000] (IAC-1751) - Add Support for Rocky 8 --- metadata.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/metadata.json b/metadata.json index 7146f83496..b56c6d5958 100644 --- a/metadata.json +++ b/metadata.json @@ -75,6 +75,12 @@ "18.04", "20.04" ] + }, + { + "operatingsystem": "Rocky", + "operatingsystemrelease": [ + "8" + ] } ], "requirements": [ From 59aa752bfa2a976fc0c3e49048833f86af4a9eaa Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 29 Oct 2021 10:52:21 +0100 Subject: [PATCH 0659/1000] pdk update --- .devcontainer/README.md | 34 ++++++++++++++++++++++++++++++ .devcontainer/devcontainer.json | 16 +++++--------- .github/workflows/auto_release.yml | 16 +++++++++----- .github/workflows/nightly.yml | 9 ++++---- .github/workflows/pr_test.yml | 27 ++++++++++++------------ .github/workflows/spec.yml | 16 ++++++-------- Rakefile | 1 + metadata.json | 4 ++-- 8 files changed, 77 insertions(+), 46 deletions(-) create mode 100644 .devcontainer/README.md diff --git a/.devcontainer/README.md b/.devcontainer/README.md new file mode 100644 index 0000000000..cc4675e5dd --- /dev/null +++ b/.devcontainer/README.md @@ -0,0 +1,34 @@ +# devcontainer + + +For format details, see https://aka.ms/devcontainer.json. + +For config options, see the README at: +https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet + +``` json +{ + "name": "Puppet Development Kit (Community)", + "dockerFile": "Dockerfile", + + // Set *default* container specific settings.json values on container create. + "settings": { + "terminal.integrated.shell.linux": "/bin/bash" + }, + + // Add the IDs of extensions you want installed when the container is created. + "extensions": [ + "puppet.puppet-vscode", + "rebornix.Ruby" + ] + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + "postCreateCommand": "pdk --version", +} +``` + + + diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f1a55dc3f0..fe7a8b12b9 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,23 +1,17 @@ -// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: -// https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet { "name": "Puppet Development Kit (Community)", "dockerFile": "Dockerfile", - // Set *default* container specific settings.json values on container create. "settings": { - "terminal.integrated.shell.linux": "/bin/bash" + "terminal.integrated.profiles.linux": { + "bash": { + "path": "bash", + } + } }, - // Add the IDs of extensions you want installed when the container is created. "extensions": [ "puppet.puppet-vscode", "rebornix.Ruby" ] - - // Use 'forwardPorts' to make a list of ports inside the container available locally. - // "forwardPorts": [], - - // Use 'postCreateCommand' to run commands after the container is created. - // "postCreateCommand": "pdk --version", } diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index e028483600..f4aed440e5 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -14,6 +14,7 @@ jobs: runs-on: ubuntu-20.04 steps: + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: @@ -25,7 +26,6 @@ jobs: run: | echo STEP_ID="auto-release" >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: "Checkout Source" if: ${{ github.repository_owner == 'puppetlabs' }} uses: actions/checkout@v2 @@ -46,8 +46,14 @@ jobs: run: | echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" - - name: "Commit changes" + - name: "Check if a release is necessary" if: ${{ github.repository_owner == 'puppetlabs' }} + id: check + run: | + git diff --quiet CHANGELOG.md && echo "::set-output name=release::false" || echo "::set-output name=release::true" + + - name: "Commit changes" + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} run: | git config --local user.email "${{ github.repository_owner }}@users.noreply.github.com" git config --local user.name "GitHub Action" @@ -57,7 +63,7 @@ jobs: - name: Create Pull Request id: cpr uses: puppetlabs/peter-evans-create-pull-request@v3 - if: ${{ github.repository_owner == 'puppetlabs' }} + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: "Release prep v${{ steps.gv.outputs.ver }}" @@ -73,11 +79,11 @@ jobs: labels: "maintenance" - name: PR outputs - if: ${{ github.repository_owner == 'puppetlabs' }} + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} run: | echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" - + - name: "Honeycomb: Record finish step" if: ${{ always() }} run: | diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 865578cfd2..c468b5ee56 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -4,6 +4,7 @@ on: schedule: - cron: '0 0 * * *' + env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests @@ -16,6 +17,7 @@ jobs: matrix: ${{ steps.get-matrix.outputs.matrix }} steps: + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: @@ -27,7 +29,6 @@ jobs: run: | echo STEP_ID=setup-environment >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source uses: actions/checkout@v2 if: ${{ github.repository_owner == 'puppetlabs' }} @@ -45,14 +46,13 @@ jobs: echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - + - name: "Honeycomb: Record Setup Environment time" if: ${{ github.repository_owner == 'puppetlabs' }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Setup Acceptance Test Matrix id: get-matrix if: ${{ github.repository_owner == 'puppetlabs' }} @@ -62,12 +62,11 @@ jobs: else echo "::set-output name=matrix::{}" fi - + - name: "Honeycomb: Record Setup Test Matrix time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Acceptance: name: "${{matrix.platforms.label}}, ${{matrix.collection}}" needs: diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 69e414b558..283338b0a5 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -2,7 +2,9 @@ name: "PR Testing" on: [pull_request] + env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests @@ -14,6 +16,7 @@ jobs: matrix: ${{ steps.get-matrix.outputs.matrix }} steps: + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: @@ -25,7 +28,6 @@ jobs: run: | echo STEP_ID=setup-environment >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source uses: actions/checkout@v2 if: ${{ github.repository_owner == 'puppetlabs' }} @@ -43,13 +45,17 @@ jobs: echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - + - name: "Honeycomb: Record Setup Environment time" if: ${{ github.repository_owner == 'puppetlabs' }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Run validation steps + run: | + bundle exec rake validate + if: ${{ github.repository_owner == 'puppetlabs' }} - name: Setup Acceptance Test Matrix id: get-matrix @@ -59,12 +65,11 @@ jobs: else echo "::set-output name=matrix::{}" fi - + - name: "Honeycomb: Record Setup Test Matrix time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Acceptance: name: "${{matrix.platforms.label}}, ${{matrix.collection}}" needs: @@ -84,7 +89,7 @@ jobs: echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: @@ -97,7 +102,6 @@ jobs: run: | echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source uses: actions/checkout@v2 @@ -112,14 +116,13 @@ jobs: echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - + - name: "Honeycomb: Record Setup Environment time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Provision test environment run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' @@ -145,7 +148,7 @@ jobs: - name: Install module run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - + - name: "Honeycomb: Record deployment times" if: ${{ always() }} run: | @@ -154,18 +157,16 @@ jobs: echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: - - name: Run acceptance tests run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - + - name: "Honeycomb: Record acceptance testing times" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Remove test environment if: ${{ always() }} continue-on-error: true @@ -177,7 +178,7 @@ jobs: echo echo ::endgroup:: fi - + - name: "Honeycomb: Record removal times" if: ${{ always() }} run: | diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 16f9316035..723e42ff91 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -6,6 +6,7 @@ on: workflow_dispatch: pull_request: + env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests @@ -18,6 +19,7 @@ jobs: spec_matrix: ${{ steps.get-matrix.outputs.spec_matrix }} steps: + - name: "Honeycomb: Start recording" uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 with: @@ -29,7 +31,6 @@ jobs: run: | echo STEP_ID=setup-environment >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source uses: actions/checkout@v2 if: ${{ github.repository_owner == 'puppetlabs' }} @@ -47,13 +48,16 @@ jobs: echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - - name: "Honeycomb: Record Setup Environment time" if: ${{ github.repository_owner == 'puppetlabs' }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Run Static & Syntax Tests + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - name: Setup Spec Test Matrix id: get-matrix @@ -63,12 +67,10 @@ jobs: else echo "::set-output name=spec_matrix::{}" fi - - name: "Honeycomb: Record Setup Test Matrix time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Spec: name: "Spec Tests (Puppet: ${{matrix.puppet_version}}, Ruby Ver: ${{matrix.ruby_version}})" needs: @@ -91,7 +93,6 @@ jobs: - run: | echo 'puppet_version=${{ env.SANITIZED_PUPPET_VERSION }}' >> $BUILDEVENT_FILE - - name: "Honeycomb: Start first step" run: | echo "STEP_ID=${{ env.SANITIZED_PUPPET_VERSION }}-spec" >> $GITHUB_ENV @@ -104,7 +105,6 @@ jobs: dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} matrix-key: ${{ env.SANITIZED_PUPPET_VERSION }} - - name: Checkout Source uses: actions/checkout@v2 @@ -120,10 +120,6 @@ jobs: buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - - name: Run Static & Syntax Tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - - name: Run parallel_spec tests run: | buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec diff --git a/Rakefile b/Rakefile index 14251287c2..d5e6ae716e 100644 --- a/Rakefile +++ b/Rakefile @@ -43,6 +43,7 @@ end PuppetLint.configuration.send('disable_relative') + if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? diff --git a/metadata.json b/metadata.json index b56c6d5958..b61964bc96 100644 --- a/metadata.json +++ b/metadata.json @@ -89,7 +89,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.1.1", + "pdk-version": "2.2.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "tags/2.1.1-0-g03daa92" + "template-ref": "2.3.0-0-g8aaceff" } From 5da572d5be73e9bc0c2547cfe876f4fbc76c78ad Mon Sep 17 00:00:00 2001 From: David Swan Date: Fri, 29 Oct 2021 10:54:08 +0100 Subject: [PATCH 0660/1000] (IAC-1776) - Split Acceptance test workflows in two Due to the amount of machines being run in parallel on the GHA machines transient errors are beginning to appear consistently. This is a short term fix to allow for progression of the module while a plan for a more permanent solution is made. --- .github/workflows/nightly.yml | 2 +- .github/workflows/nightly_non_rhel.yml | 203 +++++++++++++++++++++++++ .github/workflows/pr_test.yml | 2 +- .github/workflows/pr_test_non_rhel.yml | 185 ++++++++++++++++++++++ .sync.yml | 24 +++ 5 files changed, 414 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/nightly_non_rhel.yml create mode 100644 .github/workflows/pr_test_non_rhel.yml diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index c468b5ee56..5cfc376089 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -58,7 +58,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/.github/workflows/nightly_non_rhel.yml b/.github/workflows/nightly_non_rhel.yml new file mode 100644 index 0000000000..5e1c88ece1 --- /dev/null +++ b/.github/workflows/nightly_non_rhel.yml @@ -0,0 +1,203 @@ +name: "nightly" + +on: + schedule: + - cron: '0 0 * * *' + + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Setup Acceptance Test Matrix + id: get-matrix + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8"]' + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" + needs: + - setup_matrix + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE + + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Remove test environment + if: ${{ always() }} + continue-on-error: true + run: | + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' + + slack-workflow-status: + if: always() + name: Post Workflow Status To Slack + needs: + - Acceptance + runs-on: ubuntu-20.04 + steps: + - name: Slack Workflow Notification + uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 + with: + # Required Input + repo_token: ${{ secrets.GITHUB_TOKEN }} + slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} + # Optional Input + channel: '#team-ia-bots' + name: 'GABot' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 283338b0a5..46d47bd4e6 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -61,7 +61,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/.github/workflows/pr_test_non_rhel.yml b/.github/workflows/pr_test_non_rhel.yml new file mode 100644 index 0000000000..78dbe5edbc --- /dev/null +++ b/.github/workflows/pr_test_non_rhel.yml @@ -0,0 +1,185 @@ +name: "PR Testing" + +on: [pull_request] + + +env: + + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Run validation steps + run: | + bundle exec rake validate + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Setup Acceptance Test Matrix + id: get-matrix + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8"]' + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" + needs: + - setup_matrix + if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + - name: Remove test environment + if: ${{ always() }} + continue-on-error: true + run: | + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' diff --git a/.sync.yml b/.sync.yml index 7fa2304791..5834868b73 100644 --- a/.sync.yml +++ b/.sync.yml @@ -19,8 +19,32 @@ spec/spec_helper.rb: coverage_report: true .github/workflows/nightly.yml: unmanaged: false + exclude_platforms: + - Scientific-6 + - Scientific-7 + - Debian-9 + - Debian-10 + - Debian-11 + - SLES-12 + - SLES-15 + - Ubuntu-14.04 + - Ubuntu-16.04 + - Ubuntu-18.04 + - Ubuntu-20.04 .github/workflows/pr_test.yml: unmanaged: false + exclude_platforms: + - Scientific-6 + - Scientific-7 + - Debian-9 + - Debian-10 + - Debian-11 + - SLES-12 + - SLES-15 + - Ubuntu-14.04 + - Ubuntu-16.04 + - Ubuntu-18.04 + - Ubuntu-20.04 .gitpod.Dockerfile: unmanaged: false .gitpod.yml: From a5888cb5a036ca9481eac1f12d5d643dcd9762ec Mon Sep 17 00:00:00 2001 From: David Swan Date: Tue, 5 Oct 2021 16:24:12 +0100 Subject: [PATCH 0661/1000] (IAC-1752) - Add Support for AlmaLinux 8 --- metadata.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/metadata.json b/metadata.json index b61964bc96..ab4b5dffc2 100644 --- a/metadata.json +++ b/metadata.json @@ -81,6 +81,12 @@ "operatingsystemrelease": [ "8" ] + }, + { + "operatingsystem": "AlmaLinux", + "operatingsystemrelease": [ + "8" + ] } ], "requirements": [ From 33124bb22b57b4a74bcf0993853e18d4c0c0b64a Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 3 Nov 2021 14:03:40 +0000 Subject: [PATCH 0662/1000] (IAC-1775) Update workflows --- .github/workflows/nightly_non_rhel.yml | 2 +- .github/workflows/pr_test_non_rhel.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nightly_non_rhel.yml b/.github/workflows/nightly_non_rhel.yml index 5e1c88ece1..dc21aa867d 100644 --- a/.github/workflows/nightly_non_rhel.yml +++ b/.github/workflows/nightly_non_rhel.yml @@ -58,7 +58,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8", "AlmaLinux-8"]' else echo "::set-output name=matrix::{}" fi diff --git a/.github/workflows/pr_test_non_rhel.yml b/.github/workflows/pr_test_non_rhel.yml index 78dbe5edbc..31dc5b50fa 100644 --- a/.github/workflows/pr_test_non_rhel.yml +++ b/.github/workflows/pr_test_non_rhel.yml @@ -61,7 +61,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8", "AlmaLinux-8"]' else echo "::set-output name=matrix::{}" fi From f9f4357bc7aed454404e3299835c8bb44e02240f Mon Sep 17 00:00:00 2001 From: David Swan Date: Wed, 3 Nov 2021 16:43:29 +0000 Subject: [PATCH 0663/1000] (IAC-1775) Updates test setup --- spec/spec_helper_acceptance_local.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 9dc7bcebaf..b0e8f5062f 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -15,6 +15,10 @@ def unindent RSpec.configure do |c| c.before :suite do + # Install iproute on AlmaLinux + # Package is used to check if ports are listening + LitmusHelper.instance.run_shell('sudo dnf install iproute -y') if %r{redhat}.match?(os[:family]) && os[:release].to_f >= 8 + install_dependencies end end From 10b5d37f6944fa2c2d28f78fdbdfc6d8a3d0acd2 Mon Sep 17 00:00:00 2001 From: Carlos Duelo Date: Mon, 1 Nov 2021 14:55:25 +0300 Subject: [PATCH 0664/1000] not installing postgresql-contrib if not need to - In debian families: postgresql-contrib is a virtual package and it is not needed to be installed. - Archlinux does have postgresql-contrib but it isn't maintained - Gentoo provides contrib in the main package Referencies: https://packages.debian.org/bullseye/postgresql-contrib-13 https://packages.ubuntu.com/bionic/postgresql-contrib --- manifests/params.pp | 4 ---- manifests/server/contrib.pp | 28 +++++++++++++--------------- 2 files changed, 13 insertions(+), 19 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index c63ac771fd..70fbdba444 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -135,8 +135,6 @@ $java_package_name = pick($java_package_name, 'postgresql-jdbc') # Archlinux doesn't have develop packages $devel_package_name = pick($devel_package_name, 'postgresql-devel') - # Archlinux does have postgresql-contrib but it isn't maintained - $contrib_package_name = pick($contrib_package_name,'undef') # Archlinux postgresql package provides plperl $plperl_package_name = pick($plperl_package_name, 'undef') $plpython_package_name = pick($plpython_package_name, 'undef') @@ -163,7 +161,6 @@ $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") - $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") if $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") } elsif $postgis_version and versioncmp($postgis_version, '3') >= 0 { @@ -203,7 +200,6 @@ $client_package_name = pick($client_package_name, 'UNSET') $server_package_name = pick($server_package_name, 'postgresql') - $contrib_package_name = pick_default($contrib_package_name, undef) $devel_package_name = pick_default($devel_package_name, undef) $java_package_name = pick($java_package_name, 'jdbc-postgresql') $perl_package_name = pick($perl_package_name, 'DBD-Pg') diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 0cd8e5834f..ef5c3e26b6 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -5,22 +5,20 @@ # @param package_ensure # Ensure the contrib package is installed. class postgresql::server::contrib ( - String $package_name = $postgresql::params::contrib_package_name, - String[1] $package_ensure = 'present' + Optional[String[1]] $package_name = $postgresql::params::contrib_package_name, + String[1] $package_ensure = 'present' ) inherits postgresql::params { - if $facts['os']['family'] == 'Gentoo' { - fail('osfamily Gentoo does not have a separate "contrib" package, postgresql::server::contrib is not supported.') - } + if $package_name { + package { 'postgresql-contrib': + ensure => $package_ensure, + name => $package_name, + tag => 'puppetlabs-postgresql', + } - package { 'postgresql-contrib': - ensure => $package_ensure, - name => $package_name, - tag => 'puppetlabs-postgresql', + anchor { 'postgresql::server::contrib::start': } + -> Class['postgresql::server::install'] + -> Package['postgresql-contrib'] + -> Class['postgresql::server::service'] + anchor { 'postgresql::server::contrib::end': } } - - anchor { 'postgresql::server::contrib::start': } - -> Class['postgresql::server::install'] - -> Package['postgresql-contrib'] - -> Class['postgresql::server::service'] - anchor { 'postgresql::server::contrib::end': } } From f10a335af73b95e0ff64bc2d1e40b62fc1070fbe Mon Sep 17 00:00:00 2001 From: Carlos Duelo Date: Wed, 10 Nov 2021 11:53:30 +0300 Subject: [PATCH 0665/1000] fixing unit testing contrib package Now the contrib package is not installed in Debian So test must check RedHat for exmaple Gentoo is not failing so raise check should not be done anymore. --- spec/unit/classes/server/contrib_spec.rb | 25 ++++++------------------ 1 file changed, 6 insertions(+), 19 deletions(-) diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index d332adee51..4b66522a8e 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -10,9 +10,12 @@ let :facts do { os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, + family: 'RedHat', + name: 'RedHat', + release: { 'major' => '8' }, + selinux: { + enabled: false, + }, }, kernel: 'Linux', id: 'root', @@ -41,20 +44,4 @@ end end - describe 'on Gentoo' do - let :facts do - { - os: { - family: 'Gentoo', - name: 'Gentoo', - }, - } - end - - it 'fails to compile' do - expect { - is_expected.to compile - }.to raise_error(%r{is not supported}) - end - end end From 2140b72d5101861afde7bef5aff167c1eb79f7af Mon Sep 17 00:00:00 2001 From: Carlos Duelo Date: Mon, 15 Nov 2021 16:44:23 +0300 Subject: [PATCH 0666/1000] fix: Layout/EmptyLinesAroundBlockBody: Extra empty line detected at block body end --- spec/unit/classes/server/contrib_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index 4b66522a8e..8f87929da4 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -43,5 +43,4 @@ is_expected.to contain_package('postgresql-contrib').with(tag: 'puppetlabs-postgresql') end end - end From 361e44868bac9114a52bd6454ec39cf1c401c7cc Mon Sep 17 00:00:00 2001 From: Chris Le Sueur Date: Wed, 15 Sep 2021 17:38:48 +0100 Subject: [PATCH 0667/1000] Support schema privileges in default_privileges --- manifests/server/default_privileges.pp | 18 ++- .../server/default_privileges_spec.rb | 84 +++++++++++++ .../defines/server/default_privileges_spec.rb | 111 ++++++++++++++++++ 3 files changed, 212 insertions(+), 1 deletion(-) diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 9cc90935bf..4a6f846785 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -23,7 +23,8 @@ /(?i:^ROUTINES$)/, /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, - /(?i:^TYPES$)/ + /(?i:^TYPES$)/, + /(?i:^SCHEMAS$)/ ] $object_type, String $schema = 'public', String $psql_db = $postgresql::server::default_database, @@ -140,6 +141,21 @@ } $_check_type = 'T' } + 'SCHEMAS': { + if (versioncmp($version, '10') == -1) { + fail 'Default_privileges on schemas is only supported on PostgreSQL >= 10.0' + } + if $schema != '' { + fail('Cannot alter default schema permissions within a schema') + } + case $_privilege { + /^ALL$/: { $_check_privilege = 'UC' } + /^USAGE$/: { $_check_privilege = 'U' } + /^CREATE$/: { $_check_privilege = 'C' } + default: { fail('Illegal value for $privilege parameter') } + } + $_check_type = 'n' + } default: { fail("Missing privilege validation for object type ${_object_type}") } diff --git a/spec/acceptance/server/default_privileges_spec.rb b/spec/acceptance/server/default_privileges_spec.rb index db474da87b..c3eac9cee9 100644 --- a/spec/acceptance/server/default_privileges_spec.rb +++ b/spec/acceptance/server/default_privileges_spec.rb @@ -167,6 +167,67 @@ class { 'postgresql::server': } MANIFEST end + let(:schema_check_command) do + "SELECT * FROM pg_default_acl WHERE '#{user}=UC' = ANY (defaclacl) AND defaclnamespace = 0 and defaclobjtype = 'n';" + end + + let(:pp_schema) do + <<-MANIFEST.unindent + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Set default privileges on tables + postgresql::server::default_privileges { "alter default privileges grant all on tables to ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'SCHEMAS', + schema => '', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + let(:pp_schema_revoke) do + <<-MANIFEST + $db = #{db} + $user = #{user} + $group = #{group} + $password = #{password} + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => postgresql::postgresql_password($user, $password), + } + postgresql::server::database { $db: + require => Postgresql::Server::Role[$user], + } + + # Removes default privileges on tables + postgresql::server::default_privileges { "alter default privileges revoke all on tables for ${user}": + db => $db, + role => $user, + privilege => 'ALL', + object_type => 'SCHEMAS', + schema => '', + ensure => 'absent', + require => Postgresql::Server::Database[$db], + } + MANIFEST + end + let(:all_schemas_check_command) do "SELECT * FROM pg_default_acl a WHERE '#{user}=arwdDxt' = ANY (defaclacl) AND defaclnamespace = 0 and defaclobjtype = 'r';" end @@ -274,6 +335,29 @@ class { 'postgresql::server': } end end + it 'grants default privileges to an user on schemas' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('10.0') + idempotent_apply(pp_schema) + + psql("--command=\"SET client_min_messages = 'error';#{schema_check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end + + it 'revokes default privileges for an user on schemas' do + if Gem::Version.new(postgresql_version) >= Gem::Version.new('10.0') + apply_manifest(pp_schema, catch_failures: true) + apply_manifest(pp_schema_revoke, expect_changes: true) + + psql("--command=\"SET client_min_messages = 'error';#{schema_check_command}\" --db=#{db}") do |r| + expect(r.stdout).to match(%r{\(0 rows\)}) + expect(r.stderr).to eq('') + end + end + end + it 'grants default privileges on all schemas to a user' do if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.6') idempotent_apply(pp_unset_schema) diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/unit/defines/server/default_privileges_spec.rb index d6612ff14b..d56b79f851 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/unit/defines/server/default_privileges_spec.rb @@ -133,6 +133,117 @@ it { is_expected.to compile.and_raise_error(%r{Illegal value for \$privilege parameter}) } end + + context 'schemas on postgres < 10.0' do + let(:facts) do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '9.0', 'major' => '9' }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'schemas', + schema: '', + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.and_raise_error(%r{Default_privileges on schemas is only supported on PostgreSQL >= 10.0}m) } + end + + context 'schemas on postgres >= 10.0' do + let :facts do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '10.0', 'major' => '10' }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'schemas', + schema: '', + } + end + + let :pre_condition do + <<-MANIFEST + class { 'postgresql::globals': + version => '10.0', + } + class { 'postgresql::server': } + MANIFEST + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do + # rubocop:disable Layout/LineLength + is_expected.to contain_postgresql_psql('default_privileges:test') + .with_command('ALTER DEFAULT PRIVILEGES GRANT ALL ON SCHEMAS TO "test"') + .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=UC' = ANY (defaclacl) AND nspname IS NULL and defaclobjtype = 'n')") + # rubocop:enable Layout/LineLength + end + end + + context 'nested schemas are invalid' do + let :facts do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '10.0', 'major' => '10' }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_type: 'schemas', + schema: 'public', + } + end + + let :pre_condition do + <<-MANIFEST + class { 'postgresql::globals': + version => '10.0', + } + class { 'postgresql::server': } + MANIFEST + end + + it { is_expected.to compile.and_raise_error(%r{Cannot alter default schema permissions within a schema}) } + end end context 'with specific db connection settings - default port' do From 6d7ca602d7d70b9fff51f64d235e1ab689ae061b Mon Sep 17 00:00:00 2001 From: Carlos Duelo Date: Wed, 17 Nov 2021 09:32:37 +0300 Subject: [PATCH 0668/1000] add tests for new implementation contrib --- spec/unit/classes/server/contrib_spec.rb | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/unit/classes/server/contrib_spec.rb index 8f87929da4..33f11c9d30 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/unit/classes/server/contrib_spec.rb @@ -43,4 +43,37 @@ is_expected.to contain_package('postgresql-contrib').with(tag: 'puppetlabs-postgresql') end end + + describe 'on Gentoo' do + let :facts do + { + os: { + family: 'Gentoo', + name: 'Gentoo', + }, + } + end + + it 'postgresql-contrib should not be installed' do + is_expected.to compile + is_expected.not_to contain_package('postgresql-contrib') + end + end + + describe 'on Debian' do + let :facts do + { + os: { + family: 'Debian', + name: 'Debian', + release: { 'full' => '8.0', 'major' => '8' }, + }, + } + end + + it 'postgresql-contrib should not be installed' do + is_expected.to compile + is_expected.not_to contain_package('postgresql-contrib') + end + end end From 071b755e4d8f8ec0de5db9d83a6e89434a1d66c4 Mon Sep 17 00:00:00 2001 From: Nicholas Cioli Date: Wed, 24 Nov 2021 08:49:38 -0500 Subject: [PATCH 0669/1000] add support for Ubuntu Hirsute and Impish The current `globals.pp` does not have the necessary default versions for Ubuntu 21.04 (Hirsute Hippo) and 21.10 (Impish Indri). Both of these versions have version 13 available, as can be seen below: - Hisute => https://packages.ubuntu.com/hirsute/postgresql - Impish => https://packages.ubuntu.com/impish/postgresql --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 7e5e45982b..0d5cb139da 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -205,6 +205,7 @@ /^(17.04|17.10)$/ => '9.6', /^(18.04)$/ => '10', /^(20.04)$/ => '12', + /^(21.04|21.10)$/ => '13', default => undef, }, default => undef, From f21f15e259f84e9fb1968ad9d2650cd7820c29da Mon Sep 17 00:00:00 2001 From: fe80 Date: Mon, 29 Nov 2021 10:52:31 +0100 Subject: [PATCH 0670/1000] add scram-sha-256 support --- .../postgresql/postgresql_password.rb | 53 +++++++++++++++++-- manifests/server/role.pp | 17 ++++-- spec/spec_helper_local.rb | 18 ++++++- 3 files changed, 78 insertions(+), 10 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index f22db18f05..b5659e6f3e 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -1,4 +1,6 @@ # frozen_string_literal: true +require 'openssl' +require 'base64' # @summary This function returns the postgresql password hash from the clear text username / password Puppet::Functions.create_function(:'postgresql::postgresql_password') do @@ -8,23 +10,66 @@ # The clear text `password` # @param sensitive # If the Postgresql-Passwordhash should be of Datatype Sensitive[String] + # @param hash + # Set type for password hash + # @param salt + # Use a specific salt value for scram-sha-256, default is username # # @return # The postgresql password hash from the clear text username / password. dispatch :default_impl do required_param 'Variant[String[1], Integer]', :username required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password + required_param "Enum['md5', 'scram-sha-256']", :hash optional_param 'Boolean', :sensitive + optional_param 'Optional[Variant[String[1], Integer]]', :salt return_type 'Variant[String, Sensitive[String]]' end - def default_impl(username, password, sensitive = false) + def default_impl(username, password, hash, sensitive = false, salt = nil) password = password.unwrap if password.respond_to?(:unwrap) - result_string = 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + pass = if hash == 'md5' + 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + else + pg_sha256(password, (salt || username)) + end if sensitive - Puppet::Pops::Types::PSensitiveType::Sensitive.new(result_string) + Puppet::Pops::Types::PSensitiveType::Sensitive.new(pass) else - result_string + pass end end + + def pg_sha256(password, salt) + digest = digest_key(password, salt) + 'SCRAM-SHA-256$%s:%s$%s:%s' % [ + '4096', + Base64.strict_encode64(salt), + Base64.strict_encode64(client_key(digest)), + Base64.strict_encode64(server_key(digest)) + ] + end + + def digest_key(password, salt) + OpenSSL::KDF.pbkdf2_hmac( + password, + salt: salt, + iterations: 4096, + length: 32, + hash: OpenSSL::Digest::SHA256.new + ) + end + + def client_key(digest_key) + hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest::SHA256.new) + hmac << 'Client Key' + hmac.digest + OpenSSL::Digest.new('SHA256').digest hmac.digest + end + + def server_key(digest_key) + hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest::SHA256.new) + hmac << 'Server Key' + hmac.digest + end end diff --git a/manifests/server/role.pp b/manifests/server/role.pp index cba36ec54c..4103431fff 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -18,6 +18,8 @@ # @param psql_group Sets the OS group to run psql # @param psql_path Sets path to psql command # @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +# @param hash Specify the hash method for pg password +# @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( $update_password = true, Variant[Boolean, String, Sensitive[String]] $password_hash = false, @@ -37,6 +39,8 @@ $psql_path = $postgresql::server::psql_path, $module_workdir = $postgresql::server::module_workdir, Enum['present', 'absent'] $ensure = 'present', + Enum['md5', 'scram-sha-256'] $hash = 'md5', + Optional[Variant[String[1], Integer]] $salt = undef, ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap @@ -130,14 +134,19 @@ } if $password_hash_unsensitive and $update_password { - if($password_hash_unsensitive =~ /^md5.+/) { + if($password_hash_unsensitive =~ /^(md5|SCRAM-SHA-256).+/) { $pwd_hash_sql = $password_hash_unsensitive } else { - $pwd_md5 = md5("${password_hash_unsensitive}${username}") - $pwd_hash_sql = "md5${pwd_md5}" + $pwd_hash_sql = postgresql::postgresql_password( + $username, + $password_hash, + $hash, + $password_hash =~ Sensitive[String], + $salt, + ) } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": - command => Sensitive("ALTER ROLE \"${username}\" ${password_sql}"), + command => Sensitive("ALTER ROLE \"${username}\" ENCRYPTED PASSWORD '${pwd_hash_sql}'"), unless => Sensitive("SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'"), sensitive => true, } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 0137edd85b..f9429f9d68 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -48,10 +48,24 @@ def param(type, title, param) it { is_expected.not_to eq(nil) } it { - is_expected.to run.with_params('foo', 'bar').and_return('md596948aad3fcae80c08a35c9b5958cd89') + is_expected.to run.with_params('foo', 'bar', 'md5').and_return( + 'md596948aad3fcae80c08a35c9b5958cd89' + ) } it { - is_expected.to run.with_params('foo', 1234).and_return('md539a0e1b308278a8de5e007cd1f795920') + is_expected.to run.with_params('foo', 1234, 'md5').and_return( + 'md539a0e1b308278a8de5e007cd1f795920' + ) + } + it { + is_expected.to run.with_params('foo', 'bar', 'scram-sha-256').and_return( + 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=' + ) + } + it { + is_expected.to run.with_params('foo', 'bar', 'scram-sha-256', nil, 'salt').and_return( + 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=' + ) } it 'raises an error if there is only 1 argument' do is_expected.to run.with_params('foo').and_raise_error(StandardError) From 1464bd195d08832248617ce0f5df537bfa7e890f Mon Sep 17 00:00:00 2001 From: VAOL Date: Wed, 1 Dec 2021 13:52:24 +0100 Subject: [PATCH 0671/1000] fix table grant with schema --- manifests/server/grant.pp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 64be3ad617..967a07f016 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -425,10 +425,8 @@ # } case $_object_name { Array: { - $_togrant_object = $_enquote_object ? { - false => join($_object_name, '.'), - default => join($_object_name, '"."'), - } + # pg_* views does not contain schema name as part of the object name + $_togrant_object = $_object_name # Never put double quotes into has_*_privilege function $_granted_object = join($_object_name, '.') } From 23b01fd0d79f8e93769ba3321adfa3ed9e43110e Mon Sep 17 00:00:00 2001 From: VAOL Date: Wed, 1 Dec 2021 23:42:25 +0100 Subject: [PATCH 0672/1000] add new specific variable for onlif commands --- manifests/server/grant.pp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 967a07f016..ec6eb1eb84 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -425,10 +425,14 @@ # } case $_object_name { Array: { - # pg_* views does not contain schema name as part of the object name - $_togrant_object = $_object_name + $_togrant_object = $_enquote_object ? { + false => join($_object_name, '.'), + default => join($_object_name, '"."'), + } # Never put double quotes into has_*_privilege function $_granted_object = join($_object_name, '.') + # pg_* views does not contain schema name as part of the object name + $_togrant_object_only = $_object_name[1] } default: { $_granted_object = $_object_name @@ -449,10 +453,10 @@ } $_onlyif = $onlyif_function ? { - 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", - 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object}'", + 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object_only}'", + 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object_only}}'", 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}' or '${role}' = 'PUBLIC'", - 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object}${arguments}'", + 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object_only}}${arguments}'", default => undef, } From 8f8e2c8fce191656aaa710aa52c1192faaa0ca0e Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Mon, 6 Dec 2021 08:41:25 +0900 Subject: [PATCH 0673/1000] Install python3-psycopg2 in RHEL/CentOS 8 In RHEL/CentOS8, python3 is used globally instead of python2. Because of that python-* package is no longer available and most of python packages are named python3-*. --- manifests/params.pp | 6 +++++- spec/unit/classes/lib/python_spec.rb | 19 +++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 70fbdba444..0303d026a6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -109,7 +109,11 @@ $psql_path = pick($psql_path, "${bindir}/psql") $perl_package_name = pick($perl_package_name, 'perl-DBD-Pg') - $python_package_name = pick($python_package_name, 'python-psycopg2') + if $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '8') >= 0 { + $python_package_name = pick($python_package_name, 'python3-psycopg2') + } else { + $python_package_name = pick($python_package_name, 'python-psycopg2') + } if $postgresql::globals::postgis_package_name { $postgis_package_name = $postgresql::globals::postgis_package_name diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/unit/classes/lib/python_spec.rb index cfc5afdae5..a0b8941894 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/unit/classes/lib/python_spec.rb @@ -22,6 +22,25 @@ } end + describe 'on a redhat based os with python 3' do + let :facts do + { + os: { + family: 'RedHat', + name: 'RedHat', + release: { 'full' => '8.2', 'major' => '8' }, + }, + } + end + + it { + is_expected.to contain_package('python-psycopg2').with( + name: 'python3-psycopg2', + ensure: 'present', + ) + } + end + describe 'on a debian based os' do let :facts do { From d32b17d3b30878d3ca2f50e510e39b539b8b09cf Mon Sep 17 00:00:00 2001 From: Kim Sondrup Date: Thu, 4 Nov 2021 21:28:52 +0100 Subject: [PATCH 0674/1000] Allow systemd to mask postgresql service file --- manifests/server/config.pp | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 038e1c5de7..c3ca6b5c40 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -22,6 +22,7 @@ $datadir = $postgresql::server::datadir $logdir = $postgresql::server::logdir $service_name = $postgresql::server::service_name + $service_enable = $postgresql::server::service_enable $log_line_prefix = $postgresql::server::log_line_prefix $timezone = $postgresql::server::timezone $password_encryption = $postgresql::server::password_encryption @@ -256,12 +257,16 @@ content => template('postgresql/systemd-override.erb'), require => File['systemd-conf-dir'], ; + } + if $service_enable != 'mask' { # Remove old unit file to avoid conflicts - 'old-systemd-override': - ensure => absent, - path => "/etc/systemd/system/${service_name}.service", - ; + file { 'old-systemd-override': + ensure => absent, + path => "/etc/systemd/system/${service_name}.service", + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], + before => Class['postgresql::server::reload'], + } } } } From ac8e9d974bd8688b864c15c1b42ee7a3329239b0 Mon Sep 17 00:00:00 2001 From: John Florian Date: Tue, 14 Dec 2021 11:57:18 -0500 Subject: [PATCH 0675/1000] add default version for Fedora 35 Signed-off-by: John Florian --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 7e5e45982b..90338a375f 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -167,7 +167,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { - /^(34)$/ => '13', + /^(34|35)$/ => '13', /^(32|33)$/ => '12', /^(31)$/ => '11.6', /^(30)$/ => '11.2', From aefc062623eddced3232cde79de60e2579160b6e Mon Sep 17 00:00:00 2001 From: fe80 Date: Thu, 16 Dec 2021 11:11:00 +0100 Subject: [PATCH 0676/1000] change md5 per default --- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index b5659e6f3e..75fb26efbf 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -26,7 +26,7 @@ return_type 'Variant[String, Sensitive[String]]' end - def default_impl(username, password, hash, sensitive = false, salt = nil) + def default_impl(username, password, hash = 'md5', sensitive = false, salt = nil) password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) From 79432cdc315b66142772cc0b71232249e7500961 Mon Sep 17 00:00:00 2001 From: fe80 Date: Thu, 16 Dec 2021 11:16:51 +0100 Subject: [PATCH 0677/1000] fix order --- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- manifests/server/role.pp | 2 +- spec/spec_helper_local.rb | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 75fb26efbf..a70fb2b8ba 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -26,7 +26,7 @@ return_type 'Variant[String, Sensitive[String]]' end - def default_impl(username, password, hash = 'md5', sensitive = false, salt = nil) + def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil) password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 4103431fff..00edc75bd5 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -140,8 +140,8 @@ $pwd_hash_sql = postgresql::postgresql_password( $username, $password_hash, - $hash, $password_hash =~ Sensitive[String], + $hash, $salt, ) } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index f9429f9d68..5d9b349a80 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -48,22 +48,22 @@ def param(type, title, param) it { is_expected.not_to eq(nil) } it { - is_expected.to run.with_params('foo', 'bar', 'md5').and_return( + is_expected.to run.with_params('foo', 'bar').and_return( 'md596948aad3fcae80c08a35c9b5958cd89' ) } it { - is_expected.to run.with_params('foo', 1234, 'md5').and_return( + is_expected.to run.with_params('foo', 1234).and_return( 'md539a0e1b308278a8de5e007cd1f795920' ) } it { - is_expected.to run.with_params('foo', 'bar', 'scram-sha-256').and_return( + is_expected.to run.with_params('foo', 'bar', nil, 'scram-sha-256').and_return( 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=' ) } it { - is_expected.to run.with_params('foo', 'bar', 'scram-sha-256', nil, 'salt').and_return( + is_expected.to run.with_params('foo', 'bar', nil, 'scram-sha-256', 'salt').and_return( 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=' ) } From d192f7693dfef97dbbc5b8fac2065cdce6bb42f6 Mon Sep 17 00:00:00 2001 From: fe80 Date: Thu, 16 Dec 2021 11:35:03 +0100 Subject: [PATCH 0678/1000] fix optional --- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index a70fb2b8ba..688b36fecc 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -20,8 +20,8 @@ dispatch :default_impl do required_param 'Variant[String[1], Integer]', :username required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password - required_param "Enum['md5', 'scram-sha-256']", :hash optional_param 'Boolean', :sensitive + optional_param "Enum['md5', 'scram-sha-256']", :hash optional_param 'Optional[Variant[String[1], Integer]]', :salt return_type 'Variant[String, Sensitive[String]]' end From c657ae094f32965af917ba0f616c33ef60c8fdd3 Mon Sep 17 00:00:00 2001 From: fe80 Date: Mon, 20 Dec 2021 10:23:00 +0100 Subject: [PATCH 0679/1000] fix optional --- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 688b36fecc..89de4b9d9e 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -21,7 +21,7 @@ required_param 'Variant[String[1], Integer]', :username required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password optional_param 'Boolean', :sensitive - optional_param "Enum['md5', 'scram-sha-256']", :hash + optional_param "Optional[Enum['md5', 'scram-sha-256']]", :hash optional_param 'Optional[Variant[String[1], Integer]]', :salt return_type 'Variant[String, Sensitive[String]]' end From e1c419333a362014704d0636ea3cf35152226cfc Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 3 Feb 2022 13:35:30 +0100 Subject: [PATCH 0680/1000] Fix puppet-lint violations These were previously introduced and warnings weren't fatal due to a regression in puppetlabs_spec_helper, which is probably why it was missed. Fixes: 64a7753d5ed949c492e65b59de9452fa43f06625 Fixes: 6aaa1cf90b08e513aa16c094afc187819b8f7e9e --- manifests/server/default_privileges.pp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 4a6f846785..6a7dda9980 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -14,7 +14,6 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param psql_path Specifies the path to the psql command. define postgresql::server::default_privileges ( - Optional[String] $target_role = undef, String $role, String $db, String $privilege, @@ -36,6 +35,7 @@ ] $ensure = 'present', String $group = $postgresql::server::group, String $psql_path = $postgresql::server::psql_path, + Optional[String] $target_role = undef, ) { # If possible use the version of the remote database, otherwise @@ -74,16 +74,16 @@ } if $target_role != undef { - $_target_role = " FOR ROLE $target_role" - $_check_target_role = "/$target_role" + $_target_role = " FOR ROLE ${target_role}" + $_check_target_role = "/${target_role}" } else { $_target_role = '' $_check_target_role = '' } if $schema != '' { - $_schema = " IN SCHEMA $schema" - $_check_schema = " AND nspname = '$schema'" + $_schema = " IN SCHEMA ${schema}" + $_check_schema = " AND nspname = '${schema}'" } else { $_schema = '' $_check_schema = ' AND nspname IS NULL' From 5638cb62dd368b5fa8aa3a6d03335c37bc296f70 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 3 Feb 2022 12:06:41 +0100 Subject: [PATCH 0681/1000] Explicitly pass in a boolean for sensitive It doesn't accept nil for an optional parameter, it must be a boolean. --- spec/spec_helper_local.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 5d9b349a80..dadaaf6f41 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -58,12 +58,12 @@ def param(type, title, param) ) } it { - is_expected.to run.with_params('foo', 'bar', nil, 'scram-sha-256').and_return( + is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=' ) } it { - is_expected.to run.with_params('foo', 'bar', nil, 'scram-sha-256', 'salt').and_return( + is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=' ) } From e581fa22051bcbde3ad5dc985d95b1d25cf5476e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 3 Feb 2022 11:56:51 +0100 Subject: [PATCH 0682/1000] Run rubocop autocorrect --- lib/puppet/functions/postgresql/postgresql_password.rb | 5 +++-- spec/spec_helper_local.rb | 8 ++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 89de4b9d9e..60685a8e21 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -1,4 +1,5 @@ # frozen_string_literal: true + require 'openssl' require 'base64' @@ -46,7 +47,7 @@ def pg_sha256(password, salt) '4096', Base64.strict_encode64(salt), Base64.strict_encode64(client_key(digest)), - Base64.strict_encode64(server_key(digest)) + Base64.strict_encode64(server_key(digest)), ] end @@ -56,7 +57,7 @@ def digest_key(password, salt) salt: salt, iterations: 4096, length: 32, - hash: OpenSSL::Digest::SHA256.new + hash: OpenSSL::Digest::SHA256.new, ) end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index dadaaf6f41..a8c1eb75b5 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -49,22 +49,22 @@ def param(type, title, param) it { is_expected.to run.with_params('foo', 'bar').and_return( - 'md596948aad3fcae80c08a35c9b5958cd89' + 'md596948aad3fcae80c08a35c9b5958cd89', ) } it { is_expected.to run.with_params('foo', 1234).and_return( - 'md539a0e1b308278a8de5e007cd1f795920' + 'md539a0e1b308278a8de5e007cd1f795920', ) } it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( - 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=' + 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=', ) } it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( - 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=' + 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=', ) } it 'raises an error if there is only 1 argument' do From 7a6584427db3f03cfb059d5fc741d6ac8e72bfbc Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 3 Feb 2022 12:06:29 +0100 Subject: [PATCH 0683/1000] Manual Rubocop fix --- .../functions/postgresql/postgresql_password.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 60685a8e21..ed9265dea8 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -43,12 +43,12 @@ def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil def pg_sha256(password, salt) digest = digest_key(password, salt) - 'SCRAM-SHA-256$%s:%s$%s:%s' % [ - '4096', - Base64.strict_encode64(salt), - Base64.strict_encode64(client_key(digest)), - Base64.strict_encode64(server_key(digest)), - ] + 'SCRAM-SHA-256$%{iterations}:%{salt}$%{client_key}:%{server_key}' % { + iterations: '4096', + salt: Base64.strict_encode64(salt), + client_key: Base64.strict_encode64(client_key(digest)), + server_key: Base64.strict_encode64(server_key(digest)), + } end def digest_key(password, salt) From 9d65116555ec3b7cb49eb6151616df5447ab0a27 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 17 Nov 2021 11:00:22 +0100 Subject: [PATCH 0684/1000] Follow rspec-puppet path conventions rspec-puppet places all classes in spec/classes and automatically applies the correct type. The same is true for defines in spec/defines. --- spec/{unit => }/classes/client_spec.rb | 2 +- spec/{unit => }/classes/globals_spec.rb | 2 +- spec/{unit => }/classes/lib/devel_spec.rb | 2 +- spec/{unit => }/classes/lib/java_spec.rb | 2 +- spec/{unit => }/classes/lib/perl_spec.rb | 2 +- spec/{unit => }/classes/lib/pgdocs_spec.rb | 2 +- spec/{unit => }/classes/lib/python_spec.rb | 2 +- spec/{unit => }/classes/params_spec.rb | 2 +- spec/{unit => }/classes/repo_spec.rb | 2 +- spec/{unit => }/classes/server/config_spec.rb | 2 +- spec/{unit => }/classes/server/contrib_spec.rb | 2 +- spec/{unit => }/classes/server/initdb_spec.rb | 2 +- spec/{unit => }/classes/server/plperl_spec.rb | 2 +- spec/{unit => }/classes/server/plpython_spec.rb | 2 +- spec/{unit => }/classes/server/postgis_spec.rb | 2 +- spec/{unit => }/classes/server/service_spec.rb | 2 +- spec/{unit => }/classes/server_spec.rb | 2 +- spec/{unit => }/defines/server/config_entry_spec.rb | 2 +- spec/{unit => }/defines/server/database_grant_spec.rb | 2 +- spec/{unit => }/defines/server/database_spec.rb | 2 +- spec/{unit => }/defines/server/db_spec.rb | 2 +- spec/{unit => }/defines/server/default_privileges_spec.rb | 2 +- spec/{unit => }/defines/server/extension_spec.rb | 6 +++--- spec/{unit => }/defines/server/grant_role_spec.rb | 2 +- spec/{unit => }/defines/server/grant_spec.rb | 2 +- spec/{unit => }/defines/server/pg_hba_rule_spec.rb | 2 +- spec/{unit => }/defines/server/pg_ident_rule_spec.rb | 2 +- spec/{unit => }/defines/server/reassign_owned_by_spec.rb | 2 +- spec/{unit => }/defines/server/recovery_spec.rb | 2 +- spec/{unit => }/defines/server/role_spec.rb | 2 +- spec/{unit => }/defines/server/schema_spec.rb | 2 +- spec/{unit => }/defines/server/table_grant_spec.rb | 2 +- spec/{unit => }/defines/server/tablespace_spec.rb | 2 +- spec/{unit => }/defines/validate_db_connection_spec.rb | 2 +- 34 files changed, 36 insertions(+), 36 deletions(-) rename spec/{unit => }/classes/client_spec.rb (97%) rename spec/{unit => }/classes/globals_spec.rb (98%) rename spec/{unit => }/classes/lib/devel_spec.rb (97%) rename spec/{unit => }/classes/lib/java_spec.rb (96%) rename spec/{unit => }/classes/lib/perl_spec.rb (93%) rename spec/{unit => }/classes/lib/pgdocs_spec.rb (94%) rename spec/{unit => }/classes/lib/python_spec.rb (95%) rename spec/{unit => }/classes/params_spec.rb (85%) rename spec/{unit => }/classes/repo_spec.rb (92%) rename spec/{unit => }/classes/server/config_spec.rb (99%) rename spec/{unit => }/classes/server/contrib_spec.rb (96%) rename spec/{unit => }/classes/server/initdb_spec.rb (98%) rename spec/{unit => }/classes/server/plperl_spec.rb (95%) rename spec/{unit => }/classes/server/plpython_spec.rb (95%) rename spec/{unit => }/classes/server/postgis_spec.rb (94%) rename spec/{unit => }/classes/server/service_spec.rb (89%) rename spec/{unit => }/classes/server_spec.rb (99%) rename spec/{unit => }/defines/server/config_entry_spec.rb (98%) rename spec/{unit => }/defines/server/database_grant_spec.rb (91%) rename spec/{unit => }/defines/server/database_spec.rb (97%) rename spec/{unit => }/defines/server/db_spec.rb (96%) rename spec/{unit => }/defines/server/default_privileges_spec.rb (99%) rename spec/{unit => }/defines/server/extension_spec.rb (97%) rename spec/{unit => }/defines/server/grant_role_spec.rb (98%) rename spec/{unit => }/defines/server/grant_spec.rb (99%) rename spec/{unit => }/defines/server/pg_hba_rule_spec.rb (98%) rename spec/{unit => }/defines/server/pg_ident_rule_spec.rb (96%) rename spec/{unit => }/defines/server/reassign_owned_by_spec.rb (94%) rename spec/{unit => }/defines/server/recovery_spec.rb (98%) rename spec/{unit => }/defines/server/role_spec.rb (99%) rename spec/{unit => }/defines/server/schema_spec.rb (93%) rename spec/{unit => }/defines/server/table_grant_spec.rb (91%) rename spec/{unit => }/defines/server/tablespace_spec.rb (95%) rename spec/{unit => }/defines/validate_db_connection_spec.rb (96%) diff --git a/spec/unit/classes/client_spec.rb b/spec/classes/client_spec.rb similarity index 97% rename from spec/unit/classes/client_spec.rb rename to spec/classes/client_spec.rb index a01311f9c7..8df79b5f72 100644 --- a/spec/unit/classes/client_spec.rb +++ b/spec/classes/client_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::client', type: :class do +describe 'postgresql::client' do let :facts do { os: { diff --git a/spec/unit/classes/globals_spec.rb b/spec/classes/globals_spec.rb similarity index 98% rename from spec/unit/classes/globals_spec.rb rename to spec/classes/globals_spec.rb index 1ad320c5dd..3d1f65c02b 100644 --- a/spec/unit/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::globals', type: :class do +describe 'postgresql::globals' do context 'on a debian 8' do let(:facts) do { diff --git a/spec/unit/classes/lib/devel_spec.rb b/spec/classes/lib/devel_spec.rb similarity index 97% rename from spec/unit/classes/lib/devel_spec.rb rename to spec/classes/lib/devel_spec.rb index e3cb02e0f6..01fe1e84eb 100644 --- a/spec/unit/classes/lib/devel_spec.rb +++ b/spec/classes/lib/devel_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::lib::devel', type: :class do +describe 'postgresql::lib::devel' do let :facts do { os: { diff --git a/spec/unit/classes/lib/java_spec.rb b/spec/classes/lib/java_spec.rb similarity index 96% rename from spec/unit/classes/lib/java_spec.rb rename to spec/classes/lib/java_spec.rb index c556dfec86..631adcc3d3 100644 --- a/spec/unit/classes/lib/java_spec.rb +++ b/spec/classes/lib/java_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::lib::java', type: :class do +describe 'postgresql::lib::java' do describe 'on a debian based os' do let :facts do { diff --git a/spec/unit/classes/lib/perl_spec.rb b/spec/classes/lib/perl_spec.rb similarity index 93% rename from spec/unit/classes/lib/perl_spec.rb rename to spec/classes/lib/perl_spec.rb index ce044db68a..a3981f2e3a 100644 --- a/spec/unit/classes/lib/perl_spec.rb +++ b/spec/classes/lib/perl_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::lib::perl', type: :class do +describe 'postgresql::lib::perl' do describe 'on a redhat based os' do let :facts do { diff --git a/spec/unit/classes/lib/pgdocs_spec.rb b/spec/classes/lib/pgdocs_spec.rb similarity index 94% rename from spec/unit/classes/lib/pgdocs_spec.rb rename to spec/classes/lib/pgdocs_spec.rb index f72f4a94cb..2dc4362bc6 100644 --- a/spec/unit/classes/lib/pgdocs_spec.rb +++ b/spec/classes/lib/pgdocs_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::lib::docs', type: :class do +describe 'postgresql::lib::docs' do describe 'on a redhat based os' do let :facts do { diff --git a/spec/unit/classes/lib/python_spec.rb b/spec/classes/lib/python_spec.rb similarity index 95% rename from spec/unit/classes/lib/python_spec.rb rename to spec/classes/lib/python_spec.rb index a0b8941894..165f145053 100644 --- a/spec/unit/classes/lib/python_spec.rb +++ b/spec/classes/lib/python_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::lib::python', type: :class do +describe 'postgresql::lib::python' do describe 'on a redhat based os' do let :facts do { diff --git a/spec/unit/classes/params_spec.rb b/spec/classes/params_spec.rb similarity index 85% rename from spec/unit/classes/params_spec.rb rename to spec/classes/params_spec.rb index fd46f92b6a..c8ab852dea 100644 --- a/spec/unit/classes/params_spec.rb +++ b/spec/classes/params_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::params', type: :class do +describe 'postgresql::params' do let :facts do { os: { diff --git a/spec/unit/classes/repo_spec.rb b/spec/classes/repo_spec.rb similarity index 92% rename from spec/unit/classes/repo_spec.rb rename to spec/classes/repo_spec.rb index 28e8419602..c7c61fdf97 100644 --- a/spec/unit/classes/repo_spec.rb +++ b/spec/classes/repo_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::repo', type: :class do +describe 'postgresql::repo' do let :facts do { os: { diff --git a/spec/unit/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb similarity index 99% rename from spec/unit/classes/server/config_spec.rb rename to spec/classes/server/config_spec.rb index a1ce20efab..f3401a4ffd 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::config', type: :class do +describe 'postgresql::server::config' do let(:pre_condition) do 'class { postgresql::server: manage_selinux => true }' end diff --git a/spec/unit/classes/server/contrib_spec.rb b/spec/classes/server/contrib_spec.rb similarity index 96% rename from spec/unit/classes/server/contrib_spec.rb rename to spec/classes/server/contrib_spec.rb index 33f11c9d30..85f963955a 100644 --- a/spec/unit/classes/server/contrib_spec.rb +++ b/spec/classes/server/contrib_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::contrib', type: :class do +describe 'postgresql::server::contrib' do let :pre_condition do "class { 'postgresql::server': }" end diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/classes/server/initdb_spec.rb similarity index 98% rename from spec/unit/classes/server/initdb_spec.rb rename to spec/classes/server/initdb_spec.rb index 9b4f1a59c9..e2637c40c5 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/classes/server/initdb_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::initdb', type: :class do +describe 'postgresql::server::initdb' do let(:pre_condition) do 'include postgresql::server' end diff --git a/spec/unit/classes/server/plperl_spec.rb b/spec/classes/server/plperl_spec.rb similarity index 95% rename from spec/unit/classes/server/plperl_spec.rb rename to spec/classes/server/plperl_spec.rb index ff2c26170b..6c3ddc47df 100644 --- a/spec/unit/classes/server/plperl_spec.rb +++ b/spec/classes/server/plperl_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::plperl', type: :class do +describe 'postgresql::server::plperl' do let :facts do { os: { diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/classes/server/plpython_spec.rb similarity index 95% rename from spec/unit/classes/server/plpython_spec.rb rename to spec/classes/server/plpython_spec.rb index e98071f307..62f8e1c8f8 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/classes/server/plpython_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::plpython', type: :class do +describe 'postgresql::server::plpython' do let :facts do { os: { diff --git a/spec/unit/classes/server/postgis_spec.rb b/spec/classes/server/postgis_spec.rb similarity index 94% rename from spec/unit/classes/server/postgis_spec.rb rename to spec/classes/server/postgis_spec.rb index 814387849c..0f66873af8 100644 --- a/spec/unit/classes/server/postgis_spec.rb +++ b/spec/classes/server/postgis_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::postgis', type: :class do +describe 'postgresql::server::postgis' do let :pre_condition do "class { 'postgresql::server': }" end diff --git a/spec/unit/classes/server/service_spec.rb b/spec/classes/server/service_spec.rb similarity index 89% rename from spec/unit/classes/server/service_spec.rb rename to spec/classes/server/service_spec.rb index ad81957c88..96da750ecb 100644 --- a/spec/unit/classes/server/service_spec.rb +++ b/spec/classes/server/service_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::service', type: :class do +describe 'postgresql::server::service' do let :pre_condition do 'include postgresql::server' end diff --git a/spec/unit/classes/server_spec.rb b/spec/classes/server_spec.rb similarity index 99% rename from spec/unit/classes/server_spec.rb rename to spec/classes/server_spec.rb index a44c96f924..c566f6fdf4 100644 --- a/spec/unit/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server', type: :class do +describe 'postgresql::server' do let :facts do { os: { diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb similarity index 98% rename from spec/unit/defines/server/config_entry_spec.rb rename to spec/defines/server/config_entry_spec.rb index 43e92ea1bf..eb104e73d6 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::config_entry', type: :define do +describe 'postgresql::server::config_entry' do let :facts do { os: { diff --git a/spec/unit/defines/server/database_grant_spec.rb b/spec/defines/server/database_grant_spec.rb similarity index 91% rename from spec/unit/defines/server/database_grant_spec.rb rename to spec/defines/server/database_grant_spec.rb index c021c84d8e..95d0f70f92 100644 --- a/spec/unit/defines/server/database_grant_spec.rb +++ b/spec/defines/server/database_grant_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::database_grant', type: :define do +describe 'postgresql::server::database_grant' do let :facts do { os: { diff --git a/spec/unit/defines/server/database_spec.rb b/spec/defines/server/database_spec.rb similarity index 97% rename from spec/unit/defines/server/database_spec.rb rename to spec/defines/server/database_spec.rb index 3290dc7ce4..c5144b7028 100644 --- a/spec/unit/defines/server/database_spec.rb +++ b/spec/defines/server/database_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::database', type: :define do +describe 'postgresql::server::database' do let :facts do { os: { diff --git a/spec/unit/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb similarity index 96% rename from spec/unit/defines/server/db_spec.rb rename to spec/defines/server/db_spec.rb index ca5a2956b1..6f6d46ad60 100644 --- a/spec/unit/defines/server/db_spec.rb +++ b/spec/defines/server/db_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::db', type: :define do +describe 'postgresql::server::db' do let :facts do { os: { diff --git a/spec/unit/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb similarity index 99% rename from spec/unit/defines/server/default_privileges_spec.rb rename to spec/defines/server/default_privileges_spec.rb index d56b79f851..01222dae65 100644 --- a/spec/unit/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::default_privileges', type: :define do +describe 'postgresql::server::default_privileges' do let :facts do { os: { diff --git a/spec/unit/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb similarity index 97% rename from spec/unit/defines/server/extension_spec.rb rename to spec/defines/server/extension_spec.rb index 44454e8216..dc92b24054 100644 --- a/spec/unit/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::extension', type: :define do # rubocop:disable RSpec/MultipleDescribes +describe 'postgresql::server::extension' do # rubocop:disable RSpec/MultipleDescribes let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis': @@ -119,7 +119,7 @@ end end -describe 'postgresql::server::extension', type: :define do +describe 'postgresql::server::extension' do let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis2': @@ -160,7 +160,7 @@ end end -describe 'postgresql::server::extension', type: :define do +describe 'postgresql::server::extension' do let :facts do { os: { diff --git a/spec/unit/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb similarity index 98% rename from spec/unit/defines/server/grant_role_spec.rb rename to spec/defines/server/grant_role_spec.rb index a655c61ebe..a4c0b99abe 100644 --- a/spec/unit/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::grant_role', type: :define do +describe 'postgresql::server::grant_role' do let :pre_condition do "class { 'postgresql::server': }" end diff --git a/spec/unit/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb similarity index 99% rename from spec/unit/defines/server/grant_spec.rb rename to spec/defines/server/grant_spec.rb index e2d12d5e0e..c3586d004f 100644 --- a/spec/unit/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::grant', type: :define do +describe 'postgresql::server::grant' do let :facts do { os: { diff --git a/spec/unit/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb similarity index 98% rename from spec/unit/defines/server/pg_hba_rule_spec.rb rename to spec/defines/server/pg_hba_rule_spec.rb index ed0c6fa926..0bef824323 100644 --- a/spec/unit/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::pg_hba_rule', type: :define do +describe 'postgresql::server::pg_hba_rule' do let :facts do { os: { diff --git a/spec/unit/defines/server/pg_ident_rule_spec.rb b/spec/defines/server/pg_ident_rule_spec.rb similarity index 96% rename from spec/unit/defines/server/pg_ident_rule_spec.rb rename to spec/defines/server/pg_ident_rule_spec.rb index 6da10929bd..59dffbfc5b 100644 --- a/spec/unit/defines/server/pg_ident_rule_spec.rb +++ b/spec/defines/server/pg_ident_rule_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::pg_ident_rule', type: :define do +describe 'postgresql::server::pg_ident_rule' do let :facts do { os: { diff --git a/spec/unit/defines/server/reassign_owned_by_spec.rb b/spec/defines/server/reassign_owned_by_spec.rb similarity index 94% rename from spec/unit/defines/server/reassign_owned_by_spec.rb rename to spec/defines/server/reassign_owned_by_spec.rb index 19ea8f1ad1..227d621bbd 100644 --- a/spec/unit/defines/server/reassign_owned_by_spec.rb +++ b/spec/defines/server/reassign_owned_by_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::reassign_owned_by', type: :define do +describe 'postgresql::server::reassign_owned_by' do let :facts do { os: { diff --git a/spec/unit/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb similarity index 98% rename from spec/unit/defines/server/recovery_spec.rb rename to spec/defines/server/recovery_spec.rb index 1ee1c33833..4167508954 100644 --- a/spec/unit/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::recovery', type: :define do +describe 'postgresql::server::recovery' do let :facts do { os: { diff --git a/spec/unit/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb similarity index 99% rename from spec/unit/defines/server/role_spec.rb rename to spec/defines/server/role_spec.rb index 53f2e93553..f4a614d1ce 100644 --- a/spec/unit/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::role', type: :define do +describe 'postgresql::server::role' do let :facts do { os: { diff --git a/spec/unit/defines/server/schema_spec.rb b/spec/defines/server/schema_spec.rb similarity index 93% rename from spec/unit/defines/server/schema_spec.rb rename to spec/defines/server/schema_spec.rb index 9ca9a2391c..817de21cba 100644 --- a/spec/unit/defines/server/schema_spec.rb +++ b/spec/defines/server/schema_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::schema', type: :define do +describe 'postgresql::server::schema' do let :facts do { os: { diff --git a/spec/unit/defines/server/table_grant_spec.rb b/spec/defines/server/table_grant_spec.rb similarity index 91% rename from spec/unit/defines/server/table_grant_spec.rb rename to spec/defines/server/table_grant_spec.rb index 5f9eb69cac..b8b5c9f811 100644 --- a/spec/unit/defines/server/table_grant_spec.rb +++ b/spec/defines/server/table_grant_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::table_grant', type: :define do +describe 'postgresql::server::table_grant' do let :facts do { os: { diff --git a/spec/unit/defines/server/tablespace_spec.rb b/spec/defines/server/tablespace_spec.rb similarity index 95% rename from spec/unit/defines/server/tablespace_spec.rb rename to spec/defines/server/tablespace_spec.rb index 336a4f773b..e8dd9dd5bb 100644 --- a/spec/unit/defines/server/tablespace_spec.rb +++ b/spec/defines/server/tablespace_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::tablespace', type: :define do +describe 'postgresql::server::tablespace' do let :facts do { os: { diff --git a/spec/unit/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb similarity index 96% rename from spec/unit/defines/validate_db_connection_spec.rb rename to spec/defines/validate_db_connection_spec.rb index 4143c73190..4777f37ccc 100644 --- a/spec/unit/defines/validate_db_connection_spec.rb +++ b/spec/defines/validate_db_connection_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::validate_db_connection', type: :define do +describe 'postgresql::validate_db_connection' do let :facts do { os: { From f4a42a7d788a4d04fcf56a8c397a851e0e081c57 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 17 Nov 2021 11:48:14 +0100 Subject: [PATCH 0685/1000] Write facts as shared examples and move to Debian 11 Previously there was a lot of duplication between facts. This now stores them as shared examples in spec_helper_local.rb and also extracts them from rspec-puppet-facts where possible. Debian 8 isn't in metadata.json anymore which meant it was testing for an unsupported OS by default. It's now changed to Debian 11. --- spec/classes/client_spec.rb | 10 +- spec/classes/globals_spec.rb | 32 +--- spec/classes/lib/devel_spec.rb | 45 +---- spec/classes/lib/java_spec.rb | 20 +-- spec/classes/lib/perl_spec.rb | 24 +-- spec/classes/lib/pgdocs_spec.rb | 10 +- spec/classes/lib/python_spec.rb | 36 +--- spec/classes/params_spec.rb | 16 +- spec/classes/repo_spec.rb | 17 +- spec/classes/server/config_spec.rb | 154 +----------------- spec/classes/server/contrib_spec.rb | 44 +---- spec/classes/server/initdb_spec.rb | 76 +-------- spec/classes/server/plperl_spec.rb | 13 +- spec/classes/server/plpython_spec.rb | 15 +- spec/classes/server/postgis_spec.rb | 14 +- spec/classes/server/service_spec.rb | 12 +- spec/classes/server_spec.rb | 36 +--- spec/defines/server/config_entry_spec.rb | 73 +-------- spec/defines/server/database_grant_spec.rb | 13 +- spec/defines/server/database_spec.rb | 13 +- spec/defines/server/db_spec.rb | 13 +- .../defines/server/default_privileges_spec.rb | 65 +------- spec/defines/server/extension_spec.rb | 45 +---- spec/defines/server/grant_role_spec.rb | 15 +- spec/defines/server/grant_spec.rb | 13 +- spec/defines/server/pg_hba_rule_spec.rb | 13 +- spec/defines/server/pg_ident_rule_spec.rb | 13 +- spec/defines/server/reassign_owned_by_spec.rb | 13 +- spec/defines/server/recovery_spec.rb | 13 +- spec/defines/server/role_spec.rb | 13 +- spec/defines/server/schema_spec.rb | 13 +- spec/defines/server/table_grant_spec.rb | 13 +- spec/defines/server/tablespace_spec.rb | 13 +- spec/defines/validate_db_connection_spec.rb | 10 +- spec/spec_helper_local.rb | 96 +++++++++++ 35 files changed, 186 insertions(+), 848 deletions(-) diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb index 8df79b5f72..87f5f34604 100644 --- a/spec/classes/client_spec.rb +++ b/spec/classes/client_spec.rb @@ -3,15 +3,7 @@ require 'spec_helper' describe 'postgresql::client' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + include_examples 'Debian 11' describe 'with parameters' do let :params do diff --git a/spec/classes/globals_spec.rb b/spec/classes/globals_spec.rb index 3d1f65c02b..4e994d91cb 100644 --- a/spec/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -3,23 +3,8 @@ require 'spec_helper' describe 'postgresql::globals' do - context 'on a debian 8' do - let(:facts) do - { - os: { - family: 'Debian', - name: 'Debian', - release: { - full: '8.0', - major: '8', - }, - distro: { 'codename' => 'jessie' }, - }, - osfamily: 'Debian', - lsbdistid: 'Debian', - lsbdistcodename: 'jessie', - } - end + context 'on a debian 11' do + include_examples 'Debian 11' describe 'with no parameters' do it 'works' do @@ -40,17 +25,8 @@ end end - context 'on redhat family systems' do - let(:facts) do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '7.1', 'major' => '7' }, - }, - osfamily: 'RedHat', - } - end + context 'on redhat 7' do + include_examples 'RedHat 7' describe 'with no parameters' do it 'works' do diff --git a/spec/classes/lib/devel_spec.rb b/spec/classes/lib/devel_spec.rb index 01fe1e84eb..7e5e3fa9f4 100644 --- a/spec/classes/lib/devel_spec.rb +++ b/spec/classes/lib/devel_spec.rb @@ -3,15 +3,7 @@ require 'spec_helper' describe 'postgresql::lib::devel' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + include_examples 'Debian 11' it { is_expected.to contain_class('postgresql::lib::devel') } @@ -19,7 +11,7 @@ it { is_expected.not_to contain_file('/usr/bin/pg_config') \ .with_ensure('link') \ - .with_target('/usr/lib/postgresql/8.4/bin/pg_config') + .with_target('/usr/lib/postgresql/13/bin/pg_config') } end @@ -34,29 +26,13 @@ end describe 'should not link pg_config on RedHat with default version' do - let(:facts) do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.3', 'major' => '6' }, - }, - } - end + include_examples 'RedHat 6' it { is_expected.not_to contain_file('/usr/bin/pg_config') } end describe 'link pg_config on RedHat with non-default version' do - let(:facts) do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.3', 'major' => '6' }, - }, - } - end + include_examples 'RedHat 6' let :pre_condition do "class { '::postgresql::globals': version => '9.3' }" end @@ -69,14 +45,7 @@ end describe 'on Gentoo' do - let :facts do - { - os: { - family: 'Gentoo', - name: 'Gentoo', - }, - } - end + include_examples 'Gentoo' let :params do { link_pg_config: false, @@ -84,9 +53,7 @@ end it 'fails to compile' do - expect { - is_expected.to compile - }.to raise_error(%r{is not supported}) + is_expected.to compile.and_raise_error(%r{is not supported}) end end end diff --git a/spec/classes/lib/java_spec.rb b/spec/classes/lib/java_spec.rb index 631adcc3d3..0e0797d4e1 100644 --- a/spec/classes/lib/java_spec.rb +++ b/spec/classes/lib/java_spec.rb @@ -4,15 +4,7 @@ describe 'postgresql::lib::java' do describe 'on a debian based os' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + include_examples 'Debian 11' it { is_expected.to contain_package('postgresql-jdbc').with( @@ -24,15 +16,7 @@ end describe 'on a redhat based os' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.4', 'major' => '6' }, - }, - } - end + include_examples 'RedHat 8' it { is_expected.to contain_package('postgresql-jdbc').with( diff --git a/spec/classes/lib/perl_spec.rb b/spec/classes/lib/perl_spec.rb index a3981f2e3a..3acd014da0 100644 --- a/spec/classes/lib/perl_spec.rb +++ b/spec/classes/lib/perl_spec.rb @@ -3,16 +3,8 @@ require 'spec_helper' describe 'postgresql::lib::perl' do - describe 'on a redhat based os' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.4', 'major' => '6' }, - }, - } - end + describe 'on redhat 8' do + include_examples 'RedHat 8' it { is_expected.to contain_package('perl-DBD-Pg').with( @@ -22,16 +14,8 @@ } end - describe 'on a debian based os' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + describe 'on debian 11' do + include_examples 'Debian 11' it { is_expected.to contain_package('perl-DBD-Pg').with( diff --git a/spec/classes/lib/pgdocs_spec.rb b/spec/classes/lib/pgdocs_spec.rb index 2dc4362bc6..febce3b57e 100644 --- a/spec/classes/lib/pgdocs_spec.rb +++ b/spec/classes/lib/pgdocs_spec.rb @@ -4,15 +4,7 @@ describe 'postgresql::lib::docs' do describe 'on a redhat based os' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.4', 'major' => '6' }, - }, - } - end + include_examples 'RedHat 8' it { is_expected.to contain_package('postgresql-docs').with( diff --git a/spec/classes/lib/python_spec.rb b/spec/classes/lib/python_spec.rb index 165f145053..87af71b71c 100644 --- a/spec/classes/lib/python_spec.rb +++ b/spec/classes/lib/python_spec.rb @@ -3,16 +3,8 @@ require 'spec_helper' describe 'postgresql::lib::python' do - describe 'on a redhat based os' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.4', 'major' => '6' }, - }, - } - end + describe 'on redhat 7' do + include_examples 'RedHat 7' it { is_expected.to contain_package('python-psycopg2').with( @@ -22,16 +14,8 @@ } end - describe 'on a redhat based os with python 3' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '8.2', 'major' => '8' }, - }, - } - end + describe 'on redhat 8' do + include_examples 'RedHat 8' it { is_expected.to contain_package('python-psycopg2').with( @@ -41,16 +25,8 @@ } end - describe 'on a debian based os' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + describe 'on debian 11' do + include_examples 'Debian 11' it { is_expected.to contain_package('python-psycopg2').with( diff --git a/spec/classes/params_spec.rb b/spec/classes/params_spec.rb index c8ab852dea..8fc61e3e34 100644 --- a/spec/classes/params_spec.rb +++ b/spec/classes/params_spec.rb @@ -3,15 +3,11 @@ require 'spec_helper' describe 'postgresql::params' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } - it { is_expected.to contain_class('postgresql::params') } + it { is_expected.to contain_class('postgresql::params') } + end + end end diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb index c7c61fdf97..23f97a6db5 100644 --- a/spec/classes/repo_spec.rb +++ b/spec/classes/repo_spec.rb @@ -3,22 +3,7 @@ require 'spec_helper' describe 'postgresql::repo' do - let :facts do - { - os: { - name: 'Debian', - family: 'Debian', - release: { - full: '8.0', - major: '8', - }, - distro: { 'codename' => 'jessie' }, - }, - osfamily: 'Debian', - lsbdistid: 'Debian', - lsbdistcodename: 'jessie', - } - end + include_examples 'Debian 11' describe 'with no parameters' do it 'instantiates apt_postgresql_org class' do diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index f3401a4ffd..55fbf665ce 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -8,28 +8,7 @@ end describe 'on RedHat 7' do - let(:facts) do - { - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - os: { - 'architecture' => 'x86_64', - 'family' => 'RedHat', - 'hardware' => 'x86_64', - 'name' => 'CentOS', - 'release' => { - 'full' => '7.9.2009', - 'major' => '7', - 'minor' => '9', - }, - selinux: { 'enabled' => true }, - }, - operatingsystemrelease: '7.9.2009', - service_provider: 'systemd', - } - end + include_examples 'RedHat 7' it 'has SELinux port defined' do is_expected.to contain_package('policycoreutils-python').with(ensure: 'installed') @@ -58,29 +37,7 @@ end context 'RHEL 7 host with Puppet 5' do - let(:facts) do - { - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - os: { - 'architecture' => 'x86_64', - 'family' => 'RedHat', - 'hardware' => 'x86_64', - 'name' => 'CentOS', - 'release' => { - 'full' => '7.9.2009', - 'major' => '7', - 'minor' => '9', - }, - selinux: { 'enabled' => true }, - }, - operatingsystemrelease: '7.9.2009', - puppetversion: '5.0.1', - service_provider: 'systemd', - } - end + include_examples 'RedHat 7' it 'has systemctl restart command' do is_expected.to contain_exec('restart-systemd').with( @@ -116,29 +73,7 @@ class { 'postgresql::server': } end describe 'on Redhat 8' do - let(:facts) do - { - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - os: { - 'architecture' => 'x86_64', - 'family' => 'RedHat', - 'hardware' => 'x86_64', - 'name' => 'RedHat', - 'release' => { - 'full' => '8.2.2004', - 'major' => '8', - 'minor' => '2', - }, - selinux: { 'enabled' => true }, - }, - operatingsystem: 'RedHat', - operatingsystemrelease: '8.2.2004', - service_provider: 'systemd', - } - end + include_examples 'RedHat 8' it 'has SELinux port defined' do is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') @@ -189,29 +124,7 @@ class { 'postgresql::server': } end describe 'on Fedora 33' do - let(:facts) do - { - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - os: { - 'architecture' => 'x86_64', - 'family' => 'RedHat', - 'hardware' => 'x86_64', - 'name' => 'Fedora', - 'release' => { - 'full' => '33', - 'major' => '33', - 'minor' => '33', - }, - selinux: { 'enabled' => true }, - }, - operatingsystem: 'Fedora', - operatingsystemrelease: '33', - service_provider: 'systemd', - } - end + include_examples 'Fedora 33' it 'has SELinux port defined' do is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') @@ -263,23 +176,7 @@ class { 'postgresql::server': } end describe 'on Amazon' do - let :facts do - { - os: { - family: 'RedHat', - name: 'Amazon', - release: { - 'full' => '1.0', - 'major' => '1', - }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'Amazon 1' it 'has SELinux port defined' do is_expected.to contain_package('policycoreutils').with(ensure: 'installed') @@ -292,6 +189,7 @@ class { 'postgresql::server': } end describe 'with managed pg_hba_conf and ipv4acls' do + include_examples 'RedHat 7' let(:pre_condition) do <<-EOS class { 'postgresql::globals': @@ -306,25 +204,6 @@ class { 'postgresql::server': } EOS end - let(:facts) do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { - 'full' => '7.9.2009', - 'major' => '7', - 'minor' => '9', - }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - service_provider: 'systemd', - } - end it 'has hba rule default' do is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') @@ -335,6 +214,8 @@ class { 'postgresql::server': end describe 'on Gentoo' do + include_examples 'Gentoo' + let(:pre_condition) do <<-EOS class { 'postgresql::globals': @@ -344,25 +225,6 @@ class { 'postgresql::server': } EOS end - let(:facts) do - { - os: { - family: 'Gentoo', - name: 'Gentoo', - release: { - 'full' => 'unused', - 'major' => 'unused', - }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: false, - service_provider: 'systemd', - } - end - it 'does not have SELinux port defined' do is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') end diff --git a/spec/classes/server/contrib_spec.rb b/spec/classes/server/contrib_spec.rb index 85f963955a..4092801c30 100644 --- a/spec/classes/server/contrib_spec.rb +++ b/spec/classes/server/contrib_spec.rb @@ -3,26 +3,12 @@ require 'spec_helper' describe 'postgresql::server::contrib' do + include_examples 'RedHat 8' + let :pre_condition do "class { 'postgresql::server': }" end - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'major' => '8' }, - selinux: { - enabled: false, - }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - describe 'with parameters' do let(:params) do { @@ -45,31 +31,15 @@ end describe 'on Gentoo' do - let :facts do - { - os: { - family: 'Gentoo', - name: 'Gentoo', - }, - } - end + include_examples 'Gentoo' - it 'postgresql-contrib should not be installed' do - is_expected.to compile - is_expected.not_to contain_package('postgresql-contrib') + it 'fails to compile' do + is_expected.to compile.and_raise_error(%r{is not supported}) end end - describe 'on Debian' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + describe 'on Debian 11' do + include_examples 'Debian 11' it 'postgresql-contrib should not be installed' do is_expected.to compile diff --git a/spec/classes/server/initdb_spec.rb b/spec/classes/server/initdb_spec.rb index e2637c40c5..50ba8c853b 100644 --- a/spec/classes/server/initdb_spec.rb +++ b/spec/classes/server/initdb_spec.rb @@ -8,20 +8,7 @@ end describe 'on RedHat' do - let :facts do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.0', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'RedHat 8' it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } @@ -48,20 +35,7 @@ class {'postgresql::server': end describe 'on Amazon' do - let :facts do - { - os: { - family: 'RedHat', - name: 'Amazon', - release: { 'full' => '1.0', 'major' => '1' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'Amazon 1' it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } @@ -80,20 +54,7 @@ class {'postgresql::server': end describe 'exec with module_workdir => /var/tmp' do - let :facts do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.0', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'RedHat 8' let(:pre_condition) do <<-EOS class { 'postgresql::globals': @@ -111,20 +72,7 @@ class { 'postgresql::server': } end describe 'exec with module_workdir => undef' do - let :facts do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.0', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'RedHat 8' let(:pre_condition) do <<-EOS class { 'postgresql::globals': @@ -141,21 +89,7 @@ class { 'postgresql::server': } end describe 'postgresql_psql with module_workdir => /var/tmp' do - let :facts do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.0', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end - + include_examples 'RedHat 8' let(:pre_condition) do <<-EOS class { 'postgresql::globals': diff --git a/spec/classes/server/plperl_spec.rb b/spec/classes/server/plperl_spec.rb index 6c3ddc47df..6df41c2cd8 100644 --- a/spec/classes/server/plperl_spec.rb +++ b/spec/classes/server/plperl_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::plperl' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :pre_condition do "class { 'postgresql::server': }" diff --git a/spec/classes/server/plpython_spec.rb b/spec/classes/server/plpython_spec.rb index 62f8e1c8f8..defb4bb31e 100644 --- a/spec/classes/server/plpython_spec.rb +++ b/spec/classes/server/plpython_spec.rb @@ -3,20 +3,7 @@ require 'spec_helper' describe 'postgresql::server::plpython' do - let :facts do - { - os: { - family: 'RedHat', - name: 'CentOS', - release: { 'full' => '6.8', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'RedHat 8' let :pre_condition do "class { 'postgresql::server': }" diff --git a/spec/classes/server/postgis_spec.rb b/spec/classes/server/postgis_spec.rb index 0f66873af8..69c8d95f8d 100644 --- a/spec/classes/server/postgis_spec.rb +++ b/spec/classes/server/postgis_spec.rb @@ -3,23 +3,11 @@ require 'spec_helper' describe 'postgresql::server::postgis' do + include_examples 'Debian 11' let :pre_condition do "class { 'postgresql::server': }" end - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - describe 'with parameters' do let(:params) do { diff --git a/spec/classes/server/service_spec.rb b/spec/classes/server/service_spec.rb index 96da750ecb..1fa6f5ab8d 100644 --- a/spec/classes/server/service_spec.rb +++ b/spec/classes/server/service_spec.rb @@ -3,20 +3,12 @@ require 'spec_helper' describe 'postgresql::server::service' do + include_examples 'Ubuntu 18.04' + let :pre_condition do 'include postgresql::server' end - let :facts do - { - os: { - family: 'Debian', - name: 'Ubuntu', - release: { 'full' => '18.04', 'major' => '18.04' }, - }, - } - end - it { is_expected.to contain_class('postgresql::server::service') } it { is_expected.to contain_service('postgresqld').with_name('postgresql').with_status('/usr/sbin/service postgresql@*-main status') } end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index c566f6fdf4..7ebe246998 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -3,30 +3,12 @@ require 'spec_helper' describe 'postgresql::server' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { - full: '8.0', - major: '8', - }, - distro: { 'codename' => 'jessie' }, - }, - osfamily: 'Debian', - lsbdistid: 'Debian', - lsbdistcodename: 'jessie', - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' describe 'with no parameters' do it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } - it { is_expected.to contain_file('/var/lib/postgresql/9.4/main') } + it { is_expected.to contain_file('/var/lib/postgresql/13/main') } it { is_expected.to contain_exec('postgresql_reload').with('command' => 'service postgresql reload') } @@ -36,19 +18,7 @@ end describe 'with manage_dnf_module true' do - let(:facts) do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '8.3', 'major' => '8' }, - selinux: { - enabled: true, - } - }, - osfamily: 'RedHat', - } - end + include_examples 'RedHat 8' let(:pre_condition) do <<-PUPPET diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index eb104e73d6..b4a2cebac4 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -3,24 +3,7 @@ require 'spec_helper' describe 'postgresql::server::config_entry' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { - 'full' => '6.4', - 'major' => '6', - 'minor' => '4', - }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end + include_examples 'Debian 11' let(:title) { 'config_entry' } @@ -39,22 +22,10 @@ end context 'ports' do + let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } + context 'redhat 6' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '6.4', 'major' => '6' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end - let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } + include_examples 'RedHat 6' it 'stops postgresql and changes the port #exec' do is_expected.to contain_exec('postgresql_stop_port') @@ -64,26 +35,7 @@ end end context 'redhat 7' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { - 'full' => '7.9.2009', - 'major' => '7', - 'minor' => '9', - }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - service_provider: 'systemd', - } - end - let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } + include_examples 'RedHat 7' it 'stops postgresql and changes the port #file' do is_expected.to contain_file('systemd-override') @@ -92,6 +44,7 @@ end context 'data_directory' do + include_examples 'RedHat 6' let(:params) { { ensure: 'present', name: 'data_directory_spec', value: '/var/pgsql' } } it 'stops postgresql and changes the data directory #exec' do @@ -112,20 +65,6 @@ end context 'unix_socket_directories' do - let :facts do - { - os: { - family: 'RedHat', - name: 'RedHat', - release: { 'full' => '7.0', 'major' => '7' }, - selinux: { 'enabled' => true }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - selinux: true, - } - end let(:params) { { ensure: 'present', name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/' } } it 'restarts the server and change unix_socket_directories to the provided list' do diff --git a/spec/defines/server/database_grant_spec.rb b/spec/defines/server/database_grant_spec.rb index 95d0f70f92..3951fa2b27 100644 --- a/spec/defines/server/database_grant_spec.rb +++ b/spec/defines/server/database_grant_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::database_grant' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/database_spec.rb b/spec/defines/server/database_spec.rb index c5144b7028..158706001a 100644 --- a/spec/defines/server/database_spec.rb +++ b/spec/defines/server/database_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::database' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' end diff --git a/spec/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb index 6f6d46ad60..65677d9aa1 100644 --- a/spec/defines/server/db_spec.rb +++ b/spec/defines/server/db_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::db' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 01222dae65..0c08cfdef4 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -3,36 +3,14 @@ require 'spec_helper' describe 'postgresql::server::default_privileges' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '9.0', 'major' => '9' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' end context 'with unsupported PostgreSQL version' do - let(:facts) do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'RedHat 7' let :params do { @@ -135,18 +113,7 @@ end context 'schemas on postgres < 10.0' do - let(:facts) do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '9.0', 'major' => '9' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 9' let :params do { @@ -166,18 +133,7 @@ end context 'schemas on postgres >= 10.0' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '10.0', 'major' => '10' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :params do { @@ -210,18 +166,7 @@ class { 'postgresql::server': } end context 'nested schemas are invalid' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '10.0', 'major' => '10' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :params do { diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index dc92b24054..268933716d 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -3,26 +3,14 @@ require 'spec_helper' describe 'postgresql::server::extension' do # rubocop:disable RSpec/MultipleDescribes + include_examples 'Debian 11' + let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis': template => 'template1', }" end - - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let(:title) { 'postgis' } let(:params) do { @@ -120,26 +108,14 @@ end describe 'postgresql::server::extension' do + include_examples 'Debian 10' + let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis2': template => 'template1', }" end - - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '10.0', 'major' => '10' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let(:title) { 'postgis_db2' } let(:params) do { @@ -161,18 +137,7 @@ end describe 'postgresql::server::extension' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '10.0', 'major' => '10' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 10' let(:title) { 'pg_repack' } let(:params) do diff --git a/spec/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb index a4c0b99abe..359d13cfec 100644 --- a/spec/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -3,23 +3,12 @@ require 'spec_helper' describe 'postgresql::server::grant_role' do + include_examples 'Debian 11' + let :pre_condition do "class { 'postgresql::server': }" end - let(:facts) do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let(:title) { 'test' } let(:params) do diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index c3586d004f..508a24747e 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::grant' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index 0bef824323..28b985a001 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::pg_hba_rule' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' end diff --git a/spec/defines/server/pg_ident_rule_spec.rb b/spec/defines/server/pg_ident_rule_spec.rb index 59dffbfc5b..107e7e6191 100644 --- a/spec/defines/server/pg_ident_rule_spec.rb +++ b/spec/defines/server/pg_ident_rule_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::pg_ident_rule' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' end diff --git a/spec/defines/server/reassign_owned_by_spec.rb b/spec/defines/server/reassign_owned_by_spec.rb index 227d621bbd..db6e68a114 100644 --- a/spec/defines/server/reassign_owned_by_spec.rb +++ b/spec/defines/server/reassign_owned_by_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::reassign_owned_by' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index 4167508954..e8ab5c9b08 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::recovery' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let(:title) do 'test' end diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index f4a614d1ce..19c649ee22 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::role' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/schema_spec.rb b/spec/defines/server/schema_spec.rb index 817de21cba..8da588d67c 100644 --- a/spec/defines/server/schema_spec.rb +++ b/spec/defines/server/schema_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::schema' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/table_grant_spec.rb b/spec/defines/server/table_grant_spec.rb index b8b5c9f811..0fb0b86983 100644 --- a/spec/defines/server/table_grant_spec.rb +++ b/spec/defines/server/table_grant_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::table_grant' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/server/tablespace_spec.rb b/spec/defines/server/tablespace_spec.rb index e8dd9dd5bb..f2dbfff732 100644 --- a/spec/defines/server/tablespace_spec.rb +++ b/spec/defines/server/tablespace_spec.rb @@ -3,18 +3,7 @@ require 'spec_helper' describe 'postgresql::server::tablespace' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - kernel: 'Linux', - id: 'root', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb index 4777f37ccc..757b41b040 100644 --- a/spec/defines/validate_db_connection_spec.rb +++ b/spec/defines/validate_db_connection_spec.rb @@ -3,15 +3,7 @@ require 'spec_helper' describe 'postgresql::validate_db_connection' do - let :facts do - { - os: { - family: 'Debian', - name: 'Debian', - release: { 'full' => '8.0', 'major' => '8' }, - }, - } - end + include_examples 'Debian 11' let :title do 'test' diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index a8c1eb75b5..c798be50d8 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -91,3 +91,99 @@ def param(type, title, param) .and_raise_error(StandardError) end end + +shared_context 'Debian 9' do + let(:facts) { on_supported_os['debian-9-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'Debian 10' do + let(:facts) { on_supported_os['debian-10-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'Debian 11' do + let(:facts) { on_supported_os['debian-11-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'Ubuntu 18.04' do + let(:facts) { on_supported_os['ubuntu-18.04-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'RedHat 6' do + let(:facts) { on_supported_os['redhat-6-x86_64'].merge(service_provider: 'redhat') } +end + +shared_context 'RedHat 7' do + let(:facts) { on_supported_os['redhat-7-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'RedHat 8' do + let(:facts) { on_supported_os['redhat-8-x86_64'].merge(service_provider: 'systemd') } +end + +shared_context 'Fedora 33' do + let(:facts) do + { + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, + os: { + 'architecture' => 'x86_64', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'Fedora', + 'release' => { + 'full' => '33', + 'major' => '33', + 'minor' => '33', + }, + selinux: { 'enabled' => true }, + }, + operatingsystem: 'Fedora', + operatingsystemrelease: '33', + service_provider: 'systemd', + } + end +end + +shared_context 'Amazon 1' do + let :facts do + { + os: { + family: 'RedHat', + name: 'Amazon', + release: { + 'full' => '1.0', + 'major' => '1', + }, + selinux: { 'enabled' => true }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: true, + service_provider: 'redhat', + } + end +end + +shared_context 'Gentoo' do + let :facts do + { + os: { + family: 'Gentoo', + name: 'Gentoo', + release: { + 'full' => 'unused', + 'major' => 'unused', + }, + selinux: { 'enabled' => false }, + }, + kernel: 'Linux', + id: 'root', + path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + selinux: false, + service_provider: 'openrc', + } + end +end From 295678d27ed5cb3d67361bb193afcc7bbd0a78f9 Mon Sep 17 00:00:00 2001 From: fe80 Date: Sun, 6 Feb 2022 15:26:37 +0100 Subject: [PATCH 0686/1000] fix spec postgresql_password with scram-sha-256 --- spec/spec_helper_local.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index c798be50d8..abae652f9c 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -59,12 +59,12 @@ def param(type, title, param) } it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( - 'SCRAM-SHA-256$4096:YmFy$y1VOaTvvs4V3OECvMzre9FtgCZClGuBLVE6sNPsTKbs=:HwFqmSKbihSyHMqkhufOy++cWCFIoTRSg8y6YgeALzE=', + 'SCRAM-SHA-256$4096:Zm9v$ea66ynZ8cS9Ty4ZkEYicwC72StsKLSwjcXIXKMgepTk=:dJYmOU6BMCaWkQOB3lrXH9OAF3lW2n3NJ26NO7Srq7U=', ) } it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( - 'SCRAM-SHA-256$4096:c2FsdA==$zOt2zFfUQMbpQf3/vRnYB33QDK/L7APOBHniLy39j/4=:DcW5Jp8Do7wYhVp1f9aT0cyhUfzIAozGcvzXZj+M3YI=', + 'SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=', ) } it 'raises an error if there is only 1 argument' do From a1033e91bdd2ebd0b53f2066ef2afcc555d405c3 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 6 Feb 2022 16:27:40 +0100 Subject: [PATCH 0687/1000] Fix spec tests In a bad rebase I introduced a test failure. Fixes: f4a42a7d788a4d04fcf56a8c397a851e0e081c57 --- spec/classes/server/config_spec.rb | 51 +++++++++++++++-------------- spec/classes/server/contrib_spec.rb | 5 +-- 2 files changed, 30 insertions(+), 26 deletions(-) diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 55fbf665ce..25a724814e 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -216,34 +216,37 @@ class { 'postgresql::server': describe 'on Gentoo' do include_examples 'Gentoo' - let(:pre_condition) do - <<-EOS - class { 'postgresql::globals': - version => '9.5', - }-> - class { 'postgresql::server': } - EOS - end + describe 'with systemd' do + let(:facts) { super().merge(service_provider: 'systemd') } + let(:pre_condition) do + <<-EOS + class { 'postgresql::globals': + version => '9.5', + }-> + class { 'postgresql::server': } + EOS + end - it 'does not have SELinux port defined' do - is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') - end + it 'does not have SELinux port defined' do + is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + end - it 'removes the old systemd-override file' do - is_expected.to contain_file('old-systemd-override') - .with(ensure: 'absent', path: '/etc/systemd/system/postgresql-9.5.service') - end + it 'removes the old systemd-override file' do + is_expected.to contain_file('old-systemd-override') + .with(ensure: 'absent', path: '/etc/systemd/system/postgresql-9.5.service') + end - it 'has the correct systemd-override drop file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.5.service.d/postgresql-9.5.conf', - owner: 'root', group: 'root' - ) - end + it 'has the correct systemd-override drop file' do + is_expected.to contain_file('systemd-override').with( + ensure: 'file', path: '/etc/systemd/system/postgresql-9.5.service.d/postgresql-9.5.conf', + owner: 'root', group: 'root' + ) + end - it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{(?!^.include)}) + it 'has the correct systemd-override file #regex' do + is_expected.to contain_file('systemd-override') \ + .with_content(%r{(?!^.include)}) + end end end end diff --git a/spec/classes/server/contrib_spec.rb b/spec/classes/server/contrib_spec.rb index 4092801c30..dcbda7b5bf 100644 --- a/spec/classes/server/contrib_spec.rb +++ b/spec/classes/server/contrib_spec.rb @@ -33,8 +33,9 @@ describe 'on Gentoo' do include_examples 'Gentoo' - it 'fails to compile' do - is_expected.to compile.and_raise_error(%r{is not supported}) + it 'postgresql-contrib should not be installed' do + is_expected.to compile + is_expected.not_to contain_package('postgresql-contrib') end end From dd9e810ea5d5215f27f19fee32c769e829347821 Mon Sep 17 00:00:00 2001 From: 22swan Date: Tue, 8 Feb 2022 15:22:16 +0000 Subject: [PATCH 0688/1000] (IAC-1787) Remove Support for CentOS 6 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index ab4b5dffc2..945e3a749e 100644 --- a/metadata.json +++ b/metadata.json @@ -33,7 +33,6 @@ { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "6", "7", "8" ] From 1637db5201413a5b9597069d200e39cbe6d22f00 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 2 Mar 2022 17:26:35 +0000 Subject: [PATCH 0689/1000] Release prep v8.0.0 --- CHANGELOG.md | 29 ++++++++++++++++++++++++++++- REFERENCE.md | 48 ++++++++++++++++++++++++++++++++++++++++++++---- metadata.json | 2 +- 3 files changed, 73 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 16e0bd37b5..1e749dcc77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,34 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-27) +## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-02) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) + +### Changed + +- Support setting default\_privileges on all schemas [\#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) + +### Added + +- add default version for Fedora 35 [\#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) +- add scram-sha-256 support [\#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) +- add support for Ubuntu Hirsute and Impish [\#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) +- Allow systemd to mask postgresql service file [\#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) +- Make ::contrib a noop on OSes without a contrib package [\#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) +- pdksync - \(IAC-1753\) - Add Support for AlmaLinux 8 [\#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) +- MODULES-11201: add service\_name for Ubuntu 18.04 and later [\#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) +- pdksync - \(IAC-1751\) - Add Support for Rocky 8 [\#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) +- Default privileges support schemas [\#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) +- Support target\_role in default\_privileges [\#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) + +### Fixed + +- pdksync - \(IAC-1787\) Remove Support for CentOS 6 [\#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) +- Fix python package name in RHEL/CentOS 8 [\#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) +- Drop further code for Debian 6 and Ubuntu 10 [\#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) + +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.1...v7.5.0) diff --git a/REFERENCE.md b/REFERENCE.md index d4babcca97..97ac48ec72 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1330,7 +1330,7 @@ The following parameters are available in the `postgresql::server::contrib` clas ##### `package_name` -Data type: `String` +Data type: `Optional[String[1]]` The name of the PostgreSQL contrib package. @@ -1731,6 +1731,7 @@ Manage a database defaults privileges. Only works with PostgreSQL version 9.6 an The following parameters are available in the `postgresql::server::default_privileges` defined type: +* [`target_role`](#target_role) * [`ensure`](#ensure) * [`role`](#role) * [`db`](#db) @@ -1745,6 +1746,14 @@ The following parameters are available in the `postgresql::server::default_privi * [`psql_path`](#psql_path) * [`group`](#group) +##### `target_role` + +Data type: `Optional[String]` + +Target role whose created objects will receive the default privileges. Defaults to the current user. + +Default value: ``undef`` + ##### `ensure` Data type: `Enum['present', @@ -1774,7 +1783,8 @@ Data type: `Pattern[ /(?i:^ROUTINES$)/, /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, - /(?i:^TYPES$)/ + /(?i:^TYPES$)/, + /(?i:^SCHEMAS$)/ ]` Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. @@ -1789,7 +1799,7 @@ Specifies comma-separated list of privileges to grant. Valid options: depends on Data type: `String` -Target schema. Defaults to 'public'. +Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas. Default value: `'public'` @@ -2561,6 +2571,8 @@ The following parameters are available in the `postgresql::server::role` defined * [`psql_group`](#psql_group) * [`psql_path`](#psql_path) * [`module_workdir`](#module_workdir) +* [`hash`](#hash) +* [`salt`](#salt) ##### `update_password` @@ -2706,6 +2718,22 @@ Specifies working directory under which the psql command should be executed. May Default value: `$postgresql::server::module_workdir` +##### `hash` + +Data type: `Enum['md5', 'scram-sha-256']` + +Specify the hash method for pg password + +Default value: `'md5'` + +##### `salt` + +Data type: `Optional[Variant[String[1], Integer]]` + +Specify the salt use for the scram-sha-256 encoding password (default username) + +Default value: ``undef`` + ### `postgresql::server::schema` Create a new schema. @@ -3370,7 +3398,7 @@ Type: Ruby 4.x API This function returns the postgresql password hash from the clear text username / password -#### `postgresql::postgresql_password(Variant[String[1], Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password, Optional[Boolean] $sensitive)` +#### `postgresql::postgresql_password(Variant[String[1], Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password, Optional[Boolean] $sensitive, Optional[Optional[Enum['md5', 'scram-sha-256']]] $hash, Optional[Optional[Variant[String[1], Integer]]] $salt)` The postgresql::postgresql_password function. @@ -3394,6 +3422,18 @@ Data type: `Optional[Boolean]` If the Postgresql-Passwordhash should be of Datatype Sensitive[String] +##### `hash` + +Data type: `Optional[Optional[Enum['md5', 'scram-sha-256']]]` + +Set type for password hash + +##### `salt` + +Data type: `Optional[Optional[Variant[String[1], Integer]]]` + +Use a specific salt value for scram-sha-256, default is username + ### `postgresql_escape` Type: Ruby 4.x API diff --git a/metadata.json b/metadata.json index 945e3a749e..8fd98543e0 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "7.5.0", + "version": "8.0.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 06de19b4e9ab0b1694243ed5501d30baf7625dc6 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 8 Mar 2022 16:23:02 +0100 Subject: [PATCH 0690/1000] Remove unused variable in reload.pp When service_reload was introduced, it made service_name redundant. Fixes: ef1681f5e50ae7976484dd1daf6a18a92bcb9191 --- manifests/server/reload.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/server/reload.pp b/manifests/server/reload.pp index 0b17272c62..28a5346ff3 100644 --- a/manifests/server/reload.pp +++ b/manifests/server/reload.pp @@ -1,6 +1,5 @@ # @api private class postgresql::server::reload { - $service_name = $postgresql::server::service_name $service_status = $postgresql::server::service_status $service_reload = $postgresql::server::service_reload From 6d50cc2b87a068fd4d2f9c4fb3106389aebeb311 Mon Sep 17 00:00:00 2001 From: david22swan Date: Wed, 16 Mar 2022 15:42:07 +0000 Subject: [PATCH 0691/1000] pdksync_heads/main-0-gf3911d3 --- .github/workflows/nightly.yml | 3 ++- .github/workflows/spec.yml | 1 + .rubocop.yml | 2 +- Gemfile | 1 + metadata.json | 4 ++-- 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 5cfc376089..bd5a1ca635 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -11,6 +11,7 @@ env: jobs: setup_matrix: + if: ${{ github.repository_owner == 'puppetlabs' }} name: "Setup Test Matrix" runs-on: ubuntu-20.04 outputs: @@ -186,7 +187,7 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' slack-workflow-status: - if: always() + if: ${{ github.repository_owner == 'puppetlabs' }} name: Post Workflow Status To Slack needs: - Acceptance diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 723e42ff91..6c1ae10d8c 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -120,6 +120,7 @@ jobs: buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: + - name: Run parallel_spec tests run: | buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec diff --git a/.rubocop.yml b/.rubocop.yml index 8f782e7415..31e8248ff8 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -4,7 +4,7 @@ require: - rubocop-rspec AllCops: DisplayCopNames: true - TargetRubyVersion: '2.4' + TargetRubyVersion: '2.5' Include: - "**/*.rb" Exclude: diff --git a/Gemfile b/Gemfile index 135373d02b..a14223db65 100644 --- a/Gemfile +++ b/Gemfile @@ -24,6 +24,7 @@ group :development do gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "voxpupuli-puppet-lint-plugins", '>= 3.0', require: false, platforms: [:ruby] gem "github_changelog_generator", require: false end group :system_tests do diff --git a/metadata.json b/metadata.json index 8fd98543e0..bde9b15023 100644 --- a/metadata.json +++ b/metadata.json @@ -94,7 +94,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.2.0", + "pdk-version": "2.3.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "2.3.0-0-g8aaceff" + "template-ref": "heads/main-0-gf3911d3" } From 027794f5c7628ca9a3a73cea5b4740f97b4560dd Mon Sep 17 00:00:00 2001 From: david22swan Date: Wed, 23 Mar 2022 12:34:22 +0000 Subject: [PATCH 0692/1000] (GH-iac-334) Remove Support for Ubuntu 16.04 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 8fd98543e0..6ab557ba33 100644 --- a/metadata.json +++ b/metadata.json @@ -70,7 +70,6 @@ "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "14.04", - "16.04", "18.04", "20.04" ] From 790104a6eaa5ad403b7d84f8e73c01ab4d3bbecb Mon Sep 17 00:00:00 2001 From: david22swan Date: Wed, 23 Mar 2022 16:11:59 +0000 Subject: [PATCH 0693/1000] (GH-iac-334) Remove Support for Ubuntu 14.04 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 6ab557ba33..0b2fae3f1f 100644 --- a/metadata.json +++ b/metadata.json @@ -69,7 +69,6 @@ { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "14.04", "18.04", "20.04" ] From da169b9941f0a53da0d30b256679ed8c00406bf6 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 23 Mar 2022 23:57:02 +0100 Subject: [PATCH 0694/1000] README.md: correct postgresql_conn_validator example it's required to set the psql_path parameter. Otherwise you end up with something like: ``` Debug: Executing: '--tuples-only --quiet --no-psqlrc --host 127.0.0.1 --port 5432 --username grafana --dbname grafana --command SELECT 1' ``` --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 31f2681932..df7b3794c7 100644 --- a/README.md +++ b/README.md @@ -321,8 +321,9 @@ postgresql_conn_validator { 'validate my postgres connection': db_username => 'mydbuser', db_password => 'mydbpassword', db_name => 'mydbname', -}-> -exec { 'rake db:migrate': + psql_path => '/usr/bin/psql', +} +-> exec { 'rake db:migrate': cwd => '/opt/myrubyapp', } ``` From d4d0cf3d26469c25f0843d2bb97c3fa755fc0ae2 Mon Sep 17 00:00:00 2001 From: Craig Gumbley Date: Fri, 25 Mar 2022 15:12:33 +0000 Subject: [PATCH 0695/1000] (MAINT) Add labeller and stale GHA workflows --- .github/workflows/labeller.yml | 22 ++++++++++++++++++++++ .github/workflows/stale.yml | 19 +++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 .github/workflows/labeller.yml create mode 100644 .github/workflows/stale.yml diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml new file mode 100644 index 0000000000..cb3a93078f --- /dev/null +++ b/.github/workflows/labeller.yml @@ -0,0 +1,22 @@ +name: community-labeller + +on: + issues: + types: + - opened + pull_request: + types: + - opened + +jobs: + label: + runs-on: ubuntu-latest + steps: + + - uses: puppetlabs/community-labeller@v0 + name: Label issues or pull requests + with: + label_name: community + label_color: '5319e7' + org_membership: puppetlabs + token: ${{ secrets.IAC_COMMUNITY_LABELER }} \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 0000000000..c6edd6de2a --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,19 @@ +name: Mark stale issues and pull requests + +on: + schedule: + - cron: "30 1 * * *" + +jobs: + stale: + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v3 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + days-before-stale: 60 + days-before-close: 7 + stale-issue-message: 'This issue has been marked as stale because it has been open for a while and has had no recent activity. If this issue is still important to you please drop a comment below and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.' + stale-issue-label: 'stale' + stale-pr-message: 'This PR has been marked as stale because it has been open for a while and has had no recent activity. If this PR is still important to you please drop a comment below and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.' + stale-pr-label: 'stale' From fecc88589b5124d901e916ee7f7fa3be4cd29348 Mon Sep 17 00:00:00 2001 From: Craig Gumbley Date: Fri, 25 Mar 2022 15:33:45 +0000 Subject: [PATCH 0696/1000] (MAINT) Fixes no new line at EOF --- .github/workflows/labeller.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml index cb3a93078f..104370aa1c 100644 --- a/.github/workflows/labeller.yml +++ b/.github/workflows/labeller.yml @@ -19,4 +19,4 @@ jobs: label_name: community label_color: '5319e7' org_membership: puppetlabs - token: ${{ secrets.IAC_COMMUNITY_LABELER }} \ No newline at end of file + token: ${{ secrets.IAC_COMMUNITY_LABELER }} From e764365e5970a2a87d89cf6649226e1596022c5d Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 29 Mar 2022 10:03:02 +0100 Subject: [PATCH 0697/1000] (GH-C&T-9) Temporarily disable syntax checks --- .github/workflows/spec.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 6c1ae10d8c..2f6aa53615 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -54,10 +54,10 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Run Static & Syntax Tests - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop +# - name: Run Static & Syntax Tests +# if: ${{ github.repository_owner == 'puppetlabs' }} +# run: | +# buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - name: Setup Spec Test Matrix id: get-matrix From a42ddb9280a909b8355280784155e3247ee99300 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 8 Mar 2022 16:21:02 +0100 Subject: [PATCH 0698/1000] Use systemctl reload on EL 7 and higher This means it'll work on EL9. It's also safe to assume future EL versions use systemd. --- manifests/params.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 0303d026a6..94159d0bb1 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -88,9 +88,9 @@ $service_status = "service ${service_name} status" } - # RHEL 5 uses SysV init, RHEL 6 uses upstart. RHEL 7 and 8 both use systemd. + # RHEL 5 uses SysV init, RHEL 6 uses upstart, RHEL 7+ uses systemd. 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { - if $facts['os']['release']['major'] in ['7', '8'] { + if versioncmp($facts['os']['release']['major'], '7') >= 0 { $service_reload = "systemctl reload ${service_name}" $service_status = "systemctl status ${service_name}" } else { From 3eec196c98f953b035654bb150dda7d161237387 Mon Sep 17 00:00:00 2001 From: Craig Gumbley Date: Mon, 4 Apr 2022 14:09:49 +0100 Subject: [PATCH 0699/1000] "This commit changes the workflow trigger for pull requests to pull_request_target" --- .github/workflows/labeller.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml index 104370aa1c..5434d3fff3 100644 --- a/.github/workflows/labeller.yml +++ b/.github/workflows/labeller.yml @@ -4,7 +4,7 @@ on: issues: types: - opened - pull_request: + pull_request_target: types: - opened From 032b7ff0dc24c5af39daa598b788335803aaec88 Mon Sep 17 00:00:00 2001 From: david22swan Date: Wed, 20 Apr 2022 11:07:47 +0100 Subject: [PATCH 0700/1000] (maint) PDK Update --- .github/workflows/nightly.yml | 2 +- .github/workflows/spec.yml | 8 ++++---- metadata.json | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index bd5a1ca635..fdb03326b3 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -200,5 +200,5 @@ jobs: repo_token: ${{ secrets.GITHUB_TOKEN }} slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} # Optional Input - channel: '#team-ia-bots' + channel: '#team-cat-bots' name: 'GABot' diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 2f6aa53615..6c1ae10d8c 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -54,10 +54,10 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV -# - name: Run Static & Syntax Tests -# if: ${{ github.repository_owner == 'puppetlabs' }} -# run: | -# buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + - name: Run Static & Syntax Tests + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - name: Setup Spec Test Matrix id: get-matrix diff --git a/metadata.json b/metadata.json index 8d6a396bf1..0d3520b280 100644 --- a/metadata.json +++ b/metadata.json @@ -94,5 +94,5 @@ ], "pdk-version": "2.3.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-gf3911d3" + "template-ref": "heads/main-0-g806810b" } From 568a14ecad673774aa75a1e058a5841e2858e153 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 26 Apr 2022 09:49:12 +0100 Subject: [PATCH 0701/1000] (GH-cat-9) syntax:hiera:yaml fixes --- manifests/repo/apt_postgresql_org.pp | 2 +- manifests/server/config.pp | 83 ++++++++++++-------------- manifests/server/database.pp | 4 +- manifests/server/db.pp | 4 +- manifests/server/default_privileges.pp | 35 +++++------ manifests/server/grant.pp | 34 +++++------ manifests/server/grant_role.pp | 6 +- manifests/server/late_initdb.pp | 2 +- manifests/server/reassign_owned_by.pp | 6 +- manifests/server/schema.pp | 2 +- manifests/server/tablespace.pp | 2 +- 11 files changed, 81 insertions(+), 99 deletions(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 22b5bd0c24..c7f603f898 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -27,6 +27,6 @@ }, } - Apt::Source['apt.postgresql.org']->Package<|tag == 'puppetlabs-postgresql'|> + Apt::Source['apt.postgresql.org'] -> Package<|tag == 'puppetlabs-postgresql'|> Class['Apt::Update'] -> Package<|tag == 'puppetlabs-postgresql'|> } diff --git a/manifests/server/config.pp b/manifests/server/config.pp index c3ca6b5c40..c1520ba43b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -52,49 +52,43 @@ postgresql::server::pg_hba_rule { 'local access as postgres user': - type => 'local', - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1, - ; + type => 'local', + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1; 'local access to database with same name': - type => 'local', - auth_method => 'ident', - auth_option => $local_auth_option, - order => 2, - ; + type => 'local', + auth_method => 'ident', + auth_option => $local_auth_option, + order => 2; 'allow localhost TCP access to postgresql user': - type => 'host', - user => $user, - address => '127.0.0.1/32', - auth_method => 'md5', - order => 3, - ; + type => 'host', + user => $user, + address => '127.0.0.1/32', + auth_method => 'md5', + order => 3; 'deny access to postgresql user': - type => 'host', - user => $user, - address => $ip_mask_deny_postgres_user, - auth_method => 'reject', - order => 4, - ; + type => 'host', + user => $user, + address => $ip_mask_deny_postgres_user, + auth_method => 'reject', + order => 4; 'allow access to all users': - type => 'host', - address => $ip_mask_allow_all_users, - auth_method => 'md5', - order => 100, - ; + type => 'host', + address => $ip_mask_allow_all_users, + auth_method => 'md5', + order => 100; 'allow access to ipv6 localhost': - type => 'host', - address => '::1/128', - auth_method => 'md5', - order => 101, - ; + type => 'host', + address => '::1/128', + auth_method => 'md5', + order => 101; } } @@ -233,17 +227,15 @@ file { default: - ensure => file, - owner => root, - group => root, - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload'], - ; + ensure => file, + owner => root, + group => root, + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], + before => Class['postgresql::server::reload']; 'systemd-conf-dir': - ensure => directory, - path => "/etc/systemd/system/${service_name}.service.d", - ; + ensure => directory, + path => "/etc/systemd/system/${service_name}.service.d"; # Template uses: # - $facts['os']['name'] @@ -253,10 +245,9 @@ # - $datadir # - $extra_systemd_config 'systemd-override': - path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", - content => template('postgresql/systemd-override.erb'), - require => File['systemd-conf-dir'], - ; + path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", + content => template('postgresql/systemd-override.erb'), + require => File['systemd-conf-dir']; } if $service_enable != 'mask' { diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 87d443f7e9..a517f505ed 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -120,7 +120,7 @@ } if defined(Postgresql::Server::Role[$owner]) { - Postgresql::Server::Role[$owner]->Postgresql_psql["ALTER DATABASE \"${dbname}\" OWNER TO \"${owner}\""] + Postgresql::Server::Role[$owner] -> Postgresql_psql["ALTER DATABASE \"${dbname}\" OWNER TO \"${owner}\""] } } @@ -132,7 +132,7 @@ if defined(Postgresql::Server::Tablespace[$tablespace]) { # The tablespace must be there, before we create the database. - Postgresql::Server::Tablespace[$tablespace]->Postgresql_psql["CREATE DATABASE \"${dbname}\""] + Postgresql::Server::Tablespace[$tablespace] -> Postgresql_psql["CREATE DATABASE \"${dbname}\""] } } } diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 3024c2909c..1e7f9774f3 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -51,7 +51,7 @@ } -> Postgresql_conn_validator<| db_name == $dbname |> } - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql::Server::Database[$name] + if ($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { + Postgresql::Server::Tablespace[$tablespace] -> Postgresql::Server::Database[$name] } } diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 6a7dda9980..643afd8f7b 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -25,19 +25,16 @@ /(?i:^TYPES$)/, /(?i:^SCHEMAS$)/ ] $object_type, - String $schema = 'public', - String $psql_db = $postgresql::server::default_database, - String $psql_user = $postgresql::server::user, - Integer $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Enum['present', - 'absent' - ] $ensure = 'present', - String $group = $postgresql::server::group, - String $psql_path = $postgresql::server::psql_path, - Optional[String] $target_role = undef, + String $schema = 'public', + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Integer $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', + String $group = $postgresql::server::group, + String $psql_path = $postgresql::server::psql_path, + Optional[String] $target_role = undef, ) { - # If possible use the version of the remote database, otherwise # fallback to our local DB version if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { @@ -113,9 +110,9 @@ 'SEQUENCES': { case $_privilege { /^(ALL)$/: { $_check_privilege = 'rwU' } - /^SELECT$/: { $_check_privilege = 'r'} - /^UPDATE$/: { $_check_privilege = 'w'} - /^USAGE$/: { $_check_privilege = 'U'} + /^SELECT$/: { $_check_privilege = 'r' } + /^UPDATE$/: { $_check_privilege = 'w' } + /^USAGE$/: { $_check_privilege = 'U' } default: { fail('Illegal value for $privilege parameter') } } $_check_type = 'S' @@ -136,7 +133,7 @@ } 'TYPES': { case $_privilege { - /^(ALL|USAGE)$/: { $_check_privilege = 'U'} + /^(ALL|USAGE)$/: { $_check_privilege = 'U' } default: { fail('Illegal value for $privilege parameter') } } $_check_type = 'T' @@ -178,14 +175,14 @@ psql_group => $group, psql_path => $psql_path, unless => $unless_cmd, - environment => 'PGOPTIONS=--client-min-messages=error' + environment => 'PGOPTIONS=--client-min-messages=error', } if($role != undef and defined(Postgresql::Server::Role[$role])) { - Postgresql::Server::Role[$role]->Postgresql_psql["default_privileges:${name}"] + Postgresql::Server::Role[$role] -> Postgresql_psql["default_privileges:${name}"] } if($db != undef and defined(Postgresql::Server::Database[$db])) { - Postgresql::Server::Database[$db]->Postgresql_psql["default_privileges:${name}"] + Postgresql::Server::Database[$db] -> Postgresql_psql["default_privileges:${name}"] } } diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 64be3ad617..44dd2813a6 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -16,7 +16,7 @@ define postgresql::server::grant ( String $role, String $db, - String $privilege = '', + String $privilege = '', Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, /(?i:^ALL TABLES IN SCHEMA$)/, @@ -31,23 +31,17 @@ /(?i:^SCHEMA$)/, /(?i:^SEQUENCE$)/ #/(?i:^VIEW$)/ - ] $object_type = 'database', - Optional[Variant[ - Array[String,2,2], - String[1]] - ] $object_name = undef, - Array[String[1],0] - $object_arguments = [], - String $psql_db = $postgresql::server::default_database, - String $psql_user = $postgresql::server::user, - Integer $port = $postgresql::server::port, - Boolean $onlyif_exists = false, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Enum['present', - 'absent' - ] $ensure = 'present', - String $group = $postgresql::server::group, - String $psql_path = $postgresql::server::psql_path, + ] $object_type = 'database', + Optional[Variant[Array[String,2,2],String[1]]] $object_name = undef, + Array[String[1],0] $object_arguments = [], + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Integer $port = $postgresql::server::port, + Boolean $onlyif_exists = false, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', + String $group = $postgresql::server::group, + String $psql_path = $postgresql::server::psql_path, ) { case $ensure { default: { @@ -476,10 +470,10 @@ } if($role != undef and defined(Postgresql::Server::Role[$role])) { - Postgresql::Server::Role[$role]->Postgresql_psql["grant:${name}"] + Postgresql::Server::Role[$role] -> Postgresql_psql["grant:${name}"] } if($db != undef and defined(Postgresql::Server::Database[$db])) { - Postgresql::Server::Database[$db]->Postgresql_psql["grant:${name}"] + Postgresql::Server::Database[$db] -> Postgresql_psql["grant:${name}"] } } diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index f5d674e52b..19e49ab7f1 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -40,12 +40,12 @@ } if ! $connect_settings or empty($connect_settings) { - Class['postgresql::server']->Postgresql_psql["grant_role:${name}"] + Class['postgresql::server'] -> Postgresql_psql["grant_role:${name}"] } if defined(Postgresql::Server::Role[$role]) { - Postgresql::Server::Role[$role]->Postgresql_psql["grant_role:${name}"] + Postgresql::Server::Role[$role] -> Postgresql_psql["grant_role:${name}"] } if defined(Postgresql::Server::Role[$group]) { - Postgresql::Server::Role[$group]->Postgresql_psql["grant_role:${name}"] + Postgresql::Server::Role[$group] -> Postgresql_psql["grant_role:${name}"] } } diff --git a/manifests/server/late_initdb.pp b/manifests/server/late_initdb.pp index ea7b0a8624..027b18b16f 100644 --- a/manifests/server/late_initdb.pp +++ b/manifests/server/late_initdb.pp @@ -34,6 +34,6 @@ WHERE datname = 'template1'", unless => "SELECT datname FROM pg_database WHERE datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", - before => Anchor['postgresql::server::service::end'] + before => Anchor['postgresql::server::service::end'], } } diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 8bcccb454f..5c3108d8c1 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -55,13 +55,13 @@ } if($old_role != undef and defined(Postgresql::Server::Role[$old_role])) { - Postgresql::Server::Role[$old_role]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + Postgresql::Server::Role[$old_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } if($new_role != undef and defined(Postgresql::Server::Role[$new_role])) { - Postgresql::Server::Role[$new_role]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + Postgresql::Server::Role[$new_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } if($db != undef and defined(Postgresql::Server::Database[$db])) { - Postgresql::Server::Database[$db]->Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] + Postgresql::Server::Database[$db] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } } diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 0fbda4c07c..ffaaeb89da 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -57,7 +57,7 @@ } if defined(Postgresql::Server::Role[$owner]) { - Postgresql::Server::Role[$owner]->Postgresql_psql["${db}: ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\""] + Postgresql::Server::Role[$owner] -> Postgresql_psql["${db}: ALTER SCHEMA \"${schema}\" OWNER TO \"${owner}\""] } } } diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 5d1f4282ca..3af701c1d2 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -70,7 +70,7 @@ } if defined(Postgresql::Server::Role[$owner]) { - Postgresql::Server::Role[$owner]->Postgresql_psql["ALTER TABLESPACE \"${spcname}\" OWNER TO \"${owner}\""] + Postgresql::Server::Role[$owner] -> Postgresql_psql["ALTER TABLESPACE \"${spcname}\" OWNER TO \"${owner}\""] } } } From 9ef417c7f6e19791717087a3cf3a7071675e4764 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 26 Apr 2022 09:49:15 +0100 Subject: [PATCH 0702/1000] (GH-cat-9) syntax:hiera:yaml exclusions added --- .puppet-lint.rc | 4 ++++ .sync.yml | 6 ++++++ Rakefile | 7 +++++-- metadata.json | 2 +- 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/.puppet-lint.rc b/.puppet-lint.rc index cc96ece051..db7c27173f 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1 +1,5 @@ --relative +--no-parameter_types-check +--no-parameter_documentation-check +--no-anchor_resource-check +--no-params_empty_string_assignment-check diff --git a/.sync.yml b/.sync.yml index 5834868b73..50eabc7d68 100644 --- a/.sync.yml +++ b/.sync.yml @@ -58,3 +58,9 @@ spec/spec_helper.rb: unmanaged: false .travis.yml: delete: true +Rakefile: + extra_disabled_lint_checks: + - parameter_types + - parameter_documentation + - anchor_resource + - params_empty_string_assignment diff --git a/Rakefile b/Rakefile index d5e6ae716e..663350a085 100644 --- a/Rakefile +++ b/Rakefile @@ -10,7 +10,7 @@ require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').a def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "puppetlabs" || JSON.load(File.read('metadata.json'))['author'] + returnVal = nil || JSON.load(File.read('metadata.json'))['author'] raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator user:#{returnVal}" returnVal @@ -42,6 +42,10 @@ def changelog_future_release end PuppetLint.configuration.send('disable_relative') +PuppetLint.configuration.send('disable_parameter_types') +PuppetLint.configuration.send('disable_parameter_documentation') +PuppetLint.configuration.send('disable_anchor_resource') +PuppetLint.configuration.send('disable_params_empty_string_assignment') if Bundler.rubygems.find_name('github_changelog_generator').any? @@ -49,7 +53,6 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" config.project = "#{changelog_project}" - config.max_issues = 500 config.future_release = "#{changelog_future_release}" config.exclude_labels = ['maintenance'] config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." diff --git a/metadata.json b/metadata.json index 0d3520b280..b3d6494e65 100644 --- a/metadata.json +++ b/metadata.json @@ -92,7 +92,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.3.0", + "pdk-version": "2.4.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", "template-ref": "heads/main-0-g806810b" } From 46007d862440c837b3948e2d0b34d5b44560d45f Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 26 Apr 2022 09:59:01 +0100 Subject: [PATCH 0703/1000] (GH-cat-9) Rubocop fixes --- spec/acceptance/db_spec.rb | 70 +++++++++++++-------------- spec/acceptance/server/schema_spec.rb | 16 +++--- 2 files changed, 41 insertions(+), 45 deletions(-) diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 1980816f5b..42a453cb8c 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -4,45 +4,43 @@ describe 'postgresql::server::db' do it 'creates a database' do - begin - tmpdir = run_shell('mktemp').stdout - pp = <<-MANIFEST - class { 'postgresql::server': - postgres_password => 'space password', - } - postgresql::server::tablespace { 'postgresql-test-db': - location => '#{tmpdir}', - } -> - postgresql::server::db { 'postgresql-test-db': - comment => 'testcomment', - user => 'test-user', - password => 'test1', - tablespace => 'postgresql-test-db', - } - MANIFEST + tmpdir = run_shell('mktemp').stdout + pp = <<-MANIFEST + class { 'postgresql::server': + postgres_password => 'space password', + } + postgresql::server::tablespace { 'postgresql-test-db': + location => '#{tmpdir}', + } -> + postgresql::server::db { 'postgresql-test-db': + comment => 'testcomment', + user => 'test-user', + password => 'test1', + tablespace => 'postgresql-test-db', + } + MANIFEST - idempotent_apply(pp) + idempotent_apply(pp) - # Verify that the postgres password works - run_shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") - run_shell('chmod 600 /root/.pgpass') - run_shell("psql -U postgres -h localhost --command='\\l'") + # Verify that the postgres password works + run_shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") + run_shell('chmod 600 /root/.pgpass') + run_shell("psql -U postgres -h localhost --command='\\l'") - result = psql('--command="select datname from pg_database" "postgresql-test-db"') - expect(result.stdout).to match(%r{postgresql-test-db}) - expect(result.stderr).to eq('') + result = psql('--command="select datname from pg_database" "postgresql-test-db"') + expect(result.stdout).to match(%r{postgresql-test-db}) + expect(result.stderr).to eq('') - result = psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') - expect(result.stdout).to match(%r{\(1 row\)}) - comment_information_function = if Gem::Version.new(postgresql_version) > Gem::Version.new('8.1') - 'shobj_description' - else - 'obj_description' - end - result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Layout/LineLength - expect(result.stdout).to match(%r{\(1 row\)}) - ensure - psql('--command=\'drop database "postgresql-test-db"\'') - end + result = psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') + expect(result.stdout).to match(%r{\(1 row\)}) + comment_information_function = if Gem::Version.new(postgresql_version) > Gem::Version.new('8.1') + 'shobj_description' + else + 'obj_description' + end + result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Layout/LineLength + expect(result.stdout).to match(%r{\(1 row\)}) + ensure + psql('--command=\'drop database "postgresql-test-db"\'') end end diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 368337ac72..61a3f720bd 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -56,16 +56,14 @@ class { 'postgresql::server': } end it 'creates a schema for a user' do - begin - idempotent_apply(pp) + idempotent_apply(pp) - ## Check that the user can create a table in the database - psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| - expect(r.stdout).to match(%r{CREATE TABLE}) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop table psql_schema_tester.foo" schema_test', 'psql_schema_tester') + ## Check that the user can create a table in the database + psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| + expect(r.stdout).to match(%r{CREATE TABLE}) + expect(r.stderr).to eq('') end + ensure + psql('--command="drop table psql_schema_tester.foo" schema_test', 'psql_schema_tester') end end From 8b25721983d571fba439fd05a90c489939bf6c22 Mon Sep 17 00:00:00 2001 From: Lukas Audzevicius Date: Wed, 18 May 2022 17:34:39 +0100 Subject: [PATCH 0704/1000] (MAINT) Stale-bot config/msg update --- .github/workflows/stale.yml | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index c6edd6de2a..12fee8f0db 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -11,9 +11,24 @@ jobs: - uses: actions/stale@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - days-before-stale: 60 - days-before-close: 7 - stale-issue-message: 'This issue has been marked as stale because it has been open for a while and has had no recent activity. If this issue is still important to you please drop a comment below and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.' - stale-issue-label: 'stale' - stale-pr-message: 'This PR has been marked as stale because it has been open for a while and has had no recent activity. If this PR is still important to you please drop a comment below and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.' - stale-pr-label: 'stale' + days-before-issue-stale: 90 + days-before-pr-stale: 60 + days-before-pr-close: 7 + stale-issue-message: | + Hello! 👋 + + This issue has been open for a while and has had no recent activity. We've labelled it with `attention-needed` so that we can get a clear view of which issues need our attention. + + If you are waiting on a response from us we will try and address your comments on a future Community Day. + + Alternatively, if it is no longer relevant to you please close the issue with a comment. + stale-issue-label: 'attention-needed' + stale-pr-message: | + Hello! 👋 + + This pull request has been open for a while and has had no recent activity. We've labelled it with `attention-needed` so that we can get a clear view of which PRs need our attention. + + If you are waiting on a response from us we will try and address your comments on a future Community Day. + + Alternatively, if it is no longer relevant to you please close the PR with a comment. Please note that if a pull request receives no update for 7 after it has been labelled, it will be closed. We are always happy to re-open pull request if they have been closed in error. + stale-pr-label: 'attention-needed' From b7acb250df96a6b8d53b415ffeb13325828f5af0 Mon Sep 17 00:00:00 2001 From: Lukas Audzevicius Date: Thu, 19 May 2022 11:22:26 +0100 Subject: [PATCH 0705/1000] Config update --- .github/workflows/stale.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 12fee8f0db..26d7e5b1f8 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,11 +1,11 @@ -name: Mark stale issues and pull requests +name: Audit aging issues/PRs on: schedule: - cron: "30 1 * * *" jobs: - stale: + audit: runs-on: ubuntu-latest steps: - uses: actions/stale@v3 @@ -30,5 +30,7 @@ jobs: If you are waiting on a response from us we will try and address your comments on a future Community Day. - Alternatively, if it is no longer relevant to you please close the PR with a comment. Please note that if a pull request receives no update for 7 after it has been labelled, it will be closed. We are always happy to re-open pull request if they have been closed in error. + Alternatively, if it is no longer relevant to you please close the PR with a comment. + + Please note that if a pull request receives no update for 7 after it has been labelled, it will be closed. We are always happy to re-open pull request if they have been closed in error. stale-pr-label: 'attention-needed' From 423dcbf30da6b0520134b3a095fb3906eda64035 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 6 Feb 2022 18:59:17 +0100 Subject: [PATCH 0706/1000] Provide service_provider for all supported OSes --- spec/spec_helper_local.rb | 44 ++++++++++++++++++++++++++++++++------- 1 file changed, 37 insertions(+), 7 deletions(-) diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index abae652f9c..436779247e 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -92,32 +92,62 @@ def param(type, title, param) end end +# This duplicates spec_helper but we need it for add_custom_fact +include RspecPuppetFacts +# Rough conversion of grepping in the puppet source: +# grep defaultfor lib/puppet/provider/service/*.rb +# See https://github.com/voxpupuli/voxpupuli-test/blob/master/lib/voxpupuli/test/facts.rb +add_custom_fact :service_provider, ->(_os, facts) do + case facts[:osfamily].downcase + when 'archlinux' + 'systemd' + when 'darwin' + 'launchd' + when 'debian' + 'systemd' + when 'freebsd' + 'freebsd' + when 'gentoo' + 'openrc' + when 'openbsd' + 'openbsd' + when 'redhat' + facts[:operatingsystemrelease].to_i >= 7 ? 'systemd' : 'redhat' + when 'suse' + facts[:operatingsystemmajrelease].to_i >= 12 ? 'systemd' : 'redhat' + when 'windows' + 'windows' + else + 'init' + end +end + shared_context 'Debian 9' do - let(:facts) { on_supported_os['debian-9-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['debian-9-x86_64'] } end shared_context 'Debian 10' do - let(:facts) { on_supported_os['debian-10-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['debian-10-x86_64'] } end shared_context 'Debian 11' do - let(:facts) { on_supported_os['debian-11-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['debian-11-x86_64'] } end shared_context 'Ubuntu 18.04' do - let(:facts) { on_supported_os['ubuntu-18.04-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['ubuntu-18.04-x86_64'] } end shared_context 'RedHat 6' do - let(:facts) { on_supported_os['redhat-6-x86_64'].merge(service_provider: 'redhat') } + let(:facts) { on_supported_os['redhat-6-x86_64'] } end shared_context 'RedHat 7' do - let(:facts) { on_supported_os['redhat-7-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['redhat-7-x86_64'] } end shared_context 'RedHat 8' do - let(:facts) { on_supported_os['redhat-8-x86_64'].merge(service_provider: 'systemd') } + let(:facts) { on_supported_os['redhat-8-x86_64'] } end shared_context 'Fedora 33' do From fb21f98929c2f21cfd1b6f31f32c6cf0b11c6437 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 6 Feb 2022 18:04:32 +0100 Subject: [PATCH 0707/1000] Use service provider to determine service commands Rather than using static OS definitions, this uses the service_provider parameter or fact (provided by puppetlabs/stdlib). --- manifests/params.pp | 28 ++++++---------------------- 1 file changed, 6 insertions(+), 22 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 94159d0bb1..116c02feeb 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -82,28 +82,12 @@ $postgresql_conf_mode = pick($postgresql_conf_mode, '0600') } - case $facts['os']['name'] { - 'Amazon': { - $service_reload = "service ${service_name} reload" - $service_status = "service ${service_name} status" - } - - # RHEL 5 uses SysV init, RHEL 6 uses upstart, RHEL 7+ uses systemd. - 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { - if versioncmp($facts['os']['release']['major'], '7') >= 0 { - $service_reload = "systemctl reload ${service_name}" - $service_status = "systemctl status ${service_name}" - } else { - $service_reload = "service ${service_name} reload" - $service_status = "service ${service_name} status" - } - } - - # Default will catch Fedora which uses systemd - default: { - $service_reload = "systemctl reload ${service_name}" - $service_status = "systemctl status ${service_name}" - } + if pick($service_provider, $facts['service_provider']) == 'systemd' { + $service_reload = "systemctl reload ${service_name}" + $service_status = "systemctl status ${service_name}" + } else { + $service_reload = "service ${service_name} reload" + $service_status = "service ${service_name} status" } $psql_path = pick($psql_path, "${bindir}/psql") From c0b674e9c93d55b632433a2fe79076ba1ed85dee Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 27 Sep 2021 12:05:41 +0200 Subject: [PATCH 0708/1000] Add Red Hat Enterprise Linux 9 support The comment indicates the checks in server config need to be done on EL6 and older only. The current check would also trigger on EL9. This uses a version comparison on the major version. We can leave out the Fedora check since we don't need to care about Fedora < 7. It also sets the default version on EL9 to version 13. This should also affect CentOS Stream 9, which is supposed to work but not officially verified to work. --- manifests/globals.pp | 1 + manifests/server/config.pp | 2 +- manifests/server/config_entry.pp | 81 +++++++++++++++----------------- metadata.json | 3 +- provision.yaml | 2 + 5 files changed, 45 insertions(+), 44 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 4fd08b444d..90ac03e774 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -183,6 +183,7 @@ }, 'Amazon' => '9.2', default => $facts['os']['release']['major'] ? { + '9' => '13', '8' => '10', '7' => '9.2', '6' => '8.4', diff --git a/manifests/server/config.pp b/manifests/server/config.pp index c1520ba43b..163051afb8 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -181,7 +181,7 @@ # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] !~ /^(7|8)$/) and ($facts['os']['name'] != 'Fedora') { + if $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { file { '/etc/sysconfig/pgsql/postgresql': ensure => file, replace => false, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 25f3528267..c4c92fe238 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -106,48 +106,45 @@ before => Postgresql_conf[$name], } } - } - if $facts['os']['family'] == 'RedHat' { - if ! ($facts['os']['release']['major'] in ['7', '8'] or $facts['os']['name'] == 'Fedora') { - if $name == 'port' { - # We need to force postgresql to stop before updating the port - # because puppet becomes confused and is unable to manage the - # service appropriately. - exec { "postgresql_stop_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", - path => '/sbin:/bin:/usr/bin:/usr/local/bin', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': - lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/postgresql', - context => '/files/etc/sysconfig/pgsql/postgresql', - changes => "set PGPORT ${value}", - require => File['/etc/sysconfig/pgsql/postgresql'], - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } elsif $name == 'data_directory' { - # We need to force postgresql to stop before updating the data directory - # otherwise init script breaks - exec { "postgresql_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", - path => '/sbin:/bin:/usr/bin:/usr/local/bin', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': - lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/postgresql', - context => '/files/etc/sysconfig/pgsql/postgresql', - changes => "set PGDATA ${value}", - require => File['/etc/sysconfig/pgsql/postgresql'], - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } + } elsif $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { + if $name == 'port' { + # We need to force postgresql to stop before updating the port + # because puppet becomes confused and is unable to manage the + # service appropriately. + exec { "postgresql_stop_${name}": + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", + unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", + path => '/sbin:/bin:/usr/bin:/usr/local/bin', + require => File['/etc/sysconfig/pgsql/postgresql'], + } + -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': + lens => 'Shellvars.lns', + incl => '/etc/sysconfig/pgsql/postgresql', + context => '/files/etc/sysconfig/pgsql/postgresql', + changes => "set PGPORT ${value}", + require => File['/etc/sysconfig/pgsql/postgresql'], + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], + } + } elsif $name == 'data_directory' { + # We need to force postgresql to stop before updating the data directory + # otherwise init script breaks + exec { "postgresql_${name}": + command => "service ${postgresql::server::service_name} stop", + onlyif => "service ${postgresql::server::service_name} status", + unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", + path => '/sbin:/bin:/usr/bin:/usr/local/bin', + require => File['/etc/sysconfig/pgsql/postgresql'], + } + -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': + lens => 'Shellvars.lns', + incl => '/etc/sysconfig/pgsql/postgresql', + context => '/files/etc/sysconfig/pgsql/postgresql', + changes => "set PGDATA ${value}", + require => File['/etc/sysconfig/pgsql/postgresql'], + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], } } } diff --git a/metadata.json b/metadata.json index b3d6494e65..b12e0e7ad0 100644 --- a/metadata.json +++ b/metadata.json @@ -27,7 +27,8 @@ "operatingsystemrelease": [ "6", "7", - "8" + "8", + "9" ] }, { diff --git a/provision.yaml b/provision.yaml index 8f49cafadb..73ddc048cc 100644 --- a/provision.yaml +++ b/provision.yaml @@ -37,6 +37,7 @@ release_checks_6: - redhat-6-x86_64 - redhat-7-x86_64 - redhat-8-x86_64 + - redhat-9-x86_64 - centos-6-x86_64 - centos-7-x86_64 - centos-8-x86_64 @@ -58,6 +59,7 @@ release_checks_7: images: - redhat-7-x86_64 - redhat-8-x86_64 + - redhat-9-x86_64 - centos-7-x86_64 - centos-8-x86_64 - oracle-7-x86_64 From 73273de8f1816ab1771067df9388b1015143e144 Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Sun, 12 Jun 2022 12:11:05 +0200 Subject: [PATCH 0709/1000] added fedora 36 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 90ac03e774..7f5b52de4d 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -167,6 +167,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { + /^(36)$/ => '14', /^(34|35)$/ => '13', /^(32|33)$/ => '12', /^(31)$/ => '11.6', From 859d553cfd18100a96b5a4d1e755ddf499e9aea1 Mon Sep 17 00:00:00 2001 From: Arjen Zonneveld Date: Mon, 4 Jul 2022 11:45:49 +0200 Subject: [PATCH 0710/1000] Add version for Ubuntu 22.04 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 7f5b52de4d..4d7691b5f3 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -208,6 +208,7 @@ /^(18.04)$/ => '10', /^(20.04)$/ => '12', /^(21.04|21.10)$/ => '13', + /^(22.04)$/ => '14', default => undef, }, default => undef, From 987a92d5a4b0ddc9843a3717283563a17ff3e524 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 4 Jul 2022 11:51:58 +0200 Subject: [PATCH 0711/1000] Respect $service_status on Red Hat-based distros Fixes: 7b282bdd92a17495f6b192f946271e1e18b0c071 --- manifests/params.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 116c02feeb..bb3f3c3dfc 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -84,10 +84,10 @@ if pick($service_provider, $facts['service_provider']) == 'systemd' { $service_reload = "systemctl reload ${service_name}" - $service_status = "systemctl status ${service_name}" + $service_status = pick($service_status, "systemctl status ${service_name}") } else { $service_reload = "service ${service_name} reload" - $service_status = "service ${service_name} status" + $service_status = pick($service_status, "service ${service_name} status") } $psql_path = pick($psql_path, "${bindir}/psql") From 66f8f6610cfaf5858a44c4835355d5bfb0fbd01c Mon Sep 17 00:00:00 2001 From: Arjen Zonneveld Date: Mon, 4 Jul 2022 11:32:18 +0200 Subject: [PATCH 0712/1000] Fix service status detection --- manifests/params.pp | 15 +++++---------- spec/classes/server/service_spec.rb | 2 +- spec/classes/server_spec.rb | 2 +- 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index bb3f3c3dfc..acd1574615 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -166,18 +166,13 @@ $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") $confdir = pick($confdir, "/etc/postgresql/${version}/main") - if $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'], '8') >= 0 { - # Jessie uses systemd - $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") - } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'], '18.04') >= 0 { - $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") - } elsif $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'], '15.04') >= 0 { - # Ubuntu releases since vivid use systemd - $service_status = pick($service_status, "/usr/sbin/service ${service_name} status") + if pick($service_provider, $facts['service_provider']) == 'systemd' { + $service_reload = "systemctl reload ${service_name}" + $service_status = pick($service_status, "systemctl status ${service_name}") } else { - $service_status = pick($service_status, "/etc/init.d/${service_name} status | /bin/egrep -q 'Running clusters: .+|online'") + $service_reload = "service ${service_name} reload" + $service_status = pick($service_status, "service ${service_name} status") } - $service_reload = "service ${service_name} reload" $psql_path = pick($psql_path, '/usr/bin/psql') $postgresql_conf_mode = pick($postgresql_conf_mode, '0644') } diff --git a/spec/classes/server/service_spec.rb b/spec/classes/server/service_spec.rb index 1fa6f5ab8d..874d529aaa 100644 --- a/spec/classes/server/service_spec.rb +++ b/spec/classes/server/service_spec.rb @@ -10,5 +10,5 @@ end it { is_expected.to contain_class('postgresql::server::service') } - it { is_expected.to contain_service('postgresqld').with_name('postgresql').with_status('/usr/sbin/service postgresql@*-main status') } + it { is_expected.to contain_service('postgresqld').with_name('postgresql').with_status('systemctl status postgresql') } end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 7ebe246998..3291b8c9ae 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -10,7 +10,7 @@ it { is_expected.to contain_class('postgresql::server') } it { is_expected.to contain_file('/var/lib/postgresql/13/main') } it { - is_expected.to contain_exec('postgresql_reload').with('command' => 'service postgresql reload') + is_expected.to contain_exec('postgresql_reload').with('command' => 'systemctl reload postgresql') } it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') From 7ee8e5cf9b26f24e76736f96e741570ec61154b0 Mon Sep 17 00:00:00 2001 From: Tony Vu Date: Wed, 22 Jun 2022 20:31:42 -0700 Subject: [PATCH 0713/1000] (FM-8971) allow deferred function for role pwd This change allows the postgresql::server::role to accept a deferred function for the $password_hash parameter. With this change, the compiler can defer this sensitive value to a deferred function that the agent applying the catalog will execute. --- .../postgresql/postgresql_password.rb | 3 ++ .../postgresql/prepend_sql_password.rb | 12 +++++ manifests/server/role.pp | 47 +++++++++++++++---- .../server/deferred_pw_role_spec.rb | 32 +++++++++++++ 4 files changed, 86 insertions(+), 8 deletions(-) create mode 100644 lib/puppet/functions/postgresql/prepend_sql_password.rb create mode 100644 spec/acceptance/server/deferred_pw_role_spec.rb diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index ed9265dea8..740a7640e8 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -28,6 +28,9 @@ end def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil) + if password.is_a?(String) && password.match?(%r{^(md5|SCRAM-SHA-256).+}) + return password + end password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) diff --git a/lib/puppet/functions/postgresql/prepend_sql_password.rb b/lib/puppet/functions/postgresql/prepend_sql_password.rb new file mode 100644 index 0000000000..f938d9af1f --- /dev/null +++ b/lib/puppet/functions/postgresql/prepend_sql_password.rb @@ -0,0 +1,12 @@ +# @summary This function exists for usage of a role password that is a deferred function +Puppet::Functions.create_function(:'postgresql::prepend_sql_password') do + # @param password + # The clear text `password` + dispatch :default_impl do + required_param 'String', :password + return_type 'String' + end + def default_impl(password) + "ENCRYPTED PASSWORD '#{password}'" + end +end diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 00edc75bd5..1741227f8d 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -84,14 +84,31 @@ $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } $replication_sql = $replication ? { true => 'REPLICATION', default => '' } - if ($password_hash_unsensitive != false) { - $password_sql = "ENCRYPTED PASSWORD '${password_hash_unsensitive}'" + + if $password_hash_unsensitive =~ Deferred { + $password_sql = Deferred('postgresql::prepend_sql_password', [$password_hash_unsensitive]) + } elsif ($password_hash_unsensitive != false) { + $password_sql = postgresql::prepend_sql_password($password_hash_unsensitive) } else { $password_sql = '' } + if $password_sql =~ Deferred { + $create_role_command = Deferred('sprintf', ["CREATE ROLE \"%s\" %s %s %s %s %s %s CONNECTION LIMIT %s", + $username, + $password_sql, + $login_sql, + $createrole_sql, + $createdb_sql, + $superuser_sql, + $replication_sql, + $connection_limit]) + } else { + $create_role_command = "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}" + } + postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": - command => Sensitive("CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}"), + command => Sensitive($create_role_command), unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}'", require => undef, sensitive => true, @@ -134,9 +151,14 @@ } if $password_hash_unsensitive and $update_password { - if($password_hash_unsensitive =~ /^(md5|SCRAM-SHA-256).+/) { - $pwd_hash_sql = $password_hash_unsensitive - } else { + if $password_hash_unsensitive =~ Deferred { + $pwd_hash_sql = Deferred('postgresql::postgresql_password',[$username, + $password_hash, + false, + $hash, + $salt]) + } + else { $pwd_hash_sql = postgresql::postgresql_password( $username, $password_hash, @@ -145,9 +167,18 @@ $salt, ) } + if $pwd_hash_sql =~ Deferred { + $pw_command = Deferred('sprintf', ["ALTER ROLE \"%s\" ENCRYPTED PASSWORD '%s'", $username, $pwd_hash_sql]) + $unless_pw_command = Deferred('sprintf', ["SELECT 1 FROM pg_shadow WHERE usename = '%s' AND passwd = '%s'", + $username, + $pwd_hash_sql]) + } else { + $pw_command = "ALTER ROLE \"${username}\" ENCRYPTED PASSWORD '${pwd_hash_sql}'" + $unless_pw_command = "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'" + } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": - command => Sensitive("ALTER ROLE \"${username}\" ENCRYPTED PASSWORD '${pwd_hash_sql}'"), - unless => Sensitive("SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'"), + command => Sensitive($pw_command), + unless => Sensitive($unless_pw_command), sensitive => true, } } diff --git a/spec/acceptance/server/deferred_pw_role_spec.rb b/spec/acceptance/server/deferred_pw_role_spec.rb new file mode 100644 index 0000000000..70cd6d031c --- /dev/null +++ b/spec/acceptance/server/deferred_pw_role_spec.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +require 'spec_helper_acceptance' + +describe 'postgresql::server::role:' do + let(:user) { 'deferred_user_test' } + let(:password) { 'test_password' } + + let(:pp_one) do + <<-MANIFEST.unindent + $user = #{user} + $password = #{password} + + class { 'postgresql::server': } + $deferred_func = Deferred('new', [String, $password]) + + postgresql::server::role { $user: + password_hash => $deferred_func, + } + MANIFEST + end + + it 'creates a role with the password in the deferred function' do + if run_shell('puppet --version').stdout[0].to_i < 7 + skip # Deferred function fixes only in puppet 7, see https://tickets.puppetlabs.com/browse/PUP-11518 + end + apply_manifest(pp_one) + psql_cmd = "PGPASSWORD=#{password} PGUSER=#{user} psql -h 127.0.0.1 -d postgres -c '\\q'" + run_shell("cd /tmp; su #{shellescape('postgres')} -c #{shellescape(psql_cmd)}", + acceptable_exit_codes: [0]) + end +end From 9977bf275453916058ed59e514d39b253eb165c6 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Wed, 20 Jul 2022 14:09:16 +0100 Subject: [PATCH 0714/1000] update postgresql package version --- manifests/globals.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 4d7691b5f3..2d9bf3c3b0 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -227,8 +227,8 @@ /11\.4/ => '94', /12\.0/ => '93', /12\.[1-3]/ => '94', - /12\.[4-5]/ => '10', - /15\.[0-9]/ => '10', + /12\.[4-5]/ => '12', + /15\.[0-9]/ => '12', default => '96', }, 'OpenSuSE' => $facts['os']['release']['full'] ? { From 68e37040fec1430dbdf45093d2d4b7018df70e6d Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Wed, 20 Jul 2022 14:28:48 +0100 Subject: [PATCH 0715/1000] bump SLES 15 version --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 2d9bf3c3b0..4d91b81213 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -228,7 +228,7 @@ /12\.0/ => '93', /12\.[1-3]/ => '94', /12\.[4-5]/ => '12', - /15\.[0-9]/ => '12', + /15\.[0-9]/ => '14', default => '96', }, 'OpenSuSE' => $facts['os']['release']['full'] ? { From aac0df0cfda2b68a6e64344903764541e027faa9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 21 Jul 2022 18:00:44 +0000 Subject: [PATCH 0716/1000] Release prep v8.1.0 --- CHANGELOG.md | 23 ++++++++++++++++++++++- REFERENCE.md | 32 ++++++++++++++++++++++---------- metadata.json | 2 +- 3 files changed, 45 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e749dcc77..176c844192 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,28 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-02) +## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) (2022-07-21) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.0.0...v8.1.0) + +### Added + +- Fix service status detection on Debian-based OSes [\#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) +- \(FM-8971\) allow deferred function for role pwd [\#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) +- Set version for Fedora 36 [\#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) +- Add Red Hat Enterprise Linux 9 support [\#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) + +### Fixed + +- \(GH-1352\) - Updating postgresql service version on SLES [\#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) +- Respect $service\_status on Red Hat-based distros [\#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) +- Add version for Ubuntu 22.04 [\#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) +- README.md: correct postgresql\_conn\_validator example [\#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - \(GH-iac-334\) Remove Support for Ubuntu 14.04/16.04 [\#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) +- Remove unused variable in reload.pp [\#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) +- Use systemctl reload on EL 7 and higher [\#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) + +## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-03) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) diff --git a/REFERENCE.md b/REFERENCE.md index 97ac48ec72..87f1e8c29a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -70,6 +70,7 @@ * [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. * [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. * [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql::prepend_sql_password`](#postgresqlprepend_sql_password): This function exists for usage of a role password that is a deferred function * [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. @@ -1756,9 +1757,7 @@ Default value: ``undef`` ##### `ensure` -Data type: `Enum['present', - 'absent' - ]` +Data type: `Enum['present', 'absent']` Specifies whether to grant or revoke the privilege. @@ -2026,10 +2025,7 @@ Default value: `'database'` ##### `object_name` -Data type: `Optional[Variant[ - Array[String,2,2], - String[1]] - ]` +Data type: `Optional[Variant[Array[String,2,2],String[1]]]` Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] @@ -2077,9 +2073,7 @@ Default value: `$postgresql::server::default_connect_settings` ##### `ensure` -Data type: `Enum['present', - 'absent' - ]` +Data type: `Enum['present', 'absent']` Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. @@ -3434,6 +3428,24 @@ Data type: `Optional[Optional[Variant[String[1], Integer]]]` Use a specific salt value for scram-sha-256, default is username +### `postgresql::prepend_sql_password` + +Type: Ruby 4.x API + +This function exists for usage of a role password that is a deferred function + +#### `postgresql::prepend_sql_password(String $password)` + +The postgresql::prepend_sql_password function. + +Returns: `String` + +##### `password` + +Data type: `String` + +The clear text `password` + ### `postgresql_escape` Type: Ruby 4.x API diff --git a/metadata.json b/metadata.json index b12e0e7ad0..fb63176209 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "8.0.0", + "version": "8.1.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 7da2c5a8d8e1ed2c3d043d59569ce2e529b9c854 Mon Sep 17 00:00:00 2001 From: Deroin Date: Tue, 28 Jun 2022 15:09:38 +0200 Subject: [PATCH 0717/1000] Ensure multiple postgresql::server::recovery resources can be defined --- manifests/server/recovery.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 8c6a7c24d2..aaf4a0586e 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -61,7 +61,7 @@ } # Create the recovery.conf content - concat::fragment { 'recovery.conf': + concat::fragment { "${name}-recovery.conf": target => $target, content => template('postgresql/recovery.conf.erb'), } From 0944a357d611bf582e09282daeec2f0200efbc18 Mon Sep 17 00:00:00 2001 From: Deroin Date: Tue, 26 Jul 2022 14:55:04 +0200 Subject: [PATCH 0718/1000] Fixed tests --- spec/defines/server/recovery_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index e8ab5c9b08..d57158397b 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -29,7 +29,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('recovery.conf') + is_expected.to contain_concat__fragment('test-recovery.conf') .with(content: %r{restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'}) end end @@ -100,7 +100,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('recovery.conf') + is_expected.to contain_concat__fragment('test-recovery.conf') .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Layout/LineLength end end From 37e5bea4399ab926e6041190347e24d55a08a51c Mon Sep 17 00:00:00 2001 From: Frank Wall Date: Mon, 10 Jan 2022 11:01:53 +0100 Subject: [PATCH 0719/1000] (MODULES-11251) Add support for backup provider "pg_dump" --- .fixtures.yml | 1 + README.md | 21 +++++ manifests/backup/pg_dump.pp | 151 ++++++++++++++++++++++++++++++++++++ manifests/params.pp | 3 + manifests/server.pp | 21 +++++ spec/classes/server_spec.rb | 58 ++++++++++++++ templates/pg_dump.sh.epp | 103 ++++++++++++++++++++++++ 7 files changed, 358 insertions(+) create mode 100644 manifests/backup/pg_dump.pp create mode 100644 templates/pg_dump.sh.epp diff --git a/.fixtures.yml b/.fixtures.yml index f87b7e1bd0..62c6756514 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -5,6 +5,7 @@ fixtures: repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" puppet_version: ">= 6.0.0" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" + cron_core: "https://github.com/puppetlabs/puppetlabs-cron_core.git" facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" provision: "https://github.com/puppetlabs/provision.git" diff --git a/README.md b/README.md index df7b3794c7..e82e79824a 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pg_hbaconf) * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pg_identconf) * [Validate connectivity](#validate-connectivity) + * [Backups](#backups) 4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 5. [Limitations - OS compatibility, etc.](#limitations) 6. [Development - Guide for contributing to the module](#development) @@ -328,6 +329,26 @@ postgresql_conn_validator { 'validate my postgres connection': } ``` +### Backups + +This example demonstrates how to configure PostgreSQL backups with "pg_dump". This sets up a daily cron job to perform a full backup. Each backup will create a new directory. A cleanup job will automatically remove backups that are older than 15 days. + +``` +class { 'postgresql::server': + backup_enable => true, + backup_provider => 'pg_dump', + backup_options => { + db_user => 'backupuser', + db_password => 'secret', + manage_user => true, + rotate => 15, + }, + ... +} +``` + +It is possible to set parameter `$ensure` to `absent` in order to remove the backup job, user/role, backup script and password file. However, the actual backup files and directories will remain untouched. + ## Reference For information on the classes and types, see the [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/REFERENCE.md) diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp new file mode 100644 index 0000000000..2f8c6814e0 --- /dev/null +++ b/manifests/backup/pg_dump.pp @@ -0,0 +1,151 @@ +# @summary +# "Provider" for pg_dump backup +# +# @api private +# +# @param compress +# Whether or not to compress the backup. Support for compression also depends on other backup parameters. +# @param databases +# Databases to backup. By default `[]` will back up all databases. +# @param db_user +# PostgreSQL user to create with superuser privileges. +# @param db_password +# Password to create for `$db_user`. +# @param dir +# Directory to store backup. +# @param dir_mode +# Permissions applied to the backup directory. This parameter is passed directly to the file resource. +# @param dir_owner +# Owner for the backup directory. This parameter is passed directly to the file resource. +# @param dir_group +# Group owner for the backup directory. This parameter is passed directly to the file resource. +# @param format +# Backup format to use, must be supported by pg_dump or pg_dumpall. The choice will affect other options, i.e. compression. +# @param install_cron +# Manage installation of cron package. +# @param manage_user +# Manage creation of the backup user. +# @param optional_args +# Specifies an array of optional arguments which should be passed through to the backup tool. These options are not validated, unsupported options may break the backup. +# @param postscript +# One or more scripts that are executed when the backup is finished. This could be used to sync the backup to a central store. +# @param prescript +# One or more scripts that are executed before the backup begins. +# @param rotate +# Backup rotation interval in 24 hour periods. +# @param success_file_path +# Specify a path where upon successful backup a file should be created for checking purposes. +# @param time +# An array of two elements to set the backup time. Allows `['23', '5']` (i.e., 23:05) or `['3', '45']` (i.e., 03:45) for HH:MM times. +# @param weekday +# Weekdays on which the backup job should run. Defaults to `*`. This parameter is passed directly to the cron resource. +# +class postgresql::backup::pg_dump ( + Boolean $compress = true, + Array $databases = [], + Boolean $delete_before_dump = false, + String[1] $dir, + String[1] $dir_group = '0', + String[1] $dir_mode = '0700', + String[1] $dir_owner = 'root', + Enum['present','absent'] $ensure = 'present', + Enum['plain','custom','directory','tar'] $format = 'plain', + Boolean $install_cron = true, + Boolean $manage_user = false, + Array $optional_args = [], + Stdlib::Absolutepath $pgpass_path = '/root/.pgpass', + Integer $rotate = 30, + Stdlib::Absolutepath $script_path = '/usr/local/sbin/pg_dump.sh', + Stdlib::Absolutepath $success_file_path = '/tmp/pgbackup_success', + String[1] $template = 'postgresql/pg_dump.sh.epp', + Array $time = ['23', '5'], + String[1] $weekday = '*', + Optional[Variant[String, Sensitive[String]]] $db_password = undef, + Optional[String[1]] $db_user = undef, + Optional[String[1]] $package_name = undef, + Optional[String[1]] $post_script = undef, + Optional[String[1]] $pre_script = undef, +) { + # Install required packages + if $package_name { + ensure_packages($package_name) + } + if $install_cron { + if $facts['os']['family'] == 'RedHat' { + ensure_packages('cronie') + } elsif $facts['os']['family'] != 'FreeBSD' { + ensure_packages('cron') + } + } + + # Setup db user with required permissions + if $manage_user and $db_user and $db_password { + # Create user with superuser privileges + postgresql::server::role { $db_user: + ensure => $ensure, + password_hash => postgresql::postgresql_password($db_user, $db_password), + superuser => true, + } + + # Allow authentication from localhost + postgresql::server::pg_hba_rule { 'local access as backup user': + type => 'local', + database => 'all', + user => $db_user, + auth_method => 'md5', + order => 1, + } + } + + # Create backup directory + file { $dir: + ensure => 'directory', + mode => $dir_mode, + owner => $dir_owner, + group => $dir_group, + } + + # Create backup script + file { $script_path: + ensure => $ensure, + mode => '0700', + owner => 'root', + group => '0', # Use GID for compat with Linux and BSD. + content => epp($template, { + compress => $compress, + databases => $databases, + db_user => $db_user, + delete_before_dump => $delete_before_dump, + dir => $dir, + format => $format, + optional_args => $optional_args, + post_script => $post_script, + pre_script => $pre_script, + rotate => $rotate, + success_file_path => $success_file_path, + }), + } + + # Create password file for pg_dump + file { $pgpass_path: + ensure => $ensure, + mode => '0600', + owner => 'root', + group => '0', # Use GID for compat with Linux and BSD. + content => inline_epp('*:*:*:<%= $db_user %>:<%= $db_password %>',{ + db_password => $db_password, + db_user => $db_user, + }), + show_diff => false, + } + + # Create cron job + cron { 'pg_dump backup job': + ensure => $ensure, + command => $script_path, + user => 'root', + hour => $time[0], + minute => $time[1], + weekday => $weekday, + } +} diff --git a/manifests/params.pp b/manifests/params.pp index acd1574615..18f22b820b 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -31,6 +31,9 @@ $manage_logdir = true $manage_xlogdir = true + $backup_enable = false + $backup_provider = 'pg_dump' + # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $facts['os']['family'] { 'RedHat', 'Linux': { diff --git a/manifests/server.pp b/manifests/server.pp index 5b9af035cb..7727ddc479 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -77,6 +77,10 @@ # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. + +# @param backup_enable Whether a backup job should be enabled. +# @param backup_options A hash of options that should be passed through to the backup provider. +# @param backup_provider Specifies the backup provider to use. # # @param version Deprecated. Use postgresql::globals instead. Sets PostgreSQL version # @@ -152,6 +156,10 @@ Hash[String, Any] $config_entries = {}, Hash[String, Hash] $pg_hba_rules = {}, + Boolean $backup_enable = $postgresql::params::backup_enable, + Hash $backup_options = {}, + Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, + #Deprecated $version = undef, ) inherits postgresql::params { @@ -201,4 +209,17 @@ * => $rule, } } + + if $backup_enable { + case $backup_provider { + 'pg_dump': { + class { 'postgresql::backup::pg_dump': + * => $backup_options, + } + } + default: { + fail("Unsupported backup provider '${backup_provider}'.") + } + } + } } diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 3291b8c9ae..a9950bb6fa 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -256,4 +256,62 @@ class { 'postgresql::globals': .with_address('192.0.2.100') end end + + describe 'backup_enable => false' do + let(:params) { { backup_enable: false } } + + it { is_expected.to contain_class('postgresql::server') } + it { is_expected.not_to contain_class('postgresql::backup::pg_dump') } + it { is_expected.not_to contain_file('/root/.pgpass') } + it { is_expected.not_to contain_file('/usr/local/sbin/pg_dump.sh') } + it { is_expected.not_to contain_cron('pg_dump backup job') } + end + + describe 'backup_enable => true' do + let(:params) do + { + backup_enable: true, + backup_provider: 'pg_dump', + backup_options: { + db_user: 'backupuser', + db_password: 'backuppass', + dir: '/tmp/backuptest', + manage_user: true, + }, + } + end + + it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_class('postgresql::backup::pg_dump') } + it { + is_expected.to contain_postgresql__server__role('backupuser') + .with_superuser(true) + } + it { + is_expected.to contain_postgresql__server__pg_hba_rule('local access as backup user') + .with_type('local') + .with_database('all') + .with_user('backupuser') + .with_auth_method('md5') + } + it { + is_expected.to contain_file('/root/.pgpass') + .with_content(%r{.*:backupuser:.*}) + } + it { + is_expected.to contain_file('/usr/local/sbin/pg_dump.sh') + .with_content(%r{.*pg_dumpall \$_pg_args --file=\$\{FILE\} \$@.*}) + } + it { + is_expected.to contain_cron('pg_dump backup job') + .with( + ensure: 'present', + command: '/usr/local/sbin/pg_dump.sh', + user: 'root', + hour: '23', + minute: '5', + weekday: '*', + ) + } + end end diff --git a/templates/pg_dump.sh.epp b/templates/pg_dump.sh.epp new file mode 100644 index 0000000000..2c67170ad7 --- /dev/null +++ b/templates/pg_dump.sh.epp @@ -0,0 +1,103 @@ +<%- if $facts['kernel'] == 'Linux' { -%> +#!/bin/bash +<%- } else { -%> +#!/bin/sh +<%- } -%> +# This file is managed by Puppet. DO NOT EDIT. +# +# A wrapper for pg_dump + +# Backup config +ROTATE=<%= $rotate %> +BASEDIR="<%= $dir %>" +DIR="${BASEDIR}/$(date +%F_%H-%M-%S)" + +# Pattern %FILENAME% will be replace or removed, depending +# on the pg_dump parameters. +TEMPLATE="${DIR}/%FILENAME%" + +# Use a filename suffix to better distinguish different file types. +SUFFIX=".pgdump" + +# Ensure backup directory exist. +mkdir -p $DIR + +<%- if $facts['kernel'] == 'Linux' { -%> +set -o pipefail +<%- } -%> + +<% if $pre_script { -%> + <%- flatten($pre_script).each |$_script| { %> +<%= $_script %> + <%- } -%> +<% } -%> + +cleanup() +{ + <%- if $facts['kernel'] == 'SunOS' { -%> + gfind "${BASEDIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | gxargs -0 -r rm -rf + <%- } else { -%> + find "${BASEDIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | xargs -0 -r rm -rf + <%- } -%> +} + +<% if $delete_before_dump { -%> +# Remove outdated backups unconditionally before making new backups. +cleanup +<% } -%> + +_pg_args='' + +<%- if $format == 'directory' { -%> +# The 'directory' format expects a target directory instead of a file. +TEMPLATE=$DIR +<%- } -%> + +<%- if $db_user { -%> +_pg_args="${_pg_args} --username=<%= $db_user %>" +<%- } -%> + +<%- if $optional_args { -%> + <%- $optional_args.each |$_arg| { -%> +_pg_args="${_pg_args} <%= $_arg %>" + <%- } -%> +<%- } -%> + +<%- if $databases and $databases =~ Array and !empty($databases) { -%> +_pg_args="${_pg_args} --format=<%= $format %>" + +<%# Compression is only supported by pg_dump, but not by pg_dumpall. -%> +<%- if !$compress { -%> +_pg_args="${_pg_args} --compress=0" +<%# The tar archive format does not support compression. -%> +<%- } elsif $format != 'tar' { -%> +_pg_args="${_pg_args} --compress=9" +SUFFIX="${SUFFIX}.gz" +<%- } -%> + +# Dump only selected databases + <%- $databases.each |$_db| { -%> +FILE=`echo $TEMPLATE | sed "s/%FILENAME%/<%= $_db %>$SUFFIX/;"` +pg_dump $_pg_args --file=${FILE} $@ <%= $_db %> + <%- } -%> +<%- } else { -%> +# Dump the whole instance +FILE=`echo $TEMPLATE | sed "s/%FILENAME%/all$SUFFIX/;"` +pg_dumpall $_pg_args --file=${FILE} $@ +<%- } -%> + +<% unless $delete_before_dump { -%> +# Remove outdated backups only if the new backup was successful. +if [ $? -eq 0 ] ; then + cleanup + <%- if $success_file_path { -%> + touch <%= $success_file_path %> + <%- } -%> +fi +<% } -%> + +<% if $post_script { -%> + <%- flatten($post_script).each |$_script| { %> +<%= $_script %> + <%- } -%> +<% } -%> From a29d9b3759ee48f5d1236f84c1ff9c772d673336 Mon Sep 17 00:00:00 2001 From: david22swan Date: Thu, 4 Aug 2022 11:28:44 +0100 Subject: [PATCH 0720/1000] (GH-cat-11) Certify Support for Ubuntu 22.04 --- metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index fb63176209..1e5cfe0ed4 100644 --- a/metadata.json +++ b/metadata.json @@ -71,7 +71,8 @@ "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "18.04", - "20.04" + "20.04", + "22.04" ] }, { From 48123339d64822e6c66c9b906e2b53305cf9a815 Mon Sep 17 00:00:00 2001 From: Arjen Zonneveld Date: Tue, 9 Aug 2022 12:06:29 +0200 Subject: [PATCH 0721/1000] Only require password when used If the if in line 39 evaluates to false, the user has been created elsewhere, and we don't actually use (and thus need) password in `postgresql::server::db` class. --- manifests/server/db.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 1e7f9774f3..17c860e2a3 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,7 +1,7 @@ # @summary Define for conveniently creating a role, database and assigning the correctpermissions. # -# @param user User to create and assign access to the database upon creation. Mandatory. -# @param password Required Sets the password for the created user. +# @param user User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. +# @param password Sets the password for the created user (if a user is created). # @param comment Defines a comment to be stored about the database using the PostgreSQL COMMENT command. # @param dbname Sets the name of the database to be created. # @param encoding Overrides the character set during creation of the database. @@ -13,7 +13,7 @@ # @param owner Sets a user as the owner of the database. define postgresql::server::db ( $user, - Variant[String, Sensitive[String]] $password, + Optional[Variant[String, Sensitive[String]]] $password = undef, $comment = undef, $dbname = $title, $encoding = $postgresql::server::encoding, From 1c6d5747cd90eaddcea12355957ab5fbf06d02a5 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 9 Aug 2022 12:12:19 +0100 Subject: [PATCH 0722/1000] Add relevant exclusion to pr_test.yml --- .github/workflows/pr_test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 46d47bd4e6..5d26f3abbd 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -61,7 +61,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' else echo "::set-output name=matrix::{}" fi From 85e4dee7a7b62a20c03bc08579a52a335922d48d Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 9 Aug 2022 12:12:52 +0100 Subject: [PATCH 0723/1000] Add relevant exclusion to nightly.yml --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index fdb03326b3..1ae5d48864 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -59,7 +59,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' else echo "::set-output name=matrix::{}" fi From d0f65e44e1ee9be93135787f41c8ac0f7867259f Mon Sep 17 00:00:00 2001 From: Gavin Patton Date: Fri, 19 Aug 2022 10:31:36 +0100 Subject: [PATCH 0724/1000] Updating to use apt version 9 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 1e5cfe0ed4..4cdeaf93fd 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 9.0.0" + "version_requirement": ">= 2.0.0 < 10.0.0" }, { "name": "puppetlabs/concat", From c96bf078b1db048df92a7b27e33ae3de75746b04 Mon Sep 17 00:00:00 2001 From: VAOL Date: Sun, 21 Aug 2022 22:45:38 +0200 Subject: [PATCH 0725/1000] added rspec on specific schema name only if object exists --- spec/defines/server/grant_spec.rb | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 508a24747e..6102b8d41b 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -384,4 +384,30 @@ class {'postgresql::server':} it { is_expected.to compile.and_raise_error(%r{parameter 'object_name' variant 0 expects size to be 2, got 3}) } end end -end + + context 'with specific schema name only if object exists' do + let :params do + { + db: 'test', + role: 'test', + privilege: 'all', + object_name: ['myschema', 'mytable'], + object_type: 'table', + onlyif_exists: true, + } + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('test') } + it do + is_expected.to contain_postgresql_psql('grant:test') + .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) + .with_unless(%r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m) + .with_onlyif(%r{SELECT true FROM pg_tables WHERE tablename = 'mytable'}m) + end + end +end \ No newline at end of file From 6892b499785aab1cde45840ec722fe26bd201f72 Mon Sep 17 00:00:00 2001 From: VAOL Date: Mon, 22 Aug 2022 07:40:46 +0200 Subject: [PATCH 0726/1000] fix lint --- spec/defines/server/grant_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 6102b8d41b..cbb93c1093 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -396,11 +396,11 @@ class {'postgresql::server':} onlyif_exists: true, } end - + let :pre_condition do "class {'postgresql::server':}" end - + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it do @@ -410,4 +410,4 @@ class {'postgresql::server':} .with_onlyif(%r{SELECT true FROM pg_tables WHERE tablename = 'mytable'}m) end end -end \ No newline at end of file +end From 97fe22bfdaf928bf15017fbfd82083b943a10059 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 22 Aug 2022 16:10:56 +0000 Subject: [PATCH 0727/1000] Release prep v8.2.0 --- CHANGELOG.md | 13 +++ REFERENCE.md | 215 +++++++++++++++++++++++++++----------------------- metadata.json | 2 +- 3 files changed, 132 insertions(+), 98 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 176c844192..b17c230ee9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-22) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.1.0...v8.2.0) + +### Added + +- pdksync - \(GH-cat-11\) Certify Support for Ubuntu 22.04 [\#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) +- \(MODULES-11251\) Add support for backup provider "pg\_dump" [\#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) + +### Fixed + +- Ensure multiple postgresql::server::recovery resources can be defined [\#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) + ## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) (2022-07-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.0.0...v8.1.0) diff --git a/REFERENCE.md b/REFERENCE.md index 87f1e8c29a..0dad979a28 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -15,7 +15,7 @@ * [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. * [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. * [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. -* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server +* [`postgresql::server`](#postgresqlserver) * [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. * [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. * [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. @@ -23,6 +23,7 @@ #### Private Classes +* `postgresql::backup::pg_dump`: "Provider" for pg_dump backup * `postgresql::dnfmodule`: Manage the DNF module * `postgresql::params` * `postgresql::repo` @@ -800,12 +801,17 @@ Default value: `'present'` ### `postgresql::server` -This installs a PostgreSQL server +The postgresql::server class. #### Parameters The following parameters are available in the `postgresql::server` class: +* [`backup_enable`](#backup_enable) +* [`backup_options`](#backup_options) +* [`backup_provider`](#backup_provider) +* [`version`](#version) +* [`extra_systemd_config`](#extra_systemd_config) * [`postgres_password`](#postgres_password) * [`package_name`](#package_name) * [`package_ensure`](#package_ensure) @@ -851,23 +857,61 @@ The following parameters are available in the `postgresql::server` class: * [`manage_pg_ident_conf`](#manage_pg_ident_conf) * [`manage_recovery_conf`](#manage_recovery_conf) * [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`manage_selinux`](#manage_selinux) * [`module_workdir`](#module_workdir) * [`manage_datadir`](#manage_datadir) * [`manage_logdir`](#manage_logdir) * [`manage_xlogdir`](#manage_xlogdir) +* [`password_encryption`](#password_encryption) * [`roles`](#roles) * [`config_entries`](#config_entries) * [`pg_hba_rules`](#pg_hba_rules) -* [`version`](#version) -* [`extra_systemd_config`](#extra_systemd_config) -* [`manage_selinux`](#manage_selinux) -* [`password_encryption`](#password_encryption) + +##### `backup_enable` + +Data type: `Boolean` + +Whether a backup job should be enabled. + +Default value: `$postgresql::params::backup_enable` + +##### `backup_options` + +Data type: `Hash` + +A hash of options that should be passed through to the backup provider. + +Default value: `{}` + +##### `backup_provider` + +Data type: `Enum['pg_dump']` + +Specifies the backup provider to use. + +Default value: `$postgresql::params::backup_provider` + +##### `version` + +Data type: `Any` + +Deprecated. Use postgresql::globals instead. Sets PostgreSQL version + +Default value: ``undef`` + +##### `extra_systemd_config` + +Data type: `Any` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: `$postgresql::params::extra_systemd_config` ##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` -Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. + Default value: ``undef`` @@ -875,7 +919,7 @@ Default value: ``undef`` Data type: `Any` -Specifies the name of the package to use for installing the server software. + Default value: `$postgresql::params::server_package_name` @@ -883,7 +927,7 @@ Default value: `$postgresql::params::server_package_name` Data type: `Any` -Passes a value through to the package resource when creating the server instance. + Default value: `$postgresql::params::package_ensure` @@ -891,7 +935,7 @@ Default value: `$postgresql::params::package_ensure` Data type: `Any` -Sets the default package name for the PL/Perl extension. + Default value: `$postgresql::params::plperl_package_name` @@ -899,7 +943,7 @@ Default value: `$postgresql::params::plperl_package_name` Data type: `Any` -Sets the default package name for the PL/Python extension. + Default value: `$postgresql::params::plpython_package_name` @@ -907,7 +951,7 @@ Default value: `$postgresql::params::plpython_package_name` Data type: `Any` -Ensure service is installed + Default value: `$postgresql::params::service_ensure` @@ -915,7 +959,7 @@ Default value: `$postgresql::params::service_ensure` Data type: `Any` -Enable the PostgreSQL service + Default value: `$postgresql::params::service_enable` @@ -923,7 +967,7 @@ Default value: `$postgresql::params::service_enable` Data type: `Any` -Defines whether or not Puppet should manage the service. + Default value: `$postgresql::params::service_manage` @@ -931,7 +975,7 @@ Default value: `$postgresql::params::service_manage` Data type: `Any` -Overrides the default PostgreSQL service name. + Default value: `$postgresql::params::service_name` @@ -939,7 +983,7 @@ Default value: `$postgresql::params::service_name` Data type: `Any` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. + Default value: `$postgresql::params::service_restart_on_change` @@ -947,7 +991,7 @@ Default value: `$postgresql::params::service_restart_on_change` Data type: `Any` -Overrides the default PostgreSQL service provider. + Default value: `$postgresql::params::service_provider` @@ -955,7 +999,7 @@ Default value: `$postgresql::params::service_provider` Data type: `Any` -Overrides the default reload command for your PostgreSQL service. + Default value: `$postgresql::params::service_reload` @@ -963,7 +1007,7 @@ Default value: `$postgresql::params::service_reload` Data type: `Any` -Overrides the default status check command for your PostgreSQL service. + Default value: `$postgresql::params::service_status` @@ -971,7 +1015,7 @@ Default value: `$postgresql::params::service_status` Data type: `Any` -Specifies the name of the default database to connect with. On most systems this is 'postgres'. + Default value: `$postgresql::params::default_database` @@ -979,7 +1023,7 @@ Default value: `$postgresql::params::default_database` Data type: `Any` -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. + Default value: `$postgresql::globals::default_connect_settings` @@ -987,7 +1031,7 @@ Default value: `$postgresql::globals::default_connect_settings` Data type: `Any` -Address list on which the PostgreSQL service will listen + Default value: `$postgresql::params::listen_addresses` @@ -995,8 +1039,7 @@ Default value: `$postgresql::params::listen_addresses` Data type: `Any` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. -Default value: 5432. Meaning the Postgres server listens on TCP port 5432. + Default value: `$postgresql::params::port` @@ -1004,8 +1047,7 @@ Default value: `$postgresql::params::port` Data type: `Any` -Specifies the IP mask from which remote connections should be denied for the postgres superuser. -Default value: '0.0.0.0/0', which denies any remote connection. + Default value: `$postgresql::params::ip_mask_deny_postgres_user` @@ -1013,9 +1055,7 @@ Default value: `$postgresql::params::ip_mask_deny_postgres_user` Data type: `Any` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. -Default value: '127.0.0.1/32'. + Default value: `$postgresql::params::ip_mask_allow_all_users` @@ -1023,7 +1063,7 @@ Default value: `$postgresql::params::ip_mask_allow_all_users` Data type: `Array[String[1]]` -Lists strings for access control for connection method, users, databases, IPv4 addresses; + Default value: `$postgresql::params::ipv4acls` @@ -1031,7 +1071,7 @@ Default value: `$postgresql::params::ipv4acls` Data type: `Array[String[1]]` -Lists strings for access control for connection method, users, databases, IPv6 addresses. + Default value: `$postgresql::params::ipv6acls` @@ -1039,7 +1079,7 @@ Default value: `$postgresql::params::ipv6acls` Data type: `Any` -Specifies the path to the initdb command. + Default value: `$postgresql::params::initdb_path` @@ -1047,7 +1087,7 @@ Default value: `$postgresql::params::initdb_path` Data type: `Any` -Deprecated. Specifies the path to the createdb command. + Default value: `$postgresql::params::createdb_path` @@ -1055,7 +1095,7 @@ Default value: `$postgresql::params::createdb_path` Data type: `Any` -Specifies the path to the psql command. + Default value: `$postgresql::params::psql_path` @@ -1063,7 +1103,7 @@ Default value: `$postgresql::params::psql_path` Data type: `Any` -Specifies the path to your pg_hba.conf file. + Default value: `$postgresql::params::pg_hba_conf_path` @@ -1071,7 +1111,7 @@ Default value: `$postgresql::params::pg_hba_conf_path` Data type: `Any` -Specifies the path to your pg_ident.conf file. + Default value: `$postgresql::params::pg_ident_conf_path` @@ -1079,7 +1119,7 @@ Default value: `$postgresql::params::pg_ident_conf_path` Data type: `Any` -Specifies the path to your postgresql.conf file. + Default value: `$postgresql::params::postgresql_conf_path` @@ -1087,7 +1127,7 @@ Default value: `$postgresql::params::postgresql_conf_path` Data type: `Optional[Stdlib::Filemode]` -Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. + Default value: `$postgresql::params::postgresql_conf_mode` @@ -1095,7 +1135,7 @@ Default value: `$postgresql::params::postgresql_conf_mode` Data type: `Any` -Specifies the path to your recovery.conf file. + Default value: `$postgresql::params::recovery_conf_path` @@ -1103,7 +1143,7 @@ Default value: `$postgresql::params::recovery_conf_path` Data type: `Any` -PostgreSQL data directory + Default value: `$postgresql::params::datadir` @@ -1111,7 +1151,7 @@ Default value: `$postgresql::params::datadir` Data type: `Any` -PostgreSQL xlog directory + Default value: `$postgresql::params::xlogdir` @@ -1119,7 +1159,7 @@ Default value: `$postgresql::params::xlogdir` Data type: `Any` -PostgreSQL log directory + Default value: `$postgresql::params::logdir` @@ -1127,7 +1167,7 @@ Default value: `$postgresql::params::logdir` Data type: `Any` -PostgreSQL log line prefix + Default value: `$postgresql::params::log_line_prefix` @@ -1135,7 +1175,7 @@ Default value: `$postgresql::params::log_line_prefix` Data type: `Any` -If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. + Default value: `$postgresql::params::pg_hba_conf_defaults` @@ -1143,7 +1183,7 @@ Default value: `$postgresql::params::pg_hba_conf_defaults` Data type: `Any` -Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + Default value: `$postgresql::params::user` @@ -1151,7 +1191,7 @@ Default value: `$postgresql::params::user` Data type: `Any` -Overrides the default postgres user group to be used for related files in the file system. + Default value: `$postgresql::params::group` @@ -1159,7 +1199,7 @@ Default value: `$postgresql::params::group` Data type: `Any` -Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. + Default value: `$postgresql::params::needs_initdb` @@ -1167,7 +1207,7 @@ Default value: `$postgresql::params::needs_initdb` Data type: `Any` -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. + Default value: `$postgresql::params::encoding` @@ -1175,7 +1215,7 @@ Default value: `$postgresql::params::encoding` Data type: `Any` -Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. + Default value: `$postgresql::params::locale` @@ -1183,8 +1223,7 @@ Default value: `$postgresql::params::locale` Data type: `Any` -Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. + Default value: `$postgresql::params::data_checksums` @@ -1192,7 +1231,7 @@ Default value: `$postgresql::params::data_checksums` Data type: `Any` -Set timezone for the PostgreSQL instance + Default value: `$postgresql::params::timezone` @@ -1200,7 +1239,7 @@ Default value: `$postgresql::params::timezone` Data type: `Any` -Boolean. Whether to manage the pg_hba.conf. + Default value: `$postgresql::params::manage_pg_hba_conf` @@ -1208,7 +1247,7 @@ Default value: `$postgresql::params::manage_pg_hba_conf` Data type: `Any` -Boolean. Overwrites the pg_ident.conf file. + Default value: `$postgresql::params::manage_pg_ident_conf` @@ -1216,7 +1255,7 @@ Default value: `$postgresql::params::manage_pg_ident_conf` Data type: `Any` -Boolean. Specifies whether or not manage the recovery.conf. + Default value: `$postgresql::params::manage_recovery_conf` @@ -1224,17 +1263,23 @@ Default value: `$postgresql::params::manage_recovery_conf` Data type: `Boolean` -Whether to manage the postgresql conf file permissions. This means owner, -group and mode. Contents are not managed but should be managed through -postgresql::server::config_entry. + Default value: `$postgresql::params::manage_postgresql_conf_perms` +##### `manage_selinux` + +Data type: `Boolean` + + + +Default value: `$postgresql::params::manage_selinux` + ##### `module_workdir` Data type: `Any` -Working directory for the PostgreSQL module + Default value: `$postgresql::params::module_workdir` @@ -1242,7 +1287,7 @@ Default value: `$postgresql::params::module_workdir` Data type: `Any` -Set to false if you have file{ $datadir: } already defined + Default value: `$postgresql::params::manage_datadir` @@ -1250,7 +1295,7 @@ Default value: `$postgresql::params::manage_datadir` Data type: `Any` -Set to false if you have file{ $logdir: } already defined + Default value: `$postgresql::params::manage_logdir` @@ -1258,65 +1303,41 @@ Default value: `$postgresql::params::manage_logdir` Data type: `Any` -Set to false if you have file{ $xlogdir: } already defined -Default value: `$postgresql::params::manage_xlogdir` -##### `roles` - -Data type: `Hash[String, Hash]` - -Specifies a hash from which to generate postgresql::server::role resources. +Default value: `$postgresql::params::manage_xlogdir` -Default value: `{}` +##### `password_encryption` -##### `config_entries` +Data type: `Any` -Data type: `Hash[String, Any]` -Specifies a hash from which to generate postgresql::server::config_entry resources. -Default value: `{}` +Default value: `$postgresql::params::password_encryption` -##### `pg_hba_rules` +##### `roles` Data type: `Hash[String, Hash]` -Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. - -Default value: `{}` - -##### `version` - -Data type: `Any` - -Deprecated. Use postgresql::globals instead. Sets PostgreSQL version - -Default value: ``undef`` - -##### `extra_systemd_config` -Data type: `Any` - -Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string -Default value: `$postgresql::params::extra_systemd_config` +Default value: `{}` -##### `manage_selinux` +##### `config_entries` -Data type: `Boolean` +Data type: `Hash[String, Any]` -Default value: `$postgresql::params::manage_selinux` +Default value: `{}` -##### `password_encryption` +##### `pg_hba_rules` -Data type: `Any` +Data type: `Hash[String, Hash]` -Default value: `$postgresql::params::password_encryption` +Default value: `{}` ### `postgresql::server::contrib` diff --git a/metadata.json b/metadata.json index 4cdeaf93fd..88f27c24a1 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "8.1.0", + "version": "8.2.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 8a93c140b03059a1de1104c459501ab5856d6496 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Tue, 23 Aug 2022 13:46:47 +0100 Subject: [PATCH 0728/1000] (GH-1360) Reverting REFERENCE.md changes In the release prep the automated job ran and as an oversight documentation has been removed. This PR reverts that change to add back in the documentation. --- REFERENCE.md | 215 +++++++++++++++++++++++---------------------------- 1 file changed, 97 insertions(+), 118 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 0dad979a28..87f1e8c29a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -15,7 +15,7 @@ * [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. * [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. * [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. -* [`postgresql::server`](#postgresqlserver) +* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server * [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. * [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. * [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. @@ -23,7 +23,6 @@ #### Private Classes -* `postgresql::backup::pg_dump`: "Provider" for pg_dump backup * `postgresql::dnfmodule`: Manage the DNF module * `postgresql::params` * `postgresql::repo` @@ -801,17 +800,12 @@ Default value: `'present'` ### `postgresql::server` -The postgresql::server class. +This installs a PostgreSQL server #### Parameters The following parameters are available in the `postgresql::server` class: -* [`backup_enable`](#backup_enable) -* [`backup_options`](#backup_options) -* [`backup_provider`](#backup_provider) -* [`version`](#version) -* [`extra_systemd_config`](#extra_systemd_config) * [`postgres_password`](#postgres_password) * [`package_name`](#package_name) * [`package_ensure`](#package_ensure) @@ -857,61 +851,23 @@ The following parameters are available in the `postgresql::server` class: * [`manage_pg_ident_conf`](#manage_pg_ident_conf) * [`manage_recovery_conf`](#manage_recovery_conf) * [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`manage_selinux`](#manage_selinux) * [`module_workdir`](#module_workdir) * [`manage_datadir`](#manage_datadir) * [`manage_logdir`](#manage_logdir) * [`manage_xlogdir`](#manage_xlogdir) -* [`password_encryption`](#password_encryption) * [`roles`](#roles) * [`config_entries`](#config_entries) * [`pg_hba_rules`](#pg_hba_rules) - -##### `backup_enable` - -Data type: `Boolean` - -Whether a backup job should be enabled. - -Default value: `$postgresql::params::backup_enable` - -##### `backup_options` - -Data type: `Hash` - -A hash of options that should be passed through to the backup provider. - -Default value: `{}` - -##### `backup_provider` - -Data type: `Enum['pg_dump']` - -Specifies the backup provider to use. - -Default value: `$postgresql::params::backup_provider` - -##### `version` - -Data type: `Any` - -Deprecated. Use postgresql::globals instead. Sets PostgreSQL version - -Default value: ``undef`` - -##### `extra_systemd_config` - -Data type: `Any` - -Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string - -Default value: `$postgresql::params::extra_systemd_config` +* [`version`](#version) +* [`extra_systemd_config`](#extra_systemd_config) +* [`manage_selinux`](#manage_selinux) +* [`password_encryption`](#password_encryption) ##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` - +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. Default value: ``undef`` @@ -919,7 +875,7 @@ Default value: ``undef`` Data type: `Any` - +Specifies the name of the package to use for installing the server software. Default value: `$postgresql::params::server_package_name` @@ -927,7 +883,7 @@ Default value: `$postgresql::params::server_package_name` Data type: `Any` - +Passes a value through to the package resource when creating the server instance. Default value: `$postgresql::params::package_ensure` @@ -935,7 +891,7 @@ Default value: `$postgresql::params::package_ensure` Data type: `Any` - +Sets the default package name for the PL/Perl extension. Default value: `$postgresql::params::plperl_package_name` @@ -943,7 +899,7 @@ Default value: `$postgresql::params::plperl_package_name` Data type: `Any` - +Sets the default package name for the PL/Python extension. Default value: `$postgresql::params::plpython_package_name` @@ -951,7 +907,7 @@ Default value: `$postgresql::params::plpython_package_name` Data type: `Any` - +Ensure service is installed Default value: `$postgresql::params::service_ensure` @@ -959,7 +915,7 @@ Default value: `$postgresql::params::service_ensure` Data type: `Any` - +Enable the PostgreSQL service Default value: `$postgresql::params::service_enable` @@ -967,7 +923,7 @@ Default value: `$postgresql::params::service_enable` Data type: `Any` - +Defines whether or not Puppet should manage the service. Default value: `$postgresql::params::service_manage` @@ -975,7 +931,7 @@ Default value: `$postgresql::params::service_manage` Data type: `Any` - +Overrides the default PostgreSQL service name. Default value: `$postgresql::params::service_name` @@ -983,7 +939,7 @@ Default value: `$postgresql::params::service_name` Data type: `Any` - +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default value: `$postgresql::params::service_restart_on_change` @@ -991,7 +947,7 @@ Default value: `$postgresql::params::service_restart_on_change` Data type: `Any` - +Overrides the default PostgreSQL service provider. Default value: `$postgresql::params::service_provider` @@ -999,7 +955,7 @@ Default value: `$postgresql::params::service_provider` Data type: `Any` - +Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::params::service_reload` @@ -1007,7 +963,7 @@ Default value: `$postgresql::params::service_reload` Data type: `Any` - +Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::params::service_status` @@ -1015,7 +971,7 @@ Default value: `$postgresql::params::service_status` Data type: `Any` - +Specifies the name of the default database to connect with. On most systems this is 'postgres'. Default value: `$postgresql::params::default_database` @@ -1023,7 +979,7 @@ Default value: `$postgresql::params::default_database` Data type: `Any` - +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. Default value: `$postgresql::globals::default_connect_settings` @@ -1031,7 +987,7 @@ Default value: `$postgresql::globals::default_connect_settings` Data type: `Any` - +Address list on which the PostgreSQL service will listen Default value: `$postgresql::params::listen_addresses` @@ -1039,7 +995,8 @@ Default value: `$postgresql::params::listen_addresses` Data type: `Any` - +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` @@ -1047,7 +1004,8 @@ Default value: `$postgresql::params::port` Data type: `Any` - +Specifies the IP mask from which remote connections should be denied for the postgres superuser. +Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::params::ip_mask_deny_postgres_user` @@ -1055,7 +1013,9 @@ Default value: `$postgresql::params::ip_mask_deny_postgres_user` Data type: `Any` - +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` @@ -1063,7 +1023,7 @@ Default value: `$postgresql::params::ip_mask_allow_all_users` Data type: `Array[String[1]]` - +Lists strings for access control for connection method, users, databases, IPv4 addresses; Default value: `$postgresql::params::ipv4acls` @@ -1071,7 +1031,7 @@ Default value: `$postgresql::params::ipv4acls` Data type: `Array[String[1]]` - +Lists strings for access control for connection method, users, databases, IPv6 addresses. Default value: `$postgresql::params::ipv6acls` @@ -1079,7 +1039,7 @@ Default value: `$postgresql::params::ipv6acls` Data type: `Any` - +Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` @@ -1087,7 +1047,7 @@ Default value: `$postgresql::params::initdb_path` Data type: `Any` - +Deprecated. Specifies the path to the createdb command. Default value: `$postgresql::params::createdb_path` @@ -1095,7 +1055,7 @@ Default value: `$postgresql::params::createdb_path` Data type: `Any` - +Specifies the path to the psql command. Default value: `$postgresql::params::psql_path` @@ -1103,7 +1063,7 @@ Default value: `$postgresql::params::psql_path` Data type: `Any` - +Specifies the path to your pg_hba.conf file. Default value: `$postgresql::params::pg_hba_conf_path` @@ -1111,7 +1071,7 @@ Default value: `$postgresql::params::pg_hba_conf_path` Data type: `Any` - +Specifies the path to your pg_ident.conf file. Default value: `$postgresql::params::pg_ident_conf_path` @@ -1119,7 +1079,7 @@ Default value: `$postgresql::params::pg_ident_conf_path` Data type: `Any` - +Specifies the path to your postgresql.conf file. Default value: `$postgresql::params::postgresql_conf_path` @@ -1127,7 +1087,7 @@ Default value: `$postgresql::params::postgresql_conf_path` Data type: `Optional[Stdlib::Filemode]` - +Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. Default value: `$postgresql::params::postgresql_conf_mode` @@ -1135,7 +1095,7 @@ Default value: `$postgresql::params::postgresql_conf_mode` Data type: `Any` - +Specifies the path to your recovery.conf file. Default value: `$postgresql::params::recovery_conf_path` @@ -1143,7 +1103,7 @@ Default value: `$postgresql::params::recovery_conf_path` Data type: `Any` - +PostgreSQL data directory Default value: `$postgresql::params::datadir` @@ -1151,7 +1111,7 @@ Default value: `$postgresql::params::datadir` Data type: `Any` - +PostgreSQL xlog directory Default value: `$postgresql::params::xlogdir` @@ -1159,7 +1119,7 @@ Default value: `$postgresql::params::xlogdir` Data type: `Any` - +PostgreSQL log directory Default value: `$postgresql::params::logdir` @@ -1167,7 +1127,7 @@ Default value: `$postgresql::params::logdir` Data type: `Any` - +PostgreSQL log line prefix Default value: `$postgresql::params::log_line_prefix` @@ -1175,7 +1135,7 @@ Default value: `$postgresql::params::log_line_prefix` Data type: `Any` - +If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. Default value: `$postgresql::params::pg_hba_conf_defaults` @@ -1183,7 +1143,7 @@ Default value: `$postgresql::params::pg_hba_conf_defaults` Data type: `Any` - +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default value: `$postgresql::params::user` @@ -1191,7 +1151,7 @@ Default value: `$postgresql::params::user` Data type: `Any` - +Overrides the default postgres user group to be used for related files in the file system. Default value: `$postgresql::params::group` @@ -1199,7 +1159,7 @@ Default value: `$postgresql::params::group` Data type: `Any` - +Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. Default value: `$postgresql::params::needs_initdb` @@ -1207,7 +1167,7 @@ Default value: `$postgresql::params::needs_initdb` Data type: `Any` - +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::params::encoding` @@ -1215,7 +1175,7 @@ Default value: `$postgresql::params::encoding` Data type: `Any` - +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. Default value: `$postgresql::params::locale` @@ -1223,7 +1183,8 @@ Default value: `$postgresql::params::locale` Data type: `Any` - +Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` @@ -1231,7 +1192,7 @@ Default value: `$postgresql::params::data_checksums` Data type: `Any` - +Set timezone for the PostgreSQL instance Default value: `$postgresql::params::timezone` @@ -1239,7 +1200,7 @@ Default value: `$postgresql::params::timezone` Data type: `Any` - +Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::params::manage_pg_hba_conf` @@ -1247,7 +1208,7 @@ Default value: `$postgresql::params::manage_pg_hba_conf` Data type: `Any` - +Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::params::manage_pg_ident_conf` @@ -1255,7 +1216,7 @@ Default value: `$postgresql::params::manage_pg_ident_conf` Data type: `Any` - +Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::params::manage_recovery_conf` @@ -1263,23 +1224,17 @@ Default value: `$postgresql::params::manage_recovery_conf` Data type: `Boolean` - +Whether to manage the postgresql conf file permissions. This means owner, +group and mode. Contents are not managed but should be managed through +postgresql::server::config_entry. Default value: `$postgresql::params::manage_postgresql_conf_perms` -##### `manage_selinux` - -Data type: `Boolean` - - - -Default value: `$postgresql::params::manage_selinux` - ##### `module_workdir` Data type: `Any` - +Working directory for the PostgreSQL module Default value: `$postgresql::params::module_workdir` @@ -1287,7 +1242,7 @@ Default value: `$postgresql::params::module_workdir` Data type: `Any` - +Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::params::manage_datadir` @@ -1295,7 +1250,7 @@ Default value: `$postgresql::params::manage_datadir` Data type: `Any` - +Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::params::manage_logdir` @@ -1303,23 +1258,15 @@ Default value: `$postgresql::params::manage_logdir` Data type: `Any` - +Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::params::manage_xlogdir` -##### `password_encryption` - -Data type: `Any` - - - -Default value: `$postgresql::params::password_encryption` - ##### `roles` Data type: `Hash[String, Hash]` - +Specifies a hash from which to generate postgresql::server::role resources. Default value: `{}` @@ -1327,7 +1274,7 @@ Default value: `{}` Data type: `Hash[String, Any]` - +Specifies a hash from which to generate postgresql::server::config_entry resources. Default value: `{}` @@ -1335,10 +1282,42 @@ Default value: `{}` Data type: `Hash[String, Hash]` - +Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. Default value: `{}` +##### `version` + +Data type: `Any` + +Deprecated. Use postgresql::globals instead. Sets PostgreSQL version + +Default value: ``undef`` + +##### `extra_systemd_config` + +Data type: `Any` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: `$postgresql::params::extra_systemd_config` + +##### `manage_selinux` + +Data type: `Boolean` + + + +Default value: `$postgresql::params::manage_selinux` + +##### `password_encryption` + +Data type: `Any` + + + +Default value: `$postgresql::params::password_encryption` + ### `postgresql::server::contrib` Install the contrib postgresql packaging. From e463cdaa206720a64ffa2be7396070c8b9c1258b Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 23 Aug 2022 17:47:08 +0200 Subject: [PATCH 0729/1000] Fix puppet-strings documentation In 37e5bea4399ab926e6041190347e24d55a08a51c an empty line was added, splitting the documentation block. Removing the empty line creates a single documentation block again. Fixes: 37e5bea4399ab926e6041190347e24d55a08a51c --- REFERENCE.md | 36 +++++++++++++++++++++++++++++++++--- manifests/server.pp | 2 +- 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 87f1e8c29a..ee140fe370 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -23,6 +23,7 @@ #### Private Classes +* `postgresql::backup::pg_dump`: "Provider" for pg_dump backup * `postgresql::dnfmodule`: Manage the DNF module * `postgresql::params` * `postgresql::repo` @@ -858,6 +859,9 @@ The following parameters are available in the `postgresql::server` class: * [`roles`](#roles) * [`config_entries`](#config_entries) * [`pg_hba_rules`](#pg_hba_rules) +* [`backup_enable`](#backup_enable) +* [`backup_options`](#backup_options) +* [`backup_provider`](#backup_provider) * [`version`](#version) * [`extra_systemd_config`](#extra_systemd_config) * [`manage_selinux`](#manage_selinux) @@ -1286,6 +1290,30 @@ Specifies a hash from which to generate postgresql::server::pg_hba_rule resource Default value: `{}` +##### `backup_enable` + +Data type: `Boolean` + +Whether a backup job should be enabled. + +Default value: `$postgresql::params::backup_enable` + +##### `backup_options` + +Data type: `Hash` + +A hash of options that should be passed through to the backup provider. + +Default value: `{}` + +##### `backup_provider` + +Data type: `Enum['pg_dump']` + +Specifies the backup provider to use. + +Default value: `$postgresql::params::backup_provider` + ##### `version` Data type: `Any` @@ -1644,13 +1672,15 @@ The following parameters are available in the `postgresql::server::db` defined t Data type: `Any` -User to create and assign access to the database upon creation. Mandatory. +User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. ##### `password` -Data type: `Variant[String, Sensitive[String]]` +Data type: `Optional[Variant[String, Sensitive[String]]]` + +Sets the password for the created user (if a user is created). -Required Sets the password for the created user. +Default value: ``undef`` ##### `comment` diff --git a/manifests/server.pp b/manifests/server.pp index 7727ddc479..db84e478e1 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -77,7 +77,7 @@ # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. - +# # @param backup_enable Whether a backup job should be enabled. # @param backup_options A hash of options that should be passed through to the backup provider. # @param backup_provider Specifies the backup provider to use. From 789052db6e0566f619a6bf4df47433e387a57169 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 23 Aug 2022 23:00:38 +0000 Subject: [PATCH 0730/1000] Release prep v8.2.1 --- CHANGELOG.md | 12 +++++++++++- metadata.json | 2 +- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b17c230ee9..8d782ac47d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,17 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-22) +## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) (2022-08-23) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.0...v8.2.1) + +### Fixed + +- Fix puppet-strings documentation [\#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) +- \(GH-1360\) Reverting REFERENCE.md changes [\#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) +- Only require password when used [\#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) + +## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-23) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.1.0...v8.2.0) diff --git a/metadata.json b/metadata.json index 88f27c24a1..25f8b992d5 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "8.2.0", + "version": "8.2.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 28250f5f46aca7e9fb01fffa8083d6280fe9dc84 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 5 Oct 2022 11:36:04 +0100 Subject: [PATCH 0731/1000] (CONT-130) Dropping Debian 9 Support --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 25f8b992d5..7552e2cac9 100644 --- a/metadata.json +++ b/metadata.json @@ -55,7 +55,6 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "9", "10", "11" ] From d03501aa5c8c8a23d089a2cafe8455066a26a5d8 Mon Sep 17 00:00:00 2001 From: david22swan Date: Thu, 6 Oct 2022 09:52:45 +0100 Subject: [PATCH 0732/1000] (PDKSync) Removal of puppet_module_gems --- .devcontainer/README.md | 8 ++++++-- .github/workflows/nightly.yml | 2 +- .github/workflows/pr_test.yml | 2 +- Gemfile | 33 +++++++++++++++++++-------------- metadata.json | 4 ++-- 5 files changed, 29 insertions(+), 20 deletions(-) diff --git a/.devcontainer/README.md b/.devcontainer/README.md index cc4675e5dd..a719361689 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -13,14 +13,18 @@ https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/pupp // Set *default* container specific settings.json values on container create. "settings": { - "terminal.integrated.shell.linux": "/bin/bash" + "terminal.integrated.profiles.linux": { + "bash": { + "path": "bash", + } + } }, // Add the IDs of extensions you want installed when the container is created. "extensions": [ "puppet.puppet-vscode", "rebornix.Ruby" - ] + ], // Use 'forwardPorts' to make a list of ports inside the container available locally. "forwardPorts": [], diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 1ae5d48864..fdb03326b3 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -59,7 +59,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 5d26f3abbd..46d47bd4e6 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -61,7 +61,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/Gemfile b/Gemfile index a14223db65..26dd2db9ce 100644 --- a/Gemfile +++ b/Gemfile @@ -13,23 +13,28 @@ def location_for(place_or_version, fake_version = nil) end end -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - group :development do - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "voxpupuli-puppet-lint-plugins", '>= 3.0', require: false, platforms: [:ruby] - gem "github_changelog_generator", require: false + gem "json", '~> 2.0', require: false + gem "voxpupuli-puppet-lint-plugins", '~> 3.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false + gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 0.2', require: false + gem "parallel_tests", '~> 3.4', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.6.1', require: false + gem "rubocop-performance", '= 1.9.1', require: false + gem "rubocop-rspec", '= 2.0.1', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "github_changelog_generator", require: false end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index 25f8b992d5..22d18d8f8a 100644 --- a/metadata.json +++ b/metadata.json @@ -94,7 +94,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.4.0", + "pdk-version": "2.5.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g806810b" + "template-ref": "tags/2.6.0-0-gd0490b9" } From d9d7375b560eab68d4c75c12323e2cc334e614a4 Mon Sep 17 00:00:00 2001 From: david22swan Date: Thu, 6 Oct 2022 15:07:21 +0100 Subject: [PATCH 0733/1000] (PDKSync) .sync.yml update --- .github/workflows/nightly.yml | 2 +- .github/workflows/pr_test.yml | 2 +- .sync.yml | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index fdb03326b3..1ae5d48864 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -59,7 +59,7 @@ jobs: if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 46d47bd4e6..5d26f3abbd 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -61,7 +61,7 @@ jobs: id: get-matrix run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04"]' + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' else echo "::set-output name=matrix::{}" fi diff --git a/.sync.yml b/.sync.yml index 50eabc7d68..5f34a26954 100644 --- a/.sync.yml +++ b/.sync.yml @@ -31,6 +31,7 @@ spec/spec_helper.rb: - Ubuntu-16.04 - Ubuntu-18.04 - Ubuntu-20.04 + - Ubuntu-22.04 .github/workflows/pr_test.yml: unmanaged: false exclude_platforms: @@ -45,6 +46,7 @@ spec/spec_helper.rb: - Ubuntu-16.04 - Ubuntu-18.04 - Ubuntu-20.04 + - Ubuntu-22.04 .gitpod.Dockerfile: unmanaged: false .gitpod.yml: From 32b770f903d584a9581f26b0c818f6508f29e2d1 Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 7 Oct 2022 10:00:54 +0100 Subject: [PATCH 0734/1000] (CONT-189) Remove support for RedHat6 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 99e75a7fc2..8549de656f 100644 --- a/metadata.json +++ b/metadata.json @@ -25,7 +25,6 @@ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "6", "7", "8", "9" From f5cbfacf7051a2af1539279cc4bb47e5c38fe29a Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 7 Oct 2022 10:01:59 +0100 Subject: [PATCH 0735/1000] (CONT-189) Remove support for OracleLinux6 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 8549de656f..d047b0508b 100644 --- a/metadata.json +++ b/metadata.json @@ -40,7 +40,6 @@ { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ - "6", "7" ] }, From c14aa2bf7e65d978322ef0ff925301509e17f144 Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 7 Oct 2022 10:02:41 +0100 Subject: [PATCH 0736/1000] (CONT-189) Remove support for Scientific6 --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index d047b0508b..810366fe12 100644 --- a/metadata.json +++ b/metadata.json @@ -46,7 +46,6 @@ { "operatingsystem": "Scientific", "operatingsystemrelease": [ - "6", "7" ] }, From 1031e2d4aac659da1f2f8dae55588e2404130e35 Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 7 Oct 2022 15:09:28 +0100 Subject: [PATCH 0737/1000] (CONT-189) Remove RHEL 6 from Spec tests --- spec/classes/lib/devel_spec.rb | 4 ++-- spec/defines/server/config_entry_spec.rb | 22 ---------------------- spec/spec_helper_local.rb | 4 ---- 3 files changed, 2 insertions(+), 28 deletions(-) diff --git a/spec/classes/lib/devel_spec.rb b/spec/classes/lib/devel_spec.rb index 7e5e3fa9f4..4493486c97 100644 --- a/spec/classes/lib/devel_spec.rb +++ b/spec/classes/lib/devel_spec.rb @@ -26,13 +26,13 @@ end describe 'should not link pg_config on RedHat with default version' do - include_examples 'RedHat 6' + include_examples 'RedHat 8' it { is_expected.not_to contain_file('/usr/bin/pg_config') } end describe 'link pg_config on RedHat with non-default version' do - include_examples 'RedHat 6' + include_examples 'RedHat 8' let :pre_condition do "class { '::postgresql::globals': version => '9.3' }" end diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index b4a2cebac4..6506a1db17 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -24,16 +24,6 @@ context 'ports' do let(:params) { { ensure: 'present', name: 'port_spec', value: '5432' } } - context 'redhat 6' do - include_examples 'RedHat 6' - - it 'stops postgresql and changes the port #exec' do - is_expected.to contain_exec('postgresql_stop_port') - end - it 'stops postgresql and changes the port #augeas' do - is_expected.to contain_augeas('override PGPORT in /etc/sysconfig/pgsql/postgresql') - end - end context 'redhat 7' do include_examples 'RedHat 7' @@ -43,18 +33,6 @@ end end - context 'data_directory' do - include_examples 'RedHat 6' - let(:params) { { ensure: 'present', name: 'data_directory_spec', value: '/var/pgsql' } } - - it 'stops postgresql and changes the data directory #exec' do - is_expected.to contain_exec('postgresql_data_directory') - end - it 'stops postgresql and changes the data directory #augeas' do - is_expected.to contain_augeas('override PGDATA in /etc/sysconfig/pgsql/postgresql') - end - end - context 'passes values through appropriately' do let(:params) { { ensure: 'present', name: 'check_function_bodies', value: 'off' } } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 436779247e..43da336db4 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -138,10 +138,6 @@ def param(type, title, param) let(:facts) { on_supported_os['ubuntu-18.04-x86_64'] } end -shared_context 'RedHat 6' do - let(:facts) { on_supported_os['redhat-6-x86_64'] } -end - shared_context 'RedHat 7' do let(:facts) { on_supported_os['redhat-7-x86_64'] } end From ab7a69542e513fdd51674a283a12425c9fbb2155 Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 7 Oct 2022 17:28:00 +0100 Subject: [PATCH 0738/1000] (maint) Codebase Hardening Changes made to ensure that no malformed commands are passed through to the system. Certain commands were left undivided as the commands did not get correctly interpreted and so a shell_escape was used instead. --- manifests/server/config.pp | 8 ++++-- manifests/server/config_entry.pp | 27 ++++++++++++++------- manifests/server/passwd.pp | 5 ++-- manifests/validate_db_connection.pp | 17 +++++++------ spec/classes/server/config_spec.rb | 2 +- spec/classes/server_spec.rb | 2 +- spec/defines/validate_db_connection_spec.rb | 10 ++++++-- 7 files changed, 46 insertions(+), 25 deletions(-) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 163051afb8..f5b3bbed6b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -142,8 +142,11 @@ ensure_packages([$package_name]) + $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] + $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": - unless => "/usr/sbin/semanage port -l | grep -qw ${port}", + command => $exec_command, + unless => $exec_unless, before => Postgresql::Server::Config_entry['port'], require => Package[$package_name], } @@ -218,8 +221,9 @@ # # This can be removed when Puppet < 6.1 support is dropped *and* the file # old-systemd-override is removed. + $systemd_command = ['systemctl', 'daemon-reload'] exec { 'restart-systemd': - command => 'systemctl daemon-reload', + command => $systemd_command, refreshonly => true, path => '/bin:/usr/bin:/usr/local/bin', before => Class['postgresql::server::service'], diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index c4c92fe238..6b587af688 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -98,10 +98,13 @@ # is managed for us in postgresql::server::config. if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { if $name == 'data_directory' { + $stop_command = ['service', $postgresql::server::service_name, 'stop'] + $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] + $stop_unless = [['grep', "data_directory = '${value}'", $postgresql::server::postgresql_conf_path]] exec { "postgresql_stop_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep \"data_directory = '${value}'\" ${postgresql::server::postgresql_conf_path}", + command => $stop_command, + onlyif => $stop_onlyif, + unless => $stop_unless, path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', before => Postgresql_conf[$name], } @@ -111,10 +114,13 @@ # We need to force postgresql to stop before updating the port # because puppet becomes confused and is unable to manage the # service appropriately. + $stop_command = ['service', $postgresql::server::service_name, 'stop'] + $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] + $stop_unless = "grep 'PGPORT=${shell_escape($value)}' /etc/sysconfig/pgsql/postgresql" exec { "postgresql_stop_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", + command => $stop_command, + onlyif => $stop_onlyif, + unless => $stop_unless, path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], } @@ -130,10 +136,13 @@ } elsif $name == 'data_directory' { # We need to force postgresql to stop before updating the data directory # otherwise init script breaks + $stop_command = ['service', $postgresql::server::service_name, 'stop'] + $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] + $stop_unless = [['grep', "PGDATA=${value}", '/etc/sysconfig/pgsql/postgresql']] exec { "postgresql_${name}": - command => "service ${postgresql::server::service_name} stop", - onlyif => "service ${postgresql::server::service_name} status", - unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", + command => $stop_command, + onlyif => $stop_onlyif, + unless => $stop_unless, path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], } diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index 93ceb96966..d73a07ded9 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -16,7 +16,7 @@ # psql will default to connecting as $user if you don't specify name $_datbase_user_same = $database == $user $_dboption = $_datbase_user_same ? { - false => " --dbname ${database}", + false => " --dbname ${shell_escape($database)}", default => '' } @@ -26,10 +26,11 @@ # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. $escaped = postgresql::postgresql_escape($postgres_password) + $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user - command => "${psql_path}${_dboption} -c \"ALTER ROLE \\\"${user}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"", + command => $exec_command, user => $user, group => $group, logoutput => true, diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 7478fd4397..82f3b91226 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -44,29 +44,29 @@ $module_workdir = $postgresql::params::module_workdir $validcon_script_path = $postgresql::client::validcon_script_path - $cmd_init = "${psql_path} --tuples-only --quiet " + $cmd_init = "${psql_path} --tuples-only --quiet" $cmd_host = $database_host ? { undef => '', - default => "-h ${database_host} ", + default => "-h ${database_host}", } $cmd_user = $database_username ? { undef => '', - default => "-U ${database_username} ", + default => "-U ${database_username}", } $cmd_port = $database_port ? { undef => '', - default => "-p ${database_port} ", + default => "-p ${database_port}", } $cmd_dbname = $database_name ? { - undef => "--dbname ${postgresql::params::default_database} ", - default => "--dbname ${database_name} ", + undef => "--dbname ${postgresql::params::default_database}", + default => "--dbname ${database_name}", } $pass_env = $database_password_unsensitive ? { undef => undef, default => "PGPASSWORD=${database_password_unsensitive}", } $cmd = join([$cmd_init, $cmd_host, $cmd_user, $cmd_port, $cmd_dbname], ' ') - $validate_cmd = "${validcon_script_path} ${sleep} ${tries} '${cmd}'" + $validate_cmd = [$validcon_script_path, $sleep, $tries, $cmd] # This is more of a safety valve, we add a little extra to compensate for the # time it takes to run each psql command. @@ -86,9 +86,10 @@ } $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" + $exec_command = "echo 'Unable to connect to defined database using: ${shell_escape($cmd)}' && false" exec { $exec_name: - command => "echo 'Unable to connect to defined database using: ${cmd}' && false", + command => $exec_command, unless => $validate_cmd, cwd => $module_workdir, environment => $env, diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 25a724814e..1d12cab494 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -41,7 +41,7 @@ it 'has systemctl restart command' do is_expected.to contain_exec('restart-systemd').with( - command: 'systemctl daemon-reload', + command: ['systemctl', 'daemon-reload'], refreshonly: true, path: '/bin:/usr/bin:/usr/local/bin', ) diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index a9950bb6fa..d1aeb711da 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -83,7 +83,7 @@ class { 'postgresql::globals': is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end it 'sets postgres password' do - is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', + is_expected.to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], 'user' => 'postgres', 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") diff --git a/spec/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb index 757b41b040..dd584b959f 100644 --- a/spec/defines/validate_db_connection_spec.rb +++ b/spec/defines/validate_db_connection_spec.rb @@ -30,7 +30,10 @@ it { is_expected.to contain_postgresql__validate_db_connection('test') } it 'has proper path for validate command' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: %r{^/usr/local/bin/validate_postgresql_connection.sh\s+\d+}) + is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/usr/local/bin/validate_postgresql_connection.sh', + 4, + 30, + '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test']) end end @@ -55,7 +58,10 @@ class { 'postgresql::client': validcon_script_path => '/opt/something/validate.s end it 'has proper path for validate command and correct cwd' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: %r{^/opt/something/validate.sh\s+\d+}, + is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/opt/something/validate.sh', + 2, + 10, + '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test'], cwd: '/var/tmp') end end From ec15449c21e456b8479906f58253f2ed2e66b2e1 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 7 Oct 2022 17:40:06 +0200 Subject: [PATCH 0739/1000] Rewrite dependency installation using native Puppet Rather than hacking around in Ruby, this rewrites it in native Puppet. --- spec/spec_helper_acceptance_local.rb | 47 +++++++++++++--------------- 1 file changed, 21 insertions(+), 26 deletions(-) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index b0e8f5062f..c7fc30a299 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -15,10 +15,6 @@ def unindent RSpec.configure do |c| c.before :suite do - # Install iproute on AlmaLinux - # Package is used to check if ports are listening - LitmusHelper.instance.run_shell('sudo dnf install iproute -y') if %r{redhat}.match?(os[:family]) && os[:release].to_f >= 8 - install_dependencies end end @@ -41,32 +37,31 @@ def pre_run end def install_dependencies - iproute2 = <<-MANIFEST - package { 'iproute2': ensure => installed } - MANIFEST - LitmusHelper.instance.apply_manifest(iproute2) if os[:family] == 'ubuntu' && os[:release].start_with?('18.04') - - netstat = <<-MANIFEST - # needed for netstat, for serverspec checks - if $::osfamily == 'SLES' or $::osfamily == 'SUSE' { - package { 'net-tools-deprecated': - ensure => 'latest', + LitmusHelper.instance.apply_manifest <<~MANIFEST + if $facts['os']['name'] == 'Ubuntu' and $facts['os']['release']['major'] == '18.04' { + package { 'iproute2': + ensure => installed, + } } - } - MANIFEST - - LitmusHelper.instance.apply_manifest(netstat) - return unless os[:family] == 'redhat' && os[:release].start_with?('6', '7', '8') - - policycoreutils_pkg = 'policycoreutils-python' if os[:release].start_with?('6', '7') - policycoreutils_pkg = 'policycoreutils-python-utils' if os[:release].start_with?('8') + # needed for netstat, for serverspec checks + if $facts['os']['family'] in ['SLES', 'SUSE'] { + package { 'net-tools-deprecated': + ensure => 'latest', + } + } - selinux = <<-MANIFEST - package { '#{policycoreutils_pkg}': ensure => installed } + if $facts['os']['family'] == 'RedHat' { + if versioncmp($facts['os']['release']['major'], '8') >= 0 { + $package = ['iproute', 'policycoreutils-python-utils'] + } else { + $package = 'policycoreutils-python' + } + package { $package: + ensure => installed, + } + } MANIFEST - - LitmusHelper.instance.apply_manifest(selinux) end def postgresql_version From 766508dce597c55251094cb3170917ef5967e9a8 Mon Sep 17 00:00:00 2001 From: Martin Alfke Date: Tue, 11 Oct 2022 16:45:55 +0200 Subject: [PATCH 0740/1000] pg_hba_rule does not properly verify address parameter MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit According to PostgreSQL documentation there are only specific data possible for address: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html - IPV4 CIDR - IPV6 CIDR - FQDN - the strings 'samenet' or 'samehost' - a domain - a domain with a starting dot * rubocop cleanup * Update manifests/server/pg_hba_rule.pp Co-authored-by: Romain Tartière * Update manifests/server/pg_hba_rule.pp Co-authored-by: Romain Tartière * switch to individua, local data type * lint fixes * types may not finish with a trailing comma adding lint:ignore comment * lint fix single whitespace * lint fix next one: there should be a single space before an opening brace * lint: empty space also before curly * adopt spec tests to new data type Co-authored-by: Romain Tartière --- manifests/backup/pg_dump.pp | 36 +++++++++++---------- manifests/server/default_privileges.pp | 2 +- manifests/server/grant.pp | 2 +- manifests/server/pg_hba_rule.pp | 4 +-- manifests/server/role.pp | 36 ++++++++++++--------- spec/defines/server/pg_hba_rule_spec.rb | 43 +++++++++++++++++++++++++ types/pg_hba_rule_address.pp | 10 ++++++ 7 files changed, 97 insertions(+), 36 deletions(-) create mode 100644 types/pg_hba_rule_address.pp diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index 2f8c6814e0..98ce2bb299 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -41,10 +41,10 @@ # Weekdays on which the backup job should run. Defaults to `*`. This parameter is passed directly to the cron resource. # class postgresql::backup::pg_dump ( + String[1] $dir, Boolean $compress = true, Array $databases = [], Boolean $delete_before_dump = false, - String[1] $dir, String[1] $dir_group = '0', String[1] $dir_mode = '0700', String[1] $dir_owner = 'root', @@ -112,18 +112,19 @@ owner => 'root', group => '0', # Use GID for compat with Linux and BSD. content => epp($template, { - compress => $compress, - databases => $databases, - db_user => $db_user, - delete_before_dump => $delete_before_dump, - dir => $dir, - format => $format, - optional_args => $optional_args, - post_script => $post_script, - pre_script => $pre_script, - rotate => $rotate, - success_file_path => $success_file_path, - }), + compress => $compress, + databases => $databases, + db_user => $db_user, + delete_before_dump => $delete_before_dump, + dir => $dir, + format => $format, + optional_args => $optional_args, + post_script => $post_script, + pre_script => $pre_script, + rotate => $rotate, + success_file_path => $success_file_path, + } + ), } # Create password file for pg_dump @@ -132,10 +133,11 @@ mode => '0600', owner => 'root', group => '0', # Use GID for compat with Linux and BSD. - content => inline_epp('*:*:*:<%= $db_user %>:<%= $db_password %>',{ - db_password => $db_password, - db_user => $db_user, - }), + content => inline_epp ( '*:*:*:<%= $db_user %>:<%= $db_password %>', { + db_password => $db_password, + db_user => $db_user, + } + ), show_diff => false, } diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 643afd8f7b..649954d574 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -23,7 +23,7 @@ /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, - /(?i:^SCHEMAS$)/ + /(?i:^SCHEMAS$)/ # lint:ignore:trailing_comma ] $object_type, String $schema = 'public', String $psql_db = $postgresql::server::default_database, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index e1420d8fb2..a39a443ca4 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -29,7 +29,7 @@ /(?i:^TABLE$)/, #/(?i:^TABLESPACE$)/, /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ + /(?i:^SEQUENCE$)/ # lint:ignore:trailing_comma #/(?i:^VIEW$)/ ] $object_type = 'database', Optional[Variant[Array[String,2,2],String[1]]] $object_name = undef, diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index b4707751d5..550c3e54cc 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -5,7 +5,7 @@ # @param database Sets a comma-separated list of databases that this rule matches. # @param user Sets a comma-separated list of users that this rule matches. # @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -# @param address Sets a CIDR based address for this rule matching when the type is not 'local'. +# @param address Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html # @param description Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. # @param auth_option For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. # @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. @@ -16,7 +16,7 @@ String $database, String $user, String $auth_method, - Optional[String] $address = undef, + Optional[Postgresql::Pg_hba_rule_address] $address = undef, String $description = 'none', Optional[String] $auth_option = undef, Variant[String, Integer] $order = 150, diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 1741227f8d..978a246217 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -95,14 +95,16 @@ if $password_sql =~ Deferred { $create_role_command = Deferred('sprintf', ["CREATE ROLE \"%s\" %s %s %s %s %s %s CONNECTION LIMIT %s", - $username, - $password_sql, - $login_sql, - $createrole_sql, - $createdb_sql, - $superuser_sql, - $replication_sql, - $connection_limit]) + $username, + $password_sql, + $login_sql, + $createrole_sql, + $createdb_sql, + $superuser_sql, + $replication_sql, + $connection_limit, + ] + ) } else { $create_role_command = "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}" } @@ -152,11 +154,13 @@ if $password_hash_unsensitive and $update_password { if $password_hash_unsensitive =~ Deferred { - $pwd_hash_sql = Deferred('postgresql::postgresql_password',[$username, - $password_hash, - false, - $hash, - $salt]) + $pwd_hash_sql = Deferred ( 'postgresql::postgresql_password', [$username, + $password_hash, + false, + $hash, + $salt, + ] + ) } else { $pwd_hash_sql = postgresql::postgresql_password( @@ -170,8 +174,10 @@ if $pwd_hash_sql =~ Deferred { $pw_command = Deferred('sprintf', ["ALTER ROLE \"%s\" ENCRYPTED PASSWORD '%s'", $username, $pwd_hash_sql]) $unless_pw_command = Deferred('sprintf', ["SELECT 1 FROM pg_shadow WHERE usename = '%s' AND passwd = '%s'", - $username, - $pwd_hash_sql]) + $username, + $pwd_hash_sql, + ] + ) } else { $pw_command = "ALTER ROLE \"${username}\" ENCRYPTED PASSWORD '${pwd_hash_sql}'" $unless_pw_command = "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'" diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index 28b985a001..57b1247340 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -225,5 +225,48 @@ class { 'postgresql::server': } is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '1234') end end + + context 'pg_hba_rule with dot domain' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'host', + database: 'all', + user: 'all', + address: '.domain.tld', + auth_method: 'md5', + target: target, + } + end + + it do + is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+\.domain\.tld\s+md5}) + end + end + context 'pg_hba_rule with illegal address' do + let :pre_condition do + <<-MANIFEST + class { 'postgresql::server': } + MANIFEST + end + + let :params do + { + type: 'host', + database: 'all', + user: 'all', + address: '/45', + auth_method: 'md5', + target: target, + } + end + + it { is_expected.to compile.and_raise_error(%r{parameter 'address' expects a Postgresql::Pg_hba_rule_address}) } + end end end diff --git a/types/pg_hba_rule_address.pp b/types/pg_hba_rule_address.pp new file mode 100644 index 0000000000..3955f00c0a --- /dev/null +++ b/types/pg_hba_rule_address.pp @@ -0,0 +1,10 @@ +# @summary Supported address types +# @see https://www.postgresql.org/docs/current/auth-pg-hba-conf.html +type Postgresql::Pg_hba_rule_address = Variant[ + Stdlib::IP::Address::V4::CIDR, + Stdlib::IP::Address::V6::CIDR, + Stdlib::Fqdn, + Enum['all', 'samehost', 'samenet'], + # RegExp for a DNS domain - also starting with a single dot + Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/], +] From 116be5f87904e1af9829650938783b28e2318bc4 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 11 Oct 2022 15:02:49 +0200 Subject: [PATCH 0741/1000] pg_hba_rule: Move `type` datatype to own type This makes it easier to test the type, and people can use it in their downstream modules. In addition I added the type `hostnogssenc`. The list is now complete/covers all auth types from PostgreSQL 14. --- manifests/server/pg_hba_rule.pp | 3 +- spec/type_aliases/pg_hba_rule_type_spec.rb | 42 ++++++++++++++++++++++ types/pg_hba_rule_type.pp | 3 ++ 3 files changed, 46 insertions(+), 2 deletions(-) create mode 100644 spec/type_aliases/pg_hba_rule_type_spec.rb create mode 100644 types/pg_hba_rule_type.pp diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 550c3e54cc..35b506982a 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,7 +1,6 @@ # @summary This resource manages an individual rule that applies to the file defined in target. # # @param type Sets the type of rule. -# Enum['local','host','hostssl','hostnossl','hostgssenc']. # @param database Sets a comma-separated list of databases that this rule matches. # @param user Sets a comma-separated list of users that this rule matches. # @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. @@ -12,7 +11,7 @@ # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. define postgresql::server::pg_hba_rule ( - Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc'] $type, + Postgresql::Pg_hba_rule_type $type, String $database, String $user, String $auth_method, diff --git a/spec/type_aliases/pg_hba_rule_type_spec.rb b/spec/type_aliases/pg_hba_rule_type_spec.rb new file mode 100644 index 0000000000..431db29a07 --- /dev/null +++ b/spec/type_aliases/pg_hba_rule_type_spec.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Postgresql::Pg_hba_rule_type' do + describe 'valid values' do + [ + 'local', + 'host', + 'hostssl', + 'hostnossl', + 'hostgssenc', + 'hostnogssenc', + ].each do |value| + describe value.inspect do + it { is_expected.to allow_value(value) } + end + end + end + + describe 'invalid values' do + context 'with garbage inputs' do + [ + :symbol, + nil, + 'foobar', + '', + true, + false, + ['meep', 'meep'], + 65_538, + [95_000, 67_000], + {}, + { 'foo' => 'bar' }, + ].each do |value| + describe value.inspect do + it { is_expected.not_to allow_value(value) } + end + end + end + end +end diff --git a/types/pg_hba_rule_type.pp b/types/pg_hba_rule_type.pp new file mode 100644 index 0000000000..bbf4360748 --- /dev/null +++ b/types/pg_hba_rule_type.pp @@ -0,0 +1,3 @@ +# @summary enum for all different types for the pg_hba_conf +# @see https://www.postgresql.org/docs/current/auth-pg-hba-conf.html +type Postgresql::Pg_hba_rule_type = Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc'] From 82936665fd5097880f4d6147825e657fdbd96dde Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 11 Oct 2022 15:31:30 +0200 Subject: [PATCH 0742/1000] pg_hba_rule: Validate userinput in postgresql::server --- manifests/server.pp | 8 ++-- spec/type_aliases/pg_hba_rule_spec.rb | 46 ++++++++++++++++++ spec/type_aliases/pg_hba_rules_spec.rb | 66 ++++++++++++++++++++++++++ types/pg_hba_rule.pp | 14 ++++++ types/pg_hba_rules.pp | 3 ++ 5 files changed, 133 insertions(+), 4 deletions(-) create mode 100644 spec/type_aliases/pg_hba_rule_spec.rb create mode 100644 spec/type_aliases/pg_hba_rules_spec.rb create mode 100644 types/pg_hba_rule.pp create mode 100644 types/pg_hba_rules.pp diff --git a/manifests/server.pp b/manifests/server.pp index db84e478e1..3271d24304 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -152,9 +152,9 @@ $password_encryption = $postgresql::params::password_encryption, $extra_systemd_config = $postgresql::params::extra_systemd_config, - Hash[String, Hash] $roles = {}, - Hash[String, Any] $config_entries = {}, - Hash[String, Hash] $pg_hba_rules = {}, + Hash[String, Hash] $roles = {}, + Hash[String, Any] $config_entries = {}, + Postgresql::Pg_hba_rules $pg_hba_rules = {}, Boolean $backup_enable = $postgresql::params::backup_enable, Hash $backup_options = {}, @@ -204,7 +204,7 @@ } } - $pg_hba_rules.each |$rule_name, $rule| { + $pg_hba_rules.each |String[1] $rule_name, Postgresql::Pg_hba_rule $rule| { postgresql::server::pg_hba_rule { $rule_name: * => $rule, } diff --git a/spec/type_aliases/pg_hba_rule_spec.rb b/spec/type_aliases/pg_hba_rule_spec.rb new file mode 100644 index 0000000000..5f7c452daf --- /dev/null +++ b/spec/type_aliases/pg_hba_rule_spec.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Postgresql::Pg_hba_rule' do + context 'base valid required data' do + let :data do + { + description: 'pc', + type: 'host', + database: 'all', + user: 'all', + address: '127.0.0.1/32', + auth_method: 'md5', + target: '/foo.conf', + postgresql_version: '14', + order: 3 + } + end + + it { is_expected.to allow_value(data) } + end + context 'invalid data' do + let :data do + { + description: 'pc', + type: 'host', + database: 'all', + user: 'all', + address: '/32', + auth_method: 'md5', + target: '/foo.conf', + postgres_version: '14' + } + end + + it { is_expected.not_to allow_value(data) } + end + context 'empty data' do + let :data do + {} + end + + it { is_expected.not_to allow_value(data) } + end +end diff --git a/spec/type_aliases/pg_hba_rules_spec.rb b/spec/type_aliases/pg_hba_rules_spec.rb new file mode 100644 index 0000000000..d2011188e9 --- /dev/null +++ b/spec/type_aliases/pg_hba_rules_spec.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Postgresql::Pg_hba_rules' do + context 'base valid required data' do + let :data do + { + foo: { + description: 'pc', + type: 'host', + database: 'all', + user: 'all', + address: '127.0.0.1/32', + auth_method: 'md5', + target: '/foo.conf', + postgresql_version: '14', + order: 1, + }, + foo2: { + description: 'pc', + type: 'host', + database: 'all', + user: 'all', + address: '127.0.0.1/32', + auth_method: 'md5', + target: '/foo.conf', + postgresql_version: '14', + order: 2 + } + } + end + + it { is_expected.to allow_value(data) } + end + context 'empty' do + let :data do + {} + end + + it { is_expected.to allow_value(data) } + end + context 'invalid data' do + let :data do + { + description: 'pc', + type: 'host', + database: 'all', + user: 'all', + address: '/32', + auth_method: 'md5' + } + end + + it { is_expected.not_to allow_value(data) } + end + context 'empty value' do + let :data do + { + foo: {} + } + end + + it { is_expected.not_to allow_value(data) } + end +end diff --git a/types/pg_hba_rule.pp b/types/pg_hba_rule.pp new file mode 100644 index 0000000000..b4759f3220 --- /dev/null +++ b/types/pg_hba_rule.pp @@ -0,0 +1,14 @@ +# @summary type for all parameters in the postgresql::server::hba_rule defined resource +# @see https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp +type Postgresql::Pg_hba_rule = Struct[{ + Optional[description] => String, + type => Postgresql::Pg_hba_rule_type, + database => String, + user => String, + Optional[address] => Optional[Postgresql::Pg_hba_rule_address], + auth_method => String, + Optional[auth_option] => Optional[String], + Optional[order] => Variant[String,Integer], + Optional[target] => Stdlib::Absolutepath, + Optional[postgresql_version] => String, +}] diff --git a/types/pg_hba_rules.pp b/types/pg_hba_rules.pp new file mode 100644 index 0000000000..9f010bc040 --- /dev/null +++ b/types/pg_hba_rules.pp @@ -0,0 +1,3 @@ +# @summary validates a hash of entries for postgresql::server::pg_hab_conf +# @see https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp +type Postgresql::Pg_hba_rules = Hash[String[1], Postgresql::Pg_hba_rule] From bb5b43816724e658801f3474bea95f772082d8c3 Mon Sep 17 00:00:00 2001 From: Craig Gumbley Date: Tue, 13 Dec 2022 10:00:17 +0000 Subject: [PATCH 0743/1000] (MAINT) Remove stalebot workflow --- .github/workflows/stale.yml | 36 ------------------------------------ 1 file changed, 36 deletions(-) delete mode 100644 .github/workflows/stale.yml diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100644 index 26d7e5b1f8..0000000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Audit aging issues/PRs - -on: - schedule: - - cron: "30 1 * * *" - -jobs: - audit: - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v3 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - days-before-issue-stale: 90 - days-before-pr-stale: 60 - days-before-pr-close: 7 - stale-issue-message: | - Hello! 👋 - - This issue has been open for a while and has had no recent activity. We've labelled it with `attention-needed` so that we can get a clear view of which issues need our attention. - - If you are waiting on a response from us we will try and address your comments on a future Community Day. - - Alternatively, if it is no longer relevant to you please close the issue with a comment. - stale-issue-label: 'attention-needed' - stale-pr-message: | - Hello! 👋 - - This pull request has been open for a while and has had no recent activity. We've labelled it with `attention-needed` so that we can get a clear view of which PRs need our attention. - - If you are waiting on a response from us we will try and address your comments on a future Community Day. - - Alternatively, if it is no longer relevant to you please close the PR with a comment. - - Please note that if a pull request receives no update for 7 after it has been labelled, it will be closed. We are always happy to re-open pull request if they have been closed in error. - stale-pr-label: 'attention-needed' From 56e69e1d7ec22796024d5e2d4eb0d20131a528f1 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 17 Jan 2023 18:03:00 +0000 Subject: [PATCH 0744/1000] (CONT-494) Pin github_changelog_generator gem version --- .sync.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.sync.yml b/.sync.yml index 5f34a26954..d1c6127051 100644 --- a/.sync.yml +++ b/.sync.yml @@ -11,6 +11,7 @@ Gemfile: optional: ":development": - gem: github_changelog_generator + version: '= 1.15.2' Rakefile: changelog_user: puppetlabs changelog_max_issues: 500 From 22d3e3aece11a6dbedfce3f98d216be19f703685 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 17 Jan 2023 18:12:36 +0000 Subject: [PATCH 0745/1000] (CONT-494) PDK Update --- Gemfile | 10 +++++++--- metadata.json | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 26dd2db9ce..a84b5ee829 100644 --- a/Gemfile +++ b/Gemfile @@ -14,8 +14,12 @@ def location_for(place_or_version, fake_version = nil) end group :development do - gem "json", '~> 2.0', require: false - gem "voxpupuli-puppet-lint-plugins", '~> 3.0', require: false + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 3.1', require: false gem "facterdb", '~> 1.18', require: false gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0', require: false @@ -30,7 +34,7 @@ group :development do gem "rubocop-performance", '= 1.9.1', require: false gem "rubocop-rspec", '= 2.0.1', require: false gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", require: false + gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby] diff --git a/metadata.json b/metadata.json index 810366fe12..3d12b7f347 100644 --- a/metadata.json +++ b/metadata.json @@ -92,5 +92,5 @@ ], "pdk-version": "2.5.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "tags/2.6.0-0-gd0490b9" + "template-ref": "2.7.1-0-g9a16c87" } From 8f17f522183e6ff57da578034b89b9a589355a76 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 11 Jan 2023 16:38:26 +0100 Subject: [PATCH 0746/1000] Add multi instance support, refactoring config.pp This commit is the first of many to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/config.pp | 291 +++--------------------- manifests/server/instance_config.pp | 302 +++++++++++++++++++++++++ manifests/server/recovery.pp | 4 +- spec/defines/server/instance_config.rb | 23 ++ 4 files changed, 355 insertions(+), 265 deletions(-) create mode 100644 manifests/server/instance_config.pp create mode 100644 spec/defines/server/instance_config.rb diff --git a/manifests/server/config.pp b/manifests/server/config.pp index f5b3bbed6b..700c3d752b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -1,267 +1,32 @@ # @api private class postgresql::server::config { - $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user - $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users - $listen_addresses = $postgresql::server::listen_addresses - $port = $postgresql::server::port - $ipv4acls = $postgresql::server::ipv4acls - $ipv6acls = $postgresql::server::ipv6acls - $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path - $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path - $postgresql_conf_path = $postgresql::server::postgresql_conf_path - $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode - $recovery_conf_path = $postgresql::server::recovery_conf_path - $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults - $user = $postgresql::server::user - $group = $postgresql::server::group - $version = $postgresql::server::_version - $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf - $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf - $manage_recovery_conf = $postgresql::server::manage_recovery_conf - $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms - $datadir = $postgresql::server::datadir - $logdir = $postgresql::server::logdir - $service_name = $postgresql::server::service_name - $service_enable = $postgresql::server::service_enable - $log_line_prefix = $postgresql::server::log_line_prefix - $timezone = $postgresql::server::timezone - $password_encryption = $postgresql::server::password_encryption - $extra_systemd_config = $postgresql::server::extra_systemd_config - - if ($manage_pg_hba_conf == true) { - # Prepare the main pg_hba file - concat { $pg_hba_conf_path: - owner => $user, - group => $group, - mode => '0640', - warn => true, - notify => Class['postgresql::server::reload'], - } - - if $pg_hba_conf_defaults { - Postgresql::Server::Pg_hba_rule { - database => 'all', - user => 'all', - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - - postgresql::server::pg_hba_rule { - 'local access as postgres user': - type => 'local', - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => 1; - - 'local access to database with same name': - type => 'local', - auth_method => 'ident', - auth_option => $local_auth_option, - order => 2; - - 'allow localhost TCP access to postgresql user': - type => 'host', - user => $user, - address => '127.0.0.1/32', - auth_method => 'md5', - order => 3; - - 'deny access to postgresql user': - type => 'host', - user => $user, - address => $ip_mask_deny_postgres_user, - auth_method => 'reject', - order => 4; - - 'allow access to all users': - type => 'host', - address => $ip_mask_allow_all_users, - auth_method => 'md5', - order => 100; - - 'allow access to ipv6 localhost': - type => 'host', - address => '::1/128', - auth_method => 'md5', - order => 101; - } - } - - # $ipv4acls and $ipv6acls are arrays of rule strings - # They are converted into hashes we can iterate over to create postgresql::server::pg_hba_rule resources. - ( - postgresql::postgresql_acls_to_resources_hash($ipv4acls, 'ipv4acls', 10) + - postgresql::postgresql_acls_to_resources_hash($ipv6acls, 'ipv6acls', 102) - ).each | String $key, Hash $attrs| { - postgresql::server::pg_hba_rule { $key: - * => $attrs, - } - } - } - - if $manage_postgresql_conf_perms { - file { $postgresql_conf_path: - ensure => file, - owner => $user, - group => $group, - mode => $postgresql_conf_mode, - } - } - - if $listen_addresses { - postgresql::server::config_entry { 'listen_addresses': - value => $listen_addresses, - } - } - - # ensure that SELinux has a proper label for the port defined - if $postgresql::server::manage_selinux == true and $facts['os']['selinux']['enabled'] == true { - case $facts['os']['family'] { - 'RedHat', 'Linux': { - if $facts['os']['name'] == 'Amazon' { - $package_name = 'policycoreutils' - } - else { - $package_name = $facts['os']['release']['major'] ? { - '5' => 'policycoreutils', - '6' => 'policycoreutils-python', - '7' => 'policycoreutils-python', - default => 'policycoreutils-python-utils', - } - } - } - default: { - $package_name = 'policycoreutils' - } - } - - ensure_packages([$package_name]) - - $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] - $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" - exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": - command => $exec_command, - unless => $exec_unless, - before => Postgresql::Server::Config_entry['port'], - require => Package[$package_name], - } - } - - postgresql::server::config_entry { 'port': - value => $port, - } - - if ($password_encryption) and (versioncmp($version, '10') >= 0) { - postgresql::server::config_entry { 'password_encryption': - value => $password_encryption, - } - } - - postgresql::server::config_entry { 'data_directory': - value => $datadir, - } - if $timezone { - postgresql::server::config_entry { 'timezone': - value => $timezone, - } - } - if $logdir { - postgresql::server::config_entry { 'log_directory': - value => $logdir, - } - } - # Allow timestamps in log by default - if $log_line_prefix { - postgresql::server::config_entry { 'log_line_prefix': - value => $log_line_prefix, - } - } - - # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden - # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { - file { '/etc/sysconfig/pgsql/postgresql': - ensure => file, - replace => false, - } - - # The init script from the packages of the postgresql.org repository - # sources an alternate sysconfig file. - # I. e. /etc/sysconfig/pgsql/postgresql-9.3 for PostgreSQL 9.3 - # Link to the sysconfig file set by this puppet module - file { "/etc/sysconfig/pgsql/postgresql-${version}": - ensure => link, - target => '/etc/sysconfig/pgsql/postgresql', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - } - - if ($manage_pg_ident_conf == true) { - concat { $pg_ident_conf_path: - owner => $user, - group => $group, - mode => '0640', - warn => true, - notify => Class['postgresql::server::reload'], - } - } - - # RHEL 7 and 8 both support drop-in files for systemd units. The old include directive is deprecated and may be removed in future systemd releases. - # Gentoo also supports drop-in files. - if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { - # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd - # doesn't appear to report that correctly in all cases. - # One such case seems to be when an overriding unit file is removed from /etc - # and the original one from /lib *should* be used again. - # - # This can be removed when Puppet < 6.1 support is dropped *and* the file - # old-systemd-override is removed. - $systemd_command = ['systemctl', 'daemon-reload'] - exec { 'restart-systemd': - command => $systemd_command, - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin', - before => Class['postgresql::server::service'], - } - - file { - default: - ensure => file, - owner => root, - group => root, - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload']; - - 'systemd-conf-dir': - ensure => directory, - path => "/etc/systemd/system/${service_name}.service.d"; - - # Template uses: - # - $facts['os']['name'] - # - $facts['os']['release']['major'] - # - $service_name - # - $port - # - $datadir - # - $extra_systemd_config - 'systemd-override': - path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", - content => template('postgresql/systemd-override.erb'), - require => File['systemd-conf-dir']; - } - - if $service_enable != 'mask' { - # Remove old unit file to avoid conflicts - file { 'old-systemd-override': - ensure => absent, - path => "/etc/systemd/system/${service_name}.service", - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload'], - } - } + postgresql::server::instance_config { 'main': + ip_mask_deny_postgres_user => $postgresql::server::ip_mask_deny_postgres_user, + ip_mask_allow_all_users => $postgresql::server::ip_mask_allow_all_users, + listen_addresses => $postgresql::server::listen_addresses, + port => $postgresql::server::port, + ipv4acls => $postgresql::server::ipv4acls, + ipv6acls => $postgresql::server::ipv6acls, + pg_hba_conf_path => $postgresql::server::pg_hba_conf_path, + pg_ident_conf_path => $postgresql::server::pg_ident_conf_path, + postgresql_conf_path => $postgresql::server::postgresql_conf_path, + postgresql_conf_mode => $postgresql::server::postgresql_conf_mode, + recovery_conf_path => $postgresql::server::recovery_conf_path, + pg_hba_conf_defaults => $postgresql::server::pg_hba_conf_defaults, + user => $postgresql::server::user, + group => $postgresql::server::group, + version => $postgresql::server::_version, + manage_pg_hba_conf => $postgresql::server::manage_pg_hba_conf, + manage_pg_ident_conf => $postgresql::server::manage_pg_ident_conf, + manage_recovery_conf => $postgresql::server::manage_recovery_conf, + manage_postgresql_conf_perms => $postgresql::server::manage_postgresql_conf_perms, + datadir => $postgresql::server::datadir, + logdir => $postgresql::server::logdir, + service_name => $postgresql::server::service_name, + service_enable => $postgresql::server::service_enable, + log_line_prefix => $postgresql::server::log_line_prefix, + timezone => $postgresql::server::timezone, + password_encryption => $postgresql::server::password_encryption, + extra_systemd_config => $postgresql::server::extra_systemd_config, } } diff --git a/manifests/server/instance_config.pp b/manifests/server/instance_config.pp new file mode 100644 index 0000000000..8fb5794dfc --- /dev/null +++ b/manifests/server/instance_config.pp @@ -0,0 +1,302 @@ +# lint:ignore:140chars +# @param ip_mask_deny_postgres_user Specifies the IP mask from which remote connections should be denied for the postgres superuser. +# Default value: '0.0.0.0/0', which denies any remote connection. +# @param ip_mask_allow_all_users Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +# Default value: '127.0.0.1/32'. +# @param listen_addresses Address list on which the PostgreSQL service will listen +# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +# @param ipv4acls Lists strings for access control for connection method, users, databases, IPv4 addresses. +# @param ipv6acls Lists strings for access control for connection method, users, databases, IPv6 addresses. +# @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. +# @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. +# @param postgresql_conf_path Specifies the path to your postgresql.conf file. +# @param postgresql_conf_mode Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. +# @param recovery_conf_path Specifies the path to your recovery.conf file. +# @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param version, Sets PostgreSQL version +# @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. +# @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. +# @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. +# @param manage_postgresql_conf_perms +# Whether to manage the postgresql conf file permissions. This means owner, +# group and mode. Contents are not managed but should be managed through +# postgresql::server::config_entry. +# @param datadir PostgreSQL data directory +# @param logdir PostgreSQL log directory +# @param service_name Overrides the default PostgreSQL service name. +# @param service_enable Enable the PostgreSQL service +# @param log_line_prefix PostgreSQL log line prefix +# @param timezone Set timezone for the PostgreSQL instance +# @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string +# lint:endignore:140chars +define postgresql::server::instance_config ( + $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, + $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, + $listen_addresses = $postgresql::server::listen_addresses, + $port = $postgresql::server::port, + Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, + $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, + $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, + $postgresql_conf_path = $postgresql::server::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, + $recovery_conf_path = $postgresql::server::recovery_conf_path, + $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, + $user = $postgresql::server::user, + $group = $postgresql::server::group, + $version = $postgresql::server::_version, + Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, + $datadir = $postgresql::server::datadir, + $logdir = $postgresql::server::logdir, + $service_name = $postgresql::server::service_name, + $service_enable = $postgresql::server::service_enable, + $log_line_prefix = $postgresql::server::log_line_prefix, + $timezone = $postgresql::server::timezone, + $password_encryption = $postgresql::server::password_encryption, + $extra_systemd_config = $postgresql::server::extra_systemd_config, +) { + if ($manage_pg_hba_conf == true) { + # Prepare the main pg_hba file + concat { $pg_hba_conf_path: + owner => $user, + group => $group, + mode => '0640', + warn => true, + notify => Class['postgresql::server::reload'], + } + + if $pg_hba_conf_defaults { + Postgresql::Server::Pg_hba_rule { + database => 'all', + user => 'all', + } + + # Lets setup the base rules + $local_auth_option = $version ? { + '8.1' => 'sameuser', + default => undef, + } + + postgresql::server::pg_hba_rule { + 'local access as postgres user': + type => 'local', + user => $user, + auth_method => 'ident', + auth_option => $local_auth_option, + order => 1; + + 'local access to database with same name': + type => 'local', + auth_method => 'ident', + auth_option => $local_auth_option, + order => 2; + + 'allow localhost TCP access to postgresql user': + type => 'host', + user => $user, + address => '127.0.0.1/32', + auth_method => 'md5', + order => 3; + + 'deny access to postgresql user': + type => 'host', + user => $user, + address => $ip_mask_deny_postgres_user, + auth_method => 'reject', + order => 4; + + 'allow access to all users': + type => 'host', + address => $ip_mask_allow_all_users, + auth_method => 'md5', + order => 100; + + 'allow access to ipv6 localhost': + type => 'host', + address => '::1/128', + auth_method => 'md5', + order => 101; + } + } + + # $ipv4acls and $ipv6acls are arrays of rule strings + # They are converted into hashes we can iterate over to create postgresql::server::pg_hba_rule resources. + ( + postgresql::postgresql_acls_to_resources_hash($ipv4acls, 'ipv4acls', 10) + + postgresql::postgresql_acls_to_resources_hash($ipv6acls, 'ipv6acls', 102) + ).each | String $key, Hash $attrs| { + postgresql::server::pg_hba_rule { $key: + * => $attrs, + } + } + } + + if $manage_postgresql_conf_perms { + file { $postgresql_conf_path: + ensure => file, + owner => $user, + group => $group, + mode => $postgresql_conf_mode, + } + } + + if $listen_addresses { + postgresql::server::config_entry { 'listen_addresses': + value => $listen_addresses, + } + } + + # ensure that SELinux has a proper label for the port defined + if $postgresql::server::manage_selinux == true and $facts['os']['selinux']['enabled'] == true { + case $facts['os']['family'] { + 'RedHat', 'Linux': { + if $facts['os']['name'] == 'Amazon' { + $package_name = 'policycoreutils' + } + else { + $package_name = $facts['os']['release']['major'] ? { + '5' => 'policycoreutils', + '6' => 'policycoreutils-python', + '7' => 'policycoreutils-python', + default => 'policycoreutils-python-utils', + } + } + } + default: { + $package_name = 'policycoreutils' + } + } + + ensure_packages([$package_name]) + + $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] + $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" + exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": + command => $exec_command, + unless => $exec_unless, + before => Postgresql::Server::Config_entry['port'], + require => Package[$package_name], + } + } + + postgresql::server::config_entry { 'port': + value => $port, + } + + if ($password_encryption) and (versioncmp($version, '10') >= 0) { + postgresql::server::config_entry { 'password_encryption': + value => $password_encryption, + } + } + + postgresql::server::config_entry { 'data_directory': + value => $datadir, + } + if $timezone { + postgresql::server::config_entry { 'timezone': + value => $timezone, + } + } + if $logdir { + postgresql::server::config_entry { 'log_directory': + value => $logdir, + } + } + # Allow timestamps in log by default + if $log_line_prefix { + postgresql::server::config_entry { 'log_line_prefix': + value => $log_line_prefix, + } + } + + # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden + # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. + if $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { + file { '/etc/sysconfig/pgsql/postgresql': + ensure => file, + replace => false, + } + + # The init script from the packages of the postgresql.org repository + # sources an alternate sysconfig file. + # I. e. /etc/sysconfig/pgsql/postgresql-9.3 for PostgreSQL 9.3 + # Link to the sysconfig file set by this puppet module + file { "/etc/sysconfig/pgsql/postgresql-${version}": + ensure => link, + target => '/etc/sysconfig/pgsql/postgresql', + require => File['/etc/sysconfig/pgsql/postgresql'], + } + } + + if ($manage_pg_ident_conf == true) { + concat { $pg_ident_conf_path: + owner => $user, + group => $group, + mode => '0640', + warn => true, + notify => Class['postgresql::server::reload'], + } + } + # lint:ignore:140chars + # RHEL 7 and 8 both support drop-in files for systemd units. The old include directive is deprecated and may be removed in future systemd releases. + # Gentoo also supports drop-in files. + # lint:endignore:140chars + if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { + # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd + # doesn't appear to report that correctly in all cases. + # One such case seems to be when an overriding unit file is removed from /etc + # and the original one from /lib *should* be used again. + # + # This can be removed when Puppet < 6.1 support is dropped *and* the file + # old-systemd-override is removed. + $systemd_command = ['systemctl', 'daemon-reload'] + exec { 'restart-systemd': + command => $systemd_command, + refreshonly => true, + path => '/bin:/usr/bin:/usr/local/bin', + before => Class['postgresql::server::service'], + } + + file { + default: + ensure => file, + owner => root, + group => root, + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], + before => Class['postgresql::server::reload']; + + 'systemd-conf-dir': + ensure => directory, + path => "/etc/systemd/system/${service_name}.service.d"; + + # Template uses: + # - $facts['os']['name'] + # - $facts['os']['release']['major'] + # - $service_name + # - $port + # - $datadir + # - $extra_systemd_config + 'systemd-override': + path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", + content => template('postgresql/systemd-override.erb'), + require => File['systemd-conf-dir']; + } + + if $service_enable != 'mask' { + # Remove old unit file to avoid conflicts + file { 'old-systemd-override': + ensure => absent, + path => "/etc/systemd/system/${service_name}.service", + notify => [Exec['restart-systemd'], Class['postgresql::server::service']], + before => Class['postgresql::server::reload'], + } + } + } +} diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index aaf4a0586e..47f25f1ef5 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -52,8 +52,8 @@ } concat { $target: - owner => $postgresql::server::config::user, - group => $postgresql::server::config::group, + owner => $postgresql::server::user, + group => $postgresql::server::group, force => true, # do not crash if there is no recovery conf file mode => '0640', warn => true, diff --git a/spec/defines/server/instance_config.rb b/spec/defines/server/instance_config.rb new file mode 100644 index 0000000000..8fa49eac71 --- /dev/null +++ b/spec/defines/server/instance_config.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_config' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with defaults from config_class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From ab45d1be328dbea275fef1bba07ed5ae52aadec1 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 26 Jan 2023 11:09:32 +0100 Subject: [PATCH 0747/1000] remove debian 8 and 9 corpses, originally it was deprecated in this commit: https://github.com/puppetlabs/puppetlabs-postgresql/commit/07a09bd2c4207223cb573a15614607c14b344dbb --- manifests/globals.pp | 2 -- spec/defines/server/default_privileges_spec.rb | 6 +++--- spec/spec_helper_local.rb | 4 ---- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 4d91b81213..72b0d52064 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -194,8 +194,6 @@ }, 'Debian' => $facts['os']['name'] ? { 'Debian' => $facts['os']['release']['major'] ? { - '8' => '9.4', - '9' => '9.6', '10' => '11', '11' => '13', default => undef, diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 0c08cfdef4..933065f84f 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -112,8 +112,8 @@ it { is_expected.to compile.and_raise_error(%r{Illegal value for \$privilege parameter}) } end - context 'schemas on postgres < 10.0' do - include_examples 'Debian 9' + context 'schemas on postgres < 9.6' do + include_examples 'RedHat 7' let :params do { @@ -129,7 +129,7 @@ "class {'postgresql::server':}" end - it { is_expected.to compile.and_raise_error(%r{Default_privileges on schemas is only supported on PostgreSQL >= 10.0}m) } + it { is_expected.to compile.and_raise_error(%r{Default_privileges is only useable with PostgreSQL >= 9.6}m) } end context 'schemas on postgres >= 10.0' do diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 43da336db4..e7689b829a 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -122,10 +122,6 @@ def param(type, title, param) end end -shared_context 'Debian 9' do - let(:facts) { on_supported_os['debian-9-x86_64'] } -end - shared_context 'Debian 10' do let(:facts) { on_supported_os['debian-10-x86_64'] } end From 2961927f0fe8811a74e6906906d8fbc5e65f02f7 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 26 Jan 2023 11:26:01 +0100 Subject: [PATCH 0748/1000] Ubuntu 14/16/17: Drop code leftovers This was previously done in https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331. --- manifests/globals.pp | 4 ---- 1 file changed, 4 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 72b0d52064..bbf8667145 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -199,10 +199,6 @@ default => undef, }, 'Ubuntu' => $facts['os']['release']['major'] ? { - /^(14.04)$/ => '9.3', - /^(14.10|15.04|15.10)$/ => '9.4', - /^(16.04|16.10)$/ => '9.5', - /^(17.04|17.10)$/ => '9.6', /^(18.04)$/ => '10', /^(20.04)$/ => '12', /^(21.04|21.10)$/ => '13', From 60da06d2fe561e51f176eecb9255cfe25ed729b2 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 16 Jan 2023 14:09:52 +0100 Subject: [PATCH 0749/1000] Add multi instance support, refactoring initdb.pp This commit is the second of many to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/initdb.pp | 152 +++-------------------- manifests/server/instance_initdb.pp | 160 +++++++++++++++++++++++++ spec/defines/server/instance_initdb.rb | 23 ++++ 3 files changed, 198 insertions(+), 137 deletions(-) create mode 100644 manifests/server/instance_initdb.pp create mode 100644 spec/defines/server/instance_initdb.rb diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 5aabd0426d..1dc1566027 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,141 +1,19 @@ # @api private class postgresql::server::initdb { - $needs_initdb = $postgresql::server::needs_initdb - $initdb_path = $postgresql::server::initdb_path - $datadir = $postgresql::server::datadir - $xlogdir = $postgresql::server::xlogdir - $logdir = $postgresql::server::logdir - $manage_datadir = $postgresql::server::manage_datadir - $manage_logdir = $postgresql::server::manage_logdir - $manage_xlogdir = $postgresql::server::manage_xlogdir - $encoding = $postgresql::server::encoding - $locale = $postgresql::server::locale - $data_checksums = $postgresql::server::data_checksums - $group = $postgresql::server::group - $user = $postgresql::server::user - $module_workdir = $postgresql::server::module_workdir - - if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { - $seltype = 'postgresql_db_t' - $logdir_type = 'postgresql_log_t' - } - - else { - $seltype = undef - $logdir_type = undef - } - - if($manage_datadir) { - # Make sure the data directory exists, and has the correct permissions. - file { $datadir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seltype => $seltype, - } - } else { - # changes an already defined datadir - File <| title == $datadir |> { - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seltype => $seltype, - } - } - - if($xlogdir) { - if($manage_xlogdir) { - # Make sure the xlog directory exists, and has the correct permissions. - file { $xlogdir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seltype => $seltype, - } - } else { - # changes an already defined xlogdir - File <| title == $xlogdir |> { - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - seltype => $seltype, - } - } - } - - if($logdir) { - if($manage_logdir) { - # Make sure the log directory exists, and has the correct permissions. - file { $logdir: - ensure => directory, - owner => $user, - group => $group, - seltype => $logdir_type, - } - } else { - # changes an already defined logdir - File <| title == $logdir |> { - ensure => directory, - owner => $user, - group => $group, - seltype => $logdir_type, - } - } - } - - if($needs_initdb) { - # Build up the initdb command. - # - # We optionally add the locale switch if specified. Older versions of the - # initdb command don't accept this switch. So if the user didn't pass the - # parameter, lets not pass the switch at all. - $ic_base = "${initdb_path} --pgdata '${datadir}'" - $ic_xlog = $xlogdir ? { - undef => $ic_base, - default => "${ic_base} -X '${xlogdir}'" - } - - # The xlogdir need to be present before initdb runs. - # If xlogdir is default it's created by package installer - if($xlogdir) { - $require_before_initdb = [$datadir, $xlogdir] - } else { - $require_before_initdb = [$datadir] - } - - # PostgreSQL 11 no longer allows empty encoding - $ic_encoding = $encoding ? { - undef => $ic_xlog, - default => "${ic_xlog} --encoding '${encoding}'" - } - - $ic_locale = $locale ? { - undef => $ic_encoding, - default => "${ic_encoding} --locale '${locale}'" - } - - $initdb_command = $data_checksums ? { - undef => $ic_locale, - false => $ic_locale, - default => "${ic_locale} --data-checksums" - } - - # This runs the initdb command, we use the existance of the PG_VERSION - # file to ensure we don't keep running this command. - exec { 'postgresql_initdb': - command => $initdb_command, - creates => "${datadir}/PG_VERSION", - user => $user, - group => $group, - logoutput => on_failure, - require => File[$require_before_initdb], - cwd => $module_workdir, - } - } elsif $encoding != undef { - include postgresql::server::late_initdb + postgresql::server::instance_initdb { 'main': + needs_initdb => $postgresql::server::needs_initdb, + initdb_path => $postgresql::server::initdb_path, + datadir => $postgresql::server::datadir, + xlogdir => $postgresql::server::xlogdir, + logdir => $postgresql::server::logdir, + manage_datadir => $postgresql::server::manage_datadir, + manage_logdir => $postgresql::server::manage_logdir, + manage_xlogdir => $postgresql::server::manage_xlogdir, + encoding => $postgresql::server::encoding, + locale => $postgresql::server::locale, + data_checksums => $postgresql::server::data_checksums, + group => $postgresql::server::group, + user => $postgresql::server::user, + module_workdir => $postgresql::server::module_workdir, } } diff --git a/manifests/server/instance_initdb.pp b/manifests/server/instance_initdb.pp new file mode 100644 index 0000000000..673ecb022f --- /dev/null +++ b/manifests/server/instance_initdb.pp @@ -0,0 +1,160 @@ +# lint:ignore:140chars +# @param needs_initdb Explicitly calls the initdb operation after server package is installed +# and before the PostgreSQL service is started. +# @param initdb_path Specifies the path to the initdb command. +# @param datadir PostgreSQL data directory +# @param xlogdir PostgreSQL xlog directory +# @param logdir PostgreSQL log directory +# @param manage_datadir Set to false if you have file{ $datadir: } already defined +# @param manage_logdir Set to false if you have file{ $logdir: } already defined +# @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined +# @param encoding Sets the default encoding for all databases created with this module. +# On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param locale Sets the default database locale for all databases created with this module. +# On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. +# @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param module_workdir Working directory for the PostgreSQL module +# lint:endignore:140chars +define postgresql::server::instance_initdb ( + Boolean $needs_initdb = $postgresql::server::needs_initdb, + $initdb_path = $postgresql::server::initdb_path, + $datadir = $postgresql::server::datadir, + $xlogdir = $postgresql::server::xlogdir, + $logdir = $postgresql::server::logdir, + Boolean $manage_datadir = $postgresql::server::manage_datadir, + Boolean $manage_logdir = $postgresql::server::manage_logdir, + Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, + $encoding = $postgresql::server::encoding, + $locale = $postgresql::server::locale, + Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, + $group = $postgresql::server::group, + $user = $postgresql::server::user, + $module_workdir = $postgresql::server::module_workdir, +) { + if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { + $seltype = 'postgresql_db_t' + $logdir_type = 'postgresql_log_t' + } + + else { + $seltype = undef + $logdir_type = undef + } + + if($manage_datadir) { + # Make sure the data directory exists, and has the correct permissions. + file { $datadir: + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } else { + # changes an already defined datadir + File <| title == $datadir |> { + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } + + if($xlogdir) { + if($manage_xlogdir) { + # Make sure the xlog directory exists, and has the correct permissions. + file { $xlogdir: + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } else { + # changes an already defined xlogdir + File <| title == $xlogdir |> { + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, + } + } + } + + if($logdir) { + if($manage_logdir) { + # Make sure the log directory exists, and has the correct permissions. + file { $logdir: + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, + } + } else { + # changes an already defined logdir + File <| title == $logdir |> { + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, + } + } + } + + if($needs_initdb) { + # Build up the initdb command. + # + # We optionally add the locale switch if specified. Older versions of the + # initdb command don't accept this switch. So if the user didn't pass the + # parameter, lets not pass the switch at all. + $ic_base = "${initdb_path} --pgdata '${datadir}'" + $ic_xlog = $xlogdir ? { + undef => $ic_base, + default => "${ic_base} -X '${xlogdir}'" + } + + # The xlogdir need to be present before initdb runs. + # If xlogdir is default it's created by package installer + if($xlogdir) { + $require_before_initdb = [$datadir, $xlogdir] + } else { + $require_before_initdb = [$datadir] + } + + # PostgreSQL 11 no longer allows empty encoding + $ic_encoding = $encoding ? { + undef => $ic_xlog, + default => "${ic_xlog} --encoding '${encoding}'" + } + + $ic_locale = $locale ? { + undef => $ic_encoding, + default => "${ic_encoding} --locale '${locale}'" + } + + $initdb_command = $data_checksums ? { + undef => $ic_locale, + false => $ic_locale, + default => "${ic_locale} --data-checksums" + } + + # This runs the initdb command, we use the existance of the PG_VERSION + # file to ensure we don't keep running this command. + exec { 'postgresql_initdb': + command => $initdb_command, + creates => "${datadir}/PG_VERSION", + user => $user, + group => $group, + logoutput => on_failure, + require => File[$require_before_initdb], + cwd => $module_workdir, + } + } elsif $encoding != undef { + include postgresql::server::late_initdb + } +} diff --git a/spec/defines/server/instance_initdb.rb b/spec/defines/server/instance_initdb.rb new file mode 100644 index 0000000000..d82a3d37be --- /dev/null +++ b/spec/defines/server/instance_initdb.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_initdb' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with defaults from initdb class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From dcc1358f6323c44e235a33d2e6beaadd9523562a Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 16 Jan 2023 17:11:10 +0100 Subject: [PATCH 0750/1000] Add multi instance support, refactoring late_initdb.pp This commit adds changes a class to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/instance_late_initdb.pp | 43 +++++++++++++++++++++ manifests/server/late_initdb.pp | 38 ++++-------------- spec/defines/server/instance_late_initdb.rb | 23 +++++++++++ 3 files changed, 73 insertions(+), 31 deletions(-) create mode 100644 manifests/server/instance_late_initdb.pp create mode 100644 spec/defines/server/instance_late_initdb.rb diff --git a/manifests/server/instance_late_initdb.pp b/manifests/server/instance_late_initdb.pp new file mode 100644 index 0000000000..45f441915a --- /dev/null +++ b/manifests/server/instance_late_initdb.pp @@ -0,0 +1,43 @@ +# lint:ignore:140chars +# @summary Manage the default encoding when database initialization is managed by the package +# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param psql_path Specifies the path to the psql command. +# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param module_workdir Working directory for the PostgreSQL module +# lint:endignore:140chars +define postgresql::server::instance_late_initdb ( + $encoding = $postgresql::server::encoding, + $user = $postgresql::server::user, + $group = $postgresql::server::group, + $psql_path = $postgresql::server::psql_path, + $port = $postgresql::server::port, + $module_workdir = $postgresql::server::module_workdir, +) { + # Set the defaults for the postgresql_psql resource + Postgresql_psql { + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + port => $port, + cwd => $module_workdir, + } + + # [workaround] + # by default pg_createcluster encoding derived from locale + # but it do does not work by installing postgresql via puppet because puppet + # always override LANG to 'C' + postgresql_psql { "Set template1 encoding to ${encoding}": + command => "UPDATE pg_database + SET datistemplate = FALSE + WHERE datname = 'template1' + ; + UPDATE pg_database + SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE + WHERE datname = 'template1'", + unless => "SELECT datname FROM pg_database WHERE + datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", + before => Anchor['postgresql::server::service::end'], + } +} diff --git a/manifests/server/late_initdb.pp b/manifests/server/late_initdb.pp index 027b18b16f..dfedd3e83e 100644 --- a/manifests/server/late_initdb.pp +++ b/manifests/server/late_initdb.pp @@ -4,36 +4,12 @@ class postgresql::server::late_initdb { assert_private() - $encoding = $postgresql::server::encoding - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port - $module_workdir = $postgresql::server::module_workdir - - # Set the defaults for the postgresql_psql resource - Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, - cwd => $module_workdir, - } - - # [workaround] - # by default pg_createcluster encoding derived from locale - # but it do does not work by installing postgresql via puppet because puppet - # always override LANG to 'C' - postgresql_psql { "Set template1 encoding to ${encoding}": - command => "UPDATE pg_database - SET datistemplate = FALSE - WHERE datname = 'template1' - ; - UPDATE pg_database - SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE - WHERE datname = 'template1'", - unless => "SELECT datname FROM pg_database WHERE - datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", - before => Anchor['postgresql::server::service::end'], + postgresql::server::instance_late_initdb { 'main': + encoding => $postgresql::server::encoding, + user => $postgresql::server::user, + group => $postgresql::server::group, + psql_path => $postgresql::server::psql_path, + port => $postgresql::server::port, + module_workdir => $postgresql::server::module_workdir, } } diff --git a/spec/defines/server/instance_late_initdb.rb b/spec/defines/server/instance_late_initdb.rb new file mode 100644 index 0000000000..d00e04f358 --- /dev/null +++ b/spec/defines/server/instance_late_initdb.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_late_initdb' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::initdb':}" + end + + context 'with defaults from initdb class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From a72b875de467135b525f2b7e9ae516b210734508 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 20 Dec 2022 11:00:33 +0100 Subject: [PATCH 0751/1000] apt::source: configure repo only for current architecture Without this setting, we tell apt to download release information for all architectures apt knows. This includes i386 on amd64 systems. postgresql doesn't publish i386 packages. because of that, it results in a warning during apt update: N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'https://apt.postgresql.org/pub/repos/apt jammy-pgdg InRelease' doesn't support architecture 'i386' This is fixed with this change. --- manifests/repo/apt_postgresql_org.pp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index c7f603f898..31b591a0f0 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -15,14 +15,15 @@ priority => 500, } -> apt::source { 'apt.postgresql.org': - location => $_baseurl, - release => "${facts['os']['distro']['codename']}-pgdg", - repos => 'main', - key => { + location => $_baseurl, + release => "${facts['os']['distro']['codename']}-pgdg", + repos => 'main', + architecture => $facts['os']['architecture'], + key => { id => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', }, - include => { + include => { src => false, }, } From 1610f74fb8568118104e0c685f2c8e888057d638 Mon Sep 17 00:00:00 2001 From: Tobias Brox Date: Sun, 8 Jan 2023 12:46:06 +0100 Subject: [PATCH 0752/1000] bugfix - client and server package names were swapped around --- manifests/params.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 18f22b820b..3e326e2053 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -121,8 +121,8 @@ # Archlinux doesn't have a client-package but has a libs package which # pulls in postgresql server - $client_package_name = pick($client_package_name, 'postgresql') - $server_package_name = pick($server_package_name, 'postgresql-libs') + $client_package_name = pick($client_package_name, 'postgresql-libs') + $server_package_name = pick($server_package_name, 'postgresql') $java_package_name = pick($java_package_name, 'postgresql-jdbc') # Archlinux doesn't have develop packages $devel_package_name = pick($devel_package_name, 'postgresql-devel') From 5eef65982a7006d7b8967bd768d98a325392793f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Fri, 27 Jan 2023 16:05:32 +0100 Subject: [PATCH 0753/1000] .fixtures.yml: Cleanup Puppet 5 leftovers The core modules are a requirements for unit testing with Puppet 6 and newer. This module doesn't support Puppet 5 anymore, so it can be removed (we did the same at Vox Pupuli). --- .fixtures.yml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 62c6756514..6a08a90b79 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,9 +1,7 @@ fixtures: repositories: apt: "https://github.com/puppetlabs/puppetlabs-apt.git" - augeas_core: - repo: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" - puppet_version: ">= 6.0.0" + augeas_core: "https://github.com/puppetlabs/puppetlabs-augeas_core.git" concat: "https://github.com/puppetlabs/puppetlabs-concat.git" cron_core: "https://github.com/puppetlabs/puppetlabs-cron_core.git" facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' @@ -11,8 +9,4 @@ fixtures: provision: "https://github.com/puppetlabs/provision.git" puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" - yumrepo_core: - repo: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" - puppet_version: ">= 6.0.0" - symlinks: - postgresql: "#{source_dir}" + yumrepo_core: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" From 4c0261cf24bd4a9c1732e8783ef23f60b12262f1 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Fri, 27 Jan 2023 14:53:01 +0100 Subject: [PATCH 0754/1000] Add multi instance support, refactoring service.pp (4/x) This commit adds changes a class to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/instance_service.pp | 62 +++++++++++++++++++++++++ manifests/server/service.pp | 57 +++++------------------ spec/defines/server/instance_service.rb | 23 +++++++++ 3 files changed, 97 insertions(+), 45 deletions(-) create mode 100644 manifests/server/instance_service.pp create mode 100644 spec/defines/server/instance_service.rb diff --git a/manifests/server/instance_service.pp b/manifests/server/instance_service.pp new file mode 100644 index 0000000000..050045eacc --- /dev/null +++ b/manifests/server/instance_service.pp @@ -0,0 +1,62 @@ +# lint:ignore:140chars +# @param service_ensure Ensure service is installed +# @param service_enable Enable the PostgreSQL service +# @param service_manage Defines whether or not Puppet should manage the service. +# @param service_name Overrides the default PostgreSQL service name. +# @param service_provider Overrides the default PostgreSQL service provider. +# @param service_status Overrides the default status check command for your PostgreSQL service. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +# @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. +# @param psql_path Specifies the path to the psql command. +# @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +# lint:endignore:140chars +define postgresql::server::instance_service ( + $service_ensure = $postgresql::server::service_ensure, + $service_enable = $postgresql::server::service_enable, + $service_manage = $postgresql::server::service_manage, + $service_name = $postgresql::server::service_name, + $service_provider = $postgresql::server::service_provider, + $service_status = $postgresql::server::service_status, + $user = $postgresql::server::user, + $port = $postgresql::server::port, + $default_database = $postgresql::server::default_database, + $psql_path = $postgresql::server::psql_path, + $connect_settings = $postgresql::server::default_connect_settings, +) { + anchor { 'postgresql::server::service::begin': } + + if $service_manage { + service { 'postgresqld': + ensure => $service_ensure, + enable => $service_enable, + name => $service_name, + provider => $service_provider, + hasstatus => true, + status => $service_status, + } + + if $service_ensure in ['running', true] { + # This blocks the class before continuing if chained correctly, making + # sure the service really is 'up' before continuing. + # + # Without it, we may continue doing more work before the database is + # prepared leading to a nasty race condition. + postgresql_conn_validator { 'validate_service_is_running': + run_as => $user, + db_name => $default_database, + port => $port, + connect_settings => $connect_settings, + sleep => 1, + tries => 60, + psql_path => $psql_path, + require => Service['postgresqld'], + before => Anchor['postgresql::server::service::end'], + } + Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] + } + } + + anchor { 'postgresql::server::service::end': } +} diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 87a228f56e..883d1420f5 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -1,49 +1,16 @@ # @api private class postgresql::server::service { - $service_ensure = $postgresql::server::service_ensure - $service_enable = $postgresql::server::service_enable - $service_manage = $postgresql::server::service_manage - $service_name = $postgresql::server::service_name - $service_provider = $postgresql::server::service_provider - $service_status = $postgresql::server::service_status - $user = $postgresql::server::user - $port = $postgresql::server::port - $default_database = $postgresql::server::default_database - $psql_path = $postgresql::server::psql_path - $connect_settings = $postgresql::server::default_connect_settings - - anchor { 'postgresql::server::service::begin': } - - if $service_manage { - service { 'postgresqld': - ensure => $service_ensure, - enable => $service_enable, - name => $service_name, - provider => $service_provider, - hasstatus => true, - status => $service_status, - } - - if $service_ensure in ['running', true] { - # This blocks the class before continuing if chained correctly, making - # sure the service really is 'up' before continuing. - # - # Without it, we may continue doing more work before the database is - # prepared leading to a nasty race condition. - postgresql_conn_validator { 'validate_service_is_running': - run_as => $user, - db_name => $default_database, - port => $port, - connect_settings => $connect_settings, - sleep => 1, - tries => 60, - psql_path => $psql_path, - require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'], - } - Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] - } + postgresql::server::instance_service { 'main': + service_ensure => $postgresql::server::service_ensure, + service_enable => $postgresql::server::service_enable, + service_manage => $postgresql::server::service_manage, + service_name => $postgresql::server::service_name, + service_provider => $postgresql::server::service_provider, + service_status => $postgresql::server::service_status, + user => $postgresql::server::user, + port => $postgresql::server::port, + default_database => $postgresql::server::default_database, + psql_path => $postgresql::server::psql_path, + connect_settings => $postgresql::server::default_connect_settings, } - - anchor { 'postgresql::server::service::end': } } diff --git a/spec/defines/server/instance_service.rb b/spec/defines/server/instance_service.rb new file mode 100644 index 0000000000..63320845fd --- /dev/null +++ b/spec/defines/server/instance_service.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_service' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with defaults from service class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From ae9d85a8da0a2a79f2d5b45ad80cd5c20f3cf7c8 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Fri, 27 Jan 2023 17:15:14 +0100 Subject: [PATCH 0755/1000] Add multi instance support, refactoring password.pp (5/x) This commit adds changes a class to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/instance_passwd.pp | 63 ++++++++++++++++++++++++++ manifests/server/passwd.pp | 56 ++++------------------- spec/defines/server/instance_passwd.rb | 23 ++++++++++ 3 files changed, 94 insertions(+), 48 deletions(-) create mode 100644 manifests/server/instance_passwd.pp create mode 100644 spec/defines/server/instance_passwd.rb diff --git a/manifests/server/instance_passwd.pp b/manifests/server/instance_passwd.pp new file mode 100644 index 0000000000..c3ea8e218a --- /dev/null +++ b/manifests/server/instance_passwd.pp @@ -0,0 +1,63 @@ +# lint:ignore:140chars +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# Default value: 5432. Meaning the Postgres server listens on TCP port 5432. +# @param psql_path Specifies the path to the psql command. +# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param database Specifies the name of the database to connect with. On most systems this is 'postgres'. +# @param module_workdir Working directory for the PostgreSQL module +# @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. +# lint:endignore:140chars +define postgresql::server::instance_passwd ( + $user = $postgresql::server::user, + $group = $postgresql::server::group, + $psql_path = $postgresql::server::psql_path, + $port = $postgresql::server::port, + $database = $postgresql::server::default_database, + $module_workdir = $postgresql::server::module_workdir, + $postgres_password = $postgresql::server::postgres_password, + +) { + $real_postgres_password = if $postgres_password =~ Sensitive { + $postgres_password.unwrap + } else { + $postgres_password + } + + # psql will default to connecting as $user if you don't specify name + $_datbase_user_same = $database == $user + $_dboption = $_datbase_user_same ? { + false => " --dbname ${shell_escape($database)}", + default => '' + } + + if $real_postgres_password { + # NOTE: this password-setting logic relies on the pg_hba.conf being + # configured to allow the postgres system user to connect via psql + # without specifying a password ('ident' or 'trust' security). This is + # the default for pg_hba.conf. + $escaped = postgresql::postgresql_escape($real_postgres_password) + $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars + exec { 'set_postgres_postgrespw': + # This command works w/no password because we run it as postgres system + # user + command => $exec_command, + user => $user, + group => $group, + logoutput => true, + cwd => $module_workdir, + environment => [ + "PGPASSWORD=${real_postgres_password}", + "PGPORT=${port}", + "NEWPASSWD_ESCAPED=${escaped}", + ], + # With this command we're passing -h to force TCP authentication, which + # does require a password. We specify the password via the PGPASSWORD + # environment variable. If the password is correct (current), this + # command will exit with an exit code of 0, which will prevent the main + # command from running. + unless => "${psql_path} -h localhost -p ${port} -c 'select 1' > /dev/null", + path => '/usr/bin:/usr/local/bin:/bin', + } + } +} diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index d73a07ded9..3a7879bef4 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -1,52 +1,12 @@ # @api private class postgresql::server::passwd { - $postgres_password = if $postgresql::server::postgres_password =~ Sensitive { - $postgresql::server::postgres_password.unwrap - } else { - $postgresql::server::postgres_password - } - - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port - $database = $postgresql::server::default_database - $module_workdir = $postgresql::server::module_workdir - - # psql will default to connecting as $user if you don't specify name - $_datbase_user_same = $database == $user - $_dboption = $_datbase_user_same ? { - false => " --dbname ${shell_escape($database)}", - default => '' - } - - if $postgres_password { - # NOTE: this password-setting logic relies on the pg_hba.conf being - # configured to allow the postgres system user to connect via psql - # without specifying a password ('ident' or 'trust' security). This is - # the default for pg_hba.conf. - $escaped = postgresql::postgresql_escape($postgres_password) - $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" - exec { 'set_postgres_postgrespw': - # This command works w/no password because we run it as postgres system - # user - command => $exec_command, - user => $user, - group => $group, - logoutput => true, - cwd => $module_workdir, - environment => [ - "PGPASSWORD=${postgres_password}", - "PGPORT=${port}", - "NEWPASSWD_ESCAPED=${escaped}", - ], - # With this command we're passing -h to force TCP authentication, which - # does require a password. We specify the password via the PGPASSWORD - # environment variable. If the password is correct (current), this - # command will exit with an exit code of 0, which will prevent the main - # command from running. - unless => "${psql_path} -h localhost -p ${port} -c 'select 1' > /dev/null", - path => '/usr/bin:/usr/local/bin:/bin', - } + postgresql::server::instance_passwd { 'main': + user => $postgresql::server::user, + group => $postgresql::server::group, + psql_path => $postgresql::server::psql_path, + port => $postgresql::server::port, + database => $postgresql::server::default_database, + module_workdir => $postgresql::server::module_workdir, + postgres_password => $postgresql::server::postgres_password, } } diff --git a/spec/defines/server/instance_passwd.rb b/spec/defines/server/instance_passwd.rb new file mode 100644 index 0000000000..4558b627e7 --- /dev/null +++ b/spec/defines/server/instance_passwd.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_passwd' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with defaults from passwd class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From 1277a368b36b6babd3ca740eb17f5e52a9f19b01 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Fri, 27 Jan 2023 18:39:35 +0100 Subject: [PATCH 0756/1000] Add multi instance support, refactoring reload.pp (6/x) This commit adds changes a class to add multi instance support to this module. The general idea is to first copy all classes which are used and create defines from them. These classes will use the defines as is. Necessary changes for the instances itself will be added to the classes and defined types at a later point. This ensures, the module will work as it does right now and there are no breaking changes. --- manifests/server/instance_reload.pp | 14 ++++++++++++++ manifests/server/reload.pp | 12 +++--------- spec/defines/server/instance_reload.rb | 23 +++++++++++++++++++++++ 3 files changed, 40 insertions(+), 9 deletions(-) create mode 100644 manifests/server/instance_reload.pp create mode 100644 spec/defines/server/instance_reload.rb diff --git a/manifests/server/instance_reload.pp b/manifests/server/instance_reload.pp new file mode 100644 index 0000000000..ce63ecc864 --- /dev/null +++ b/manifests/server/instance_reload.pp @@ -0,0 +1,14 @@ +# @param service_reload Overrides the default reload command for your PostgreSQL service. +# @param service_status Overrides the default status check command for your PostgreSQL service. +define postgresql::server::instance_reload ( + $service_status = $postgresql::server::service_status, + $service_reload = $postgresql::server::service_reload, +) { + exec { 'postgresql_reload': + path => '/usr/bin:/usr/sbin:/bin:/sbin', + command => $service_reload, + onlyif => $service_status, + refreshonly => true, + require => Class['postgresql::server::service'], + } +} diff --git a/manifests/server/reload.pp b/manifests/server/reload.pp index 28a5346ff3..babc2dbad7 100644 --- a/manifests/server/reload.pp +++ b/manifests/server/reload.pp @@ -1,13 +1,7 @@ # @api private class postgresql::server::reload { - $service_status = $postgresql::server::service_status - $service_reload = $postgresql::server::service_reload - - exec { 'postgresql_reload': - path => '/usr/bin:/usr/sbin:/bin:/sbin', - command => $service_reload, - onlyif => $service_status, - refreshonly => true, - require => Class['postgresql::server::service'], + postgresql::server::instance_reload { 'main': + service_status => $postgresql::server::service_status, + service_reload => $postgresql::server::service_reload, } } diff --git a/spec/defines/server/instance_reload.rb b/spec/defines/server/instance_reload.rb new file mode 100644 index 0000000000..e7ecac8e5f --- /dev/null +++ b/spec/defines/server/instance_reload.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server::instance_reload' do + let(:title) { 'main' } + + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let :facts do + os_facts + end + + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with defaults from server class' do + it { is_expected.to compile.with_all_deps } + end + end + end +end From ae2f466d3851311a206fb887995e8f88599785ae Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 30 Jan 2023 15:10:42 +0100 Subject: [PATCH 0757/1000] postgresql instances move and rename defines (7/x) * move instances_ to instance/ * update define instance_ to instance:: * update classes using defines * move and update spec tests accordingly --- manifests/server/config.pp | 2 +- manifests/server/initdb.pp | 2 +- manifests/server/{instance_config.pp => instance/config.pp} | 2 +- manifests/server/{instance_initdb.pp => instance/initdb.pp} | 2 +- .../server/{instance_late_initdb.pp => instance/late_initdb.pp} | 2 +- manifests/server/{instance_passwd.pp => instance/passwd.pp} | 2 +- manifests/server/{instance_reload.pp => instance/reload.pp} | 2 +- manifests/server/{instance_service.pp => instance/service.pp} | 2 +- manifests/server/late_initdb.pp | 2 +- manifests/server/passwd.pp | 2 +- manifests/server/reload.pp | 2 +- manifests/server/service.pp | 2 +- spec/defines/server/{instance_config.rb => instance/config.rb} | 2 +- spec/defines/server/{instance_initdb.rb => instance/initdb.rb} | 2 +- .../server/{instance_late_initdb.rb => instance/late_initdb.rb} | 2 +- spec/defines/server/{instance_passwd.rb => instance/passwd.rb} | 2 +- spec/defines/server/{instance_reload.rb => instance/reload.rb} | 2 +- .../defines/server/{instance_service.rb => instance/service.rb} | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) rename manifests/server/{instance_config.pp => instance/config.pp} (99%) rename manifests/server/{instance_initdb.pp => instance/initdb.pp} (99%) rename manifests/server/{instance_late_initdb.pp => instance/late_initdb.pp} (97%) rename manifests/server/{instance_passwd.pp => instance/passwd.pp} (98%) rename manifests/server/{instance_reload.pp => instance/reload.pp} (92%) rename manifests/server/{instance_service.pp => instance/service.pp} (98%) rename spec/defines/server/{instance_config.rb => instance/config.rb} (88%) rename spec/defines/server/{instance_initdb.rb => instance/initdb.rb} (88%) rename spec/defines/server/{instance_late_initdb.rb => instance/late_initdb.rb} (87%) rename spec/defines/server/{instance_passwd.rb => instance/passwd.rb} (88%) rename spec/defines/server/{instance_reload.rb => instance/reload.rb} (88%) rename spec/defines/server/{instance_service.rb => instance/service.rb} (88%) diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 700c3d752b..bd232e1bac 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -1,6 +1,6 @@ # @api private class postgresql::server::config { - postgresql::server::instance_config { 'main': + postgresql::server::instance::config { 'main': ip_mask_deny_postgres_user => $postgresql::server::ip_mask_deny_postgres_user, ip_mask_allow_all_users => $postgresql::server::ip_mask_allow_all_users, listen_addresses => $postgresql::server::listen_addresses, diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 1dc1566027..937406d47a 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,6 +1,6 @@ # @api private class postgresql::server::initdb { - postgresql::server::instance_initdb { 'main': + postgresql::server::instance::initdb { 'main': needs_initdb => $postgresql::server::needs_initdb, initdb_path => $postgresql::server::initdb_path, datadir => $postgresql::server::datadir, diff --git a/manifests/server/instance_config.pp b/manifests/server/instance/config.pp similarity index 99% rename from manifests/server/instance_config.pp rename to manifests/server/instance/config.pp index 8fb5794dfc..72189c025c 100644 --- a/manifests/server/instance_config.pp +++ b/manifests/server/instance/config.pp @@ -33,7 +33,7 @@ # @param timezone Set timezone for the PostgreSQL instance # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # lint:endignore:140chars -define postgresql::server::instance_config ( +define postgresql::server::instance::config ( $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, $listen_addresses = $postgresql::server::listen_addresses, diff --git a/manifests/server/instance_initdb.pp b/manifests/server/instance/initdb.pp similarity index 99% rename from manifests/server/instance_initdb.pp rename to manifests/server/instance/initdb.pp index 673ecb022f..7ec5b19b39 100644 --- a/manifests/server/instance_initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -18,7 +18,7 @@ # @param group Overrides the default postgres user group to be used for related files in the file system. # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars -define postgresql::server::instance_initdb ( +define postgresql::server::instance::initdb ( Boolean $needs_initdb = $postgresql::server::needs_initdb, $initdb_path = $postgresql::server::initdb_path, $datadir = $postgresql::server::datadir, diff --git a/manifests/server/instance_late_initdb.pp b/manifests/server/instance/late_initdb.pp similarity index 97% rename from manifests/server/instance_late_initdb.pp rename to manifests/server/instance/late_initdb.pp index 45f441915a..90012a72fb 100644 --- a/manifests/server/instance_late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -7,7 +7,7 @@ # @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars -define postgresql::server::instance_late_initdb ( +define postgresql::server::instance::late_initdb ( $encoding = $postgresql::server::encoding, $user = $postgresql::server::user, $group = $postgresql::server::group, diff --git a/manifests/server/instance_passwd.pp b/manifests/server/instance/passwd.pp similarity index 98% rename from manifests/server/instance_passwd.pp rename to manifests/server/instance/passwd.pp index c3ea8e218a..5d98d5e572 100644 --- a/manifests/server/instance_passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -8,7 +8,7 @@ # @param module_workdir Working directory for the PostgreSQL module # @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. # lint:endignore:140chars -define postgresql::server::instance_passwd ( +define postgresql::server::instance::passwd ( $user = $postgresql::server::user, $group = $postgresql::server::group, $psql_path = $postgresql::server::psql_path, diff --git a/manifests/server/instance_reload.pp b/manifests/server/instance/reload.pp similarity index 92% rename from manifests/server/instance_reload.pp rename to manifests/server/instance/reload.pp index ce63ecc864..8d81a33487 100644 --- a/manifests/server/instance_reload.pp +++ b/manifests/server/instance/reload.pp @@ -1,6 +1,6 @@ # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. -define postgresql::server::instance_reload ( +define postgresql::server::instance::reload ( $service_status = $postgresql::server::service_status, $service_reload = $postgresql::server::service_reload, ) { diff --git a/manifests/server/instance_service.pp b/manifests/server/instance/service.pp similarity index 98% rename from manifests/server/instance_service.pp rename to manifests/server/instance/service.pp index 050045eacc..cd5e37e61c 100644 --- a/manifests/server/instance_service.pp +++ b/manifests/server/instance/service.pp @@ -12,7 +12,7 @@ # @param psql_path Specifies the path to the psql command. # @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # lint:endignore:140chars -define postgresql::server::instance_service ( +define postgresql::server::instance::service ( $service_ensure = $postgresql::server::service_ensure, $service_enable = $postgresql::server::service_enable, $service_manage = $postgresql::server::service_manage, diff --git a/manifests/server/late_initdb.pp b/manifests/server/late_initdb.pp index dfedd3e83e..d0fa68c0a7 100644 --- a/manifests/server/late_initdb.pp +++ b/manifests/server/late_initdb.pp @@ -4,7 +4,7 @@ class postgresql::server::late_initdb { assert_private() - postgresql::server::instance_late_initdb { 'main': + postgresql::server::instance::late_initdb { 'main': encoding => $postgresql::server::encoding, user => $postgresql::server::user, group => $postgresql::server::group, diff --git a/manifests/server/passwd.pp b/manifests/server/passwd.pp index 3a7879bef4..e30beef032 100644 --- a/manifests/server/passwd.pp +++ b/manifests/server/passwd.pp @@ -1,6 +1,6 @@ # @api private class postgresql::server::passwd { - postgresql::server::instance_passwd { 'main': + postgresql::server::instance::passwd { 'main': user => $postgresql::server::user, group => $postgresql::server::group, psql_path => $postgresql::server::psql_path, diff --git a/manifests/server/reload.pp b/manifests/server/reload.pp index babc2dbad7..be5e7576d3 100644 --- a/manifests/server/reload.pp +++ b/manifests/server/reload.pp @@ -1,6 +1,6 @@ # @api private class postgresql::server::reload { - postgresql::server::instance_reload { 'main': + postgresql::server::instance::reload { 'main': service_status => $postgresql::server::service_status, service_reload => $postgresql::server::service_reload, } diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 883d1420f5..174e550790 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -1,6 +1,6 @@ # @api private class postgresql::server::service { - postgresql::server::instance_service { 'main': + postgresql::server::instance::service { 'main': service_ensure => $postgresql::server::service_ensure, service_enable => $postgresql::server::service_enable, service_manage => $postgresql::server::service_manage, diff --git a/spec/defines/server/instance_config.rb b/spec/defines/server/instance/config.rb similarity index 88% rename from spec/defines/server/instance_config.rb rename to spec/defines/server/instance/config.rb index 8fa49eac71..aeab03dee2 100644 --- a/spec/defines/server/instance_config.rb +++ b/spec/defines/server/instance/config.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_config' do +describe 'postgresql::server::instance::config' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| diff --git a/spec/defines/server/instance_initdb.rb b/spec/defines/server/instance/initdb.rb similarity index 88% rename from spec/defines/server/instance_initdb.rb rename to spec/defines/server/instance/initdb.rb index d82a3d37be..7b94bba521 100644 --- a/spec/defines/server/instance_initdb.rb +++ b/spec/defines/server/instance/initdb.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_initdb' do +describe 'postgresql::server::instance::initdb' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| diff --git a/spec/defines/server/instance_late_initdb.rb b/spec/defines/server/instance/late_initdb.rb similarity index 87% rename from spec/defines/server/instance_late_initdb.rb rename to spec/defines/server/instance/late_initdb.rb index d00e04f358..354a410f6f 100644 --- a/spec/defines/server/instance_late_initdb.rb +++ b/spec/defines/server/instance/late_initdb.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_late_initdb' do +describe 'postgresql::server::instance::late_initdb' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| diff --git a/spec/defines/server/instance_passwd.rb b/spec/defines/server/instance/passwd.rb similarity index 88% rename from spec/defines/server/instance_passwd.rb rename to spec/defines/server/instance/passwd.rb index 4558b627e7..74ad978be2 100644 --- a/spec/defines/server/instance_passwd.rb +++ b/spec/defines/server/instance/passwd.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_passwd' do +describe 'postgresql::server::instance::passwd' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| diff --git a/spec/defines/server/instance_reload.rb b/spec/defines/server/instance/reload.rb similarity index 88% rename from spec/defines/server/instance_reload.rb rename to spec/defines/server/instance/reload.rb index e7ecac8e5f..2b37638401 100644 --- a/spec/defines/server/instance_reload.rb +++ b/spec/defines/server/instance/reload.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_reload' do +describe 'postgresql::server::instance::reload' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| diff --git a/spec/defines/server/instance_service.rb b/spec/defines/server/instance/service.rb similarity index 88% rename from spec/defines/server/instance_service.rb rename to spec/defines/server/instance/service.rb index 63320845fd..ef5ad5f1e9 100644 --- a/spec/defines/server/instance_service.rb +++ b/spec/defines/server/instance/service.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe 'postgresql::server::instance_service' do +describe 'postgresql::server::instance::service' do let(:title) { 'main' } on_supported_os.each do |os, os_facts| From 07c78579ad4da396cf096c9e41d9ec2bba629efa Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 30 Jan 2023 15:49:05 +0100 Subject: [PATCH 0758/1000] postgresql instances fix parameter indention server::instance::passwd (8/x) --- manifests/server/instance/passwd.pp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 5d98d5e572..cd2c80e431 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -9,12 +9,12 @@ # @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. # lint:endignore:140chars define postgresql::server::instance::passwd ( - $user = $postgresql::server::user, - $group = $postgresql::server::group, - $psql_path = $postgresql::server::psql_path, - $port = $postgresql::server::port, - $database = $postgresql::server::default_database, - $module_workdir = $postgresql::server::module_workdir, + $user = $postgresql::server::user, + $group = $postgresql::server::group, + $psql_path = $postgresql::server::psql_path, + $port = $postgresql::server::port, + $database = $postgresql::server::default_database, + $module_workdir = $postgresql::server::module_workdir, $postgres_password = $postgresql::server::postgres_password, ) { From 7598a309eea1f45409b26db5c7ffd9843f6e12a2 Mon Sep 17 00:00:00 2001 From: Paula Muir Date: Wed, 1 Feb 2023 12:04:54 +0000 Subject: [PATCH 0759/1000] Adding mend file --- .github/workflows/mend.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .github/workflows/mend.yml diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml new file mode 100644 index 0000000000..b4100a5af0 --- /dev/null +++ b/.github/workflows/mend.yml @@ -0,0 +1,15 @@ +name: "mend" + +on: + pull_request: + branches: + - "main" + schedule: + - cron: "0 0 * * *" + workflow_dispatch: + +jobs: + + mend: + uses: "puppetlabs/cat-github-actions/.github/workflows/mend_ruby.yml@main" + secrets: "inherit" From 5eb1e8edb825a0ee1377db0ecf7af1646452df94 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 2 Feb 2023 15:35:37 +0100 Subject: [PATCH 0760/1000] remove manual systemd drop-in file handling * add puppet/systemd module * remove systemd daemon reload and raise minimal puppet version to 6.1 * remove old "drop-in file" removal, was in place 3 years now * move systemd drop-in file handling to seperate define * Implement recent feedback * define is now private * rename parameter in define call * fix unit tests * fix rubocop complains * fix path, set default fact * fix systemd drop in file, adding template parameters to systemd define * added reason for drop in file in a comment * added reviewers feedback * remove ensure parameter for systemd drop-in file handling, except for the define itself. * systemd_extra_args expects String, default is undef now --- .fixtures.yml | 1 + manifests/params.pp | 2 +- manifests/server/instance/config.pp | 56 ++------------- manifests/server/instance/systemd.pp | 26 +++++++ metadata.json | 6 +- spec/classes/server/config_spec.rb | 91 ++++++++---------------- spec/classes/server_spec.rb | 10 +-- spec/default_facts.yml | 1 + spec/defines/server/config_entry_spec.rb | 2 +- templates/systemd-override.erb | 3 - 10 files changed, 75 insertions(+), 123 deletions(-) create mode 100644 manifests/server/instance/systemd.pp diff --git a/.fixtures.yml b/.fixtures.yml index 6a08a90b79..7e45dadbb1 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -10,3 +10,4 @@ fixtures: puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" + systemd: "https://github.com/voxpupuli/puppet-systemd.git" diff --git a/manifests/params.pp b/manifests/params.pp index 3e326e2053..ebbfd035de 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -26,7 +26,7 @@ $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') $password_encryption = undef - $extra_systemd_config = '' + $extra_systemd_config = undef $manage_datadir = true $manage_logdir = true $manage_xlogdir = true diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 72189c025c..d6ef93259e 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -245,58 +245,14 @@ } } # lint:ignore:140chars - # RHEL 7 and 8 both support drop-in files for systemd units. The old include directive is deprecated and may be removed in future systemd releases. - # Gentoo also supports drop-in files. + # RHEL 7 and 8 both support drop-in files for systemd units. Gentoo also supports drop-in files. + # Edit 02/2023 RHEL basedc Systems and Gentoo need Variables set for $PGPORT, $DATA_DIR or $PGDATA, thats what the drop-in file is for. # lint:endignore:140chars if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { - # While Puppet 6.1 and newer can do a daemon-reload if needed, systemd - # doesn't appear to report that correctly in all cases. - # One such case seems to be when an overriding unit file is removed from /etc - # and the original one from /lib *should* be used again. - # - # This can be removed when Puppet < 6.1 support is dropped *and* the file - # old-systemd-override is removed. - $systemd_command = ['systemctl', 'daemon-reload'] - exec { 'restart-systemd': - command => $systemd_command, - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin', - before => Class['postgresql::server::service'], - } - - file { - default: - ensure => file, - owner => root, - group => root, - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload']; - - 'systemd-conf-dir': - ensure => directory, - path => "/etc/systemd/system/${service_name}.service.d"; - - # Template uses: - # - $facts['os']['name'] - # - $facts['os']['release']['major'] - # - $service_name - # - $port - # - $datadir - # - $extra_systemd_config - 'systemd-override': - path => "/etc/systemd/system/${service_name}.service.d/${service_name}.conf", - content => template('postgresql/systemd-override.erb'), - require => File['systemd-conf-dir']; - } - - if $service_enable != 'mask' { - # Remove old unit file to avoid conflicts - file { 'old-systemd-override': - ensure => absent, - path => "/etc/systemd/system/${service_name}.service", - notify => [Exec['restart-systemd'], Class['postgresql::server::service']], - before => Class['postgresql::server::reload'], - } + postgresql::server::instance::systemd { $service_name: + port => $port, + datadir => $datadir, + extra_systemd_config => $extra_systemd_config, } } } diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp new file mode 100644 index 0000000000..be4c128dae --- /dev/null +++ b/manifests/server/instance/systemd.pp @@ -0,0 +1,26 @@ +# @summary This define handles systemd drop-in files for the postgres main instance (default) or additional instances +# @param service_name Overrides the default PostgreSQL service name. +# @param drop_in_ensure sets the Systemd drop-in file to present or absent +# @api private +define postgresql::server::instance::systemd ( + Variant[String[1], Stdlib::Port] $port, + Stdlib::Absolutepath $datadir, + Optional[String[1]] $extra_systemd_config = undef, + String[1] $service_name = $name, + Enum[present, absent] $drop_in_ensure = 'present', + +) { + # Template uses: + # - $port + # - $datadir + # - $extra_systemd_config + systemd::dropin_file { "${service_name}.conf": + ensure => $drop_in_ensure, + unit => "${service_name}.service", + owner => 'root', + group => 'root', + content => template('postgresql/systemd-override.erb'), + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], + } +} diff --git a/metadata.json b/metadata.json index 3d12b7f347..0543336fc5 100644 --- a/metadata.json +++ b/metadata.json @@ -16,6 +16,10 @@ "name": "puppetlabs/apt", "version_requirement": ">= 2.0.0 < 10.0.0" }, + { + "name": "puppet/systemd", + "version_requirement": ">= 4.0.1 < 5.0.0" + }, { "name": "puppetlabs/concat", "version_requirement": ">= 4.1.0 < 8.0.0" @@ -87,7 +91,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.0.0 < 8.0.0" + "version_requirement": ">= 6.24.0 < 8.0.0" } ], "pdk-version": "2.5.0", diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 1d12cab494..cb53f74b05 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -19,29 +19,22 @@ .that_requires('Package[policycoreutils-python]') end - it 'removes the old systemd-override file' do - is_expected.to contain_file('old-systemd-override') - .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') - end - it 'has the correct systemd-override drop file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', - owner: 'root', group: 'root' - ) .that_requires('File[systemd-conf-dir]') + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + ensure: 'file', owner: 'root', group: 'root', + ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{(?!^.include)}) + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') end context 'RHEL 7 host with Puppet 5' do include_examples 'RedHat 7' it 'has systemctl restart command' do - is_expected.to contain_exec('restart-systemd').with( - command: ['systemctl', 'daemon-reload'], + is_expected.to contain_exec('systemd-postgresql.service-systemctl-daemon-reload').with( + command: 'systemctl daemon-reload', refreshonly: true, path: '/bin:/usr/bin:/usr/local/bin', ) @@ -53,21 +46,20 @@ <<-EOS class { 'postgresql::globals': manage_package_repo => true, - version => '9.4', + version => '10', }-> class { 'postgresql::server': } EOS end it 'has the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service.d/postgresql-9.4.conf', - owner: 'root', group: 'root' + is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').with( + ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf') .without_content(%r{\.include}) end end end @@ -84,20 +76,14 @@ class { 'postgresql::server': } .that_requires('Package[policycoreutils-python-utils]') end - it 'removes the old systemd-override file' do - is_expected.to contain_file('old-systemd-override') - .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') - end - it 'has the correct systemd-override drop file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', - owner: 'root', group: 'root' - ) .that_requires('File[systemd-conf-dir]') + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + ensure: 'file', owner: 'root', group: 'root', + ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -105,20 +91,19 @@ class { 'postgresql::server': } <<-EOS class { 'postgresql::globals': manage_package_repo => true, - version => '9.4', + version => '14', }-> class { 'postgresql::server': } EOS end it 'has the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.4.service.d/postgresql-9.4.conf', - owner: 'root', group: 'root' + is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( + ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf') .without_content(%r{\.include}) end end end @@ -135,20 +120,14 @@ class { 'postgresql::server': } .that_requires('Package[policycoreutils-python-utils]') end - it 'removes the old systemd-override file' do - is_expected.to contain_file('old-systemd-override') - .with(ensure: 'absent', path: '/etc/systemd/system/postgresql.service') - end - it 'has the correct systemd-override drop file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql.service.d/postgresql.conf', - owner: 'root', group: 'root' - ) .that_requires('File[systemd-conf-dir]') + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + ensure: 'file', owner: 'root', group: 'root', + ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -163,14 +142,13 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf', - owner: 'root', group: 'root' + is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').with( + ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf') .without_content(%r{\.include}) end end end @@ -193,7 +171,7 @@ class { 'postgresql::server': } let(:pre_condition) do <<-EOS class { 'postgresql::globals': - version => '9.5', + version => '14', }-> class { 'postgresql::server': manage_pg_hba_conf => true, @@ -221,7 +199,7 @@ class { 'postgresql::server': let(:pre_condition) do <<-EOS class { 'postgresql::globals': - version => '9.5', + version => '14', }-> class { 'postgresql::server': } EOS @@ -231,22 +209,11 @@ class { 'postgresql::server': } is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') end - it 'removes the old systemd-override file' do - is_expected.to contain_file('old-systemd-override') - .with(ensure: 'absent', path: '/etc/systemd/system/postgresql-9.5.service') - end - it 'has the correct systemd-override drop file' do - is_expected.to contain_file('systemd-override').with( - ensure: 'file', path: '/etc/systemd/system/postgresql-9.5.service.d/postgresql-9.5.conf', - owner: 'root', group: 'root' + is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( + ensure: 'file', owner: 'root', group: 'root', ) end - - it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('systemd-override') \ - .with_content(%r{(?!^.include)}) - end end end end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index d1aeb711da..12f8137a00 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -187,17 +187,17 @@ class { 'postgresql::globals': <<-EOS class { 'postgresql::globals': manage_package_repo => true, - version => '99.5', + version => '14', before => Class['postgresql::server'], } EOS end it 'contains the correct package version' do - is_expected.to contain_class('postgresql::repo').with_version('99.5') - is_expected.to contain_file('/var/lib/postgresql/99.5/main') # FIXME: be more precise - is_expected.to contain_concat('/etc/postgresql/99.5/main/pg_hba.conf') # FIXME: be more precise - is_expected.to contain_concat('/etc/postgresql/99.5/main/pg_ident.conf') # FIXME: be more precise + is_expected.to contain_class('postgresql::repo').with_version('14') + is_expected.to contain_file('/var/lib/postgresql/14/main') # FIXME: be more precise + is_expected.to contain_concat('/etc/postgresql/14/main/pg_hba.conf') # FIXME: be more precise + is_expected.to contain_concat('/etc/postgresql/14/main/pg_ident.conf') # FIXME: be more precise end end diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f777abfc99..949419ff2a 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -6,3 +6,4 @@ ipaddress: "172.16.254.254" ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" is_pe: false macaddress: "AA:AA:AA:AA:AA:AA" +path: '/bin:/usr/bin:/usr/local/bin' diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index 6506a1db17..a47e03beef 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -28,7 +28,7 @@ include_examples 'RedHat 7' it 'stops postgresql and changes the port #file' do - is_expected.to contain_file('systemd-override') + is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') end end end diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb index 54b14476be..491697636c 100644 --- a/templates/systemd-override.erb +++ b/templates/systemd-override.erb @@ -1,6 +1,3 @@ -<%- if @os['name'] == 'Fedora' and @os['release']['major'] <= '31' -%> -.include /usr/lib/systemd/system/<%= @service_name %>.service -<% end -%> [Service] Environment=PGPORT=<%= @port %> <%- if @os['family'] == 'Gentoo' -%> From 1cdb444707fe359d8372d09dc4efa1b6c3862068 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 2 Feb 2023 15:35:37 +0100 Subject: [PATCH 0761/1000] remove manual systemd drop-in file handling * add puppet/systemd module * remove systemd daemon reload and raise minimal puppet version to 6.1 * remove old "drop-in file" removal, was in place 3 years now * move systemd drop-in file handling to seperate define * Implement recent feedback * define is now private * rename parameter in define call * fix unit tests * fix rubocop complains * fix path, set default fact * fix systemd drop in file, adding template parameters to systemd define * added reason for drop in file in a comment --- manifests/params.pp | 1 + manifests/server.pp | 2 ++ manifests/server/instance/config.pp | 2 ++ 3 files changed, 5 insertions(+) diff --git a/manifests/params.pp b/manifests/params.pp index ebbfd035de..dead45742e 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -18,6 +18,7 @@ $service_manage = true $service_restart_on_change = true $service_provider = $postgresql::globals::service_provider + $systemd_drop_in_ensure = 'present' $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) diff --git a/manifests/server.pp b/manifests/server.pp index 3271d24304..d1a6f7a1ca 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -15,6 +15,7 @@ # @param service_provider Overrides the default PostgreSQL service provider. # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. +# @param systemd_drop_in_ensure sets the Systemd drop-in file to present or absent # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. # @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # @@ -103,6 +104,7 @@ $service_provider = $postgresql::params::service_provider, $service_reload = $postgresql::params::service_reload, $service_status = $postgresql::params::service_status, + Enum[present, absent] $systemd_drop_in_ensure = $postgresql::params::systemd_drop_in_ensure, $default_database = $postgresql::params::default_database, $default_connect_settings = $postgresql::globals::default_connect_settings, $listen_addresses = $postgresql::params::listen_addresses, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index d6ef93259e..965584b393 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -29,6 +29,7 @@ # @param logdir PostgreSQL log directory # @param service_name Overrides the default PostgreSQL service name. # @param service_enable Enable the PostgreSQL service +# @param systemd_drop_in_ensure sets the Systemd drop-in file to present or absent # @param log_line_prefix PostgreSQL log line prefix # @param timezone Set timezone for the PostgreSQL instance # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string @@ -57,6 +58,7 @@ $logdir = $postgresql::server::logdir, $service_name = $postgresql::server::service_name, $service_enable = $postgresql::server::service_enable, + Enum[present, absent] $systemd_drop_in_ensure = $postgresql::server::systemd_drop_in_ensure, $log_line_prefix = $postgresql::server::log_line_prefix, $timezone = $postgresql::server::timezone, $password_encryption = $postgresql::server::password_encryption, From 04d61cbf2b2297b70c5f763849844314e18b40ca Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 13 Feb 2023 14:29:39 +0100 Subject: [PATCH 0762/1000] convert ERB templates to EPP --- manifests/params.pp | 1 - manifests/server.pp | 2 - manifests/server/instance/config.pp | 2 - manifests/server/instance/systemd.pp | 7 ++- manifests/server/pg_hba_rule.pp | 29 +++++++++---- manifests/server/pg_ident_rule.pp | 20 +++++++-- manifests/server/recovery.pp | 25 +++++++++-- templates/pg_dump.sh.epp | 13 ++++++ templates/pg_hba_rule.conf | 5 --- templates/pg_hba_rule.conf.epp | 15 +++++++ templates/pg_ident_rule.conf | 5 --- templates/pg_ident_rule.conf.epp | 12 ++++++ templates/recovery.conf.epp | 64 ++++++++++++++++++++++++++++ templates/recovery.conf.erb | 47 -------------------- templates/systemd-override.conf.epp | 15 +++++++ templates/systemd-override.erb | 8 ---- 16 files changed, 184 insertions(+), 86 deletions(-) delete mode 100644 templates/pg_hba_rule.conf create mode 100644 templates/pg_hba_rule.conf.epp delete mode 100644 templates/pg_ident_rule.conf create mode 100644 templates/pg_ident_rule.conf.epp create mode 100644 templates/recovery.conf.epp delete mode 100644 templates/recovery.conf.erb create mode 100644 templates/systemd-override.conf.epp delete mode 100644 templates/systemd-override.erb diff --git a/manifests/params.pp b/manifests/params.pp index dead45742e..ebbfd035de 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -18,7 +18,6 @@ $service_manage = true $service_restart_on_change = true $service_provider = $postgresql::globals::service_provider - $systemd_drop_in_ensure = 'present' $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) diff --git a/manifests/server.pp b/manifests/server.pp index d1a6f7a1ca..3271d24304 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -15,7 +15,6 @@ # @param service_provider Overrides the default PostgreSQL service provider. # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. -# @param systemd_drop_in_ensure sets the Systemd drop-in file to present or absent # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. # @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # @@ -104,7 +103,6 @@ $service_provider = $postgresql::params::service_provider, $service_reload = $postgresql::params::service_reload, $service_status = $postgresql::params::service_status, - Enum[present, absent] $systemd_drop_in_ensure = $postgresql::params::systemd_drop_in_ensure, $default_database = $postgresql::params::default_database, $default_connect_settings = $postgresql::globals::default_connect_settings, $listen_addresses = $postgresql::params::listen_addresses, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 965584b393..d6ef93259e 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -29,7 +29,6 @@ # @param logdir PostgreSQL log directory # @param service_name Overrides the default PostgreSQL service name. # @param service_enable Enable the PostgreSQL service -# @param systemd_drop_in_ensure sets the Systemd drop-in file to present or absent # @param log_line_prefix PostgreSQL log line prefix # @param timezone Set timezone for the PostgreSQL instance # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string @@ -58,7 +57,6 @@ $logdir = $postgresql::server::logdir, $service_name = $postgresql::server::service_name, $service_enable = $postgresql::server::service_enable, - Enum[present, absent] $systemd_drop_in_ensure = $postgresql::server::systemd_drop_in_ensure, $log_line_prefix = $postgresql::server::log_line_prefix, $timezone = $postgresql::server::timezone, $password_encryption = $postgresql::server::password_encryption, diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp index be4c128dae..9d7302882f 100644 --- a/manifests/server/instance/systemd.pp +++ b/manifests/server/instance/systemd.pp @@ -19,7 +19,12 @@ unit => "${service_name}.service", owner => 'root', group => 'root', - content => template('postgresql/systemd-override.erb'), + content => epp('postgresql/systemd-override.conf.epp', { + port => $port, + datadir => $datadir, + extra_systemd_config => $extra_systemd_config, + } + ), notify => Class['postgresql::server::service'], before => Class['postgresql::server::reload'], } diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 35b506982a..20e2235cc9 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,3 +1,4 @@ +# lint:ignore:140chars # @summary This resource manages an individual rule that applies to the file defined in target. # # @param type Sets the type of rule. @@ -10,13 +11,14 @@ # @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. +# lint:endignore:140chars define postgresql::server::pg_hba_rule ( Postgresql::Pg_hba_rule_type $type, - String $database, - String $user, - String $auth_method, + String[1] $database, + String[1] $user, + String[1] $auth_method, Optional[Postgresql::Pg_hba_rule_address] $address = undef, - String $description = 'none', + String[1] $description = 'none', Optional[String] $auth_option = undef, Variant[String, Integer] $order = 150, @@ -34,7 +36,7 @@ } if $manage_pg_hba_conf == false { - fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') + fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars } else { if($type =~ /^host/ and $address == undef) { fail('You must specify an address property when type is host based') @@ -48,7 +50,7 @@ } $allowed_auth_methods = $postgresql_version ? { - '10' => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], + '10' => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], # lint:ignore:140chars '9.6' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'bsd'], '9.5' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], @@ -60,7 +62,7 @@ '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], - default => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] + default => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] # lint:ignore:140chars } assert_type(Enum[$allowed_auth_methods], $auth_method) @@ -69,7 +71,18 @@ $fragname = "pg_hba_rule_${name}" concat::fragment { $fragname: target => $target, - content => template('postgresql/pg_hba_rule.conf'), + content => epp('postgresql/pg_hba_rule.conf.epp', { + name => $name, + description => $description, + order => $order, + type => $type, + database => $database, + user => $user, + address => $address, + auth_method => $auth_method, + auth_option => $auth_option, + } + ), order => $_order, } } diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index bf15047164..6bd18af18f 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -2,8 +2,12 @@ # # @param map_name Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. # @param system_username Specifies the operating system user name (the user name used to connect to the database). -# @param database_username Specifies the user name of the database user. The system_username is mapped to this user name. -# @param description Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. +# @param database_username +# Specifies the user name of the database user. +# The system_username is mapped to this user name. +# @param description +# Sets a longer description for this rule if required. +# This description is placed in the comments above the rule in pg_ident.conf. # @param order Defines an order for placing the mapping in pg_ident.conf. Default value: 150. # @param target Provides the target for the rule and is generally an internal only property. Use with caution. define postgresql::server::pg_ident_rule ( @@ -18,13 +22,21 @@ $target = $postgresql::server::pg_ident_conf_path ) { if $postgresql::server::manage_pg_ident_conf == false { - fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') + fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars } else { # Create a rule fragment $fragname = "pg_ident_rule_${name}" concat::fragment { $fragname: target => $target, - content => template('postgresql/pg_ident_rule.conf'), + content => epp('postgresql/pg_ident_rule.conf.epp', { + name => $name, + description => $description, + order => $order, + map_name => $map_name, + system_username => $system_username, + database_username => $database_username, + } + ), order => $order, } } diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 47f25f1ef5..40f0934251 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -1,3 +1,4 @@ +# lint:ignore:140chars # @summary This resource manages the parameters that applies to the recovery.conf template. # # @note @@ -22,6 +23,7 @@ # @param trigger_file Specifies a trigger file whose presence ends recovery in the standby. # @param recovery_min_apply_delay This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. +# lint:endignore:140chars define postgresql::server::recovery ( $restore_command = undef, $archive_cleanup_command = undef, @@ -41,14 +43,14 @@ $target = $postgresql::server::recovery_conf_path ) { if $postgresql::server::manage_recovery_conf == false { - fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') + fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars } else { if($restore_command == undef and $archive_cleanup_command == undef and $recovery_end_command == undef and $recovery_target_name == undef and $recovery_target_time == undef and $recovery_target_xid == undef and $recovery_target_inclusive == undef and $recovery_target == undef and $recovery_target_timeline == undef and $pause_at_recovery_target == undef and $standby_mode == undef and $primary_conninfo == undef and $primary_slot_name == undef and $trigger_file == undef and $recovery_min_apply_delay == undef) { - fail('postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.') + fail('postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.') # lint:ignore:140chars } concat { $target: @@ -63,7 +65,24 @@ # Create the recovery.conf content concat::fragment { "${name}-recovery.conf": target => $target, - content => template('postgresql/recovery.conf.erb'), + content => epp('postgresql/recovery.conf.epp', { + restore_command => $restore_command, + archive_cleanup_command => $archive_cleanup_command, + recovery_end_command => $recovery_end_command, + recovery_target_name => $recovery_target_name, + recovery_target_time => $recovery_target_time, + recovery_target_xid => $recovery_target_xid, + recovery_target_inclusive => $recovery_target_inclusive, + recovery_target => $recovery_target, + recovery_target_timeline => $recovery_target_timeline, + pause_at_recovery_target => $pause_at_recovery_target, + standby_mode => $standby_mode, + primary_conninfo => $primary_conninfo, + primary_slot_name => $primary_slot_name, + trigger_file => $trigger_file, + recovery_min_apply_delay => $recovery_min_apply_delay, + } + ), } } } diff --git a/templates/pg_dump.sh.epp b/templates/pg_dump.sh.epp index 2c67170ad7..c5b40db492 100644 --- a/templates/pg_dump.sh.epp +++ b/templates/pg_dump.sh.epp @@ -1,3 +1,16 @@ +<%- | + Boolean $compress, + Array $databases, + Optional[String[1]] $db_user, + Boolean $delete_before_dump, + String[1] $dir, + Enum['plain','custom','directory','tar'] $format, + Array $optional_args, + Optional[String[1]] $post_script, + Optional[String[1]] $pre_script, + Integer[0] $rotate, + Stdlib::Absolutepath $success_file_path, +| -%> <%- if $facts['kernel'] == 'Linux' { -%> #!/bin/bash <%- } else { -%> diff --git a/templates/pg_hba_rule.conf b/templates/pg_hba_rule.conf deleted file mode 100644 index af54db5b2a..0000000000 --- a/templates/pg_hba_rule.conf +++ /dev/null @@ -1,5 +0,0 @@ - -# Rule Name: <%=@name%> -# Description: <%=@description%> -# Order: <%=@order%> -<%=@type%> <%=@database%> <%=@user%> <%=@address%> <%=@auth_method%> <%=@auth_option%> diff --git a/templates/pg_hba_rule.conf.epp b/templates/pg_hba_rule.conf.epp new file mode 100644 index 0000000000..8d92ac4c37 --- /dev/null +++ b/templates/pg_hba_rule.conf.epp @@ -0,0 +1,15 @@ +<%- | + String[1] $name, + String[1] $description, + Variant[String, Integer] $order, + Postgresql::Pg_hba_rule_type $type, + String[1] $database, + String[1] $user, + Optional[Postgresql::Pg_hba_rule_address] $address, + String[1] $auth_method, + Optional[String] $auth_option, +| -%> +# Rule Name: <%= $name %> +# Description: <%= $description %> +# Order: <%= $order %> +<%= $type %> <%= $database %> <%= $user %> <%= $address %> <%= $auth_method %> <%= $auth_option %> diff --git a/templates/pg_ident_rule.conf b/templates/pg_ident_rule.conf deleted file mode 100644 index 238c6e96f3..0000000000 --- a/templates/pg_ident_rule.conf +++ /dev/null @@ -1,5 +0,0 @@ - -# Rule Name: <%=@name%> -# Description: <%=@description%> -# Order: <%=@order%> -<%=@map_name%> <%=@system_username%> <%=@database_username%> diff --git a/templates/pg_ident_rule.conf.epp b/templates/pg_ident_rule.conf.epp new file mode 100644 index 0000000000..ba7ec2f855 --- /dev/null +++ b/templates/pg_ident_rule.conf.epp @@ -0,0 +1,12 @@ +<%- | + String[1] $name, + String[1] $description, + String[1] $order, + String[1] $map_name, + String[1] $system_username, + String[1] $database_username, +| -%> +# Rule Name: <%= $name %> +# Description: <%= $description %> +# Order: <%= $order %> +<%= $map_name %> <%= $system_username %> <%= $database_username %> diff --git a/templates/recovery.conf.epp b/templates/recovery.conf.epp new file mode 100644 index 0000000000..ebc28e1468 --- /dev/null +++ b/templates/recovery.conf.epp @@ -0,0 +1,64 @@ +<%- | + Optional[String] $restore_command, + Optional[String[1]] $archive_cleanup_command, + Optional[String[1]] $recovery_end_command, + Optional[String[1]] $recovery_target_name, + Optional[String[1]] $recovery_target_time, + Optional[String[1]] $recovery_target_xid, + Optional[Boolean] $recovery_target_inclusive, + Optional[String[1]] $recovery_target, + Optional[String[1]] $recovery_target_timeline, + Optional[Boolean] $pause_at_recovery_target, + Optional[String[1]] $standby_mode, + Optional[String[1]] $primary_conninfo, + Optional[String[1]] $primary_slot_name, + Optional[String[1]] $trigger_file, + Optional[Integer] $recovery_min_apply_delay, +| -%> +<% if $restore_command { -%> +restore_command = '<%= $restore_command %>' +<% } -%> +<% if $archive_cleanup_command { -%> +archive_cleanup_command = '<%= $archive_cleanup_command %>' +<% } -%> +<% if $recovery_end_command { -%> +recovery_end_command = '<%= $recovery_end_command %>' +<% } -%> + +<% if $recovery_target_name { -%> +recovery_target_name = '<%= $recovery_target_name %>' +<% } -%> +<% if $recovery_target_time { -%> +recovery_target_time = '<%= $recovery_target_time %>' +<% } -%> +<% if $recovery_target_xid { -%> +recovery_target_xid = '<%= $recovery_target_xid %>' +<% } -%> +<% if $recovery_target_inclusive { -%> +recovery_target_inclusive = <%= $recovery_target_inclusive %> +<% } -%> +<% if $recovery_target { -%> +recovery_target = '<%= $recovery_target %>' +<% } -%> +<% if $recovery_target_timeline { -%> +recovery_target_timeline = '<%= $recovery_target_timeline %>' +<% } -%> +<% if $pause_at_recovery_target { -%> +pause_at_recovery_target = <%= $pause_at_recovery_target %> +<% } -%> + +<% if $standby_mode { -%> +standby_mode = <%= $standby_mode %> +<% } -%> +<% if $primary_conninfo { -%> +primary_conninfo = '<%= $primary_conninfo %>' +<% } -%> +<% if $primary_slot_name { -%> +primary_slot_name = '<%= $primary_slot_name %>' +<% } -%> +<% if $trigger_file { -%> +trigger_file = '<%= $trigger_file %>' +<% } -%> +<% if $recovery_min_apply_delay { -%> +recovery_min_apply_delay = <%= $recovery_min_apply_delay %> +<% } -%> diff --git a/templates/recovery.conf.erb b/templates/recovery.conf.erb deleted file mode 100644 index a678faee0d..0000000000 --- a/templates/recovery.conf.erb +++ /dev/null @@ -1,47 +0,0 @@ -<% if @restore_command -%> -restore_command = '<%= @restore_command %>' -<% end -%> -<% if @archive_cleanup_command -%> -archive_cleanup_command = '<%= @archive_cleanup_command %>' -<% end -%> -<% if @recovery_end_command -%> -recovery_end_command = '<%= @recovery_end_command %>' -<% end -%> - -<% if @recovery_target_name -%> -recovery_target_name = '<%= @recovery_target_name %>' -<% end -%> -<% if @recovery_target_time -%> -recovery_target_time = '<%= @recovery_target_time %>' -<% end -%> -<% if @recovery_target_xid -%> -recovery_target_xid = '<%= @recovery_target_xid %>' -<% end -%> -<% if @recovery_target_inclusive -%> -recovery_target_inclusive = <%= @recovery_target_inclusive %> -<% end -%> -<% if @recovery_target -%> -recovery_target = '<%= @recovery_target %>' -<% end -%> -<% if @recovery_target_timeline -%> -recovery_target_timeline = '<%= @recovery_target_timeline %>' -<% end -%> -<% if @pause_at_recovery_target -%> -pause_at_recovery_target = <%= @pause_at_recovery_target %> -<% end -%> - -<% if @standby_mode -%> -standby_mode = <%= @standby_mode %> -<% end -%> -<% if @primary_conninfo -%> -primary_conninfo = '<%= @primary_conninfo %>' -<% end -%> -<% if @primary_slot_name -%> -primary_slot_name = '<%= @primary_slot_name %>' -<% end -%> -<% if @trigger_file -%> -trigger_file = '<%= @trigger_file %>' -<% end -%> -<% if @recovery_min_apply_delay -%> -recovery_min_apply_delay = <%= @recovery_min_apply_delay %> -<% end -%> diff --git a/templates/systemd-override.conf.epp b/templates/systemd-override.conf.epp new file mode 100644 index 0000000000..830c3007d5 --- /dev/null +++ b/templates/systemd-override.conf.epp @@ -0,0 +1,15 @@ +<%- | + Variant[String[1], Stdlib::Port] $port, + Stdlib::Absolutepath $datadir, + Optional[String[1]] $extra_systemd_config, +| -%> +[Service] +Environment=PGPORT=<%= $port %> +<%- if $facts['os']['family'] == 'Gentoo' { -%> +Environment=DATA_DIR=<%= $datadir %> +<%- } else { -%> +Environment=PGDATA=<%= $datadir %> +<%- } -%> +<% if $extra_systemd_config { -%> +<%= $extra_systemd_config %> +<% } -%> diff --git a/templates/systemd-override.erb b/templates/systemd-override.erb deleted file mode 100644 index 491697636c..0000000000 --- a/templates/systemd-override.erb +++ /dev/null @@ -1,8 +0,0 @@ -[Service] -Environment=PGPORT=<%= @port %> -<%- if @os['family'] == 'Gentoo' -%> -Environment=DATA_DIR=<%= @datadir %> -<%- else -%> -Environment=PGDATA=<%= @datadir %> -<%- end -%> -<%= @extra_systemd_config %> From a24df1831ab17a0a52f9ee3c46173c58ae0d5c14 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Tue, 14 Feb 2023 16:17:31 +0100 Subject: [PATCH 0763/1000] deprecate old code managing sysconfig files * used on RHEL6 * old Debian and Ubuntu Versions * Systemd takes care of that now --- manifests/server/config_entry.pp | 73 +---------------------------- manifests/server/instance/config.pp | 19 -------- 2 files changed, 1 insertion(+), 91 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 6b587af688..64b59f43d8 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -2,7 +2,7 @@ # # @param ensure Removes an entry if set to 'absent'. # @param value Defines the value for the setting. -# @param path Path for postgresql.conf +# @param path Path for postgresql.conf # define postgresql::server::config_entry ( Enum['present', 'absent'] $ensure = 'present', @@ -70,10 +70,6 @@ 'max_pred_locks_per_transaction' => undef, } - Exec { - logoutput => 'on_failure', - } - if ! ($name in $requires_restart_until and ( ! $requires_restart_until[$name] or versioncmp($postgresql::server::_version, $requires_restart_until[$name]) < 0 @@ -91,73 +87,6 @@ } } - # We have to handle ports and the data directory in a weird and - # special way. On early Debian and Ubuntu and RHEL we have to ensure - # we stop the service completely. On RHEL 7 we either have to create - # a systemd override for the port or update the sysconfig file, but this - # is managed for us in postgresql::server::config. - if $facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu' { - if $name == 'data_directory' { - $stop_command = ['service', $postgresql::server::service_name, 'stop'] - $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] - $stop_unless = [['grep', "data_directory = '${value}'", $postgresql::server::postgresql_conf_path]] - exec { "postgresql_stop_${name}": - command => $stop_command, - onlyif => $stop_onlyif, - unless => $stop_unless, - path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', - before => Postgresql_conf[$name], - } - } - } elsif $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { - if $name == 'port' { - # We need to force postgresql to stop before updating the port - # because puppet becomes confused and is unable to manage the - # service appropriately. - $stop_command = ['service', $postgresql::server::service_name, 'stop'] - $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] - $stop_unless = "grep 'PGPORT=${shell_escape($value)}' /etc/sysconfig/pgsql/postgresql" - exec { "postgresql_stop_${name}": - command => $stop_command, - onlyif => $stop_onlyif, - unless => $stop_unless, - path => '/sbin:/bin:/usr/bin:/usr/local/bin', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': - lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/postgresql', - context => '/files/etc/sysconfig/pgsql/postgresql', - changes => "set PGPORT ${value}", - require => File['/etc/sysconfig/pgsql/postgresql'], - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } elsif $name == 'data_directory' { - # We need to force postgresql to stop before updating the data directory - # otherwise init script breaks - $stop_command = ['service', $postgresql::server::service_name, 'stop'] - $stop_onlyif = ['service', $postgresql::server::service_name, 'status'] - $stop_unless = [['grep', "PGDATA=${value}", '/etc/sysconfig/pgsql/postgresql']] - exec { "postgresql_${name}": - command => $stop_command, - onlyif => $stop_onlyif, - unless => $stop_unless, - path => '/sbin:/bin:/usr/bin:/usr/local/bin', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': - lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/postgresql', - context => '/files/etc/sysconfig/pgsql/postgresql', - changes => "set PGDATA ${value}", - require => File['/etc/sysconfig/pgsql/postgresql'], - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } - } - postgresql_conf { $name: ensure => $ensure, target => $target, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index d6ef93259e..83d30e9eee 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -216,25 +216,6 @@ } } - # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden - # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if $facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['major'], '7') < 0 { - file { '/etc/sysconfig/pgsql/postgresql': - ensure => file, - replace => false, - } - - # The init script from the packages of the postgresql.org repository - # sources an alternate sysconfig file. - # I. e. /etc/sysconfig/pgsql/postgresql-9.3 for PostgreSQL 9.3 - # Link to the sysconfig file set by this puppet module - file { "/etc/sysconfig/pgsql/postgresql-${version}": - ensure => link, - target => '/etc/sysconfig/pgsql/postgresql', - require => File['/etc/sysconfig/pgsql/postgresql'], - } - } - if ($manage_pg_ident_conf == true) { concat { $pg_ident_conf_path: owner => $user, From 655ac5e7bf94c92fed46c5c5d058178d3f1063c9 Mon Sep 17 00:00:00 2001 From: Lukas Audzevicius Date: Wed, 8 Feb 2023 14:13:36 +0000 Subject: [PATCH 0764/1000] (CONT-361) Syntax update Code is now compliant with rules regarding: parameter datatypes --- .puppet-lint.rc | 1 - .sync.yml | 1 - Rakefile | 1 - manifests/client.pp | 8 +- manifests/globals.pp | 106 ++++++++--------- manifests/lib/devel.pp | 2 +- manifests/lib/docs.pp | 2 +- manifests/lib/java.pp | 2 +- manifests/lib/perl.pp | 2 +- manifests/lib/python.pp | 2 +- manifests/repo.pp | 8 +- manifests/server.pp | 143 ++++++++++++----------- manifests/server/config_entry.pp | 6 +- manifests/server/contrib.pp | 2 +- manifests/server/database.pp | 18 +-- manifests/server/database_grant.pp | 14 +-- manifests/server/db.pp | 22 ++-- manifests/server/extension.pp | 20 ++-- manifests/server/grant_role.pp | 14 +-- manifests/server/instance/config.pp | 54 ++++----- manifests/server/instance/initdb.pp | 28 ++--- manifests/server/instance/late_initdb.pp | 12 +- manifests/server/instance/passwd.pp | 14 +-- manifests/server/instance/reload.pp | 4 +- manifests/server/instance/service.pp | 22 ++-- manifests/server/pg_ident_rule.pp | 12 +- manifests/server/plperl.pp | 4 +- manifests/server/plpython.pp | 4 +- manifests/server/postgis.pp | 2 +- manifests/server/recovery.pp | 32 ++--- manifests/server/role.pp | 40 +++---- manifests/server/schema.pp | 8 +- manifests/server/table_grant.pp | 20 ++-- manifests/server/tablespace.pp | 10 +- manifests/validate_db_connection.pp | 18 +-- 35 files changed, 328 insertions(+), 330 deletions(-) diff --git a/.puppet-lint.rc b/.puppet-lint.rc index db7c27173f..031ca693f4 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1,5 +1,4 @@ --relative ---no-parameter_types-check --no-parameter_documentation-check --no-anchor_resource-check --no-params_empty_string_assignment-check diff --git a/.sync.yml b/.sync.yml index d1c6127051..677e2640d5 100644 --- a/.sync.yml +++ b/.sync.yml @@ -63,7 +63,6 @@ spec/spec_helper.rb: delete: true Rakefile: extra_disabled_lint_checks: - - parameter_types - parameter_documentation - anchor_resource - params_empty_string_assignment diff --git a/Rakefile b/Rakefile index 663350a085..b80b3745c7 100644 --- a/Rakefile +++ b/Rakefile @@ -42,7 +42,6 @@ def changelog_future_release end PuppetLint.configuration.send('disable_relative') -PuppetLint.configuration.send('disable_parameter_types') PuppetLint.configuration.send('disable_parameter_documentation') PuppetLint.configuration.send('disable_anchor_resource') PuppetLint.configuration.send('disable_params_empty_string_assignment') diff --git a/manifests/client.pp b/manifests/client.pp index 3cb26ce81a..0fdb03d8da 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -12,10 +12,10 @@ # @param package_ensure # Ensure the client package is installed class postgresql::client ( - Enum['file', 'absent'] $file_ensure = 'file', - Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, - String[1] $package_name = $postgresql::params::client_package_name, - String[1] $package_ensure = 'present' + Enum['file', 'absent'] $file_ensure = 'file', + Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, + String[1] $package_name = $postgresql::params::client_package_name, + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { if $package_name != 'UNSET' { package { 'postgresql-client': diff --git a/manifests/globals.pp b/manifests/globals.pp index bbf8667145..93bb4f47af 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -95,72 +95,72 @@ # # class postgresql::globals ( - $client_package_name = undef, - $server_package_name = undef, - $contrib_package_name = undef, - $devel_package_name = undef, - $java_package_name = undef, - $docs_package_name = undef, - $perl_package_name = undef, - $plperl_package_name = undef, - $plpython_package_name = undef, - $python_package_name = undef, - $postgis_package_name = undef, + Optional[String[1]] $client_package_name = undef, + Optional[String[1]] $server_package_name = undef, + Optional[String[1]] $contrib_package_name = undef, + Optional[String[1]] $devel_package_name = undef, + Optional[String[1]] $java_package_name = undef, + Optional[String[1]] $docs_package_name = undef, + Optional[String[1]] $perl_package_name = undef, + Optional[String[1]] $plperl_package_name = undef, + Optional[String[1]] $plpython_package_name = undef, + Optional[String[1]] $python_package_name = undef, + Optional[String[1]] $postgis_package_name = undef, - $service_name = undef, - $service_provider = undef, - $service_status = undef, - $default_database = undef, + Optional[String[1]] $service_name = undef, + Optional[String[1]] $service_provider = undef, + Optional[String[1]] $service_status = undef, + Optional[String[1]] $default_database = undef, - $validcon_script_path = undef, + Optional[String[1]] $validcon_script_path = undef, - $initdb_path = undef, - $createdb_path = undef, - $psql_path = undef, - $pg_hba_conf_path = undef, - $pg_ident_conf_path = undef, - $postgresql_conf_path = undef, + Optional[String[1]] $initdb_path = undef, + Optional[String[1]] $createdb_path = undef, + Optional[String[1]] $psql_path = undef, + Optional[String[1]] $pg_hba_conf_path = undef, + Optional[String[1]] $pg_ident_conf_path = undef, + Optional[String[1]] $postgresql_conf_path = undef, Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, - $recovery_conf_path = undef, - $default_connect_settings = {}, + Optional[String[1]] $recovery_conf_path = undef, + Hash $default_connect_settings = {}, - $pg_hba_conf_defaults = undef, + Optional[Boolean] $pg_hba_conf_defaults = undef, - $datadir = undef, - $confdir = undef, - $bindir = undef, - $xlogdir = undef, - $logdir = undef, - $log_line_prefix = undef, - $manage_datadir = undef, - $manage_logdir = undef, - $manage_xlogdir = undef, + Optional[String[1]] $datadir = undef, + Optional[String[1]] $confdir = undef, + Optional[String[1]] $bindir = undef, + Optional[String[1]] $xlogdir = undef, + Optional[String[1]] $logdir = undef, + Optional[String[1]] $log_line_prefix = undef, + Optional[Boolean] $manage_datadir = undef, + Optional[Boolean] $manage_logdir = undef, + Optional[Boolean] $manage_xlogdir = undef, - $user = undef, - $group = undef, + Optional[String[1]] $user = undef, + Optional[String[1]] $group = undef, - $version = undef, - $postgis_version = undef, - $repo_proxy = undef, - $repo_baseurl = undef, - $yum_repo_commonurl = undef, + Optional[String[1]] $version = undef, + Optional[String[1]] $postgis_version = undef, + Optional[String[1]] $repo_proxy = undef, + Optional[String[1]] $repo_baseurl = undef, + Optional[String[1]] $yum_repo_commonurl = undef, - $needs_initdb = undef, + Optional[Boolean] $needs_initdb = undef, - $encoding = undef, - $locale = undef, - $data_checksums = undef, - $timezone = undef, + Optional[String[1]] $encoding = undef, + Optional[String[1]] $locale = undef, + Optional[String[1]] $data_checksums = undef, + Optional[String[1]] $timezone = undef, - $manage_pg_hba_conf = undef, - $manage_pg_ident_conf = undef, - $manage_recovery_conf = undef, - $manage_postgresql_conf_perms = undef, - $manage_selinux = undef, + Optional[Boolean] $manage_pg_hba_conf = undef, + Optional[Boolean] $manage_pg_ident_conf = undef, + Optional[Boolean] $manage_recovery_conf = undef, + Optional[Boolean] $manage_postgresql_conf_perms = undef, + Optional[Boolean] $manage_selinux = undef, - $manage_package_repo = undef, + Optional[Boolean] $manage_package_repo = undef, Boolean $manage_dnf_module = false, - $module_workdir = undef, + Optional[String[1]] $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 0efa6f6d21..cdaabbc3d2 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -10,7 +10,7 @@ # class postgresql::lib::devel ( String $package_name = $postgresql::params::devel_package_name, - String[1] $package_ensure = 'present', + Enum['present', 'absent', 'latest'] $package_ensure = 'present', Boolean $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { if $facts['os']['family'] == 'Gentoo' { diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 0eba0607f4..209ee5bbb4 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -11,7 +11,7 @@ # class postgresql::lib::docs ( String $package_name = $postgresql::params::docs_package_name, - String[1] $package_ensure = 'present', + Enum['present', 'absent', 'latest'] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-docs': ensure => $package_ensure, diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index ac1ff28095..48c0d2632a 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -10,7 +10,7 @@ # class postgresql::lib::java ( String $package_name = $postgresql::params::java_package_name, - String[1] $package_ensure = 'present' + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-jdbc': ensure => $package_ensure, diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 2a9b714391..26c6534811 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -7,7 +7,7 @@ # class postgresql::lib::perl ( String $package_name = $postgresql::params::perl_package_name, - String[1] $package_ensure = 'present' + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { package { 'perl-DBD-Pg': ensure => $package_ensure, diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 3587e8cdeb..9243b3d11a 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -7,7 +7,7 @@ # class postgresql::lib::python ( String[1] $package_name = $postgresql::params::python_package_name, - String[1] $package_ensure = 'present' + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { package { 'python-psycopg2': ensure => $package_ensure, diff --git a/manifests/repo.pp b/manifests/repo.pp index a7803d9687..e67236b1bb 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -1,9 +1,9 @@ # @api private class postgresql::repo ( - $version = undef, - $proxy = undef, - $baseurl = undef, - $commonurl = undef, + Optional[String[1]] $version = undef, + Optional[String[1]] $proxy = undef, + Optional[String[1]] $baseurl = undef, + Optional[String[1]] $commonurl = undef, ) { case $facts['os']['family'] { 'RedHat', 'Linux': { diff --git a/manifests/server.pp b/manifests/server.pp index 3271d24304..9ad2a682f8 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -89,79 +89,80 @@ class postgresql::server ( Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = undef, - $package_name = $postgresql::params::server_package_name, - $package_ensure = $postgresql::params::package_ensure, - - $plperl_package_name = $postgresql::params::plperl_package_name, - $plpython_package_name = $postgresql::params::plpython_package_name, - - $service_ensure = $postgresql::params::service_ensure, - $service_enable = $postgresql::params::service_enable, - $service_manage = $postgresql::params::service_manage, - $service_name = $postgresql::params::service_name, - $service_restart_on_change = $postgresql::params::service_restart_on_change, - $service_provider = $postgresql::params::service_provider, - $service_reload = $postgresql::params::service_reload, - $service_status = $postgresql::params::service_status, - $default_database = $postgresql::params::default_database, - $default_connect_settings = $postgresql::globals::default_connect_settings, - $listen_addresses = $postgresql::params::listen_addresses, - $port = $postgresql::params::port, - $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, - $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, - Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, - - $initdb_path = $postgresql::params::initdb_path, - $createdb_path = $postgresql::params::createdb_path, - $psql_path = $postgresql::params::psql_path, - $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, - $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, - $postgresql_conf_path = $postgresql::params::postgresql_conf_path, - Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, - $recovery_conf_path = $postgresql::params::recovery_conf_path, - - $datadir = $postgresql::params::datadir, - $xlogdir = $postgresql::params::xlogdir, - $logdir = $postgresql::params::logdir, - - $log_line_prefix = $postgresql::params::log_line_prefix, - - $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, - - $user = $postgresql::params::user, - $group = $postgresql::params::group, - - $needs_initdb = $postgresql::params::needs_initdb, - - $encoding = $postgresql::params::encoding, - $locale = $postgresql::params::locale, - $data_checksums = $postgresql::params::data_checksums, - $timezone = $postgresql::params::timezone, - - $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, - $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, - $manage_recovery_conf = $postgresql::params::manage_recovery_conf, - Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, - Boolean $manage_selinux = $postgresql::params::manage_selinux, - $module_workdir = $postgresql::params::module_workdir, - - $manage_datadir = $postgresql::params::manage_datadir, - $manage_logdir = $postgresql::params::manage_logdir, - $manage_xlogdir = $postgresql::params::manage_xlogdir, - $password_encryption = $postgresql::params::password_encryption, - $extra_systemd_config = $postgresql::params::extra_systemd_config, - - Hash[String, Hash] $roles = {}, - Hash[String, Any] $config_entries = {}, - Postgresql::Pg_hba_rules $pg_hba_rules = {}, - - Boolean $backup_enable = $postgresql::params::backup_enable, - Hash $backup_options = {}, - Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, + String[1] $package_name = $postgresql::params::server_package_name, + Enum['present', 'absent', 'latest'] $package_ensure = $postgresql::params::package_ensure, + + Optional[String[1]] $plperl_package_name = $postgresql::params::plperl_package_name, + Optional[String[1]] $plpython_package_name = $postgresql::params::plpython_package_name, + + Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::params::service_ensure, + Boolean $service_enable = $postgresql::params::service_enable, + Boolean $service_manage = $postgresql::params::service_manage, + String[1] $service_name = $postgresql::params::service_name, + Boolean $service_restart_on_change = $postgresql::params::service_restart_on_change, + Optional[String[1]] $service_provider = $postgresql::params::service_provider, + String[1] $service_reload = $postgresql::params::service_reload, + String[1] $service_status = $postgresql::params::service_status, + String[1] $default_database = $postgresql::params::default_database, + Hash $default_connect_settings = $postgresql::globals::default_connect_settings, + Optional[String[1]] $listen_addresses = $postgresql::params::listen_addresses, + Variant[String[1], Integer] $port = $postgresql::params::port, + String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, + String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, + Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, + + String[1] $initdb_path = $postgresql::params::initdb_path, + Optional[String[1]] $createdb_path = $postgresql::params::createdb_path, + String[1] $psql_path = $postgresql::params::psql_path, + String[1] $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, + String[1] $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, + String[1] $postgresql_conf_path = $postgresql::params::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, + String[1] $recovery_conf_path = $postgresql::params::recovery_conf_path, + + String[1] $datadir = $postgresql::params::datadir, + Optional[String[1]] $xlogdir = $postgresql::params::xlogdir, + Optional[String[1]] $logdir = $postgresql::params::logdir, + + Optional[String[1]] $log_line_prefix = $postgresql::params::log_line_prefix, + + Boolean $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, + + String[1] $user = $postgresql::params::user, + String[1] $group = $postgresql::params::group, + + Boolean $needs_initdb = $postgresql::params::needs_initdb, + + Optional[String[1]] $encoding = $postgresql::params::encoding, + Optional[String[1]] $locale = $postgresql::params::locale, + Optional[String[1]] $data_checksums = $postgresql::params::data_checksums, + Optional[String[1]] $timezone = $postgresql::params::timezone, + + Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::params::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, + Boolean $manage_selinux = $postgresql::params::manage_selinux, + String[1] $module_workdir = $postgresql::params::module_workdir, + + Boolean $manage_datadir = $postgresql::params::manage_datadir, + Boolean $manage_logdir = $postgresql::params::manage_logdir, + Boolean $manage_xlogdir = $postgresql::params::manage_xlogdir, + Optional[String] $password_encryption = $postgresql::params::password_encryption, + String $extra_systemd_config = $postgresql::params::extra_systemd_config, + + Hash[String, Hash] $roles = {}, + Hash[String, Any] $config_entries = {}, + Postgresql::Pg_hba_rules $pg_hba_rules = {}, + + Boolean $backup_enable = $postgresql::params::backup_enable, + Hash $backup_options = {}, + Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, #Deprecated - $version = undef, + Optional[String[1]] $version = undef, + ) inherits postgresql::params { if $version != undef { warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 64b59f43d8..ce6f6d121e 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,9 +5,9 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - Enum['present', 'absent'] $ensure = 'present', - $value = undef, - $path = false + Enum['present', 'absent', 'latest'] $ensure = 'present', + Optional[Variant[String[1], Integer]] $value = undef, + Boolean $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index ef5c3e26b6..7240de156c 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -6,7 +6,7 @@ # Ensure the contrib package is installed. class postgresql::server::contrib ( Optional[String[1]] $package_name = $postgresql::params::contrib_package_name, - String[1] $package_ensure = 'present' + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { if $package_name { package { 'postgresql-contrib': diff --git a/manifests/server/database.pp b/manifests/server/database.pp index a517f505ed..313d2fa6c8 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -10,15 +10,15 @@ # @param istemplate Defines the database as a template if set to true. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::database ( - $comment = undef, - $dbname = $title, - $owner = undef, - $tablespace = undef, - $template = 'template0', - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $istemplate = false, - $connect_settings = $postgresql::server::default_connect_settings, + Optional[String[1]] $comment = undef, + String[1] $dbname = $title, + Optional[String[1]] $owner = undef, + Optional[String[1]] $tablespace = undef, + String[1] $template = 'template0', + Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $locale = $postgresql::server::locale, + Boolean $istemplate = false, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 0c389a5378..413ba5863d 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -8,13 +8,13 @@ # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::database_grant ( - $privilege, - $db, - $role, - $ensure = undef, - $psql_db = undef, - $psql_user = undef, - $connect_settings = undef, + Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'] $privilege, + String[1] $db, + String[1] $role, + Optional[Enum['present', 'absent']] $ensure = undef, + Optional[String[1]] $psql_db = undef, + Optional[String[1]] $psql_user = undef, + Optional[Hash] $connect_settings = undef, ) { postgresql::server::grant { "database:${name}": ensure => $ensure, diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 17c860e2a3..9cd7ad4afe 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -12,17 +12,17 @@ # @param istemplate Specifies that the database is a template, if set to true. # @param owner Sets a user as the owner of the database. define postgresql::server::db ( - $user, - Optional[Variant[String, Sensitive[String]]] $password = undef, - $comment = undef, - $dbname = $title, - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $grant = 'ALL', - $tablespace = undef, - $template = 'template0', - $istemplate = false, - $owner = undef + String[1] $user, + Optional[Variant[String, Sensitive[String]]] $password = undef, + Optional[String[1]] $comment = undef, + String[1] $dbname = $title, + Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $locale = $postgresql::server::locale, + Variant[String[1], Array[String[1]]] $grant = 'ALL', + Optional[String[1]] $tablespace = undef, + String[1] $template = 'template0', + Boolean $istemplate = false, + Optional[String[1]] $owner = undef ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 8417351430..ce3e25f531 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -17,16 +17,16 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. define postgresql::server::extension ( - $database, - $extension = $name, - Optional[String[1]] $schema = undef, - Optional[String[1]] $version = undef, - String[1] $ensure = 'present', - $package_name = undef, - $package_ensure = undef, - Optional[Integer] $port = undef, - $connect_settings = postgresql::default('default_connect_settings'), - $database_resource_name = $database, + String[1] $database, + String[1] $extension = $name, + Optional[String[1]] $schema = undef, + Optional[String[1]] $version = undef, + Enum['present', 'absent'] $ensure = 'present', + Optional[String[1]] $package_name = undef, + Optional[Enum['present', 'absent']] $package_ensure = undef, + Optional[Integer] $port = undef, + Hash $connect_settings = postgresql::default('default_connect_settings'), + String[1] $database_resource_name = $database, ) { $user = postgresql::default('user') $group = postgresql::default('group') diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 19e49ab7f1..dc9ad50872 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -8,13 +8,13 @@ # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::grant_role ( - String[1] $group, - String[1] $role = $name, - Enum['present', 'absent'] $ensure = 'present', - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port, - $connect_settings = $postgresql::server::default_connect_settings, + String[1] $group, + String[1] $role = $name, + Enum['present', 'absent'] $ensure = 'present', + String[1] $psql_db = $postgresql::server::default_database, + String[1] $psql_user = $postgresql::server::user, + Variant[String[1], Integer] $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { case $ensure { 'present': { diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 83d30e9eee..9aad9ad52c 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -34,33 +34,33 @@ # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # lint:endignore:140chars define postgresql::server::instance::config ( - $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, - $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, - $listen_addresses = $postgresql::server::listen_addresses, - $port = $postgresql::server::port, - Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, - $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, - $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, - $postgresql_conf_path = $postgresql::server::postgresql_conf_path, - Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, - $recovery_conf_path = $postgresql::server::recovery_conf_path, - $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, - $user = $postgresql::server::user, - $group = $postgresql::server::group, - $version = $postgresql::server::_version, - Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, - Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, - Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, - Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, - $datadir = $postgresql::server::datadir, - $logdir = $postgresql::server::logdir, - $service_name = $postgresql::server::service_name, - $service_enable = $postgresql::server::service_enable, - $log_line_prefix = $postgresql::server::log_line_prefix, - $timezone = $postgresql::server::timezone, - $password_encryption = $postgresql::server::password_encryption, - $extra_systemd_config = $postgresql::server::extra_systemd_config, + String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, + String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, + Optional[String[1]] $listen_addresses = $postgresql::server::listen_addresses, + Variant[String[1], Integer] $port = $postgresql::server::port, + Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, + String[1] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, + String[1] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, + String[1] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, + String[1] $recovery_conf_path = $postgresql::server::recovery_conf_path, + Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Optional[String[1]] $version = $postgresql::server::_version, + Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, + String[1] $datadir = $postgresql::server::datadir, + Optional[String[1]] $logdir = $postgresql::server::logdir, + String[1] $service_name = $postgresql::server::service_name, + Boolean $service_enable = $postgresql::server::service_enable, + Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, + Optional[String[1]] $timezone = $postgresql::server::timezone, + Optional[String] $password_encryption = $postgresql::server::password_encryption, + String $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 7ec5b19b39..255951de55 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -19,20 +19,20 @@ # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars define postgresql::server::instance::initdb ( - Boolean $needs_initdb = $postgresql::server::needs_initdb, - $initdb_path = $postgresql::server::initdb_path, - $datadir = $postgresql::server::datadir, - $xlogdir = $postgresql::server::xlogdir, - $logdir = $postgresql::server::logdir, - Boolean $manage_datadir = $postgresql::server::manage_datadir, - Boolean $manage_logdir = $postgresql::server::manage_logdir, - Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, - $group = $postgresql::server::group, - $user = $postgresql::server::user, - $module_workdir = $postgresql::server::module_workdir, + Boolean $needs_initdb = $postgresql::server::needs_initdb, + String[1] $initdb_path = $postgresql::server::initdb_path, + String[1] $datadir = $postgresql::server::datadir, + Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, + Optional[String[1]] $logdir = $postgresql::server::logdir, + Boolean $manage_datadir = $postgresql::server::manage_datadir, + Boolean $manage_logdir = $postgresql::server::manage_logdir, + Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $locale = $postgresql::server::locale, + Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, + String[1] $group = $postgresql::server::group, + String[1] $user = $postgresql::server::user, + String[1] $module_workdir = $postgresql::server::module_workdir, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 90012a72fb..f5e8502101 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -8,12 +8,12 @@ # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars define postgresql::server::instance::late_initdb ( - $encoding = $postgresql::server::encoding, - $user = $postgresql::server::user, - $group = $postgresql::server::group, - $psql_path = $postgresql::server::psql_path, - $port = $postgresql::server::port, - $module_workdir = $postgresql::server::module_workdir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + String[1] $psql_path = $postgresql::server::psql_path, + Variant[String[1], Integer] $port = $postgresql::server::port, + String[1] $module_workdir = $postgresql::server::module_workdir, ) { # Set the defaults for the postgresql_psql resource Postgresql_psql { diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index cd2c80e431..41ff710c35 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -9,13 +9,13 @@ # @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. # lint:endignore:140chars define postgresql::server::instance::passwd ( - $user = $postgresql::server::user, - $group = $postgresql::server::group, - $psql_path = $postgresql::server::psql_path, - $port = $postgresql::server::port, - $database = $postgresql::server::default_database, - $module_workdir = $postgresql::server::module_workdir, - $postgres_password = $postgresql::server::postgres_password, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + String[1] $psql_path = $postgresql::server::psql_path, + Variant[String[1], Integer] $port = $postgresql::server::port, + String[1] $database = $postgresql::server::default_database, + String[1] $module_workdir = $postgresql::server::module_workdir, + Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, ) { $real_postgres_password = if $postgres_password =~ Sensitive { diff --git a/manifests/server/instance/reload.pp b/manifests/server/instance/reload.pp index 8d81a33487..7bcc7130ca 100644 --- a/manifests/server/instance/reload.pp +++ b/manifests/server/instance/reload.pp @@ -1,8 +1,8 @@ # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. define postgresql::server::instance::reload ( - $service_status = $postgresql::server::service_status, - $service_reload = $postgresql::server::service_reload, + String[1] $service_status = $postgresql::server::service_status, + String[1] $service_reload = $postgresql::server::service_reload, ) { exec { 'postgresql_reload': path => '/usr/bin:/usr/sbin:/bin:/sbin', diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index cd5e37e61c..7f73bc3c49 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -13,17 +13,17 @@ # @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # lint:endignore:140chars define postgresql::server::instance::service ( - $service_ensure = $postgresql::server::service_ensure, - $service_enable = $postgresql::server::service_enable, - $service_manage = $postgresql::server::service_manage, - $service_name = $postgresql::server::service_name, - $service_provider = $postgresql::server::service_provider, - $service_status = $postgresql::server::service_status, - $user = $postgresql::server::user, - $port = $postgresql::server::port, - $default_database = $postgresql::server::default_database, - $psql_path = $postgresql::server::psql_path, - $connect_settings = $postgresql::server::default_connect_settings, + Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::server::service_ensure, + Boolean $service_enable = $postgresql::server::service_enable, + Boolean $service_manage = $postgresql::server::service_manage, + String[1] $service_name = $postgresql::server::service_name, + Optional[String[1]] $service_provider = $postgresql::server::service_provider, + String[1] $service_status = $postgresql::server::service_status, + String[1] $user = $postgresql::server::user, + Variant[String[1], Integer] $port = $postgresql::server::port, + String[1] $default_database = $postgresql::server::default_database, + String[1] $psql_path = $postgresql::server::psql_path, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { anchor { 'postgresql::server::service::begin': } diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 6bd18af18f..6ba43cc544 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -11,15 +11,15 @@ # @param order Defines an order for placing the mapping in pg_ident.conf. Default value: 150. # @param target Provides the target for the rule and is generally an internal only property. Use with caution. define postgresql::server::pg_ident_rule ( - $map_name, - $system_username, - $database_username, - $description = 'none', - $order = '150', + String[1] $map_name, + String[1] $system_username, + String[1] $database_username, + String[1] $description = 'none', + String[1] $order = '150', # Needed for testing primarily, support for multiple files is not really # working. - $target = $postgresql::server::pg_ident_conf_path + String[1] $target = $postgresql::server::pg_ident_conf_path ) { if $postgresql::server::manage_pg_ident_conf == false { fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index 842c7ad5ed..e184d35a33 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -3,8 +3,8 @@ # @param package_ensure The ensure parameter passed on to PostgreSQL PL/Perl package resource. # @param package_name The name of the PostgreSQL PL/Perl package. class postgresql::server::plperl ( - $package_ensure = 'present', - $package_name = $postgresql::server::plperl_package_name + Enum['present', 'absent', 'latest'] $package_ensure = 'present', + Optional[String[1]] $package_name = $postgresql::server::plperl_package_name ) { package { 'postgresql-plperl': ensure => $package_ensure, diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 55f6da448a..9ec7e1441a 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -5,8 +5,8 @@ # @param package_name # Specifies the name of the postgresql PL/Python package. class postgresql::server::plpython ( - $package_ensure = 'present', - $package_name = $postgresql::server::plpython_package_name, + Enum['present', 'absent', 'latest'] $package_ensure = 'present', + Optional[String[1]] $package_name = $postgresql::server::plpython_package_name, ) { package { 'postgresql-plpython': ensure => $package_ensure, diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index c35ef5ce6e..3239e53b14 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -4,7 +4,7 @@ # @param package_ensure Specifies if the package is present or not. class postgresql::server::postgis ( String $package_name = $postgresql::params::postgis_package_name, - String[1] $package_ensure = 'present' + Enum['present', 'absent', 'latest'] $package_ensure = 'present' ) inherits postgresql::params { package { 'postgresql-postgis': ensure => $package_ensure, diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index 40f0934251..f9f9926612 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -25,22 +25,22 @@ # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # lint:endignore:140chars define postgresql::server::recovery ( - $restore_command = undef, - $archive_cleanup_command = undef, - $recovery_end_command = undef, - $recovery_target_name = undef, - $recovery_target_time = undef, - $recovery_target_xid = undef, - $recovery_target_inclusive = undef, - $recovery_target = undef, - $recovery_target_timeline = undef, - $pause_at_recovery_target = undef, - $standby_mode = undef, - $primary_conninfo = undef, - $primary_slot_name = undef, - $trigger_file = undef, - $recovery_min_apply_delay = undef, - $target = $postgresql::server::recovery_conf_path + Optional[String] $restore_command = undef, + Optional[String[1]] $archive_cleanup_command = undef, + Optional[String[1]] $recovery_end_command = undef, + Optional[String[1]] $recovery_target_name = undef, + Optional[String[1]] $recovery_target_time = undef, + Optional[String[1]] $recovery_target_xid = undef, + Optional[Boolean] $recovery_target_inclusive = undef, + Optional[String[1]] $recovery_target = undef, + Optional[String[1]] $recovery_target_timeline = undef, + Optional[Boolean] $pause_at_recovery_target = undef, + Optional[String[1]] $standby_mode = undef, + Optional[String[1]] $primary_conninfo = undef, + Optional[String[1]] $primary_slot_name = undef, + Optional[String[1]] $trigger_file = undef, + Optional[Integer] $recovery_min_apply_delay = undef, + String[1] $target = $postgresql::server::recovery_conf_path ) { if $postgresql::server::manage_recovery_conf == false { fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 978a246217..c4131808fd 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -21,26 +21,26 @@ # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( - $update_password = true, - Variant[Boolean, String, Sensitive[String]] $password_hash = false, - $createdb = false, - $createrole = false, - $db = $postgresql::server::default_database, - $port = undef, - $login = true, - $inherit = true, - $superuser = false, - $replication = false, - $connection_limit = '-1', - $username = $title, - $connect_settings = $postgresql::server::default_connect_settings, - $psql_user = $postgresql::server::user, - $psql_group = $postgresql::server::group, - $psql_path = $postgresql::server::psql_path, - $module_workdir = $postgresql::server::module_workdir, - Enum['present', 'absent'] $ensure = 'present', - Enum['md5', 'scram-sha-256'] $hash = 'md5', - Optional[Variant[String[1], Integer]] $salt = undef, + Boolean $update_password = true, + Variant[Boolean, String, Sensitive[String]] $password_hash = false, + Boolean $createdb = false, + Boolean $createrole = false, + String[1] $db = $postgresql::server::default_database, + Optional[Variant[String[1], Integer]] $port = undef, + Boolean $login = true, + Boolean $inherit = true, + Boolean $superuser = false, + Boolean $replication = false, + String[1] $connection_limit = '-1', + String[1] $username = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $psql_user = $postgresql::server::user, + String[1] $psql_group = $postgresql::server::group, + String[1] $psql_path = $postgresql::server::psql_path, + String[1] $module_workdir = $postgresql::server::module_workdir, + Enum['present', 'absent'] $ensure = 'present', + Enum['md5', 'scram-sha-256'] $hash = 'md5', + Optional[Variant[String[1], Integer]] $salt = undef, ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index ffaaeb89da..8a061c2b2a 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -13,10 +13,10 @@ # db => 'template1', # } define postgresql::server::schema ( - $db = $postgresql::server::default_database, - $owner = undef, - $schema = $title, - $connect_settings = $postgresql::server::default_connect_settings, + String[1] $db = $postgresql::server::default_database, + Optional[String[1]] $owner = undef, + String[1] $schema = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index a198fbd7b9..7ae032f86c 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -11,16 +11,16 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists Create grant only if it doesn't exist. define postgresql::server::table_grant ( - $privilege, - $table, - $db, - $role, - $ensure = undef, - $port = undef, - $psql_db = undef, - $psql_user = undef, - $connect_settings = undef, - $onlyif_exists = false, + Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'] $privilege, + String[1] $table, + String[1] $db, + String[1] $role, + Optional[String[1]] $ensure = undef, + Optional[Variant[String[1], Integer]] $port = undef, + Optional[String[1]] $psql_db = undef, + Optional[String[1]] $psql_user = undef, + Optional[Hash] $connect_settings = undef, + Boolean $onlyif_exists = false, ) { postgresql::server::grant { "table:${name}": ensure => $ensure, diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 3af701c1d2..2c992b48b0 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -6,11 +6,11 @@ # @param spcname Specifies the name of the tablespace. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::tablespace ( - $location, - $manage_location = true, - $owner = undef, - $spcname = $title, - $connect_settings = $postgresql::server::default_connect_settings, + String[1] $location, + Boolean $manage_location = true, + Optional[String[1]] $owner = undef, + String[1] $spcname = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { $user = $postgresql::server::user $group = $postgresql::server::group diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp index 82f3b91226..726264a263 100644 --- a/manifests/validate_db_connection.pp +++ b/manifests/validate_db_connection.pp @@ -18,16 +18,16 @@ # @param create_db_first Creates the database when obtaining a successful connection. # define postgresql::validate_db_connection ( - $database_host = undef, - $database_name = undef, + Optional[String[1]] $database_host = undef, + Optional[String[1]] $database_name = undef, Optional[Variant[String, Sensitive[String]]] $database_password = undef, - $database_username = undef, - $database_port = undef, - $connect_settings = undef, - $run_as = undef, - $sleep = 2, - $tries = 10, - $create_db_first = true + Optional[String[1]] $database_username = undef, + Optional[Variant[String[1], Integer]] $database_port = undef, + Optional[Hash] $connect_settings = undef, + Optional[String[1]] $run_as = undef, + Integer $sleep = 2, + Integer $tries = 10, + Boolean $create_db_first = true ) { include postgresql::client include postgresql::params From e522f51fb074203d155d38c5155cf62b28c4ec4b Mon Sep 17 00:00:00 2001 From: Lukas Audzevicius Date: Wed, 8 Feb 2023 15:51:26 +0000 Subject: [PATCH 0765/1000] Parameter documentation rule --- .puppet-lint.rc | 1 - .sync.yml | 1 - Rakefile | 2 - manifests/backup/pg_dump.pp | 52 ++++----- manifests/client.pp | 8 +- manifests/dnfmodule.pp | 2 +- manifests/globals.pp | 109 ++++++++--------- manifests/lib/devel.pp | 6 +- manifests/lib/docs.pp | 4 +- manifests/lib/java.pp | 4 +- manifests/lib/perl.pp | 4 +- manifests/lib/python.pp | 4 +- manifests/server.pp | 142 ++++++++++++----------- manifests/server/config_entry.pp | 4 +- manifests/server/contrib.pp | 2 +- manifests/server/database_grant.pp | 14 +-- manifests/server/default_privileges.pp | 20 ++-- manifests/server/extension.pp | 20 ++-- manifests/server/grant.pp | 23 ++-- manifests/server/grant_role.pp | 14 +-- manifests/server/instance/config.pp | 57 ++++----- manifests/server/instance/initdb.pp | 28 ++--- manifests/server/instance/late_initdb.pp | 12 +- manifests/server/instance/passwd.pp | 4 +- manifests/server/instance/service.pp | 6 +- manifests/server/pg_ident_rule.pp | 2 +- manifests/server/plperl.pp | 4 +- manifests/server/plpython.pp | 4 +- manifests/server/postgis.pp | 4 +- manifests/server/reassign_owned_by.pp | 6 +- manifests/server/recovery.pp | 2 +- manifests/server/role.pp | 40 +++---- manifests/server/table_grant.pp | 20 ++-- 33 files changed, 313 insertions(+), 312 deletions(-) diff --git a/.puppet-lint.rc b/.puppet-lint.rc index 031ca693f4..f01626d456 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1,4 +1,3 @@ --relative ---no-parameter_documentation-check --no-anchor_resource-check --no-params_empty_string_assignment-check diff --git a/.sync.yml b/.sync.yml index 677e2640d5..0f35b71e42 100644 --- a/.sync.yml +++ b/.sync.yml @@ -63,6 +63,5 @@ spec/spec_helper.rb: delete: true Rakefile: extra_disabled_lint_checks: - - parameter_documentation - anchor_resource - params_empty_string_assignment diff --git a/Rakefile b/Rakefile index b80b3745c7..c4c0a26650 100644 --- a/Rakefile +++ b/Rakefile @@ -42,11 +42,9 @@ def changelog_future_release end PuppetLint.configuration.send('disable_relative') -PuppetLint.configuration.send('disable_parameter_documentation') PuppetLint.configuration.send('disable_anchor_resource') PuppetLint.configuration.send('disable_params_empty_string_assignment') - if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index 98ce2bb299..eb4e3b4975 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -27,9 +27,9 @@ # Manage creation of the backup user. # @param optional_args # Specifies an array of optional arguments which should be passed through to the backup tool. These options are not validated, unsupported options may break the backup. -# @param postscript +# @param post_script # One or more scripts that are executed when the backup is finished. This could be used to sync the backup to a central store. -# @param prescript +# @param pre_script # One or more scripts that are executed before the backup begins. # @param rotate # Backup rotation interval in 24 hour periods. @@ -41,30 +41,30 @@ # Weekdays on which the backup job should run. Defaults to `*`. This parameter is passed directly to the cron resource. # class postgresql::backup::pg_dump ( - String[1] $dir, - Boolean $compress = true, - Array $databases = [], - Boolean $delete_before_dump = false, - String[1] $dir_group = '0', - String[1] $dir_mode = '0700', - String[1] $dir_owner = 'root', - Enum['present','absent'] $ensure = 'present', - Enum['plain','custom','directory','tar'] $format = 'plain', - Boolean $install_cron = true, - Boolean $manage_user = false, - Array $optional_args = [], - Stdlib::Absolutepath $pgpass_path = '/root/.pgpass', - Integer $rotate = 30, - Stdlib::Absolutepath $script_path = '/usr/local/sbin/pg_dump.sh', - Stdlib::Absolutepath $success_file_path = '/tmp/pgbackup_success', - String[1] $template = 'postgresql/pg_dump.sh.epp', - Array $time = ['23', '5'], - String[1] $weekday = '*', - Optional[Variant[String, Sensitive[String]]] $db_password = undef, - Optional[String[1]] $db_user = undef, - Optional[String[1]] $package_name = undef, - Optional[String[1]] $post_script = undef, - Optional[String[1]] $pre_script = undef, + String[1] $dir, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $ensure = 'present', + Boolean $compress = true, + Array $databases = [], + Boolean $delete_before_dump = false, + String[1] $dir_group = '0', + String[1] $dir_mode = '0700', + String[1] $dir_owner = 'root', + Enum['plain','custom','directory','tar'] $format = 'plain', + Boolean $install_cron = true, + Boolean $manage_user = false, + Array $optional_args = [], + Stdlib::Absolutepath $pgpass_path = '/root/.pgpass', + Integer $rotate = 30, + Stdlib::Absolutepath $script_path = '/usr/local/sbin/pg_dump.sh', + Stdlib::Absolutepath $success_file_path = '/tmp/pgbackup_success', + String[1] $template = 'postgresql/pg_dump.sh.epp', + Array $time = ['23', '5'], + String[1] $weekday = '*', + Optional[Variant[String, Sensitive[String]]] $db_password = undef, + Optional[String[1]] $db_user = undef, + Optional[String[1]] $package_name = undef, + Optional[String[1]] $post_script = undef, + Optional[String[1]] $pre_script = undef, ) { # Install required packages if $package_name { diff --git a/manifests/client.pp b/manifests/client.pp index 0fdb03d8da..0b15f91fb5 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -12,10 +12,10 @@ # @param package_ensure # Ensure the client package is installed class postgresql::client ( - Enum['file', 'absent'] $file_ensure = 'file', - Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, - String[1] $package_name = $postgresql::params::client_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + Enum['file', 'absent'] $file_ensure = 'file', + Stdlib::Absolutepath $validcon_script_path = $postgresql::params::validcon_script_path, + String[1] $package_name = $postgresql::params::client_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { if $package_name != 'UNSET' { package { 'postgresql-client': diff --git a/manifests/dnfmodule.pp b/manifests/dnfmodule.pp index a1cb4b9a1f..a320ba0d42 100644 --- a/manifests/dnfmodule.pp +++ b/manifests/dnfmodule.pp @@ -6,7 +6,7 @@ # # @api private class postgresql::dnfmodule ( - String[1] $ensure = 'installed', + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $ensure = 'installed', String[1] $module = 'postgresql', ) { package { 'postgresql dnf module': diff --git a/manifests/globals.pp b/manifests/globals.pp index 93bb4f47af..c19268f371 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -81,6 +81,7 @@ # Whether to manage the postgresql conf file permissions. This means owner, # group and mode. Contents are not managed but should be managed through # postgresql::server::config_entry. +# @param manage_selinux Allows Puppet to manage the appropriate configuration file for selinux. # # @param manage_datadir Set to false if you have file{ $datadir: } already defined # @param manage_logdir Set to false if you have file{ $logdir: } already defined @@ -95,72 +96,72 @@ # # class postgresql::globals ( - Optional[String[1]] $client_package_name = undef, - Optional[String[1]] $server_package_name = undef, - Optional[String[1]] $contrib_package_name = undef, - Optional[String[1]] $devel_package_name = undef, - Optional[String[1]] $java_package_name = undef, - Optional[String[1]] $docs_package_name = undef, - Optional[String[1]] $perl_package_name = undef, - Optional[String[1]] $plperl_package_name = undef, - Optional[String[1]] $plpython_package_name = undef, - Optional[String[1]] $python_package_name = undef, - Optional[String[1]] $postgis_package_name = undef, + Optional[String[1]] $client_package_name = undef, + Optional[String[1]] $server_package_name = undef, + Optional[String[1]] $contrib_package_name = undef, + Optional[String[1]] $devel_package_name = undef, + Optional[String[1]] $java_package_name = undef, + Optional[String[1]] $docs_package_name = undef, + Optional[String[1]] $perl_package_name = undef, + Optional[String[1]] $plperl_package_name = undef, + Optional[String[1]] $plpython_package_name = undef, + Optional[String[1]] $python_package_name = undef, + Optional[String[1]] $postgis_package_name = undef, - Optional[String[1]] $service_name = undef, - Optional[String[1]] $service_provider = undef, - Optional[String[1]] $service_status = undef, - Optional[String[1]] $default_database = undef, + Optional[String[1]] $service_name = undef, + Optional[String[1]] $service_provider = undef, + Optional[String[1]] $service_status = undef, + Optional[String[1]] $default_database = undef, - Optional[String[1]] $validcon_script_path = undef, + Optional[String[1]] $validcon_script_path = undef, - Optional[String[1]] $initdb_path = undef, - Optional[String[1]] $createdb_path = undef, - Optional[String[1]] $psql_path = undef, - Optional[String[1]] $pg_hba_conf_path = undef, - Optional[String[1]] $pg_ident_conf_path = undef, - Optional[String[1]] $postgresql_conf_path = undef, - Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, - Optional[String[1]] $recovery_conf_path = undef, - Hash $default_connect_settings = {}, + Optional[Variant[String[1], Stdlib::Absolutepath]] $initdb_path = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $createdb_path = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $psql_path = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_hba_conf_path = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_ident_conf_path = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $postgresql_conf_path = undef, + Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, + Optional[Variant[String[1], Stdlib::Absolutepath]] $recovery_conf_path = undef, + Hash $default_connect_settings = {}, - Optional[Boolean] $pg_hba_conf_defaults = undef, + Optional[Boolean] $pg_hba_conf_defaults = undef, - Optional[String[1]] $datadir = undef, - Optional[String[1]] $confdir = undef, - Optional[String[1]] $bindir = undef, - Optional[String[1]] $xlogdir = undef, - Optional[String[1]] $logdir = undef, - Optional[String[1]] $log_line_prefix = undef, - Optional[Boolean] $manage_datadir = undef, - Optional[Boolean] $manage_logdir = undef, - Optional[Boolean] $manage_xlogdir = undef, + Optional[String[1]] $datadir = undef, + Optional[String[1]] $confdir = undef, + Optional[String[1]] $bindir = undef, + Optional[String[1]] $xlogdir = undef, + Optional[String[1]] $logdir = undef, + Optional[String[1]] $log_line_prefix = undef, + Optional[Boolean] $manage_datadir = undef, + Optional[Boolean] $manage_logdir = undef, + Optional[Boolean] $manage_xlogdir = undef, - Optional[String[1]] $user = undef, - Optional[String[1]] $group = undef, + Optional[String[1]] $user = undef, + Optional[String[1]] $group = undef, - Optional[String[1]] $version = undef, - Optional[String[1]] $postgis_version = undef, - Optional[String[1]] $repo_proxy = undef, - Optional[String[1]] $repo_baseurl = undef, - Optional[String[1]] $yum_repo_commonurl = undef, + Optional[String[1]] $version = undef, + Optional[String[1]] $postgis_version = undef, + Optional[String[1]] $repo_proxy = undef, + Optional[String[1]] $repo_baseurl = undef, + Optional[String[1]] $yum_repo_commonurl = undef, - Optional[Boolean] $needs_initdb = undef, + Optional[Boolean] $needs_initdb = undef, - Optional[String[1]] $encoding = undef, - Optional[String[1]] $locale = undef, - Optional[String[1]] $data_checksums = undef, - Optional[String[1]] $timezone = undef, + Optional[String[1]] $encoding = undef, + Optional[String[1]] $locale = undef, + Optional[String[1]] $data_checksums = undef, + Optional[String[1]] $timezone = undef, - Optional[Boolean] $manage_pg_hba_conf = undef, - Optional[Boolean] $manage_pg_ident_conf = undef, - Optional[Boolean] $manage_recovery_conf = undef, - Optional[Boolean] $manage_postgresql_conf_perms = undef, - Optional[Boolean] $manage_selinux = undef, + Optional[Boolean] $manage_pg_hba_conf = undef, + Optional[Boolean] $manage_pg_ident_conf = undef, + Optional[Boolean] $manage_recovery_conf = undef, + Optional[Boolean] $manage_postgresql_conf_perms = undef, + Optional[Boolean] $manage_selinux = undef, - Optional[Boolean] $manage_package_repo = undef, + Optional[Boolean] $manage_package_repo = undef, Boolean $manage_dnf_module = false, - Optional[String[1]] $module_workdir = undef, + Optional[String[1]] $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index cdaabbc3d2..70ab31da97 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -9,9 +9,9 @@ # # class postgresql::lib::devel ( - String $package_name = $postgresql::params::devel_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present', - Boolean $link_pg_config = $postgresql::params::link_pg_config + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', + String $package_name = $postgresql::params::devel_package_name, + Boolean $link_pg_config = $postgresql::params::link_pg_config, ) inherits postgresql::params { if $facts['os']['family'] == 'Gentoo' { fail('osfamily Gentoo does not have a separate "devel" package, postgresql::lib::devel is not supported') diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 209ee5bbb4..0f132cd98a 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -10,8 +10,8 @@ # # class postgresql::lib::docs ( - String $package_name = $postgresql::params::docs_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present', + String $package_name = $postgresql::params::docs_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-docs': ensure => $package_ensure, diff --git a/manifests/lib/java.pp b/manifests/lib/java.pp index 48c0d2632a..aa273c6bad 100644 --- a/manifests/lib/java.pp +++ b/manifests/lib/java.pp @@ -9,8 +9,8 @@ # Specifies whether the package is present. # class postgresql::lib::java ( - String $package_name = $postgresql::params::java_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + String $package_name = $postgresql::params::java_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-jdbc': ensure => $package_ensure, diff --git a/manifests/lib/perl.pp b/manifests/lib/perl.pp index 26c6534811..72ece8d15f 100644 --- a/manifests/lib/perl.pp +++ b/manifests/lib/perl.pp @@ -6,8 +6,8 @@ # Ensure the perl libs for postgresql are installed. # class postgresql::lib::perl ( - String $package_name = $postgresql::params::perl_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + String $package_name = $postgresql::params::perl_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { package { 'perl-DBD-Pg': ensure => $package_ensure, diff --git a/manifests/lib/python.pp b/manifests/lib/python.pp index 9243b3d11a..bbccdc3a50 100644 --- a/manifests/lib/python.pp +++ b/manifests/lib/python.pp @@ -6,8 +6,8 @@ # Ensure the python libs for postgresql are installed. # class postgresql::lib::python ( - String[1] $package_name = $postgresql::params::python_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + String[1] $package_name = $postgresql::params::python_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { package { 'python-psycopg2': ensure => $package_ensure, diff --git a/manifests/server.pp b/manifests/server.pp index 9ad2a682f8..c2a0f0d06e 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -68,11 +68,13 @@ # Whether to manage the postgresql conf file permissions. This means owner, # group and mode. Contents are not managed but should be managed through # postgresql::server::config_entry. +# @param manage_selinux Specifies whether or not manage the conf file for selinux. # @param module_workdir Working directory for the PostgreSQL module # # @param manage_datadir Set to false if you have file{ $datadir: } already defined # @param manage_logdir Set to false if you have file{ $logdir: } already defined # @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined +# @param password_encryption Specify the type of encryption set for the password. # # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. @@ -89,76 +91,76 @@ class postgresql::server ( Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = undef, - String[1] $package_name = $postgresql::params::server_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = $postgresql::params::package_ensure, - - Optional[String[1]] $plperl_package_name = $postgresql::params::plperl_package_name, - Optional[String[1]] $plpython_package_name = $postgresql::params::plpython_package_name, - - Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::params::service_ensure, - Boolean $service_enable = $postgresql::params::service_enable, - Boolean $service_manage = $postgresql::params::service_manage, - String[1] $service_name = $postgresql::params::service_name, - Boolean $service_restart_on_change = $postgresql::params::service_restart_on_change, - Optional[String[1]] $service_provider = $postgresql::params::service_provider, - String[1] $service_reload = $postgresql::params::service_reload, - String[1] $service_status = $postgresql::params::service_status, - String[1] $default_database = $postgresql::params::default_database, - Hash $default_connect_settings = $postgresql::globals::default_connect_settings, - Optional[String[1]] $listen_addresses = $postgresql::params::listen_addresses, - Variant[String[1], Integer] $port = $postgresql::params::port, - String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, - String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, - Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, - - String[1] $initdb_path = $postgresql::params::initdb_path, - Optional[String[1]] $createdb_path = $postgresql::params::createdb_path, - String[1] $psql_path = $postgresql::params::psql_path, - String[1] $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, - String[1] $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, - String[1] $postgresql_conf_path = $postgresql::params::postgresql_conf_path, - Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, - String[1] $recovery_conf_path = $postgresql::params::recovery_conf_path, - - String[1] $datadir = $postgresql::params::datadir, - Optional[String[1]] $xlogdir = $postgresql::params::xlogdir, - Optional[String[1]] $logdir = $postgresql::params::logdir, - - Optional[String[1]] $log_line_prefix = $postgresql::params::log_line_prefix, - - Boolean $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, - - String[1] $user = $postgresql::params::user, - String[1] $group = $postgresql::params::group, - - Boolean $needs_initdb = $postgresql::params::needs_initdb, - - Optional[String[1]] $encoding = $postgresql::params::encoding, - Optional[String[1]] $locale = $postgresql::params::locale, - Optional[String[1]] $data_checksums = $postgresql::params::data_checksums, - Optional[String[1]] $timezone = $postgresql::params::timezone, - - Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, - Boolean $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, - Boolean $manage_recovery_conf = $postgresql::params::manage_recovery_conf, - Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, - Boolean $manage_selinux = $postgresql::params::manage_selinux, - String[1] $module_workdir = $postgresql::params::module_workdir, - - Boolean $manage_datadir = $postgresql::params::manage_datadir, - Boolean $manage_logdir = $postgresql::params::manage_logdir, - Boolean $manage_xlogdir = $postgresql::params::manage_xlogdir, - Optional[String] $password_encryption = $postgresql::params::password_encryption, - String $extra_systemd_config = $postgresql::params::extra_systemd_config, - - Hash[String, Hash] $roles = {}, - Hash[String, Any] $config_entries = {}, - Postgresql::Pg_hba_rules $pg_hba_rules = {}, - - Boolean $backup_enable = $postgresql::params::backup_enable, - Hash $backup_options = {}, - Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = $postgresql::params::package_ensure, + String[1] $package_name = $postgresql::params::server_package_name, + + Optional[String[1]] $plperl_package_name = $postgresql::params::plperl_package_name, + Optional[String[1]] $plpython_package_name = $postgresql::params::plpython_package_name, + + Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::params::service_ensure, + Boolean $service_enable = $postgresql::params::service_enable, + Boolean $service_manage = $postgresql::params::service_manage, + String[1] $service_name = $postgresql::params::service_name, + Boolean $service_restart_on_change = $postgresql::params::service_restart_on_change, + Optional[String[1]] $service_provider = $postgresql::params::service_provider, + String[1] $service_reload = $postgresql::params::service_reload, + Optional[String[1]] $service_status = $postgresql::params::service_status, + String[1] $default_database = $postgresql::params::default_database, + Hash $default_connect_settings = $postgresql::globals::default_connect_settings, + Optional[String[1]] $listen_addresses = $postgresql::params::listen_addresses, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::params::port, + String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, + String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, + Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, + + Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::params::initdb_path, + Optional[Variant[String[1], Stdlib::Absolutepath]] $createdb_path = $postgresql::params::createdb_path, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::params::psql_path, + Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, + Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, + Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::params::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, + Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::params::recovery_conf_path, + + String[1] $datadir = $postgresql::params::datadir, + Optional[String[1]] $xlogdir = $postgresql::params::xlogdir, + Optional[String[1]] $logdir = $postgresql::params::logdir, + + Optional[String[1]] $log_line_prefix = $postgresql::params::log_line_prefix, + + Boolean $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, + + String[1] $user = $postgresql::params::user, + String[1] $group = $postgresql::params::group, + + Boolean $needs_initdb = $postgresql::params::needs_initdb, + + Optional[String[1]] $encoding = $postgresql::params::encoding, + Optional[String[1]] $locale = $postgresql::params::locale, + Optional[String[1]] $data_checksums = $postgresql::params::data_checksums, + Optional[String[1]] $timezone = $postgresql::params::timezone, + + Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::params::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, + Boolean $manage_selinux = $postgresql::params::manage_selinux, + String[1] $module_workdir = $postgresql::params::module_workdir, + + Boolean $manage_datadir = $postgresql::params::manage_datadir, + Boolean $manage_logdir = $postgresql::params::manage_logdir, + Boolean $manage_xlogdir = $postgresql::params::manage_xlogdir, + Optional[String] $password_encryption = $postgresql::params::password_encryption, + Optional[String] $extra_systemd_config = $postgresql::params::extra_systemd_config, + + Hash[String, Hash] $roles = {}, + Hash[String, Any] $config_entries = {}, + Postgresql::Pg_hba_rules $pg_hba_rules = {}, + + Boolean $backup_enable = $postgresql::params::backup_enable, + Hash $backup_options = {}, + Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, #Deprecated Optional[String[1]] $version = undef, diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index ce6f6d121e..974114359a 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,9 +5,9 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - Enum['present', 'absent', 'latest'] $ensure = 'present', + Enum['present', 'absent'] $ensure = 'present', Optional[Variant[String[1], Integer]] $value = undef, - Boolean $path = false + Variant[Boolean, String[1]] $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path diff --git a/manifests/server/contrib.pp b/manifests/server/contrib.pp index 7240de156c..e35eb511b3 100644 --- a/manifests/server/contrib.pp +++ b/manifests/server/contrib.pp @@ -6,7 +6,7 @@ # Ensure the contrib package is installed. class postgresql::server::contrib ( Optional[String[1]] $package_name = $postgresql::params::contrib_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { if $package_name { package { 'postgresql-contrib': diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 413ba5863d..6705280377 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -8,13 +8,13 @@ # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::database_grant ( - Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'] $privilege, - String[1] $db, - String[1] $role, - Optional[Enum['present', 'absent']] $ensure = undef, - Optional[String[1]] $psql_db = undef, - Optional[String[1]] $psql_user = undef, - Optional[Hash] $connect_settings = undef, + Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp'] $privilege, + String[1] $db, + String[1] $role, + Optional[Enum['present', 'absent']] $ensure = undef, + Optional[String[1]] $psql_db = undef, + Optional[String[1]] $psql_user = undef, + Optional[Hash] $connect_settings = undef, ) { postgresql::server::grant { "database:${name}": ensure => $ensure, diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 649954d574..1caf4f89f4 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -12,7 +12,7 @@ # @param psql_path Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param port Specifies the port to access the server. Default value: The default user for the module, usually '5432'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# @param psql_path Specifies the path to the psql command. +# @param group Specifies the user group to which the privileges will be granted. define postgresql::server::default_privileges ( String $role, String $db, @@ -25,15 +25,15 @@ /(?i:^TYPES$)/, /(?i:^SCHEMAS$)/ # lint:ignore:trailing_comma ] $object_type, - String $schema = 'public', - String $psql_db = $postgresql::server::default_database, - String $psql_user = $postgresql::server::user, - Integer $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Enum['present', 'absent'] $ensure = 'present', - String $group = $postgresql::server::group, - String $psql_path = $postgresql::server::psql_path, - Optional[String] $target_role = undef, + String $schema = 'public', + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', + String $group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Optional[String] $target_role = undef, ) { # If possible use the version of the remote database, otherwise # fallback to our local DB version diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index ce3e25f531..301749aae9 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -17,16 +17,16 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. define postgresql::server::extension ( - String[1] $database, - String[1] $extension = $name, - Optional[String[1]] $schema = undef, - Optional[String[1]] $version = undef, - Enum['present', 'absent'] $ensure = 'present', - Optional[String[1]] $package_name = undef, - Optional[Enum['present', 'absent']] $package_ensure = undef, - Optional[Integer] $port = undef, - Hash $connect_settings = postgresql::default('default_connect_settings'), - String[1] $database_resource_name = $database, + String[1] $database, + Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]] $package_ensure = undef, + String[1] $extension = $name, + Optional[String[1]] $schema = undef, + Optional[String[1]] $version = undef, + Enum['present', 'absent'] $ensure = 'present', + Optional[String[1]] $package_name = undef, + Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Hash $connect_settings = postgresql::default('default_connect_settings'), + String[1] $database_resource_name = $database, ) { $user = postgresql::default('user') $group = postgresql::default('group') diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index a39a443ca4..0720645252 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -5,6 +5,7 @@ # @param privilege Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. # @param object_type Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. # @param object_name Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] +# @param object_arguments Specifies any arguments to be passed alongisde the access grant. # @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Sets the OS user to run psql. # @param port Port to use when connecting. @@ -31,17 +32,17 @@ /(?i:^SCHEMA$)/, /(?i:^SEQUENCE$)/ # lint:ignore:trailing_comma #/(?i:^VIEW$)/ - ] $object_type = 'database', - Optional[Variant[Array[String,2,2],String[1]]] $object_name = undef, - Array[String[1],0] $object_arguments = [], - String $psql_db = $postgresql::server::default_database, - String $psql_user = $postgresql::server::user, - Integer $port = $postgresql::server::port, - Boolean $onlyif_exists = false, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Enum['present', 'absent'] $ensure = 'present', - String $group = $postgresql::server::group, - String $psql_path = $postgresql::server::psql_path, + ] $object_type = 'database', + Optional[Variant[Array[String,2,2],String[1]]] $object_name = undef, + Array[String[1],0] $object_arguments = [], + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Boolean $onlyif_exists = false, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', + String $group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, ) { case $ensure { default: { diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index dc9ad50872..f66f803e3f 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -8,13 +8,13 @@ # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. define postgresql::server::grant_role ( - String[1] $group, - String[1] $role = $name, - Enum['present', 'absent'] $ensure = 'present', - String[1] $psql_db = $postgresql::server::default_database, - String[1] $psql_user = $postgresql::server::user, - Variant[String[1], Integer] $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $group, + String[1] $role = $name, + Enum['present', 'absent'] $ensure = 'present', + String[1] $psql_db = $postgresql::server::default_database, + String[1] $psql_user = $postgresql::server::user, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { case $ensure { 'present': { diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 9aad9ad52c..7926dc6529 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -17,7 +17,7 @@ # @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. -# @param version, Sets PostgreSQL version +# @param version Sets PostgreSQL version # @param manage_pg_hba_conf Boolean. Whether to manage the pg_hba.conf. # @param manage_pg_ident_conf Boolean. Overwrites the pg_ident.conf file. # @param manage_recovery_conf Boolean. Specifies whether or not manage the recovery.conf. @@ -31,36 +31,37 @@ # @param service_enable Enable the PostgreSQL service # @param log_line_prefix PostgreSQL log line prefix # @param timezone Set timezone for the PostgreSQL instance +# @param password_encryption Specify the type of encryption set for the password. # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # lint:endignore:140chars define postgresql::server::instance::config ( - String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, - String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, - Optional[String[1]] $listen_addresses = $postgresql::server::listen_addresses, - Variant[String[1], Integer] $port = $postgresql::server::port, - Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, - String[1] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, - String[1] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, - String[1] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, - Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, - String[1] $recovery_conf_path = $postgresql::server::recovery_conf_path, - Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, - String[1] $user = $postgresql::server::user, - String[1] $group = $postgresql::server::group, - Optional[String[1]] $version = $postgresql::server::_version, - Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, - Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, - Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, - Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, - String[1] $datadir = $postgresql::server::datadir, - Optional[String[1]] $logdir = $postgresql::server::logdir, - String[1] $service_name = $postgresql::server::service_name, - Boolean $service_enable = $postgresql::server::service_enable, - Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, - Optional[String[1]] $timezone = $postgresql::server::timezone, - Optional[String] $password_encryption = $postgresql::server::password_encryption, - String $extra_systemd_config = $postgresql::server::extra_systemd_config, + String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, + String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, + Optional[String[1]] $listen_addresses = $postgresql::server::listen_addresses, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, + Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, + Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, + Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, + Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::server::recovery_conf_path, + Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Optional[String[1]] $version = $postgresql::server::_version, + Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, + String[1] $datadir = $postgresql::server::datadir, + Optional[String[1]] $logdir = $postgresql::server::logdir, + String[1] $service_name = $postgresql::server::service_name, + Boolean $service_enable = $postgresql::server::service_enable, + Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, + Optional[String[1]] $timezone = $postgresql::server::timezone, + Optional[String] $password_encryption = $postgresql::server::password_encryption, + Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 255951de55..a67e2be1c1 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -19,20 +19,20 @@ # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars define postgresql::server::instance::initdb ( - Boolean $needs_initdb = $postgresql::server::needs_initdb, - String[1] $initdb_path = $postgresql::server::initdb_path, - String[1] $datadir = $postgresql::server::datadir, - Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, - Optional[String[1]] $logdir = $postgresql::server::logdir, - Boolean $manage_datadir = $postgresql::server::manage_datadir, - Boolean $manage_logdir = $postgresql::server::manage_logdir, - Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, - Optional[String[1]] $encoding = $postgresql::server::encoding, - Optional[String[1]] $locale = $postgresql::server::locale, - Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, - String[1] $group = $postgresql::server::group, - String[1] $user = $postgresql::server::user, - String[1] $module_workdir = $postgresql::server::module_workdir, + Boolean $needs_initdb = $postgresql::server::needs_initdb, + Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::server::initdb_path, + String[1] $datadir = $postgresql::server::datadir, + Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, + Optional[String[1]] $logdir = $postgresql::server::logdir, + Boolean $manage_datadir = $postgresql::server::manage_datadir, + Boolean $manage_logdir = $postgresql::server::manage_logdir, + Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $locale = $postgresql::server::locale, + Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, + String[1] $group = $postgresql::server::group, + String[1] $user = $postgresql::server::user, + String[1] $module_workdir = $postgresql::server::module_workdir, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index f5e8502101..61c3f38520 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -8,12 +8,12 @@ # @param module_workdir Working directory for the PostgreSQL module # lint:endignore:140chars define postgresql::server::instance::late_initdb ( - Optional[String[1]] $encoding = $postgresql::server::encoding, - String[1] $user = $postgresql::server::user, - String[1] $group = $postgresql::server::group, - String[1] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Integer] $port = $postgresql::server::port, - String[1] $module_workdir = $postgresql::server::module_workdir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + String[1] $module_workdir = $postgresql::server::module_workdir, ) { # Set the defaults for the postgresql_psql resource Postgresql_psql { diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 41ff710c35..89c9a53250 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -11,8 +11,8 @@ define postgresql::server::instance::passwd ( String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, - String[1] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, String[1] $database = $postgresql::server::default_database, String[1] $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 7f73bc3c49..2f19d2e392 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -10,7 +10,7 @@ # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. # @param psql_path Specifies the path to the psql command. -# @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. # lint:endignore:140chars define postgresql::server::instance::service ( Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::server::service_ensure, @@ -20,9 +20,9 @@ Optional[String[1]] $service_provider = $postgresql::server::service_provider, String[1] $service_status = $postgresql::server::service_status, String[1] $user = $postgresql::server::user, - Variant[String[1], Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, String[1] $default_database = $postgresql::server::default_database, - String[1] $psql_path = $postgresql::server::psql_path, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { anchor { 'postgresql::server::service::begin': } diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 6ba43cc544..85398d2a25 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -19,7 +19,7 @@ # Needed for testing primarily, support for multiple files is not really # working. - String[1] $target = $postgresql::server::pg_ident_conf_path + Variant[String[1], Stdlib::Absolutepath] $target = $postgresql::server::pg_ident_conf_path ) { if $postgresql::server::manage_pg_ident_conf == false { fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index e184d35a33..1db5d4aa8f 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -3,8 +3,8 @@ # @param package_ensure The ensure parameter passed on to PostgreSQL PL/Perl package resource. # @param package_name The name of the PostgreSQL PL/Perl package. class postgresql::server::plperl ( - Enum['present', 'absent', 'latest'] $package_ensure = 'present', - Optional[String[1]] $package_name = $postgresql::server::plperl_package_name + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', + Optional[String[1]] $package_name = $postgresql::server::plperl_package_name, ) { package { 'postgresql-plperl': ensure => $package_ensure, diff --git a/manifests/server/plpython.pp b/manifests/server/plpython.pp index 9ec7e1441a..8577bd34e5 100644 --- a/manifests/server/plpython.pp +++ b/manifests/server/plpython.pp @@ -5,8 +5,8 @@ # @param package_name # Specifies the name of the postgresql PL/Python package. class postgresql::server::plpython ( - Enum['present', 'absent', 'latest'] $package_ensure = 'present', - Optional[String[1]] $package_name = $postgresql::server::plpython_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', + Optional[String[1]] $package_name = $postgresql::server::plpython_package_name, ) { package { 'postgresql-plpython': ensure => $package_ensure, diff --git a/manifests/server/postgis.pp b/manifests/server/postgis.pp index 3239e53b14..c259e030ff 100644 --- a/manifests/server/postgis.pp +++ b/manifests/server/postgis.pp @@ -3,8 +3,8 @@ # @param package_name Sets the package name. # @param package_ensure Specifies if the package is present or not. class postgresql::server::postgis ( - String $package_name = $postgresql::params::postgis_package_name, - Enum['present', 'absent', 'latest'] $package_ensure = 'present' + String $package_name = $postgresql::params::postgis_package_name, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = 'present', ) inherits postgresql::params { package { 'postgresql-postgis': ensure => $package_ensure, diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 5c3108d8c1..e561e97aed 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -12,9 +12,9 @@ String $old_role, String $new_role, String $db, - String $psql_user = $postgresql::server::user, - Integer $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, + String $psql_user = $postgresql::server::user, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index f9f9926612..bcb8db9349 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -40,7 +40,7 @@ Optional[String[1]] $primary_slot_name = undef, Optional[String[1]] $trigger_file = undef, Optional[Integer] $recovery_min_apply_delay = undef, - String[1] $target = $postgresql::server::recovery_conf_path + Variant[String[1], Stdlib::Absolutepath] $target = $postgresql::server::recovery_conf_path ) { if $postgresql::server::manage_recovery_conf == false { fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/role.pp b/manifests/server/role.pp index c4131808fd..9730eae85f 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -21,26 +21,26 @@ # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( - Boolean $update_password = true, - Variant[Boolean, String, Sensitive[String]] $password_hash = false, - Boolean $createdb = false, - Boolean $createrole = false, - String[1] $db = $postgresql::server::default_database, - Optional[Variant[String[1], Integer]] $port = undef, - Boolean $login = true, - Boolean $inherit = true, - Boolean $superuser = false, - Boolean $replication = false, - String[1] $connection_limit = '-1', - String[1] $username = $title, - Hash $connect_settings = $postgresql::server::default_connect_settings, - String[1] $psql_user = $postgresql::server::user, - String[1] $psql_group = $postgresql::server::group, - String[1] $psql_path = $postgresql::server::psql_path, - String[1] $module_workdir = $postgresql::server::module_workdir, - Enum['present', 'absent'] $ensure = 'present', - Enum['md5', 'scram-sha-256'] $hash = 'md5', - Optional[Variant[String[1], Integer]] $salt = undef, + Boolean $update_password = true, + Variant[Boolean, String, Sensitive[String]] $password_hash = false, + Boolean $createdb = false, + Boolean $createrole = false, + String[1] $db = $postgresql::server::default_database, + Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Boolean $login = true, + Boolean $inherit = true, + Boolean $superuser = false, + Boolean $replication = false, + String[1] $connection_limit = '-1', + String[1] $username = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $psql_user = $postgresql::server::user, + String[1] $psql_group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + String[1] $module_workdir = $postgresql::server::module_workdir, + Enum['present', 'absent'] $ensure = 'present', + Enum['md5', 'scram-sha-256'] $hash = 'md5', + Optional[Variant[String[1], Integer]] $salt = undef, ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 7ae032f86c..d2310ce9fe 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -11,16 +11,16 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists Create grant only if it doesn't exist. define postgresql::server::table_grant ( - Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'] $privilege, - String[1] $table, - String[1] $db, - String[1] $role, - Optional[String[1]] $ensure = undef, - Optional[Variant[String[1], Integer]] $port = undef, - Optional[String[1]] $psql_db = undef, - Optional[String[1]] $psql_user = undef, - Optional[Hash] $connect_settings = undef, - Boolean $onlyif_exists = false, + Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', 'truncate', 'references', 'trigger'] $privilege, + String[1] $table, + String[1] $db, + String[1] $role, + Optional[Enum['present', 'absent']] $ensure = undef, + Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Optional[String[1]] $psql_db = undef, + Optional[String[1]] $psql_user = undef, + Optional[Hash] $connect_settings = undef, + Boolean $onlyif_exists = false, ) { postgresql::server::grant { "table:${name}": ensure => $ensure, From 2251dbd14010abca8b3a5d996a21b00b9f802f96 Mon Sep 17 00:00:00 2001 From: david22swan Date: Fri, 24 Feb 2023 14:42:26 +0000 Subject: [PATCH 0766/1000] (MAINT) - update pdk release image --- .github/workflows/auto_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index f4aed440e5..f0d7aa4414 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -34,7 +34,7 @@ jobs: persist-credentials: false - name: "PDK Release prep" - uses: docker://puppet/iac_release:ci + uses: docker://puppet/pdk:2.6.1.0 with: args: 'release prep --force' env: From 4f1fdbe6eb22d23daa73fad0470d8b779f956c9c Mon Sep 17 00:00:00 2001 From: Gavin Patton Date: Wed, 22 Mar 2023 06:22:34 +0000 Subject: [PATCH 0767/1000] "This change pins the puppetlabs-puppet_agent module to v4.12.1. Previosuly the fixutre was configured to pull from main. Given the recent changes when moving towards puppet8 main is unsafe." --- .fixtures.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.fixtures.yml b/.fixtures.yml index 7e45dadbb1..e67535c8db 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -7,7 +7,9 @@ fixtures: facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" provision: "https://github.com/puppetlabs/provision.git" - puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' + puppet_agent: + repo: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' + ref: v4.12.1 stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" systemd: "https://github.com/voxpupuli/puppet-systemd.git" From f612428a3db223803bdd816bdee1c5d88ba75a79 Mon Sep 17 00:00:00 2001 From: david22swan Date: Tue, 28 Mar 2023 11:17:38 +0100 Subject: [PATCH 0768/1000] (CONT-826) Temporarily pin puppet_litmus to 0.34.6 or less --- Gemfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index a84b5ee829..1881afe150 100644 --- a/Gemfile +++ b/Gemfile @@ -37,8 +37,8 @@ group :development do gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do - gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby] - gem "serverspec", '~> 2.41', require: false + gem "puppet_litmus", '<= 0.34.6', require: false, platforms: [:ruby] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] From 99d5f7572f908055cc7c8706406147287895ee7c Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Fri, 24 Mar 2023 16:54:56 +0000 Subject: [PATCH 0769/1000] (CONT-229) - Implement reusable workflows --- .github/workflows/auto_release.yml | 87 +---------- .github/workflows/ci.yml | 21 +++ .github/workflows/nightly.yml | 208 ++----------------------- .github/workflows/nightly_non_rhel.yml | 203 ------------------------ .github/workflows/pr_test.yml | 185 ---------------------- .github/workflows/pr_test_non_rhel.yml | 185 ---------------------- .github/workflows/release.yml | 44 +----- .github/workflows/spec.yml | 126 --------------- 8 files changed, 39 insertions(+), 1020 deletions(-) create mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/nightly_non_rhel.yml delete mode 100644 .github/workflows/pr_test.yml delete mode 100644 .github/workflows/pr_test_non_rhel.yml delete mode 100644 .github/workflows/spec.yml diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml index f0d7aa4414..d6270c56fe 100644 --- a/.github/workflows/auto_release.yml +++ b/.github/workflows/auto_release.yml @@ -3,88 +3,7 @@ name: "Auto release" on: workflow_dispatch: -env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - jobs: - auto_release: - name: "Automatic release prep" - runs-on: ubuntu-20.04 - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - - - name: "Honeycomb: start first step" - run: | - echo STEP_ID="auto-release" >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: "Checkout Source" - if: ${{ github.repository_owner == 'puppetlabs' }} - uses: actions/checkout@v2 - with: - fetch-depth: 0 - persist-credentials: false - - - name: "PDK Release prep" - uses: docker://puppet/pdk:2.6.1.0 - with: - args: 'release prep --force' - env: - CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: "Get Version" - if: ${{ github.repository_owner == 'puppetlabs' }} - id: gv - run: | - echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" - - - name: "Check if a release is necessary" - if: ${{ github.repository_owner == 'puppetlabs' }} - id: check - run: | - git diff --quiet CHANGELOG.md && echo "::set-output name=release::false" || echo "::set-output name=release::true" - - - name: "Commit changes" - if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} - run: | - git config --local user.email "${{ github.repository_owner }}@users.noreply.github.com" - git config --local user.name "GitHub Action" - git add . - git commit -m "Release prep v${{ steps.gv.outputs.ver }}" - - - name: Create Pull Request - id: cpr - uses: puppetlabs/peter-evans-create-pull-request@v3 - if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: "Release prep v${{ steps.gv.outputs.ver }}" - branch: "release-prep" - delete-branch: true - title: "Release prep v${{ steps.gv.outputs.ver }}" - body: | - Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb) from commit ${{ github.sha }}. - Please verify before merging: - - [ ] last [nightly](https://github.com/${{ github.repository }}/actions/workflows/nightly.yml) run is green - - [ ] [Changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) is readable and has no unlabeled pull requests - - [ ] Ensure the [changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) version and [metadata](https://github.com/${{ github.repository }}/blob/release-prep/metadata.json) version match - labels: "maintenance" - - - name: PR outputs - if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} - run: | - echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" - echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" - - - name: "Honeycomb: Record finish step" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Finished auto release workflow' + release_prep: + uses: "puppetlabs/cat-github-actions/.github/workflows/module_release_prep.yml@main" + secrets: "inherit" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..e6dd8d7bc0 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,21 @@ +name: "ci" + +on: + pull_request: + branches: + - "main" + workflow_dispatch: + +jobs: + Spec: + uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" + with: + runs_on: "ubuntu-20.04" + secrets: "inherit" + + Acceptance: + needs: Spec + uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" + with: + runs_on: "ubuntu-20.04" + secrets: "inherit" diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 1ae5d48864..b8786059ec 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -2,203 +2,19 @@ name: "nightly" on: schedule: - - cron: '0 0 * * *' - - -env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests + - cron: "0 0 * * *" + workflow_dispatch: jobs: - setup_matrix: - if: ${{ github.repository_owner == 'puppetlabs' }} - name: "Setup Test Matrix" - runs-on: ubuntu-20.04 - outputs: - matrix: ${{ steps.get-matrix.outputs.matrix }} - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} + Spec: + uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" + with: + runs_on: "ubuntu-20.04" + secrets: "inherit" - - name: "Honeycomb: Start first step" - run: | - echo STEP_ID=setup-environment >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Setup Acceptance Test Matrix - id: get-matrix - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' - else - echo "::set-output name=matrix::{}" - fi - - - name: "Honeycomb: Record Setup Test Matrix time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' Acceptance: - name: "${{matrix.platforms.label}}, ${{matrix.collection}}" - needs: - - setup_matrix - - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} - - env: - BUILDEVENT_FILE: '../buildevents.txt' - - steps: - - run: | - echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE - echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - - - name: "Honeycomb: start first step" - run: | - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Checkout Source - uses: actions/checkout@v2 - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Provision test environment - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - echo ::group::=== INVENTORY === - if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; - then - FILE='spec/fixtures/litmus_inventory.yaml' - elif [ -f 'inventory.yaml' ]; - then - FILE='inventory.yaml' - fi - sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true - echo ::endgroup:: - - - name: Install agent - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - - - name: Install module - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - - - name: "Honeycomb: Record deployment times" - if: ${{ always() }} - run: | - echo ::group::honeycomb step - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - echo ::endgroup:: - - - name: Run acceptance tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - - - name: "Honeycomb: Record acceptance testing times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Remove test environment - if: ${{ always() }} - continue-on-error: true - run: | - if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - fi - - - name: "Honeycomb: Record removal times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' - - slack-workflow-status: - if: ${{ github.repository_owner == 'puppetlabs' }} - name: Post Workflow Status To Slack - needs: - - Acceptance - runs-on: ubuntu-20.04 - steps: - - name: Slack Workflow Notification - uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 - with: - # Required Input - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} - # Optional Input - channel: '#team-cat-bots' - name: 'GABot' + needs: Spec + uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" + with: + runs_on: "ubuntu-20.04" + secrets: "inherit" diff --git a/.github/workflows/nightly_non_rhel.yml b/.github/workflows/nightly_non_rhel.yml deleted file mode 100644 index dc21aa867d..0000000000 --- a/.github/workflows/nightly_non_rhel.yml +++ /dev/null @@ -1,203 +0,0 @@ -name: "nightly" - -on: - schedule: - - cron: '0 0 * * *' - - -env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - -jobs: - setup_matrix: - name: "Setup Test Matrix" - runs-on: ubuntu-20.04 - outputs: - matrix: ${{ steps.get-matrix.outputs.matrix }} - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - - - name: "Honeycomb: Start first step" - run: | - echo STEP_ID=setup-environment >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Setup Acceptance Test Matrix - id: get-matrix - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8", "AlmaLinux-8"]' - else - echo "::set-output name=matrix::{}" - fi - - - name: "Honeycomb: Record Setup Test Matrix time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Acceptance: - name: "${{matrix.platforms.label}}, ${{matrix.collection}}" - needs: - - setup_matrix - - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} - - env: - BUILDEVENT_FILE: '../buildevents.txt' - - steps: - - run: | - echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE - echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - - - name: "Honeycomb: start first step" - run: | - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Checkout Source - uses: actions/checkout@v2 - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Provision test environment - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - echo ::group::=== INVENTORY === - if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; - then - FILE='spec/fixtures/litmus_inventory.yaml' - elif [ -f 'inventory.yaml' ]; - then - FILE='inventory.yaml' - fi - sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true - echo ::endgroup:: - - - name: Install agent - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - - - name: Install module - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - - - name: "Honeycomb: Record deployment times" - if: ${{ always() }} - run: | - echo ::group::honeycomb step - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - echo ::endgroup:: - - - name: Run acceptance tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - - - name: "Honeycomb: Record acceptance testing times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: Remove test environment - if: ${{ always() }} - continue-on-error: true - run: | - if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - fi - - - name: "Honeycomb: Record removal times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' - - slack-workflow-status: - if: always() - name: Post Workflow Status To Slack - needs: - - Acceptance - runs-on: ubuntu-20.04 - steps: - - name: Slack Workflow Notification - uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 - with: - # Required Input - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} - # Optional Input - channel: '#team-ia-bots' - name: 'GABot' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml deleted file mode 100644 index 5d26f3abbd..0000000000 --- a/.github/workflows/pr_test.yml +++ /dev/null @@ -1,185 +0,0 @@ -name: "PR Testing" - -on: [pull_request] - - -env: - - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - -jobs: - setup_matrix: - name: "Setup Test Matrix" - runs-on: ubuntu-20.04 - outputs: - matrix: ${{ steps.get-matrix.outputs.matrix }} - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - - - name: "Honeycomb: Start first step" - run: | - echo STEP_ID=setup-environment >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Run validation steps - run: | - bundle exec rake validate - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Setup Acceptance Test Matrix - id: get-matrix - run: | - if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["Scientific-6", "Scientific-7", "Debian-9", "Debian-10", "Debian-11", "SLES-12", "SLES-15", "Ubuntu-14.04", "Ubuntu-16.04", "Ubuntu-18.04", "Ubuntu-20.04", "Ubuntu-22.04"]' - else - echo "::set-output name=matrix::{}" - fi - - - name: "Honeycomb: Record Setup Test Matrix time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Acceptance: - name: "${{matrix.platforms.label}}, ${{matrix.collection}}" - needs: - - setup_matrix - if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} - - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} - - env: - BUILDEVENT_FILE: '../buildevents.txt' - - steps: - - run: | - echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE - echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - - - name: "Honeycomb: start first step" - run: | - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Provision test environment - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - echo ::group::=== INVENTORY === - if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; - then - FILE='spec/fixtures/litmus_inventory.yaml' - elif [ -f 'inventory.yaml' ]; - then - FILE='inventory.yaml' - fi - sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true - echo ::endgroup:: - - - name: Install agent - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - - - name: Install module - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - - - name: "Honeycomb: Record deployment times" - if: ${{ always() }} - run: | - echo ::group::honeycomb step - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - echo ::endgroup:: - - name: Run acceptance tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - - - name: "Honeycomb: Record acceptance testing times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Remove test environment - if: ${{ always() }} - continue-on-error: true - run: | - if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - fi - - - name: "Honeycomb: Record removal times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' diff --git a/.github/workflows/pr_test_non_rhel.yml b/.github/workflows/pr_test_non_rhel.yml deleted file mode 100644 index 31dc5b50fa..0000000000 --- a/.github/workflows/pr_test_non_rhel.yml +++ /dev/null @@ -1,185 +0,0 @@ -name: "PR Testing" - -on: [pull_request] - - -env: - - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - -jobs: - setup_matrix: - name: "Setup Test Matrix" - runs-on: ubuntu-20.04 - outputs: - matrix: ${{ steps.get-matrix.outputs.matrix }} - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - - - name: "Honeycomb: Start first step" - run: | - echo STEP_ID=setup-environment >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Run validation steps - run: | - bundle exec rake validate - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Setup Acceptance Test Matrix - id: get-matrix - run: | - if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 --exclude-platforms '["RedHat-6", "RedHat-7", "RedHat-8", "CentOS-6", "CentOS-7", "CentOS-8", "OracleLinux-6", "OracleLinux-7", "Rocky-8", "AlmaLinux-8"]' - else - echo "::set-output name=matrix::{}" - fi - - - name: "Honeycomb: Record Setup Test Matrix time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Acceptance: - name: "${{matrix.platforms.label}}, ${{matrix.collection}}" - needs: - - setup_matrix - if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} - - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} - - env: - BUILDEVENT_FILE: '../buildevents.txt' - - steps: - - run: | - echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE - echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} - - - name: "Honeycomb: start first step" - run: | - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - name: "Honeycomb: Record Setup Environment time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Provision test environment - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - echo ::group::=== INVENTORY === - if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; - then - FILE='spec/fixtures/litmus_inventory.yaml' - elif [ -f 'inventory.yaml' ]; - then - FILE='inventory.yaml' - fi - sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true - echo ::endgroup:: - - - name: Install agent - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - - - name: Install module - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - - - name: "Honeycomb: Record deployment times" - if: ${{ always() }} - run: | - echo ::group::honeycomb step - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - echo ::endgroup:: - - name: Run acceptance tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - - - name: "Honeycomb: Record acceptance testing times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' - echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Remove test environment - if: ${{ always() }} - continue-on-error: true - run: | - if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' - echo ::group::=== REQUEST === - cat request.json || true - echo - echo ::endgroup:: - fi - - - name: "Honeycomb: Record removal times" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1509f6e91f..0b7b8a05dd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,44 +4,6 @@ on: workflow_dispatch: jobs: - create-github-release: - name: Deploy GitHub Release - runs-on: ubuntu-20.04 - steps: - - name: Checkout code - uses: actions/checkout@v2 - with: - ref: ${{ github.ref }} - clean: true - fetch-depth: 0 - - name: Get Version - id: gv - run: | - echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" - - name: Create Release - uses: actions/create-release@v1 - id: create_release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: "v${{ steps.gv.outputs.ver }}" - draft: false - prerelease: false - - deploy-forge: - name: Deploy to Forge - runs-on: ubuntu-20.04 - steps: - - name: Checkout code - uses: actions/checkout@v2 - with: - ref: ${{ github.ref }} - clean: true - - name: "PDK Build" - uses: docker://puppet/pdk:nightly - with: - args: 'build' - - name: "Push to Forge" - uses: docker://puppet/pdk:nightly - with: - args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force' + release: + uses: "puppetlabs/cat-github-actions/.github/workflows/module_release.yml@main" + secrets: "inherit" diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml deleted file mode 100644 index 6c1ae10d8c..0000000000 --- a/.github/workflows/spec.yml +++ /dev/null @@ -1,126 +0,0 @@ -name: "Spec Tests" - -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: - pull_request: - - -env: - HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 - HONEYCOMB_DATASET: litmus tests - -jobs: - setup_matrix: - name: "Setup Test Matrix" - runs-on: ubuntu-20.04 - outputs: - spec_matrix: ${{ steps.get-matrix.outputs.spec_matrix }} - - steps: - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - - - name: "Honeycomb: Start first step" - run: | - echo STEP_ID=setup-environment >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Checkout Source - uses: actions/checkout@v2 - if: ${{ github.repository_owner == 'puppetlabs' }} - - - name: Activate Ruby 2.7 - uses: ruby/setup-ruby@v1 - if: ${{ github.repository_owner == 'puppetlabs' }} - with: - ruby-version: "2.7" - bundler-cache: true - - - name: Print bundle environment - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - name: "Honeycomb: Record Setup Environment time" - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' - echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - name: Run Static & Syntax Tests - if: ${{ github.repository_owner == 'puppetlabs' }} - run: | - buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - - - name: Setup Spec Test Matrix - id: get-matrix - run: | - if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then - buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 - else - echo "::set-output name=spec_matrix::{}" - fi - - name: "Honeycomb: Record Setup Test Matrix time" - if: ${{ always() }} - run: | - buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' - Spec: - name: "Spec Tests (Puppet: ${{matrix.puppet_version}}, Ruby Ver: ${{matrix.ruby_version}})" - needs: - - setup_matrix - if: ${{ needs.setup_matrix.outputs.spec_matrix != '{}' }} - - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: ${{fromJson(needs.setup_matrix.outputs.spec_matrix)}} - - env: - BUILDEVENT_FILE: '../buildevents.txt' - PUPPET_GEM_VERSION: ${{ matrix.puppet_version }} - FACTER_GEM_VERSION: 'https://github.com/puppetlabs/facter#main' - - steps: - - run: | - echo "SANITIZED_PUPPET_VERSION=$(echo '${{ matrix.puppet_version }}' | sed 's/~> //g')" >> $GITHUB_ENV - - - run: | - echo 'puppet_version=${{ env.SANITIZED_PUPPET_VERSION }}' >> $BUILDEVENT_FILE - - name: "Honeycomb: Start first step" - run: | - echo "STEP_ID=${{ env.SANITIZED_PUPPET_VERSION }}-spec" >> $GITHUB_ENV - echo STEP_START=$(date +%s) >> $GITHUB_ENV - - - name: "Honeycomb: Start recording" - uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 - with: - apikey: ${{ env.HONEYCOMB_WRITEKEY }} - dataset: ${{ env.HONEYCOMB_DATASET }} - job-status: ${{ job.status }} - matrix-key: ${{ env.SANITIZED_PUPPET_VERSION }} - - name: Checkout Source - uses: actions/checkout@v2 - - - name: "Activate Ruby ${{ matrix.ruby_version }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{matrix.ruby_version}} - bundler-cache: true - - - name: Print bundle environment - run: | - echo ::group::bundler environment - buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env - echo ::endgroup:: - - - - name: Run parallel_spec tests - run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec From fbceea0745982dbde565c9a5233e88aac9928afe Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 5 Apr 2023 10:49:02 +0100 Subject: [PATCH 0770/1000] (CONT-844) - Update .sync.yml --- .sync.yml | 24 ++++-------------------- 1 file changed, 4 insertions(+), 20 deletions(-) diff --git a/.sync.yml b/.sync.yml index 0f35b71e42..467ee6175a 100644 --- a/.sync.yml +++ b/.sync.yml @@ -18,23 +18,6 @@ Rakefile: spec/spec_helper.rb: mock_with: ":rspec" coverage_report: true -.github/workflows/nightly.yml: - unmanaged: false - exclude_platforms: - - Scientific-6 - - Scientific-7 - - Debian-9 - - Debian-10 - - Debian-11 - - SLES-12 - - SLES-15 - - Ubuntu-14.04 - - Ubuntu-16.04 - - Ubuntu-18.04 - - Ubuntu-20.04 - - Ubuntu-22.04 -.github/workflows/pr_test.yml: - unmanaged: false exclude_platforms: - Scientific-6 - Scientific-7 @@ -54,9 +37,10 @@ spec/spec_helper.rb: unmanaged: false .github/workflows/auto_release.yml: unmanaged: false -.github/workflows/spec.yml: - checks: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' - unmanaged: false +.github/workflows/ci.yml: + unmanaged: true +.github/workflows/nightly.yml: + unmanaged: true .github/workflows/release.yml: unmanaged: false .travis.yml: From 99c998a52bf8bca4ec1ff1aa3ba6855092caae85 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:24:42 +0100 Subject: [PATCH 0771/1000] (CONT-792) - PDK Update --- .devcontainer/devcontainer.json | 2 +- Gemfile | 46 ++++++++++++++++----------------- Rakefile | 2 +- metadata.json | 4 +-- spec/default_facts.yml | 1 - 5 files changed, 27 insertions(+), 28 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index fe7a8b12b9..cdd65d220a 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -5,7 +5,7 @@ "settings": { "terminal.integrated.profiles.linux": { "bash": { - "path": "bash", + "path": "bash" } } }, diff --git a/Gemfile b/Gemfile index 1881afe150..8456bee1c3 100644 --- a/Gemfile +++ b/Gemfile @@ -14,31 +14,31 @@ def location_for(place_or_version, fake_version = nil) end group :development do - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "voxpupuli-puppet-lint-plugins", '~> 3.1', require: false - gem "facterdb", '~> 1.18', require: false - gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false - gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0', require: false - gem "rspec-puppet-facts", '~> 2.0', require: false - gem "codecov", '~> 0.2', require: false - gem "dependency_checker", '~> 0.2', require: false - gem "parallel_tests", '~> 3.4', require: false - gem "pry", '~> 0.10', require: false - gem "simplecov-console", '~> 0.5', require: false - gem "puppet-debugger", '~> 1.0', require: false - gem "rubocop", '= 1.6.1', require: false - gem "rubocop-performance", '= 1.9.1', require: false - gem "rubocop-rspec", '= 2.0.1', require: false - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", '= 1.15.2', require: false + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false + gem "puppetlabs_spec_helper", '~> 5.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 0.2', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.6.1', require: false + gem "rubocop-performance", '= 1.9.1', require: false + gem "rubocop-rspec", '= 2.0.1', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do - gem "puppet_litmus", '<= 0.34.6', require: false, platforms: [:ruby] - gem "serverspec", '~> 2.41', require: false + gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index c4c0a26650..6cd888fa02 100644 --- a/Rakefile +++ b/Rakefile @@ -4,7 +4,6 @@ require 'bundler' require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? @@ -45,6 +44,7 @@ PuppetLint.configuration.send('disable_relative') PuppetLint.configuration.send('disable_anchor_resource') PuppetLint.configuration.send('disable_params_empty_string_assignment') + if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? diff --git a/metadata.json b/metadata.json index 0543336fc5..7c99caa482 100644 --- a/metadata.json +++ b/metadata.json @@ -94,7 +94,7 @@ "version_requirement": ">= 6.24.0 < 8.0.0" } ], - "pdk-version": "2.5.0", + "pdk-version": "2.7.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "2.7.1-0-g9a16c87" + "template-ref": "heads/main-0-ge5b0114" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml index 949419ff2a..f777abfc99 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -6,4 +6,3 @@ ipaddress: "172.16.254.254" ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" is_pe: false macaddress: "AA:AA:AA:AA:AA:AA" -path: '/bin:/usr/bin:/usr/local/bin' From b2a0b175cb2d5a5832b09b9d4dd07d786dacd29a Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:25:19 +0100 Subject: [PATCH 0772/1000] (CONT-792) - Add Puppet 8/Drop Puppet 6 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 7c99caa482..3a35eb4e79 100644 --- a/metadata.json +++ b/metadata.json @@ -91,7 +91,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.24.0 < 8.0.0" + "version_requirement": ">= 7.0.0 < 9.0.0" } ], "pdk-version": "2.7.0", From 7122e4c511d4f1790f2904af48e113f49c0dab0c Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:26:32 +0100 Subject: [PATCH 0773/1000] (CONT-792) - Update rubocop gems --- Gemfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 8456bee1c3..7fad5040d0 100644 --- a/Gemfile +++ b/Gemfile @@ -30,9 +30,9 @@ group :development do gem "pry", '~> 0.10', require: false gem "simplecov-console", '~> 0.5', require: false gem "puppet-debugger", '~> 1.0', require: false - gem "rubocop", '= 1.6.1', require: false - gem "rubocop-performance", '= 1.9.1', require: false - gem "rubocop-rspec", '= 2.0.1', require: false + gem "rubocop", '~> 1.48.1', require: false + gem "rubocop-performance", '~> 1.16', require: false + gem "rubocop-rspec", '~> 2.19', require: false gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", '= 1.15.2', require: false end From 4708b40768ab1e008c8876b515cb8c706eb63df3 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:26:47 +0100 Subject: [PATCH 0774/1000] (CONT-792) - Pin puppet_agent v4.13.0 --- .fixtures.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.fixtures.yml b/.fixtures.yml index e67535c8db..9846440fef 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -9,7 +9,7 @@ fixtures: provision: "https://github.com/puppetlabs/provision.git" puppet_agent: repo: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' - ref: v4.12.1 + ref: v4.13.0 stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" systemd: "https://github.com/voxpupuli/puppet-systemd.git" From f2e450ade511528df88c6ed954c8781aff6ec931 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:27:41 +0100 Subject: [PATCH 0775/1000] (CONT-792) - Update .rubocop.yml --- .rubocop.yml | 445 +-------------------------------------------------- 1 file changed, 6 insertions(+), 439 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 31e8248ff8..83745bcb1c 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,10 +1,15 @@ --- +inherit_from: .rubocop_todo.yml + require: - rubocop-performance - rubocop-rspec AllCops: + NewCops: enable DisplayCopNames: true - TargetRubyVersion: '2.5' + ExtraDetails: true + DisplayStyleGuide: true + TargetRubyVersion: '2.7' Include: - "**/*.rb" Exclude: @@ -79,441 +84,3 @@ Style/Documentation: - spec/**/* Style/WordArray: EnforcedStyle: brackets -Performance/AncestorsInclude: - Enabled: true -Performance/BigDecimalWithNumericArgument: - Enabled: true -Performance/BlockGivenWithExplicitBlock: - Enabled: true -Performance/CaseWhenSplat: - Enabled: true -Performance/ConstantRegexp: - Enabled: true -Performance/MethodObjectAsBlock: - Enabled: true -Performance/RedundantSortBlock: - Enabled: true -Performance/RedundantStringChars: - Enabled: true -Performance/ReverseFirst: - Enabled: true -Performance/SortReverse: - Enabled: true -Performance/Squeeze: - Enabled: true -Performance/StringInclude: - Enabled: true -Performance/Sum: - Enabled: true -Style/CollectionMethods: - Enabled: true -Style/MethodCalledOnDoEndBlock: - Enabled: true -Style/StringMethods: - Enabled: true -Bundler/InsecureProtocolSource: - Enabled: false -Gemspec/DuplicatedAssignment: - Enabled: false -Gemspec/OrderedDependencies: - Enabled: false -Gemspec/RequiredRubyVersion: - Enabled: false -Gemspec/RubyVersionGlobalsUsage: - Enabled: false -Layout/ArgumentAlignment: - Enabled: false -Layout/BeginEndAlignment: - Enabled: false -Layout/ClosingHeredocIndentation: - Enabled: false -Layout/EmptyComment: - Enabled: false -Layout/EmptyLineAfterGuardClause: - Enabled: false -Layout/EmptyLinesAroundArguments: - Enabled: false -Layout/EmptyLinesAroundAttributeAccessor: - Enabled: false -Layout/EndOfLine: - Enabled: false -Layout/FirstArgumentIndentation: - Enabled: false -Layout/HashAlignment: - Enabled: false -Layout/HeredocIndentation: - Enabled: false -Layout/LeadingEmptyLines: - Enabled: false -Layout/SpaceAroundMethodCallOperator: - Enabled: false -Layout/SpaceInsideArrayLiteralBrackets: - Enabled: false -Layout/SpaceInsideReferenceBrackets: - Enabled: false -Lint/BigDecimalNew: - Enabled: false -Lint/BooleanSymbol: - Enabled: false -Lint/ConstantDefinitionInBlock: - Enabled: false -Lint/DeprecatedOpenSSLConstant: - Enabled: false -Lint/DisjunctiveAssignmentInConstructor: - Enabled: false -Lint/DuplicateElsifCondition: - Enabled: false -Lint/DuplicateRequire: - Enabled: false -Lint/DuplicateRescueException: - Enabled: false -Lint/EmptyConditionalBody: - Enabled: false -Lint/EmptyFile: - Enabled: false -Lint/ErbNewArguments: - Enabled: false -Lint/FloatComparison: - Enabled: false -Lint/HashCompareByIdentity: - Enabled: false -Lint/IdentityComparison: - Enabled: false -Lint/InterpolationCheck: - Enabled: false -Lint/MissingCopEnableDirective: - Enabled: false -Lint/MixedRegexpCaptureTypes: - Enabled: false -Lint/NestedPercentLiteral: - Enabled: false -Lint/NonDeterministicRequireOrder: - Enabled: false -Lint/OrderedMagicComments: - Enabled: false -Lint/OutOfRangeRegexpRef: - Enabled: false -Lint/RaiseException: - Enabled: false -Lint/RedundantCopEnableDirective: - Enabled: false -Lint/RedundantRequireStatement: - Enabled: false -Lint/RedundantSafeNavigation: - Enabled: false -Lint/RedundantWithIndex: - Enabled: false -Lint/RedundantWithObject: - Enabled: false -Lint/RegexpAsCondition: - Enabled: false -Lint/ReturnInVoidContext: - Enabled: false -Lint/SafeNavigationConsistency: - Enabled: false -Lint/SafeNavigationWithEmpty: - Enabled: false -Lint/SelfAssignment: - Enabled: false -Lint/SendWithMixinArgument: - Enabled: false -Lint/ShadowedArgument: - Enabled: false -Lint/StructNewOverride: - Enabled: false -Lint/ToJSON: - Enabled: false -Lint/TopLevelReturnWithArgument: - Enabled: false -Lint/TrailingCommaInAttributeDeclaration: - Enabled: false -Lint/UnreachableLoop: - Enabled: false -Lint/UriEscapeUnescape: - Enabled: false -Lint/UriRegexp: - Enabled: false -Lint/UselessMethodDefinition: - Enabled: false -Lint/UselessTimes: - Enabled: false -Metrics/AbcSize: - Enabled: false -Metrics/BlockLength: - Enabled: false -Metrics/BlockNesting: - Enabled: false -Metrics/ClassLength: - Enabled: false -Metrics/CyclomaticComplexity: - Enabled: false -Metrics/MethodLength: - Enabled: false -Metrics/ModuleLength: - Enabled: false -Metrics/ParameterLists: - Enabled: false -Metrics/PerceivedComplexity: - Enabled: false -Migration/DepartmentName: - Enabled: false -Naming/AccessorMethodName: - Enabled: false -Naming/BlockParameterName: - Enabled: false -Naming/HeredocDelimiterCase: - Enabled: false -Naming/HeredocDelimiterNaming: - Enabled: false -Naming/MemoizedInstanceVariableName: - Enabled: false -Naming/MethodParameterName: - Enabled: false -Naming/RescuedExceptionsVariableName: - Enabled: false -Naming/VariableNumber: - Enabled: false -Performance/BindCall: - Enabled: false -Performance/DeletePrefix: - Enabled: false -Performance/DeleteSuffix: - Enabled: false -Performance/InefficientHashSearch: - Enabled: false -Performance/UnfreezeString: - Enabled: false -Performance/UriDefaultParser: - Enabled: false -RSpec/Be: - Enabled: false -RSpec/Capybara/CurrentPathExpectation: - Enabled: false -RSpec/Capybara/FeatureMethods: - Enabled: false -RSpec/Capybara/VisibilityMatcher: - Enabled: false -RSpec/ContextMethod: - Enabled: false -RSpec/ContextWording: - Enabled: false -RSpec/DescribeClass: - Enabled: false -RSpec/EmptyHook: - Enabled: false -RSpec/EmptyLineAfterExample: - Enabled: false -RSpec/EmptyLineAfterExampleGroup: - Enabled: false -RSpec/EmptyLineAfterHook: - Enabled: false -RSpec/ExampleLength: - Enabled: false -RSpec/ExampleWithoutDescription: - Enabled: false -RSpec/ExpectChange: - Enabled: false -RSpec/ExpectInHook: - Enabled: false -RSpec/FactoryBot/AttributeDefinedStatically: - Enabled: false -RSpec/FactoryBot/CreateList: - Enabled: false -RSpec/FactoryBot/FactoryClassName: - Enabled: false -RSpec/HooksBeforeExamples: - Enabled: false -RSpec/ImplicitBlockExpectation: - Enabled: false -RSpec/ImplicitSubject: - Enabled: false -RSpec/LeakyConstantDeclaration: - Enabled: false -RSpec/LetBeforeExamples: - Enabled: false -RSpec/MissingExampleGroupArgument: - Enabled: false -RSpec/MultipleExpectations: - Enabled: false -RSpec/MultipleMemoizedHelpers: - Enabled: false -RSpec/MultipleSubjects: - Enabled: false -RSpec/NestedGroups: - Enabled: false -RSpec/PredicateMatcher: - Enabled: false -RSpec/ReceiveCounts: - Enabled: false -RSpec/ReceiveNever: - Enabled: false -RSpec/RepeatedExampleGroupBody: - Enabled: false -RSpec/RepeatedExampleGroupDescription: - Enabled: false -RSpec/RepeatedIncludeExample: - Enabled: false -RSpec/ReturnFromStub: - Enabled: false -RSpec/SharedExamples: - Enabled: false -RSpec/StubbedMock: - Enabled: false -RSpec/UnspecifiedException: - Enabled: false -RSpec/VariableDefinition: - Enabled: false -RSpec/VoidExpect: - Enabled: false -RSpec/Yield: - Enabled: false -Security/Open: - Enabled: false -Style/AccessModifierDeclarations: - Enabled: false -Style/AccessorGrouping: - Enabled: false -Style/AsciiComments: - Enabled: false -Style/BisectedAttrAccessor: - Enabled: false -Style/CaseLikeIf: - Enabled: false -Style/ClassEqualityComparison: - Enabled: false -Style/ColonMethodDefinition: - Enabled: false -Style/CombinableLoops: - Enabled: false -Style/CommentedKeyword: - Enabled: false -Style/Dir: - Enabled: false -Style/DoubleCopDisableDirective: - Enabled: false -Style/EmptyBlockParameter: - Enabled: false -Style/EmptyLambdaParameter: - Enabled: false -Style/Encoding: - Enabled: false -Style/EvalWithLocation: - Enabled: false -Style/ExpandPathArguments: - Enabled: false -Style/ExplicitBlockArgument: - Enabled: false -Style/ExponentialNotation: - Enabled: false -Style/FloatDivision: - Enabled: false -Style/FrozenStringLiteralComment: - Enabled: false -Style/GlobalStdStream: - Enabled: false -Style/HashAsLastArrayItem: - Enabled: false -Style/HashLikeCase: - Enabled: false -Style/HashTransformKeys: - Enabled: false -Style/HashTransformValues: - Enabled: false -Style/IfUnlessModifier: - Enabled: false -Style/KeywordParametersOrder: - Enabled: false -Style/MinMax: - Enabled: false -Style/MixinUsage: - Enabled: false -Style/MultilineWhenThen: - Enabled: false -Style/NegatedUnless: - Enabled: false -Style/NumericPredicate: - Enabled: false -Style/OptionalBooleanParameter: - Enabled: false -Style/OrAssignment: - Enabled: false -Style/RandomWithOffset: - Enabled: false -Style/RedundantAssignment: - Enabled: false -Style/RedundantCondition: - Enabled: false -Style/RedundantConditional: - Enabled: false -Style/RedundantFetchBlock: - Enabled: false -Style/RedundantFileExtensionInRequire: - Enabled: false -Style/RedundantRegexpCharacterClass: - Enabled: false -Style/RedundantRegexpEscape: - Enabled: false -Style/RedundantSelfAssignment: - Enabled: false -Style/RedundantSort: - Enabled: false -Style/RescueStandardError: - Enabled: false -Style/SingleArgumentDig: - Enabled: false -Style/SlicingWithRange: - Enabled: false -Style/SoleNestedConditional: - Enabled: false -Style/StderrPuts: - Enabled: false -Style/StringConcatenation: - Enabled: false -Style/Strip: - Enabled: false -Style/SymbolProc: - Enabled: false -Style/TrailingBodyOnClass: - Enabled: false -Style/TrailingBodyOnMethodDefinition: - Enabled: false -Style/TrailingBodyOnModule: - Enabled: false -Style/TrailingCommaInHashLiteral: - Enabled: false -Style/TrailingMethodEndStatement: - Enabled: false -Style/UnpackFirst: - Enabled: false -Lint/DuplicateBranch: - Enabled: false -Lint/DuplicateRegexpCharacterClassElement: - Enabled: false -Lint/EmptyBlock: - Enabled: false -Lint/EmptyClass: - Enabled: false -Lint/NoReturnInBeginEndBlocks: - Enabled: false -Lint/ToEnumArguments: - Enabled: false -Lint/UnexpectedBlockArity: - Enabled: false -Lint/UnmodifiedReduceAccumulator: - Enabled: false -Performance/CollectionLiteralInLoop: - Enabled: false -Style/ArgumentsForwarding: - Enabled: false -Style/CollectionCompact: - Enabled: false -Style/DocumentDynamicEvalDefinition: - Enabled: false -Style/NegatedIfElseCondition: - Enabled: false -Style/NilLambda: - Enabled: false -Style/RedundantArgument: - Enabled: false -Style/SwapValues: - Enabled: false From 8fa354cc7ecb9a224a2b9a4b40709aabd68ea6b1 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:28:10 +0100 Subject: [PATCH 0776/1000] (CONT-792) - add rubocop_todo --- .rubocop_todo.yml | 435 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 435 insertions(+) create mode 100644 .rubocop_todo.yml diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml new file mode 100644 index 0000000000..b110331ea1 --- /dev/null +++ b/.rubocop_todo.yml @@ -0,0 +1,435 @@ +# This configuration was generated by +# `rubocop --auto-gen-config` +# on 2023-04-19 13:27:54 UTC using RuboCop version 1.48.1. +# The point is for the user to remove these configuration records +# one by one as the offenses are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of RuboCop, may require this file to be generated again. + +# Offense count: 11 +# This cop supports safe autocorrection (--autocorrect). +Layout/ClosingHeredocIndentation: + Exclude: + - 'lib/puppet/type/postgresql_replication_slot.rb' + - 'spec/acceptance/alternative_port_spec.rb' + - 'spec/acceptance/overridden_settings_spec.rb' + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/acceptance/utf8_encoding_spec.rb' + +# Offense count: 6 +# This cop supports safe autocorrection (--autocorrect). +Layout/EmptyLineAfterGuardClause: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_password.rb' + - 'lib/puppet/provider/postgresql_replication_slot/ruby.rb' + - 'lib/puppet/type/postgresql_psql.rb' + - 'tasks/sql.rb' + +# Offense count: 80 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle. +# SupportedHashRocketStyles: key, separator, table +# SupportedColonStyles: key, separator, table +# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit +Layout/HashAlignment: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' + - 'spec/classes/globals_spec.rb' + - 'spec/classes/server_spec.rb' + - 'spec/defines/server/database_spec.rb' + - 'spec/defines/server/default_privileges_spec.rb' + - 'spec/defines/server/grant_spec.rb' + - 'spec/defines/server/role_spec.rb' + - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' + - 'spec/spec_helper_local.rb' + +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +Layout/HeredocIndentation: + Exclude: + - 'lib/puppet/type/postgresql_replication_slot.rb' + +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyle, IndentationWidth. +# SupportedStyles: aligned, indented +Layout/LineEndStringConcatenationIndentation: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' + +# Offense count: 6 +# This cop supports safe autocorrection (--autocorrect). +Layout/SpaceAroundMethodCallOperator: + Exclude: + - 'spec/classes/server/config_spec.rb' + +# Offense count: 15 +# This cop supports unsafe autocorrection (--autocorrect-all). +Lint/BooleanSymbol: + Exclude: + - 'lib/puppet/provider/postgresql_psql/ruby.rb' + - 'lib/puppet/type/postgresql_psql.rb' + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 2 +# Configuration parameters: AllowedMethods. +# AllowedMethods: enums +Lint/ConstantDefinitionInBlock: + Exclude: + - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' + +# Offense count: 3 +# This cop supports safe autocorrection (--autocorrect). +Lint/DeprecatedOpenSSLConstant: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_password.rb' + +# Offense count: 1 +# Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches. +Lint/DuplicateBranch: + Exclude: + - 'spec/spec_helper_local.rb' + +# Offense count: 1 +# Configuration parameters: AllowComments, AllowEmptyLambdas. +Lint/EmptyBlock: + Exclude: + - 'spec/unit/provider/postgresql_conf/parsed_spec.rb' + +# Offense count: 2 +# Configuration parameters: MaximumRangeSize. +Lint/MissingCopEnableDirective: + Exclude: + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +Lint/RedundantCopEnableDirective: + Exclude: + - 'lib/puppet/type/postgresql_psql.rb' + +# Offense count: 6 +# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. +Metrics/AbcSize: + Max: 49 + +# Offense count: 8 +# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns, inherit_mode. +# AllowedMethods: refine +Metrics/BlockLength: + Max: 121 + +# Offense count: 3 +# Configuration parameters: AllowedMethods, AllowedPatterns. +Metrics/CyclomaticComplexity: + Max: 9 + +# Offense count: 6 +# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns. +Metrics/MethodLength: + Max: 31 + +# Offense count: 1 +# Configuration parameters: CountKeywordArgs, MaxOptionalParameters. +Metrics/ParameterLists: + Max: 6 + +# Offense count: 4 +# Configuration parameters: AllowedMethods, AllowedPatterns. +Metrics/PerceivedComplexity: + Max: 11 + +# Offense count: 1 +Naming/AccessorMethodName: + Exclude: + - 'lib/puppet/type/postgresql_psql.rb' + +# Offense count: 24 +# Configuration parameters: ForbiddenDelimiters. +# ForbiddenDelimiters: (?i-mx:(^|\s)(EO[A-Z]{1}|END)(\s|$)) +Naming/HeredocDelimiterNaming: + Exclude: + - 'lib/puppet/type/postgresql_conn_validator.rb' + - 'lib/puppet/type/postgresql_replication_slot.rb' + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/acceptance/server/recovery_spec.rb' + - 'spec/classes/server/config_spec.rb' + - 'spec/classes/server/initdb_spec.rb' + - 'spec/classes/server_spec.rb' + - 'spec/defines/server/default_privileges_spec.rb' + - 'spec/defines/server/grant_spec.rb' + +# Offense count: 3 +# This cop supports unsafe autocorrection (--autocorrect-all). +RSpec/BeEq: + Exclude: + - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' + - 'spec/spec_helper_local.rb' + +# Offense count: 2 +# This cop supports safe autocorrection (--autocorrect). +RSpec/ContextMethod: + Exclude: + - 'spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb' + +# Offense count: 104 +# Configuration parameters: Prefixes, AllowedPatterns. +# Prefixes: when, with, without +RSpec/ContextWording: + Enabled: false + +# Offense count: 73 +# Configuration parameters: IgnoredMetadata. +RSpec/DescribeClass: + Enabled: false + +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +RSpec/EmptyHook: + Exclude: + - 'spec/unit/provider/postgresql_conf/parsed_spec.rb' + +# Offense count: 74 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: AllowConsecutiveOneLiners. +RSpec/EmptyLineAfterExample: + Enabled: false + +# Offense count: 29 +# This cop supports safe autocorrection (--autocorrect). +RSpec/EmptyLineAfterExampleGroup: + Exclude: + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/defines/server/pg_hba_rule_spec.rb' + - 'spec/defines/server/pg_ident_rule_spec.rb' + - 'spec/defines/server/recovery_spec.rb' + - 'spec/type_aliases/pg_hba_rule_spec.rb' + - 'spec/type_aliases/pg_hba_rules_spec.rb' + - 'spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb' + - 'spec/unit/puppet/type/postgresql_conn_validator.rb' + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 2 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: AllowConsecutiveOneLiners. +RSpec/EmptyLineAfterHook: + Exclude: + - 'spec/acceptance/server/recovery_spec.rb' + - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' + +# Offense count: 42 +# Configuration parameters: CountAsOne. +RSpec/ExampleLength: + Max: 53 + +# Offense count: 2 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: CustomTransform, IgnoredWords, DisallowedExamples. +# DisallowedExamples: works +RSpec/ExampleWording: + Exclude: + - 'spec/classes/globals_spec.rb' + +# Offense count: 3 +RSpec/ExpectInHook: + Exclude: + - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 7 +# Configuration parameters: Include, CustomTransform, IgnoreMethods, SpecSuffixOnly. +# Include: **/*_spec*rb*, **/spec/**/* +RSpec/FilePath: + Exclude: + - 'spec/defines/server/instance/config.rb' + - 'spec/defines/server/instance/initdb.rb' + - 'spec/defines/server/instance/late_initdb.rb' + - 'spec/defines/server/instance/passwd.rb' + - 'spec/defines/server/instance/reload.rb' + - 'spec/defines/server/instance/service.rb' + - 'spec/unit/puppet/type/postgresql_conn_validator.rb' + +# Offense count: 183 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyle. +# SupportedStyles: single_line_only, single_statement_only, disallow, require_implicit +RSpec/ImplicitSubject: + Enabled: false + +# Offense count: 2 +RSpec/LeakyConstantDeclaration: + Exclude: + - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' + +# Offense count: 63 +# This cop supports safe autocorrection (--autocorrect). +RSpec/LetBeforeExamples: + Enabled: false + +# Offense count: 45 +RSpec/MultipleExpectations: + Max: 6 + +# Offense count: 19 +# Configuration parameters: AllowSubject. +RSpec/MultipleMemoizedHelpers: + Max: 18 + +# Offense count: 1 +# Configuration parameters: AllowedGroups. +RSpec/NestedGroups: + Max: 4 + +# Offense count: 20 +# Configuration parameters: AllowedPatterns. +# AllowedPatterns: ^expect_, ^assert_ +RSpec/NoExpectationExample: + Exclude: + - 'spec/acceptance/alternative_port_spec.rb' + - 'spec/acceptance/default_parameters_spec.rb' + - 'spec/acceptance/postgresql_conn_validator_spec.rb' + - 'spec/acceptance/postgresql_psql_spec.rb' + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/acceptance/server/recovery_spec.rb' + - 'spec/acceptance/sql_task_spec.rb' + - 'spec/acceptance/z_alternative_pgdata_spec.rb' + - 'spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb' + +# Offense count: 17 +RSpec/RepeatedExampleGroupDescription: + Exclude: + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/defines/server/extension_spec.rb' + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 15 +RSpec/StubbedMock: + Exclude: + - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: EnforcedStyle. +# SupportedStyles: nested, compact +Style/ClassAndModuleChildren: + Exclude: + - 'lib/puppet/util/postgresql_validator.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +Style/CommentedKeyword: + Exclude: + - 'spec/acceptance/server/reassign_owned_by_spec.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: EnforcedStyle. +# SupportedStyles: always, always_true, never +Style/FrozenStringLiteralComment: + Exclude: + - 'lib/puppet/functions/postgresql/prepend_sql_password.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +Style/GlobalStdStream: + Exclude: + - 'tasks/sql.rb' + +# Offense count: 9 +# This cop supports safe autocorrection (--autocorrect). +Style/IfUnlessModifier: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' + - 'lib/puppet/functions/postgresql/postgresql_password.rb' + - 'lib/puppet/provider/postgresql_psql/ruby.rb' + - 'lib/puppet/provider/postgresql_replication_slot/ruby.rb' + - 'lib/puppet/type/postgresql_psql.rb' + - 'spec/acceptance/server/grant_role_spec.rb' + - 'spec/acceptance/server/grant_spec.rb' + - 'spec/acceptance/server/schema_spec.rb' + - 'spec/acceptance/z_alternative_pgdata_spec.rb' + +# Offense count: 2 +Style/MixinUsage: + Exclude: + - 'spec/spec_helper.rb' + - 'spec/spec_helper_local.rb' + +# Offense count: 5 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: EnforcedStyle, AllowedMethods, AllowedPatterns. +# SupportedStyles: predicate, comparison +Style/NumericPredicate: + Exclude: + - 'spec/**/*' + - 'lib/puppet/type/postgresql_psql.rb' + +# Offense count: 2 +# Configuration parameters: AllowedMethods. +# AllowedMethods: respond_to_missing? +Style/OptionalBooleanParameter: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_password.rb' + - 'lib/puppet/type/postgresql_psql.rb' + +# Offense count: 16 +# This cop supports safe autocorrection (--autocorrect). +Style/RedundantRegexpCharacterClass: + Exclude: + - 'spec/defines/server/recovery_spec.rb' + +# Offense count: 7 +# This cop supports safe autocorrection (--autocorrect). +Style/RedundantRegexpEscape: + Exclude: + - 'lib/puppet/provider/postgresql_conf/parsed.rb' + - 'lib/puppet/type/postgresql_conf.rb' + - 'spec/defines/server/pg_hba_rule_spec.rb' + - 'spec/spec_helper_acceptance_local.rb' + +# Offense count: 2 +# This cop supports safe autocorrection (--autocorrect). +Style/RedundantStringEscape: + Exclude: + - 'spec/acceptance/db_spec.rb' + +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyle. +# SupportedStyles: implicit, explicit +Style/RescueStandardError: + Exclude: + - 'spec/spec_helper.rb' + +# Offense count: 3 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: Mode. +Style/StringConcatenation: + Exclude: + - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' + - 'lib/puppet/functions/postgresql/postgresql_password.rb' + - 'lib/puppet/provider/postgresql_psql/ruby.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: AllowMethodsWithArguments, AllowedMethods, AllowedPatterns, AllowComments. +# AllowedMethods: define_method +Style/SymbolProc: + Exclude: + - 'spec/spec_helper_acceptance_local.rb' + +# Offense count: 2 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyle, AllowSafeAssignment. +# SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex +Style/TernaryParentheses: + Exclude: + - 'spec/spec_helper_local.rb' + +# Offense count: 137 +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyleForMultiline. +# SupportedStylesForMultiline: comma, consistent_comma, no_comma +Style/TrailingCommaInHashLiteral: + Enabled: false From 02305d00f62bd6a86e268296c08435a68a315b7e Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:31:27 +0100 Subject: [PATCH 0777/1000] (CONT-792) - Correct Layout/ClosingHeredocIndentation --- .rubocop_todo.yml | 18 ------------------ lib/puppet/type/postgresql_psql.rb | 10 +++++----- lib/puppet/type/postgresql_replication_slot.rb | 2 +- spec/acceptance/alternative_port_spec.rb | 2 +- spec/acceptance/overridden_settings_spec.rb | 2 +- spec/acceptance/server/grant_spec.rb | 14 +++++++------- spec/acceptance/utf8_encoding_spec.rb | 2 +- 7 files changed, 16 insertions(+), 34 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index b110331ea1..98e8b9686d 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,21 +1,3 @@ -# This configuration was generated by -# `rubocop --auto-gen-config` -# on 2023-04-19 13:27:54 UTC using RuboCop version 1.48.1. -# The point is for the user to remove these configuration records -# one by one as the offenses are removed from the code base. -# Note that changes in the inspected code, or installation of new -# versions of RuboCop, may require this file to be generated again. - -# Offense count: 11 -# This cop supports safe autocorrection (--autocorrect). -Layout/ClosingHeredocIndentation: - Exclude: - - 'lib/puppet/type/postgresql_replication_slot.rb' - - 'spec/acceptance/alternative_port_spec.rb' - - 'spec/acceptance/overridden_settings_spec.rb' - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/acceptance/utf8_encoding_spec.rb' - # Offense count: 6 # This cop supports safe autocorrection (--autocorrect). Layout/EmptyLineAfterGuardClause: diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 8e04be47e8..402bfdcc2d 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -23,7 +23,7 @@ def retrieve def sync output, status = provider.run_sql_command(value) - raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 + raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status.zero? end end @@ -38,12 +38,12 @@ def sync # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) - fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status == 0 # rubocop:disable Style/SignalException + fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status.zero? # rubocop:disable Style/SignalException # rubocop:enable Style/NumericPredicate result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'unless' clause") - result_count > 0 + result_count.positive? end end @@ -60,10 +60,10 @@ def matches(value) output, status = provider.run_unless_sql_command(value) status = output.exitcode if status.nil? - raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 + raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status.zero? result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'onlyif' clause") - result_count > 0 + result_count.positive? end end diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index f54157d3a9..a9820bd6e9 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -7,7 +7,7 @@ This type allows to create and destroy replication slots to register warm standby replication on a Postgresql primary server. -EOS + EOS ensurable diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 1441a010df..125fbd3f3a 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -8,7 +8,7 @@ it 'on an alternative port' do pp = <<-MANIFEST class { 'postgresql::server': port => '55433', manage_selinux => true } - MANIFEST + MANIFEST if os[:family] == 'redhat' && os[:release].start_with?('8') apply_manifest(pp, expect_failures: false) # GCP failures on redhat8 IAC-1286 - idempotency failing diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 1127a6c2c5..bec2f6908d 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -31,7 +31,7 @@ class { 'postgresql::server': postgresql::server::database { 'testusername': owner => 'testusername', } - MANIFEST + MANIFEST end it 'with additional hiera entries' do diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 6ac18f97d8..43f6826c71 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -315,7 +315,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS pp_revoke = pp_setup + <<-EOS.unindent @@ -337,7 +337,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') idempotent_apply(pp_create_table) @@ -376,7 +376,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS pp_revoke = pp_setup + <<-EOS.unindent @@ -389,7 +389,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one @@ -428,7 +428,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS pp_revoke = pp_setup + <<-EOS.unindent @@ -441,7 +441,7 @@ class { 'postgresql::server': } role => $user, require => [ Postgresql::Server::Role[$user] ], } - EOS + EOS if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') ## pp_create_table sets up the permissions that pp_grant 'fixes', so these to steps cannot be rolled into one @@ -484,7 +484,7 @@ class { 'postgresql::server': } db => '#{db}', role => '#{user}_does_not_exist', } - EOS + EOS idempotent_apply(pp) end end diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index 886d1e9fcf..b816842138 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -10,7 +10,7 @@ class { 'postgresql::globals': locale => 'en_NG', } -> class { 'postgresql::server': } - MANIFEST + MANIFEST end it 'with defaults' do From 4d95ef729b5327873f99030c74c0d8f272e02856 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:31:55 +0100 Subject: [PATCH 0778/1000] (CONT-792) - Correct Layout/EmptyLineAfterGuardClause --- .rubocop_todo.yml | 10 ---------- lib/puppet/functions/postgresql/postgresql_password.rb | 1 + .../provider/postgresql_replication_slot/ruby.rb | 2 ++ lib/puppet/type/postgresql_psql.rb | 2 ++ tasks/sql.rb | 1 + 5 files changed, 6 insertions(+), 10 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 98e8b9686d..57749cc387 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,13 +1,3 @@ -# Offense count: 6 -# This cop supports safe autocorrection (--autocorrect). -Layout/EmptyLineAfterGuardClause: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_password.rb' - - 'lib/puppet/provider/postgresql_replication_slot/ruby.rb' - - 'lib/puppet/type/postgresql_psql.rb' - - 'tasks/sql.rb' - -# Offense count: 80 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle. # SupportedHashRocketStyles: key, separator, table diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 740a7640e8..56ace58f72 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -31,6 +31,7 @@ def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil if password.is_a?(String) && password.match?(%r{^(md5|SCRAM-SHA-256).+}) return password end + password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index 0c7adc74ce..3a711308e4 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -28,12 +28,14 @@ def exists? def create output = self.class.run_sql_command("SELECT * FROM pg_create_physical_replication_slot('#{resource[:name]}');") raise Puppet::Error, "Failed to create replication slot #{resource[:name]}:\n#{output[0]}" unless output[1].success? + @property_hash[:ensure] = :present end def destroy output = self.class.run_sql_command("SELECT pg_drop_replication_slot('#{resource[:name]}');") raise Puppet::Error, "Failed to destroy replication slot #{resource[:name]}:\n#{output[0]}" unless output[1].success? + @property_hash[:ensure] = :absent end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 402bfdcc2d..01315ce2d2 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -61,6 +61,7 @@ def matches(value) status = output.exitcode if status.nil? raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status.zero? + result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'onlyif' clause") result_count.positive? @@ -140,6 +141,7 @@ def should_run_sql(refreshing = false) return false if !onlyif_param.nil? && !onlyif_param.value.nil? && !onlyif_param.matches(onlyif_param.value) return false if !unless_param.nil? && !unless_param.value.nil? && unless_param.matches(unless_param.value) return false if !refreshing && @parameters[:refreshonly].value == :true + true end diff --git a/tasks/sql.rb b/tasks/sql.rb index 21028794c9..eb8193a38e 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -15,6 +15,7 @@ def get(sql, database, user, port, password, host) cmd_string << "--host=#{host}" unless host.nil? stdout, stderr, status = Open3.capture3(env_hash, *cmd_string) raise Puppet::Error, stderr if status != 0 + { status: stdout.strip } end From 33a3634d07ecf93eb462df2b6159c0cd9d8d726d Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:33:25 +0100 Subject: [PATCH 0779/1000] (CONT-792) - Correct Layout/HashAlignment --- .rubocop_todo.yml | 17 ----- .../postgresql_acls_to_resources_hash.rb | 6 +- spec/classes/globals_spec.rb | 4 +- spec/classes/server_spec.rb | 4 +- spec/defines/server/database_spec.rb | 2 +- .../defines/server/default_privileges_spec.rb | 2 +- spec/defines/server/grant_spec.rb | 2 +- spec/defines/server/role_spec.rb | 56 +++++++-------- ..._postgresql_acls_to_resources_hash_spec.rb | 70 +++++++++---------- spec/spec_helper_local.rb | 14 ++-- 10 files changed, 80 insertions(+), 97 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 57749cc387..3afd072c19 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,20 +1,3 @@ -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle. -# SupportedHashRocketStyles: key, separator, table -# SupportedColonStyles: key, separator, table -# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit -Layout/HashAlignment: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' - - 'spec/classes/globals_spec.rb' - - 'spec/classes/server_spec.rb' - - 'spec/defines/server/database_spec.rb' - - 'spec/defines/server/default_privileges_spec.rb' - - 'spec/defines/server/grant_spec.rb' - - 'spec/defines/server/role_spec.rb' - - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' - - 'spec/spec_helper_local.rb' - # Offense count: 1 # This cop supports safe autocorrection (--autocorrect). Layout/HeredocIndentation: diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 0a208af6f4..f0cdc4513c 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -31,10 +31,10 @@ def default_impl(acls, id, offset) end resource = { - 'type' => parts[0], + 'type' => parts[0], 'database' => parts[1], - 'user' => parts[2], - 'order' => '%03d' % (offset + index), + 'user' => parts[2], + 'order' => '%03d' % (offset + index), } if parts[0] == 'local' resource['auth_method'] = parts[3] diff --git a/spec/classes/globals_spec.rb b/spec/classes/globals_spec.rb index 4e994d91cb..8dab68f3e7 100644 --- a/spec/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -49,11 +49,11 @@ it do is_expected.to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', - 'proxy' => 'http://proxy-server:8080', + 'proxy' => 'http://proxy-server:8080', ) is_expected.to contain_yumrepo('pgdg-common').with( 'enabled' => '1', - 'proxy' => 'http://proxy-server:8080', + 'proxy' => 'http://proxy-server:8080', ) end end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 12f8137a00..b17b9385e7 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -62,7 +62,7 @@ class { 'postgresql::globals': end it 'sets postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', - 'user' => 'postgres', + 'user' => 'postgres', 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end @@ -84,7 +84,7 @@ class { 'postgresql::globals': end it 'sets postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], - 'user' => 'postgres', + 'user' => 'postgres', 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end diff --git a/spec/defines/server/database_spec.rb b/spec/defines/server/database_spec.rb index 158706001a..b2754ccaec 100644 --- a/spec/defines/server/database_spec.rb +++ b/spec/defines/server/database_spec.rb @@ -44,7 +44,7 @@ class {'postgresql::server':}" let(:params) do { connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' } } + 'PGPORT' => '1234' } } end it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(nil) } diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 933065f84f..8cefe474e0 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -221,7 +221,7 @@ class { 'postgresql::server': } object_type: 'tables', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', - 'PGPORT' => '1234' }, + 'PGPORT' => '1234' }, } end diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index cbb93c1093..0e8544ab2e 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -121,7 +121,7 @@ role: 'test', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' }, + 'PGPORT' => '1234' }, } end diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index 19c649ee22..dc99399432 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -23,17 +23,17 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => '5432') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', - 'port' => '5432') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', + 'port' => '5432') end end @@ -47,17 +47,17 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => '5432') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432') end it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', - 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', - 'port' => '5432') + .with('command' => 'Sensitive [value redacted]', + 'sensitive' => 'true', + 'unless' => 'Sensitive [value redacted]', + 'port' => '5432') end end @@ -65,9 +65,9 @@ let :params do { password_hash: 'new-pa$s', - connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', + connect_settings: { 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }, } end @@ -89,7 +89,7 @@ it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', 'port' => '5432', + 'unless' => 'Sensitive [value redacted]', 'port' => '5432', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end @@ -100,9 +100,9 @@ { password_hash: 'new-pa$s', connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }, } end @@ -114,7 +114,7 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) @@ -122,7 +122,7 @@ it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', + 'unless' => 'Sensitive [value redacted]', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end @@ -171,9 +171,9 @@ { password_hash: 'new-pa$s', connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }, psql_user: 'postgresql', psql_group: 'postgresql', diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 726bbdbbbd..a7e5c54997 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -9,11 +9,11 @@ input = 'local all postgres ident' result = { 'postgresql class generated rule test 0' => { - 'type' => 'local', - 'database' => 'all', - 'user' => 'postgres', + 'type' => 'local', + 'database' => 'all', + 'user' => 'postgres', 'auth_method' => 'ident', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) @@ -23,11 +23,11 @@ input = 'local all root ident' result = { 'postgresql class generated rule test 0' => { - 'type' => 'local', - 'database' => 'all', - 'user' => 'root', + 'type' => 'local', + 'database' => 'all', + 'user' => 'root', 'auth_method' => 'ident', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) @@ -37,11 +37,11 @@ input_array = ['local all all ident'] result = { 'postgresql class generated rule test 0' => { - 'type' => 'local', - 'database' => 'all', - 'user' => 'all', + 'type' => 'local', + 'database' => 'all', + 'user' => 'all', 'auth_method' => 'ident', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params(input_array, 'test', 100).and_return(result) @@ -51,12 +51,12 @@ input = 'host all all 127.0.0.1/32 md5' result = { 'postgresql class generated rule test 0' => { - 'type' => 'host', - 'database' => 'all', - 'user' => 'all', - 'address' => '127.0.0.1/32', + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '127.0.0.1/32', 'auth_method' => 'md5', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) @@ -66,12 +66,12 @@ input = 'host all all 0.0.0.0/0 md5' result = { 'postgresql class generated rule test 0' => { - 'type' => 'host', - 'database' => 'all', - 'user' => 'all', - 'address' => '0.0.0.0/0', + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '0.0.0.0/0', 'auth_method' => 'md5', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) @@ -81,12 +81,12 @@ input = 'host all all ::1/128 md5' result = { 'postgresql class generated rule test 0' => { - 'type' => 'host', - 'database' => 'all', - 'user' => 'all', - 'address' => '::1/128', + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '::1/128', 'auth_method' => 'md5', - 'order' => '100', + 'order' => '100', }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) @@ -96,12 +96,12 @@ input = 'host all all 1.1.1.1 255.255.255.0 md5' result = { 'postgresql class generated rule test 0' => { - 'type' => 'host', - 'database' => 'all', - 'user' => 'all', - 'address' => '1.1.1.1 255.255.255.0', + 'type' => 'host', + 'database' => 'all', + 'user' => 'all', + 'address' => '1.1.1.1 255.255.255.0', 'auth_method' => 'md5', - 'order' => '100', + 'order' => '100', }, } @@ -114,11 +114,11 @@ 'postgresql class generated rule test 0' => { 'type' => 'host', 'database' => 'all', - 'user' => 'all', - 'address' => '1.1.1.1 255.255.255.0', + 'user' => 'all', + 'address' => '1.1.1.1 255.255.255.0', 'auth_method' => 'ldap', 'auth_option' => 'ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"', - 'order' => '100', + 'order' => '100', }, } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index e7689b829a..33058f704f 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -151,11 +151,11 @@ def param(type, title, param) selinux: true, os: { 'architecture' => 'x86_64', - 'family' => 'RedHat', - 'hardware' => 'x86_64', - 'name' => 'Fedora', - 'release' => { - 'full' => '33', + 'family' => 'RedHat', + 'hardware' => 'x86_64', + 'name' => 'Fedora', + 'release' => { + 'full' => '33', 'major' => '33', 'minor' => '33', }, @@ -175,7 +175,7 @@ def param(type, title, param) family: 'RedHat', name: 'Amazon', release: { - 'full' => '1.0', + 'full' => '1.0', 'major' => '1', }, selinux: { 'enabled' => true }, @@ -196,7 +196,7 @@ def param(type, title, param) family: 'Gentoo', name: 'Gentoo', release: { - 'full' => 'unused', + 'full' => 'unused', 'major' => 'unused', }, selinux: { 'enabled' => false }, From 44e2ef801c4ca122ca51e8f9cd8480b65d57c058 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:34:57 +0100 Subject: [PATCH 0780/1000] (CONT-792) - Layout/HeredocIndentation --- .rubocop_todo.yml | 6 ------ lib/puppet/type/postgresql_replication_slot.rb | 10 +++++----- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 3afd072c19..f88ecda382 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,9 +1,3 @@ -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Layout/HeredocIndentation: - Exclude: - - 'lib/puppet/type/postgresql_replication_slot.rb' - # Offense count: 1 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: EnforcedStyle, IndentationWidth. diff --git a/lib/puppet/type/postgresql_replication_slot.rb b/lib/puppet/type/postgresql_replication_slot.rb index a9820bd6e9..c60584f0d9 100644 --- a/lib/puppet/type/postgresql_replication_slot.rb +++ b/lib/puppet/type/postgresql_replication_slot.rb @@ -1,12 +1,12 @@ # frozen_string_literal: true Puppet::Type.newtype(:postgresql_replication_slot) do - @doc = <<-EOS -@summary Manages Postgresql replication slots. + @doc = <<~EOS + @summary Manages Postgresql replication slots. -This type allows to create and destroy replication slots -to register warm standby replication on a Postgresql -primary server. + This type allows to create and destroy replication slots + to register warm standby replication on a Postgresql + primary server. EOS ensurable From 7606efaecc639549b67f67aef1d5b952d1f89c99 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:35:33 +0100 Subject: [PATCH 0781/1000] (CONT-792) - Layout/LineEndStringConcatenationIndentation --- .rubocop_todo.yml | 8 -------- .../postgresql/postgresql_acls_to_resources_hash.rb | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index f88ecda382..7f1fd2ef86 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,11 +1,3 @@ -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyle, IndentationWidth. -# SupportedStyles: aligned, indented -Layout/LineEndStringConcatenationIndentation: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' - # Offense count: 6 # This cop supports safe autocorrection (--autocorrect). Layout/SpaceAroundMethodCallOperator: diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index f0cdc4513c..f49c40c4e8 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -27,7 +27,7 @@ def default_impl(acls, id, offset) unless parts.length >= 4 raise(Puppet::ParseError, "postgresql::postgresql_acls_to_resources_hash(): acl line #{index} does not " \ - 'have enough parts') + 'have enough parts') end resource = { From f83639cffc812890017fdc99b0a4c9324a7b184e Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:36:10 +0100 Subject: [PATCH 0782/1000] (CONT-792) - Correct Layout/SpaceAroundMethodCallOperator --- .rubocop_todo.yml | 6 ------ spec/classes/server/config_spec.rb | 12 ++++++------ 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 7f1fd2ef86..372f4d9318 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,9 +1,3 @@ -# Offense count: 6 -# This cop supports safe autocorrection (--autocorrect). -Layout/SpaceAroundMethodCallOperator: - Exclude: - - 'spec/classes/server/config_spec.rb' - # Offense count: 15 # This cop supports unsafe autocorrection (--autocorrect-all). Lint/BooleanSymbol: diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index cb53f74b05..ca5ea876e5 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -22,7 +22,7 @@ it 'has the correct systemd-override drop file' do is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', - ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') + ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do @@ -59,7 +59,7 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').without_content(%r{\.include}) end end end @@ -79,7 +79,7 @@ class { 'postgresql::server': } it 'has the correct systemd-override drop file' do is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', - ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') + ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do @@ -103,7 +103,7 @@ class { 'postgresql::server': } ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').without_content(%r{\.include}) end end end @@ -123,7 +123,7 @@ class { 'postgresql::server': } it 'has the correct systemd-override drop file' do is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', - ) .that_requires('File[/etc/systemd/system/postgresql.service.d]') + ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do @@ -148,7 +148,7 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf') .without_content(%r{\.include}) + is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').without_content(%r{\.include}) end end end From 723ae0d7eb3f557e9b6328b6ada27e069b4598b1 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 14:36:53 +0100 Subject: [PATCH 0783/1000] (CONT-792) - Correct Lint/DeprecatedOpenSSLConstant --- .rubocop_todo.yml | 6 ------ lib/puppet/functions/postgresql/postgresql_password.rb | 6 +++--- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 372f4d9318..9b7f24f9ed 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -13,12 +13,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 3 -# This cop supports safe autocorrection (--autocorrect). -Lint/DeprecatedOpenSSLConstant: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_password.rb' - # Offense count: 1 # Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches. Lint/DuplicateBranch: diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 56ace58f72..1f27fb5bba 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -61,19 +61,19 @@ def digest_key(password, salt) salt: salt, iterations: 4096, length: 32, - hash: OpenSSL::Digest::SHA256.new, + hash: OpenSSL::Digest.new('SHA256'), ) end def client_key(digest_key) - hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest::SHA256.new) + hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest.new('SHA256')) hmac << 'Client Key' hmac.digest OpenSSL::Digest.new('SHA256').digest hmac.digest end def server_key(digest_key) - hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest::SHA256.new) + hmac = OpenSSL::HMAC.new(digest_key, OpenSSL::Digest.new('SHA256')) hmac << 'Server Key' hmac.digest end From 893798de62cb4a0d260fdf666e69e424ba3da402 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 16:21:43 +0100 Subject: [PATCH 0784/1000] (CONT-792) - Bump concat dependency --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 3a35eb4e79..bb06c26c2e 100644 --- a/metadata.json +++ b/metadata.json @@ -22,7 +22,7 @@ }, { "name": "puppetlabs/concat", - "version_requirement": ">= 4.1.0 < 8.0.0" + "version_requirement": ">= 4.1.0 < 9.0.0" } ], "operatingsystem_support": [ From c77755b75b3e8215600f1f246a1f3e4f00b3893f Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 16:50:06 +0100 Subject: [PATCH 0785/1000] (CONT-792) - Fix hash argument spec failure --- spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index 5e05cc2886..7762f1c1fa 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -92,7 +92,7 @@ expect(provider).to receive(:run_command).with(['psql', '-t', '-X', '-c', 'SELECT something'], - 'postgres', 'postgres', 'PGHOST' => '127.0.0.1') + 'postgres', 'postgres', { 'PGHOST' => '127.0.0.1' }) provider.run_sql_command('SELECT something') end From 84b36aa5aa626dd09f29b57051d81fc411e66d50 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:02:49 +0100 Subject: [PATCH 0786/1000] (CONT-792) - Remove Redundant RHEL7/Puppet 5 Spec test --- spec/classes/server/config_spec.rb | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index ca5ea876e5..ba19d7538e 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -29,18 +29,6 @@ is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') end - context 'RHEL 7 host with Puppet 5' do - include_examples 'RedHat 7' - - it 'has systemctl restart command' do - is_expected.to contain_exec('systemd-postgresql.service-systemctl-daemon-reload').with( - command: 'systemctl daemon-reload', - refreshonly: true, - path: '/bin:/usr/bin:/usr/local/bin', - ) - end - end - describe 'with manage_package_repo => true and a version' do let(:pre_condition) do <<-EOS From cf51a713189a15fb7f4391d0c9301e881aaf04d4 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:10:41 +0100 Subject: [PATCH 0787/1000] (CONT-792) - Correct Lint/DuplicateBranch --- .rubocop_todo.yml | 6 ------ spec/spec_helper_local.rb | 4 +--- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 9b7f24f9ed..795030a1a9 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -13,12 +13,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 1 -# Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches. -Lint/DuplicateBranch: - Exclude: - - 'spec/spec_helper_local.rb' - # Offense count: 1 # Configuration parameters: AllowComments, AllowEmptyLambdas. Lint/EmptyBlock: diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 33058f704f..6b8a14fc70 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -99,12 +99,10 @@ def param(type, title, param) # See https://github.com/voxpupuli/voxpupuli-test/blob/master/lib/voxpupuli/test/facts.rb add_custom_fact :service_provider, ->(_os, facts) do case facts[:osfamily].downcase - when 'archlinux' + when 'archlinux', 'debian' 'systemd' when 'darwin' 'launchd' - when 'debian' - 'systemd' when 'freebsd' 'freebsd' when 'gentoo' From 2345de712c018064c48a88f6b25a5d5ea5e118b8 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:12:59 +0100 Subject: [PATCH 0788/1000] (CONT-792) - Correct Lint/EmptyBlock --- .rubocop_todo.yml | 6 ------ spec/unit/provider/postgresql_conf/parsed_spec.rb | 3 --- 2 files changed, 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 795030a1a9..65c9bdd853 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -13,12 +13,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 1 -# Configuration parameters: AllowComments, AllowEmptyLambdas. -Lint/EmptyBlock: - Exclude: - - 'spec/unit/provider/postgresql_conf/parsed_spec.rb' - # Offense count: 2 # Configuration parameters: MaximumRangeSize. Lint/MissingCopEnableDirective: diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index b931ef2f71..3c3de16ddc 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -15,9 +15,6 @@ provider end - before(:each) do - end - after :each do provider.initvars end From c3632a96072d76ddda9cf7cc920cdaef20c240ab Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:14:21 +0100 Subject: [PATCH 0789/1000] (CONT-792) - Correct Lint/MissingCopEnableDirective --- .rubocop_todo.yml | 6 ------ spec/unit/puppet/type/postgresql_psql_spec.rb | 2 ++ 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 65c9bdd853..144fe015e0 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -13,12 +13,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 2 -# Configuration parameters: MaximumRangeSize. -Lint/MissingCopEnableDirective: - Exclude: - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - # Offense count: 1 # This cop supports safe autocorrection (--autocorrect). Lint/RedundantCopEnableDirective: diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index cc448bb711..9eb067ab3c 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -265,3 +265,5 @@ end end end +# rubocop:enable RSpec/NamedSubject +# rubocop:enable RSpec/SubjectStub From 27660b69bbea398d14c9c0414c7fe018aeb6003a Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:15:08 +0100 Subject: [PATCH 0790/1000] (CONT-792) - Correct Lint/RedundantCopEnableDirective --- .rubocop_todo.yml | 6 ------ lib/puppet/type/postgresql_psql.rb | 1 - 2 files changed, 7 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 144fe015e0..abe7689643 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -13,12 +13,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Lint/RedundantCopEnableDirective: - Exclude: - - 'lib/puppet/type/postgresql_psql.rb' - # Offense count: 6 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. Metrics/AbcSize: diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 01315ce2d2..2c701dcf22 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -39,7 +39,6 @@ def sync def matches(value) output, status = provider.run_unless_sql_command(value) fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status.zero? # rubocop:disable Style/SignalException - # rubocop:enable Style/NumericPredicate result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'unless' clause") From db6f562a48f65229748b49ca87fec5015b0267dd Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:18:09 +0100 Subject: [PATCH 0791/1000] (CONT-792) - Correct Naming/AccessorMethodName --- .rubocop_todo.yml | 6 +++--- lib/puppet/type/postgresql_psql.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index abe7689643..e689829b77 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -45,9 +45,9 @@ Metrics/PerceivedComplexity: Max: 11 # Offense count: 1 -Naming/AccessorMethodName: - Exclude: - - 'lib/puppet/type/postgresql_psql.rb' +# Naming/AccessorMethodName: +# Exclude: +# - 'lib/puppet/type/postgresql_psql.rb' # Offense count: 24 # Configuration parameters: ForbiddenDelimiters. diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 2c701dcf22..88039d4380 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -150,7 +150,7 @@ def refresh private - def set_sensitive_parameters(sensitive_parameters) + def sensitive_parameters=(sensitive_parameters) # Respect sensitive commands if sensitive_parameters.include?(:unless) sensitive_parameters.delete(:unless) From 5bbd183eb3d40222b8ecd7990de6a17661b5ca6a Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:20:54 +0100 Subject: [PATCH 0792/1000] (CONT-792) - Correct RSpec/BeEq --- .rubocop_todo.yml | 13 ++++--------- ...gresql_postgresql_acls_to_resources_hash_spec.rb | 2 +- spec/spec_helper_local.rb | 4 ++-- 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index e689829b77..ba56494c45 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -44,11 +44,6 @@ Metrics/ParameterLists: Metrics/PerceivedComplexity: Max: 11 -# Offense count: 1 -# Naming/AccessorMethodName: -# Exclude: -# - 'lib/puppet/type/postgresql_psql.rb' - # Offense count: 24 # Configuration parameters: ForbiddenDelimiters. # ForbiddenDelimiters: (?i-mx:(^|\s)(EO[A-Z]{1}|END)(\s|$)) @@ -66,10 +61,10 @@ Naming/HeredocDelimiterNaming: # Offense count: 3 # This cop supports unsafe autocorrection (--autocorrect-all). -RSpec/BeEq: - Exclude: - - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' - - 'spec/spec_helper_local.rb' +# RSpec/BeEq: +# Exclude: +# - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' +# - 'spec/spec_helper_local.rb' # Offense count: 2 # This cop supports safe autocorrection (--autocorrect). diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index a7e5c54997..7141ddfab9 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' describe 'postgresql::postgresql_acls_to_resources_hash' do - it { is_expected.not_to eq(nil) } + it { is_expected.not_to be_nil } context 'individual transform tests' do it do input = 'local all postgres ident' diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 6b8a14fc70..cc60e3a1eb 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -45,7 +45,7 @@ def param(type, title, param) end shared_examples 'postgresql_password function' do - it { is_expected.not_to eq(nil) } + it { is_expected.not_to be_nil } it { is_expected.to run.with_params('foo', 'bar').and_return( @@ -73,7 +73,7 @@ def param(type, title, param) end shared_examples 'postgresql_escape function' do - it { is_expected.not_to eq(nil) } + it { is_expected.not_to be_nil } it { is_expected.to run.with_params('foo') .and_return('$$foo$$') From 8e0275aabdc6fd63b10a14e127a363a5472f3893 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:21:24 +0100 Subject: [PATCH 0793/1000] (CONT-792) - Correct RSpec/ContextMethod --- .rubocop_todo.yml | 12 ------------ .../puppet/provider/postgresql_psql/ruby_spec.rb | 4 ++-- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index ba56494c45..1e44aea111 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -59,18 +59,6 @@ Naming/HeredocDelimiterNaming: - 'spec/defines/server/default_privileges_spec.rb' - 'spec/defines/server/grant_spec.rb' -# Offense count: 3 -# This cop supports unsafe autocorrection (--autocorrect-all). -# RSpec/BeEq: -# Exclude: -# - 'spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb' -# - 'spec/spec_helper_local.rb' - -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -RSpec/ContextMethod: - Exclude: - - 'spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb' # Offense count: 104 # Configuration parameters: Prefixes, AllowedPatterns. diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index 7762f1c1fa..a7f961584f 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -9,7 +9,7 @@ end let(:provider) { resource.provider } - context('#run_sql_command') do + describe('#run_sql_command') do describe 'with default attributes' do let(:attributes) { { db: 'spec_db' } } @@ -98,7 +98,7 @@ end end - context('#run_unless_sql_command') do + describe('#run_unless_sql_command') do let(:attributes) { {} } it 'calls #run_sql_command with SQL' do From 92627d6aae96ecef9107840c7d1060f222252c87 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:22:18 +0100 Subject: [PATCH 0794/1000] (CONT-792) - Correct RSpec/EmptyLineAfterExample --- .rubocop_todo.yml | 11 ---------- spec/acceptance/server/grant_spec.rb | 1 + spec/classes/lib/java_spec.rb | 1 + spec/classes/lib/pgdocs_spec.rb | 1 + spec/classes/server/config_spec.rb | 2 ++ spec/classes/server/plperl_spec.rb | 2 ++ spec/classes/server/plpython_spec.rb | 2 ++ spec/classes/server_spec.rb | 20 +++++++++++++++++++ .../defines/server/default_privileges_spec.rb | 7 +++++++ spec/defines/server/extension_spec.rb | 2 ++ spec/defines/server/grant_role_spec.rb | 3 +++ spec/defines/server/grant_spec.rb | 9 +++++++++ spec/defines/server/role_spec.rb | 8 ++++++++ ..._postgresql_acls_to_resources_hash_spec.rb | 1 + spec/spec_helper_local.rb | 8 ++++++++ .../postgresql_replication_slot/ruby_spec.rb | 1 + .../puppet/type/postgresql_conn_validator.rb | 2 ++ spec/unit/type/postgresql_conf_spec.rb | 4 ++++ 18 files changed, 74 insertions(+), 11 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 1e44aea111..bcdad15a61 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -71,17 +71,6 @@ RSpec/ContextWording: RSpec/DescribeClass: Enabled: false -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -RSpec/EmptyHook: - Exclude: - - 'spec/unit/provider/postgresql_conf/parsed_spec.rb' - -# Offense count: 74 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: AllowConsecutiveOneLiners. -RSpec/EmptyLineAfterExample: - Enabled: false # Offense count: 29 # This cop supports safe autocorrection (--autocorrect). diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 43f6826c71..009273aa76 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -255,6 +255,7 @@ class { 'postgresql::server': } end end end + it 'grants execute on a function with argument to a user' do if Gem::Version.new(postgresql_version) >= Gem::Version.new('9.0') idempotent_apply(pp) diff --git a/spec/classes/lib/java_spec.rb b/spec/classes/lib/java_spec.rb index 0e0797d4e1..2a820ae58b 100644 --- a/spec/classes/lib/java_spec.rb +++ b/spec/classes/lib/java_spec.rb @@ -25,6 +25,7 @@ tag: 'puppetlabs-postgresql', ) } + describe 'when parameters are supplied' do let :params do { package_ensure: 'latest', package_name: 'somepackage' } diff --git a/spec/classes/lib/pgdocs_spec.rb b/spec/classes/lib/pgdocs_spec.rb index febce3b57e..0760517276 100644 --- a/spec/classes/lib/pgdocs_spec.rb +++ b/spec/classes/lib/pgdocs_spec.rb @@ -13,6 +13,7 @@ tag: 'puppetlabs-postgresql', ) } + describe 'when parameters are supplied' do let :params do { package_ensure: 'latest', package_name: 'somepackage' } diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index ba19d7538e..3d201628a0 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -90,6 +90,7 @@ class { 'postgresql::server': } ensure: 'file', owner: 'root', group: 'root', ) end + it 'has the correct systemd-override file #regex' do is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').without_content(%r{\.include}) end @@ -174,6 +175,7 @@ class { 'postgresql::server': it 'has hba rule default' do is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') end + it 'has hba rule ipv4acls' do is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') end diff --git a/spec/classes/server/plperl_spec.rb b/spec/classes/server/plperl_spec.rb index 6df41c2cd8..5cb7f5610a 100644 --- a/spec/classes/server/plperl_spec.rb +++ b/spec/classes/server/plperl_spec.rb @@ -11,6 +11,7 @@ describe 'with no parameters' do it { is_expected.to contain_class('postgresql::server::plperl') } + it 'creates package' do is_expected.to contain_package('postgresql-plperl').with(ensure: 'present', tag: 'puppetlabs-postgresql') @@ -26,6 +27,7 @@ end it { is_expected.to contain_class('postgresql::server::plperl') } + it 'creates package with correct params' do is_expected.to contain_package('postgresql-plperl').with(ensure: 'absent', name: 'mypackage', diff --git a/spec/classes/server/plpython_spec.rb b/spec/classes/server/plpython_spec.rb index defb4bb31e..197adb26c4 100644 --- a/spec/classes/server/plpython_spec.rb +++ b/spec/classes/server/plpython_spec.rb @@ -11,6 +11,7 @@ describe 'on RedHat with no parameters' do it { is_expected.to contain_class('postgresql::server::plpython') } + it 'creates package' do is_expected.to contain_package('postgresql-plpython').with(ensure: 'present', tag: 'puppetlabs-postgresql') @@ -26,6 +27,7 @@ end it { is_expected.to contain_class('postgresql::server::plpython') } + it 'creates package with correct params' do is_expected.to contain_package('postgresql-plpython').with(ensure: 'absent', name: 'mypackage', diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index b17b9385e7..c5b094de05 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -9,9 +9,11 @@ it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } it { is_expected.to contain_file('/var/lib/postgresql/13/main') } + it { is_expected.to contain_exec('postgresql_reload').with('command' => 'systemctl reload postgresql') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end @@ -57,9 +59,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } it { is_expected.to contain_class('postgresql::server::passwd') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end + it 'sets postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', 'user' => 'postgres', @@ -79,9 +83,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } it { is_expected.to contain_class('postgresql::server::passwd') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end + it 'sets postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], 'user' => 'postgres', @@ -95,6 +101,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } + it 'shouldnt validate connection' do is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') end @@ -105,9 +112,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } + it { is_expected.not_to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end @@ -118,9 +127,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end @@ -131,9 +142,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::params') } it { is_expected.to contain_class('postgresql::server') } + it { is_expected.to contain_exec('postgresql_reload').with('command' => '/bin/true') } + it 'validates connection' do is_expected.to contain_postgresql_conn_validator('validate_service_is_running') end @@ -149,6 +162,7 @@ class { 'postgresql::globals': let(:params) { { service_manage: false } } it { is_expected.not_to contain_service('postgresqld') } + it 'shouldnt validate connection' do is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') end @@ -247,6 +261,7 @@ class { 'postgresql::globals': end it { is_expected.to compile.with_all_deps } + it do is_expected.to contain_postgresql__server__pg_hba_rule('from_remote_host') .with_type('host') @@ -283,10 +298,12 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { is_expected.to contain_class('postgresql::backup::pg_dump') } + it { is_expected.to contain_postgresql__server__role('backupuser') .with_superuser(true) } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local access as backup user') .with_type('local') @@ -294,14 +311,17 @@ class { 'postgresql::globals': .with_user('backupuser') .with_auth_method('md5') } + it { is_expected.to contain_file('/root/.pgpass') .with_content(%r{.*:backupuser:.*}) } + it { is_expected.to contain_file('/usr/local/sbin/pg_dump.sh') .with_content(%r{.*pg_dumpall \$_pg_args --file=\$\{FILE\} \$@.*}) } + it { is_expected.to contain_cron('pg_dump backup job') .with( diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 8cefe474e0..68482e360c 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -44,6 +44,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do is_expected.to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') @@ -86,6 +87,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') @@ -156,6 +158,7 @@ class { 'postgresql::server': } it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') @@ -274,6 +277,7 @@ class { 'postgresql::server': } it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') @@ -300,6 +304,7 @@ class { 'postgresql::server': } it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } + it do # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') @@ -329,6 +334,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } it { is_expected.to contain_postgresql__server__role('test') } + it do is_expected.to contain_postgresql_psql('default_privileges:test') \ .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) @@ -356,6 +362,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } it { is_expected.to contain_postgresql__server__role('target') } + it do # rubocop:disable Layout/LineLength is_expected.to contain_postgresql_psql('default_privileges:test') diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index 268933716d..00935b2250 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -207,6 +207,7 @@ end it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') @@ -231,6 +232,7 @@ end it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') diff --git a/spec/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb index 359d13cfec..f3f60c910a 100644 --- a/spec/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -65,6 +65,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") } + it { is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") } @@ -79,6 +80,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") } + it { is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") } @@ -92,6 +94,7 @@ it { is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings('PGHOST' => 'postgres-db-server') } + it { is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]') } diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 0e8544ab2e..9d3b9f0246 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -41,6 +41,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) @@ -64,6 +65,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) @@ -88,6 +90,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m) @@ -172,6 +175,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) @@ -200,6 +204,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql__server__role('test') } + it do is_expected.to contain_postgresql_psql('grant:test') \ .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) @@ -227,6 +232,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql__server__role('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* PUBLIC}m) @@ -252,6 +258,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT EXECUTE ON FUNCTION test\(text,boolean\) TO\s* "test"}m) @@ -277,6 +284,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT EXECUTE ON FUNCTION myschema.test\(text,boolean\) TO\s* "test"}m) @@ -403,6 +411,7 @@ class {'postgresql::server':} it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } + it do is_expected.to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index dc99399432..520bd771b8 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -21,6 +21,7 @@ end it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', @@ -28,6 +29,7 @@ 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432') end + it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', @@ -45,6 +47,7 @@ end it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', @@ -52,6 +55,7 @@ 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432') end + it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', @@ -77,6 +81,7 @@ end it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with_command('Sensitive [value redacted]') @@ -86,6 +91,7 @@ .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') .that_requires('Service[postgresqld]') end + it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', @@ -112,6 +118,7 @@ end it { is_expected.to contain_postgresql__server__role('test') } + it 'has create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', @@ -119,6 +126,7 @@ 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end + it 'has alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 7141ddfab9..9d6dca35fe 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -4,6 +4,7 @@ describe 'postgresql::postgresql_acls_to_resources_hash' do it { is_expected.not_to be_nil } + context 'individual transform tests' do it do input = 'local all postgres ident' diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index cc60e3a1eb..33e83b1b34 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -52,21 +52,25 @@ def param(type, title, param) 'md596948aad3fcae80c08a35c9b5958cd89', ) } + it { is_expected.to run.with_params('foo', 1234).and_return( 'md539a0e1b308278a8de5e007cd1f795920', ) } + it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( 'SCRAM-SHA-256$4096:Zm9v$ea66ynZ8cS9Ty4ZkEYicwC72StsKLSwjcXIXKMgepTk=:dJYmOU6BMCaWkQOB3lrXH9OAF3lW2n3NJ26NO7Srq7U=', ) } + it { is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( 'SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=', ) } + it 'raises an error if there is only 1 argument' do is_expected.to run.with_params('foo').and_raise_error(StandardError) end @@ -74,18 +78,22 @@ def param(type, title, param) shared_examples 'postgresql_escape function' do it { is_expected.not_to be_nil } + it { is_expected.to run.with_params('foo') .and_return('$$foo$$') } + it { is_expected.to run.with_params('fo$$o') .and_return('$ed$fo$$o$ed$') } + it { is_expected.to run.with_params('foo$') .and_return('$a$foo$$a$') } + it 'raises an error if there is more than 1 argument' do is_expected.to run.with_params(['foo'], ['foo']) .and_raise_error(StandardError) diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index 828b63e933..d7f1b70ab2 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -44,6 +44,7 @@ def | | physical | | | t | | | 0/ it 'lists instances #size' do expect(instances.size).to eq 2 end + it 'lists instances #content' do expected.each_with_index do |expect, index| expect(instances[index].name).to eq expect diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 2315e9568d..832554e52a 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -24,9 +24,11 @@ it "#{param} should be able to cast value as integer #string" do expect { described_class.new(:name => 'test', param => '1') }.not_to raise_error end + it "#{param} should be able to cast value as integer #integer" do expect { described_class.new(:name => 'test', param => 1) }.not_to raise_error end + it "#{param} should not accept non-numeric string" do expect { described_class.new(:name => 'test', param => 'test') }.to raise_error Puppet::ResourceError end diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 6ded102200..66a115019c 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -14,9 +14,11 @@ it 'has :name as its namevar' do expect(described_class.key_attributes).to eq([:name]) end + it 'does not invalid names' do expect { described_class.new(name: 'foo bar') }.to raise_error(Puppet::Error, %r{Invalid value}) end + it 'allows dots in names' do expect { described_class.new(name: 'foo.bar') }.not_to raise_error end @@ -41,9 +43,11 @@ it 'supports present as a value for ensure' do expect { described_class.new(name: 'foo', ensure: :present) }.not_to raise_error end + it 'supports absent as a value for ensure' do expect { described_class.new(name: 'foo', ensure: :absent) }.not_to raise_error end + it 'does not support other values' do expect { described_class.new(name: 'foo', ensure: :foo) }.to raise_error(Puppet::Error, %r{Invalid value}) end From 758ea2c7c5bf8a627887f92517cf31aec0b24610 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:22:45 +0100 Subject: [PATCH 0795/1000] (CONT-792) - Correct RSpec/EmptyLineAfterExampleGroup --- .rubocop_todo.yml | 14 -------------- spec/acceptance/server/grant_spec.rb | 3 +++ spec/defines/server/pg_hba_rule_spec.rb | 1 + spec/defines/server/pg_ident_rule_spec.rb | 1 + spec/defines/server/recovery_spec.rb | 2 ++ spec/type_aliases/pg_hba_rule_spec.rb | 2 ++ spec/type_aliases/pg_hba_rules_spec.rb | 3 +++ .../puppet/provider/postgresql_psql/ruby_spec.rb | 5 +++++ spec/unit/puppet/type/postgresql_conn_validator.rb | 2 ++ spec/unit/puppet/type/postgresql_psql_spec.rb | 10 ++++++++++ 10 files changed, 29 insertions(+), 14 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index bcdad15a61..dccab2dfd1 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -72,20 +72,6 @@ RSpec/DescribeClass: Enabled: false -# Offense count: 29 -# This cop supports safe autocorrection (--autocorrect). -RSpec/EmptyLineAfterExampleGroup: - Exclude: - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/defines/server/pg_hba_rule_spec.rb' - - 'spec/defines/server/pg_ident_rule_spec.rb' - - 'spec/defines/server/recovery_spec.rb' - - 'spec/type_aliases/pg_hba_rule_spec.rb' - - 'spec/type_aliases/pg_hba_rules_spec.rb' - - 'spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb' - - 'spec/unit/puppet/type/postgresql_conn_validator.rb' - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - # Offense count: 2 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: AllowConsecutiveOneLiners. diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 009273aa76..98d50a9e2a 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -201,6 +201,7 @@ class { 'postgresql::server': } end end end + ### FUNCTION grants context 'sequence' do let(:pp) do @@ -268,6 +269,7 @@ class { 'postgresql::server': } end end end + ### TABLE grants context 'table' do describe 'GRANT ... ON TABLE' do @@ -472,6 +474,7 @@ class { 'postgresql::server': } end end end + context 'database' do describe 'REVOKE ... ON DATABASE...' do it 'do not fail on revoke connect from non-existant user' do diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index 57b1247340..d111216b3d 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -248,6 +248,7 @@ class { 'postgresql::server': } is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+\.domain\.tld\s+md5}) end end + context 'pg_hba_rule with illegal address' do let :pre_condition do <<-MANIFEST diff --git a/spec/defines/server/pg_ident_rule_spec.rb b/spec/defines/server/pg_ident_rule_spec.rb index 107e7e6191..9b858c54e2 100644 --- a/spec/defines/server/pg_ident_rule_spec.rb +++ b/spec/defines/server/pg_ident_rule_spec.rb @@ -33,6 +33,7 @@ class { 'postgresql::server': } is_expected.to contain_concat__fragment('pg_ident_rule_test').with(content: %r{thatsmymap\s+systemuser\s+dbuser}) end end + context 'not managing pg_ident' do let :pre_condition do <<-MANIFEST diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index d57158397b..c61a871f1b 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -33,6 +33,7 @@ class { 'postgresql::server': } .with(content: %r{restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'}) end end + context 'not managing recovery' do let(:pre_condition) do <<-MANIFEST @@ -53,6 +54,7 @@ class { 'postgresql::server': } %r{postgresql::server::manage_recovery_conf has been disabled}) end end + context 'not managing recovery, missing param' do let(:pre_condition) do <<-MANIFEST diff --git a/spec/type_aliases/pg_hba_rule_spec.rb b/spec/type_aliases/pg_hba_rule_spec.rb index 5f7c452daf..e4d0fe007b 100644 --- a/spec/type_aliases/pg_hba_rule_spec.rb +++ b/spec/type_aliases/pg_hba_rule_spec.rb @@ -20,6 +20,7 @@ it { is_expected.to allow_value(data) } end + context 'invalid data' do let :data do { @@ -36,6 +37,7 @@ it { is_expected.not_to allow_value(data) } end + context 'empty data' do let :data do {} diff --git a/spec/type_aliases/pg_hba_rules_spec.rb b/spec/type_aliases/pg_hba_rules_spec.rb index d2011188e9..7c3354b452 100644 --- a/spec/type_aliases/pg_hba_rules_spec.rb +++ b/spec/type_aliases/pg_hba_rules_spec.rb @@ -33,6 +33,7 @@ it { is_expected.to allow_value(data) } end + context 'empty' do let :data do {} @@ -40,6 +41,7 @@ it { is_expected.to allow_value(data) } end + context 'invalid data' do let :data do { @@ -54,6 +56,7 @@ it { is_expected.not_to allow_value(data) } end + context 'empty value' do let :data do { diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index a7f961584f..a993b3b90b 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -21,6 +21,7 @@ provider.run_sql_command('SELECT \'something\' as "Custom column"') end end + describe 'with psql_path and db' do let(:attributes) do { @@ -41,6 +42,7 @@ provider.run_sql_command('SELECT \'something\' as "Custom column"') end end + describe 'with search_path string' do let(:attributes) do { @@ -56,6 +58,7 @@ provider.run_sql_command('SELECT \'something\' as "Custom column"') end end + describe 'with search_path array' do let(:attributes) do { @@ -73,6 +76,7 @@ end end end + describe 'with port string' do let(:attributes) { { port: '5555' } } @@ -85,6 +89,7 @@ provider.run_sql_command('SELECT something') end end + describe 'with connect_settings' do let(:attributes) { { connect_settings: { 'PGHOST' => '127.0.0.1' } } } diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 832554e52a..189d00aea2 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -34,11 +34,13 @@ end end end + describe 'connect_settings' do it 'accepts a hash' do expect { described_class.new(name: 'test', connect_settings: { 'PGPASSWORD' => 'test1' }) }.not_to raise_error end end + describe 'port' do it 'does not accept a word' do expect { described_class.new(name: 'test', port: 'test') }.to raise_error Puppet::Error diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 9eb067ab3c..3258f902c3 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -54,21 +54,25 @@ it { is_expected.to eq('psql') } end + context 'default value: [:psql_user]' do subject { super()[:psql_user] } it { is_expected.to eq('postgres') } end + context 'default value: [:psql_group]' do subject { super()[:psql_group] } it { is_expected.to eq('postgres') } end + context 'default value: [:cwd]' do subject { super()[:cwd] } it { is_expected.to eq('/tmp') } end + context 'default value: #refreshonly?' do subject { super().refreshonly? } @@ -135,6 +139,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly } @@ -154,6 +159,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_truthy } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly } @@ -177,6 +183,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly, unless: 'SELECT something' } @@ -196,6 +203,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly, unless: 'SELECT something' } @@ -219,6 +227,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_falsey } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly, unless: 'SELECT something' } @@ -238,6 +247,7 @@ context 'not refreshing' it { expect(subject.should_run_sql).to be_truthy } end + context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { refreshonly: refreshonly, unless: 'SELECT something' } From c598e08348c7d67695e433632022cabee105fc4a Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:23:14 +0100 Subject: [PATCH 0796/1000] (CONT-792) - Correct RSpec/EmptyLineAfterHook --- .rubocop_todo.yml | 9 --------- spec/acceptance/server/recovery_spec.rb | 1 + .../provider/postgresql_replication_slot/ruby_spec.rb | 1 + 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index dccab2dfd1..0278047ddb 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -71,15 +71,6 @@ RSpec/ContextWording: RSpec/DescribeClass: Enabled: false - -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: AllowConsecutiveOneLiners. -RSpec/EmptyLineAfterHook: - Exclude: - - 'spec/acceptance/server/recovery_spec.rb' - - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' - # Offense count: 42 # Configuration parameters: CountAsOne. RSpec/ExampleLength: diff --git a/spec/acceptance/server/recovery_spec.rb b/spec/acceptance/server/recovery_spec.rb index 5c789b7db0..1c68332a5a 100644 --- a/spec/acceptance/server/recovery_spec.rb +++ b/spec/acceptance/server/recovery_spec.rb @@ -7,6 +7,7 @@ before(:all) do pre_run end + after(:all) do pp = <<-MANIFEST.unindent file { '/tmp/recovery.conf': diff --git a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb index d7f1b70ab2..032ceac752 100644 --- a/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb @@ -37,6 +37,7 @@ def | | physical | | | t | | | 0/ 'postgres', 'postgres' ).and_return([sql_instances, nil]) end + let(:attributes) { {} } let(:instances) { provider.class.instances } let(:expected) { ['abc', 'def'] } From a3aa06f6a9d26289b6ec2a9045377ab2f854c398 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:24:53 +0100 Subject: [PATCH 0797/1000] (CONT-792) - Correct RSpec/ExampleWording --- .rubocop_todo.yml | 7 ------- spec/classes/globals_spec.rb | 4 ++-- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 0278047ddb..9fcb99fc9f 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -76,13 +76,6 @@ RSpec/DescribeClass: RSpec/ExampleLength: Max: 53 -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: CustomTransform, IgnoredWords, DisallowedExamples. -# DisallowedExamples: works -RSpec/ExampleWording: - Exclude: - - 'spec/classes/globals_spec.rb' # Offense count: 3 RSpec/ExpectInHook: diff --git a/spec/classes/globals_spec.rb b/spec/classes/globals_spec.rb index 8dab68f3e7..649e7834db 100644 --- a/spec/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -7,7 +7,7 @@ include_examples 'Debian 11' describe 'with no parameters' do - it 'works' do + it 'executes successfully' do is_expected.to contain_class('postgresql::globals') end end @@ -29,7 +29,7 @@ include_examples 'RedHat 7' describe 'with no parameters' do - it 'works' do + it 'executes successfully' do is_expected.to contain_class('postgresql::globals') end end From 858bb6f084f88daa349c868425f824f5e76958e5 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:31:42 +0100 Subject: [PATCH 0798/1000] (CONT-792) - Correct RSpec/ImplicitSubject --- .rubocop_todo.yml | 7 +- spec/classes/client_spec.rb | 18 ++--- spec/classes/globals_spec.rb | 18 ++--- spec/classes/lib/devel_spec.rb | 6 +- spec/classes/lib/java_spec.rb | 6 +- spec/classes/lib/perl_spec.rb | 4 +- spec/classes/lib/pgdocs_spec.rb | 4 +- spec/classes/lib/python_spec.rb | 6 +- spec/classes/repo_spec.rb | 2 +- spec/classes/server/config_spec.rb | 48 +++++++------- spec/classes/server/contrib_spec.rb | 16 ++--- spec/classes/server/initdb_spec.rb | 6 +- spec/classes/server/plperl_spec.rb | 10 +-- spec/classes/server/plpython_spec.rb | 10 +-- spec/classes/server/postgis_spec.rb | 8 +-- spec/classes/server_spec.rb | 66 +++++++++---------- spec/defines/server/config_entry_spec.rb | 8 +-- .../defines/server/default_privileges_spec.rb | 14 ++-- spec/defines/server/extension_spec.rb | 28 ++++---- spec/defines/server/grant_role_spec.rb | 18 ++--- spec/defines/server/grant_spec.rb | 18 ++--- spec/defines/server/pg_hba_rule_spec.rb | 20 +++--- spec/defines/server/pg_ident_rule_spec.rb | 2 +- spec/defines/server/reassign_owned_by_spec.rb | 2 +- spec/defines/server/recovery_spec.rb | 4 +- spec/defines/server/role_spec.rb | 20 +++--- spec/defines/validate_db_connection_spec.rb | 18 ++--- ..._postgresql_acls_to_resources_hash_spec.rb | 26 ++++---- spec/spec_helper_local.rb | 26 ++++---- 29 files changed, 218 insertions(+), 221 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 9fcb99fc9f..528eef45fb 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -96,11 +96,8 @@ RSpec/FilePath: - 'spec/defines/server/instance/service.rb' - 'spec/unit/puppet/type/postgresql_conn_validator.rb' -# Offense count: 183 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyle. -# SupportedStyles: single_line_only, single_statement_only, disallow, require_implicit -RSpec/ImplicitSubject: + +RSpec/NamedSubject: Enabled: false # Offense count: 2 diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb index 87f5f34604..ddbe1f6518 100644 --- a/spec/classes/client_spec.rb +++ b/spec/classes/client_spec.rb @@ -16,22 +16,22 @@ end it 'modifies package' do - is_expected.to contain_package('postgresql-client').with(ensure: 'absent', - name: 'mypackage', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-client').with(ensure: 'absent', + name: 'mypackage', + tag: 'puppetlabs-postgresql') end it 'has specified validate connexion' do - is_expected.to contain_file('/opt/bin/my-validate-con.sh').with(ensure: 'file', - owner: 0, - group: 0, - mode: '0755') + expect(subject).to contain_file('/opt/bin/my-validate-con.sh').with(ensure: 'file', + owner: 0, + group: 0, + mode: '0755') end end describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-client').with(tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-client').with(tag: 'puppetlabs-postgresql') end end @@ -55,7 +55,7 @@ class { 'postgresql::globals': end it 'does not manage postgresql-client package' do - is_expected.not_to contain_package('postgresql-client') + expect(subject).not_to contain_package('postgresql-client') end end end diff --git a/spec/classes/globals_spec.rb b/spec/classes/globals_spec.rb index 649e7834db..2c91883c98 100644 --- a/spec/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -8,7 +8,7 @@ describe 'with no parameters' do it 'executes successfully' do - is_expected.to contain_class('postgresql::globals') + expect(subject).to contain_class('postgresql::globals') end end @@ -20,7 +20,7 @@ end it 'pulls in class postgresql::repo' do - is_expected.to contain_class('postgresql::repo') + expect(subject).to contain_class('postgresql::repo') end end end @@ -30,7 +30,7 @@ describe 'with no parameters' do it 'executes successfully' do - is_expected.to contain_class('postgresql::globals') + expect(subject).to contain_class('postgresql::globals') end end @@ -43,15 +43,15 @@ end it 'pulls in class postgresql::repo' do - is_expected.to contain_class('postgresql::repo') + expect(subject).to contain_class('postgresql::repo') end it do - is_expected.to contain_yumrepo('yum.postgresql.org').with( + expect(subject).to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', 'proxy' => 'http://proxy-server:8080', ) - is_expected.to contain_yumrepo('pgdg-common').with( + expect(subject).to contain_yumrepo('pgdg-common').with( 'enabled' => '1', 'proxy' => 'http://proxy-server:8080', ) @@ -68,15 +68,15 @@ end it 'pulls in class postgresql::repo' do - is_expected.to contain_class('postgresql::repo') + expect(subject).to contain_class('postgresql::repo') end it do - is_expected.to contain_yumrepo('yum.postgresql.org').with( + expect(subject).to contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', 'baseurl' => 'http://mirror.localrepo.com/pgdg-postgresql', ) - is_expected.to contain_yumrepo('pgdg-common').with( + expect(subject).to contain_yumrepo('pgdg-common').with( 'enabled' => '1', 'baseurl' => 'http://mirror.localrepo.com/pgdg-common', ) diff --git a/spec/classes/lib/devel_spec.rb b/spec/classes/lib/devel_spec.rb index 4493486c97..9da1b73022 100644 --- a/spec/classes/lib/devel_spec.rb +++ b/spec/classes/lib/devel_spec.rb @@ -9,7 +9,7 @@ describe 'link pg_config to /usr/bin' do it { - is_expected.not_to contain_file('/usr/bin/pg_config') \ + expect(subject).not_to contain_file('/usr/bin/pg_config') \ .with_ensure('link') \ .with_target('/usr/lib/postgresql/13/bin/pg_config') } @@ -38,7 +38,7 @@ end it { - is_expected.to contain_file('/usr/bin/pg_config') \ + expect(subject).to contain_file('/usr/bin/pg_config') \ .with_ensure('link') \ .with_target('/usr/pgsql-9.3/bin/pg_config') } @@ -53,7 +53,7 @@ end it 'fails to compile' do - is_expected.to compile.and_raise_error(%r{is not supported}) + expect(subject).to compile.and_raise_error(%r{is not supported}) end end end diff --git a/spec/classes/lib/java_spec.rb b/spec/classes/lib/java_spec.rb index 2a820ae58b..dff666d4ad 100644 --- a/spec/classes/lib/java_spec.rb +++ b/spec/classes/lib/java_spec.rb @@ -7,7 +7,7 @@ include_examples 'Debian 11' it { - is_expected.to contain_package('postgresql-jdbc').with( + expect(subject).to contain_package('postgresql-jdbc').with( name: 'libpostgresql-jdbc-java', ensure: 'present', tag: 'puppetlabs-postgresql', @@ -19,7 +19,7 @@ include_examples 'RedHat 8' it { - is_expected.to contain_package('postgresql-jdbc').with( + expect(subject).to contain_package('postgresql-jdbc').with( name: 'postgresql-jdbc', ensure: 'present', tag: 'puppetlabs-postgresql', @@ -32,7 +32,7 @@ end it { - is_expected.to contain_package('postgresql-jdbc').with( + expect(subject).to contain_package('postgresql-jdbc').with( name: 'somepackage', ensure: 'latest', tag: 'puppetlabs-postgresql', diff --git a/spec/classes/lib/perl_spec.rb b/spec/classes/lib/perl_spec.rb index 3acd014da0..1dab09759f 100644 --- a/spec/classes/lib/perl_spec.rb +++ b/spec/classes/lib/perl_spec.rb @@ -7,7 +7,7 @@ include_examples 'RedHat 8' it { - is_expected.to contain_package('perl-DBD-Pg').with( + expect(subject).to contain_package('perl-DBD-Pg').with( name: 'perl-DBD-Pg', ensure: 'present', ) @@ -18,7 +18,7 @@ include_examples 'Debian 11' it { - is_expected.to contain_package('perl-DBD-Pg').with( + expect(subject).to contain_package('perl-DBD-Pg').with( name: 'libdbd-pg-perl', ensure: 'present', ) diff --git a/spec/classes/lib/pgdocs_spec.rb b/spec/classes/lib/pgdocs_spec.rb index 0760517276..733322d0e9 100644 --- a/spec/classes/lib/pgdocs_spec.rb +++ b/spec/classes/lib/pgdocs_spec.rb @@ -7,7 +7,7 @@ include_examples 'RedHat 8' it { - is_expected.to contain_package('postgresql-docs').with( + expect(subject).to contain_package('postgresql-docs').with( name: 'postgresql-docs', ensure: 'present', tag: 'puppetlabs-postgresql', @@ -20,7 +20,7 @@ end it { - is_expected.to contain_package('postgresql-docs').with( + expect(subject).to contain_package('postgresql-docs').with( name: 'somepackage', ensure: 'latest', tag: 'puppetlabs-postgresql', diff --git a/spec/classes/lib/python_spec.rb b/spec/classes/lib/python_spec.rb index 87af71b71c..86093bc7e0 100644 --- a/spec/classes/lib/python_spec.rb +++ b/spec/classes/lib/python_spec.rb @@ -7,7 +7,7 @@ include_examples 'RedHat 7' it { - is_expected.to contain_package('python-psycopg2').with( + expect(subject).to contain_package('python-psycopg2').with( name: 'python-psycopg2', ensure: 'present', ) @@ -18,7 +18,7 @@ include_examples 'RedHat 8' it { - is_expected.to contain_package('python-psycopg2').with( + expect(subject).to contain_package('python-psycopg2').with( name: 'python3-psycopg2', ensure: 'present', ) @@ -29,7 +29,7 @@ include_examples 'Debian 11' it { - is_expected.to contain_package('python-psycopg2').with( + expect(subject).to contain_package('python-psycopg2').with( name: 'python-psycopg2', ensure: 'present', ) diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb index 23f97a6db5..3399203f3a 100644 --- a/spec/classes/repo_spec.rb +++ b/spec/classes/repo_spec.rb @@ -7,7 +7,7 @@ describe 'with no parameters' do it 'instantiates apt_postgresql_org class' do - is_expected.to contain_class('postgresql::repo::apt_postgresql_org') + expect(subject).to contain_class('postgresql::repo::apt_postgresql_org') end end end diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 3d201628a0..6b591f123e 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -11,22 +11,22 @@ include_examples 'RedHat 7' it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python').with(ensure: 'installed') + expect(subject).to contain_package('policycoreutils-python').with(ensure: 'installed') - is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') .that_requires('Package[policycoreutils-python]') end it 'has the correct systemd-override drop file' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') end describe 'with manage_package_repo => true and a version' do @@ -41,13 +41,13 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file' do - is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').with( ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').without_content(%r{\.include}) + expect(subject).to contain_file('/etc/systemd/system/postgresql-10.service.d/postgresql-10.conf').without_content(%r{\.include}) end end end @@ -56,22 +56,22 @@ class { 'postgresql::server': } include_examples 'RedHat 8' it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') + expect(subject).to contain_package('policycoreutils-python-utils').with(ensure: 'installed') - is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') .that_requires('Package[policycoreutils-python-utils]') end it 'has the correct systemd-override drop file' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -86,13 +86,13 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file' do - is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').without_content(%r{\.include}) + expect(subject).to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').without_content(%r{\.include}) end end end @@ -101,22 +101,22 @@ class { 'postgresql::server': } include_examples 'Fedora 33' it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils-python-utils').with(ensure: 'installed') + expect(subject).to contain_package('policycoreutils-python-utils').with(ensure: 'installed') - is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') .that_requires('Package[policycoreutils-python-utils]') end it 'has the correct systemd-override drop file' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').with( ensure: 'file', owner: 'root', group: 'root', ).that_requires('File[/etc/systemd/system/postgresql.service.d]') end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf').without_content(%r{\.include}) end describe 'with manage_package_repo => true and a version' do @@ -131,13 +131,13 @@ class { 'postgresql::server': } end it 'has the correct systemd-override file' do - is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').with( ensure: 'file', owner: 'root', group: 'root', ) end it 'has the correct systemd-override file #regex' do - is_expected.to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').without_content(%r{\.include}) + expect(subject).to contain_file('/etc/systemd/system/postgresql-13.service.d/postgresql-13.conf').without_content(%r{\.include}) end end end @@ -146,9 +146,9 @@ class { 'postgresql::server': } include_examples 'Amazon 1' it 'has SELinux port defined' do - is_expected.to contain_package('policycoreutils').with(ensure: 'installed') + expect(subject).to contain_package('policycoreutils').with(ensure: 'installed') - is_expected.to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') .that_comes_before('Postgresql::Server::Config_entry[port]') .that_requires('Package[policycoreutils]') @@ -173,11 +173,11 @@ class { 'postgresql::server': end it 'has hba rule default' do - is_expected.to contain_postgresql__server__pg_hba_rule('local access as postgres user') + expect(subject).to contain_postgresql__server__pg_hba_rule('local access as postgres user') end it 'has hba rule ipv4acls' do - is_expected.to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') + expect(subject).to contain_postgresql__server__pg_hba_rule('postgresql class generated rule ipv4acls 0') end end @@ -196,11 +196,11 @@ class { 'postgresql::server': } end it 'does not have SELinux port defined' do - is_expected.not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') + expect(subject).not_to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') end it 'has the correct systemd-override drop file' do - is_expected.to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( + expect(subject).to contain_file('/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf').with( ensure: 'file', owner: 'root', group: 'root', ) end diff --git a/spec/classes/server/contrib_spec.rb b/spec/classes/server/contrib_spec.rb index dcbda7b5bf..c093c34f80 100644 --- a/spec/classes/server/contrib_spec.rb +++ b/spec/classes/server/contrib_spec.rb @@ -18,15 +18,15 @@ end it 'creates package with correct params' do - is_expected.to contain_package('postgresql-contrib').with(ensure: 'absent', - name: 'mypackage', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-contrib').with(ensure: 'absent', + name: 'mypackage', + tag: 'puppetlabs-postgresql') end end describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-contrib').with(tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-contrib').with(tag: 'puppetlabs-postgresql') end end @@ -34,8 +34,8 @@ include_examples 'Gentoo' it 'postgresql-contrib should not be installed' do - is_expected.to compile - is_expected.not_to contain_package('postgresql-contrib') + expect(subject).to compile + expect(subject).not_to contain_package('postgresql-contrib') end end @@ -43,8 +43,8 @@ include_examples 'Debian 11' it 'postgresql-contrib should not be installed' do - is_expected.to compile - is_expected.not_to contain_package('postgresql-contrib') + expect(subject).to compile + expect(subject).not_to contain_package('postgresql-contrib') end end end diff --git a/spec/classes/server/initdb_spec.rb b/spec/classes/server/initdb_spec.rb index 50ba8c853b..a545a8e973 100644 --- a/spec/classes/server/initdb_spec.rb +++ b/spec/classes/server/initdb_spec.rb @@ -65,7 +65,7 @@ class { 'postgresql::server': } end it 'contains exec with specified working directory' do - is_expected.to contain_exec('postgresql_initdb').with( + expect(subject).to contain_exec('postgresql_initdb').with( cwd: '/var/tmp', ) end @@ -82,7 +82,7 @@ class { 'postgresql::server': } end it 'contains exec with default working directory' do - is_expected.to contain_exec('postgresql_initdb').with( + expect(subject).to contain_exec('postgresql_initdb').with( cwd: '/tmp', ) end @@ -102,7 +102,7 @@ class { 'postgresql::server': } end it 'contains postgresql_psql with specified working directory' do - is_expected.to contain_postgresql_psql('Set template1 encoding to test').with(cwd: '/var/tmp') + expect(subject).to contain_postgresql_psql('Set template1 encoding to test').with(cwd: '/var/tmp') end end end diff --git a/spec/classes/server/plperl_spec.rb b/spec/classes/server/plperl_spec.rb index 5cb7f5610a..837a777fa4 100644 --- a/spec/classes/server/plperl_spec.rb +++ b/spec/classes/server/plperl_spec.rb @@ -13,8 +13,8 @@ it { is_expected.to contain_class('postgresql::server::plperl') } it 'creates package' do - is_expected.to contain_package('postgresql-plperl').with(ensure: 'present', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-plperl').with(ensure: 'present', + tag: 'puppetlabs-postgresql') end end @@ -29,9 +29,9 @@ it { is_expected.to contain_class('postgresql::server::plperl') } it 'creates package with correct params' do - is_expected.to contain_package('postgresql-plperl').with(ensure: 'absent', - name: 'mypackage', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-plperl').with(ensure: 'absent', + name: 'mypackage', + tag: 'puppetlabs-postgresql') end end end diff --git a/spec/classes/server/plpython_spec.rb b/spec/classes/server/plpython_spec.rb index 197adb26c4..200f80984d 100644 --- a/spec/classes/server/plpython_spec.rb +++ b/spec/classes/server/plpython_spec.rb @@ -13,8 +13,8 @@ it { is_expected.to contain_class('postgresql::server::plpython') } it 'creates package' do - is_expected.to contain_package('postgresql-plpython').with(ensure: 'present', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-plpython').with(ensure: 'present', + tag: 'puppetlabs-postgresql') end end @@ -29,9 +29,9 @@ it { is_expected.to contain_class('postgresql::server::plpython') } it 'creates package with correct params' do - is_expected.to contain_package('postgresql-plpython').with(ensure: 'absent', - name: 'mypackage', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-plpython').with(ensure: 'absent', + name: 'mypackage', + tag: 'puppetlabs-postgresql') end end end diff --git a/spec/classes/server/postgis_spec.rb b/spec/classes/server/postgis_spec.rb index 69c8d95f8d..b23f5c66eb 100644 --- a/spec/classes/server/postgis_spec.rb +++ b/spec/classes/server/postgis_spec.rb @@ -17,15 +17,15 @@ end it 'creates package with correct params' do - is_expected.to contain_package('postgresql-postgis').with(ensure: 'absent', - name: 'mypackage', - tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-postgis').with(ensure: 'absent', + name: 'mypackage', + tag: 'puppetlabs-postgresql') end end describe 'with no parameters' do it 'creates package with postgresql tag' do - is_expected.to contain_package('postgresql-postgis').with(tag: 'puppetlabs-postgresql') + expect(subject).to contain_package('postgresql-postgis').with(tag: 'puppetlabs-postgresql') end end end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index c5b094de05..02c34e649f 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -11,11 +11,11 @@ it { is_expected.to contain_file('/var/lib/postgresql/13/main') } it { - is_expected.to contain_exec('postgresql_reload').with('command' => 'systemctl reload postgresql') + expect(subject).to contain_exec('postgresql_reload').with('command' => 'systemctl reload postgresql') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -61,14 +61,14 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server::passwd') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end it 'sets postgres password' do - is_expected.to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', - 'user' => 'postgres', - 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], - 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") + expect(subject).to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end end @@ -85,14 +85,14 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server::passwd') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end it 'sets postgres password' do - is_expected.to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], - 'user' => 'postgres', - 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], - 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") + expect(subject).to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end end @@ -103,7 +103,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it 'shouldnt validate connection' do - is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -114,11 +114,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - is_expected.not_to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + expect(subject).not_to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -129,11 +129,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - is_expected.to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + expect(subject).to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -144,11 +144,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - is_expected.to contain_exec('postgresql_reload').with('command' => '/bin/true') + expect(subject).to contain_exec('postgresql_reload').with('command' => '/bin/true') } it 'validates connection' do - is_expected.to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -164,7 +164,7 @@ class { 'postgresql::globals': it { is_expected.not_to contain_service('postgresqld') } it 'shouldnt validate connection' do - is_expected.not_to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running') end end @@ -176,11 +176,11 @@ class { 'postgresql::globals': end it 'removes the package' do - is_expected.to contain_package('postgresql-server').with(ensure: 'purged') + expect(subject).to contain_package('postgresql-server').with(ensure: 'purged') end it 'stills enable the service' do - is_expected.to contain_service('postgresqld').with(ensure: 'running') + expect(subject).to contain_service('postgresqld').with(ensure: 'running') end end @@ -192,7 +192,7 @@ class { 'postgresql::globals': end it 'contains proper initdb exec' do - is_expected.to contain_exec('postgresql_initdb') + expect(subject).to contain_exec('postgresql_initdb') end end @@ -208,10 +208,10 @@ class { 'postgresql::globals': end it 'contains the correct package version' do - is_expected.to contain_class('postgresql::repo').with_version('14') - is_expected.to contain_file('/var/lib/postgresql/14/main') # FIXME: be more precise - is_expected.to contain_concat('/etc/postgresql/14/main/pg_hba.conf') # FIXME: be more precise - is_expected.to contain_concat('/etc/postgresql/14/main/pg_ident.conf') # FIXME: be more precise + expect(subject).to contain_class('postgresql::repo').with_version('14') + expect(subject).to contain_file('/var/lib/postgresql/14/main') # FIXME: be more precise + expect(subject).to contain_concat('/etc/postgresql/14/main/pg_hba.conf') # FIXME: be more precise + expect(subject).to contain_concat('/etc/postgresql/14/main/pg_ident.conf') # FIXME: be more precise end end @@ -263,7 +263,7 @@ class { 'postgresql::globals': it { is_expected.to compile.with_all_deps } it do - is_expected.to contain_postgresql__server__pg_hba_rule('from_remote_host') + expect(subject).to contain_postgresql__server__pg_hba_rule('from_remote_host') .with_type('host') .with_database('mydb') .with_user('myuser') @@ -300,12 +300,12 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::backup::pg_dump') } it { - is_expected.to contain_postgresql__server__role('backupuser') + expect(subject).to contain_postgresql__server__role('backupuser') .with_superuser(true) } it { - is_expected.to contain_postgresql__server__pg_hba_rule('local access as backup user') + expect(subject).to contain_postgresql__server__pg_hba_rule('local access as backup user') .with_type('local') .with_database('all') .with_user('backupuser') @@ -313,17 +313,17 @@ class { 'postgresql::globals': } it { - is_expected.to contain_file('/root/.pgpass') + expect(subject).to contain_file('/root/.pgpass') .with_content(%r{.*:backupuser:.*}) } it { - is_expected.to contain_file('/usr/local/sbin/pg_dump.sh') + expect(subject).to contain_file('/usr/local/sbin/pg_dump.sh') .with_content(%r{.*pg_dumpall \$_pg_args --file=\$\{FILE\} \$@.*}) } it { - is_expected.to contain_cron('pg_dump backup job') + expect(subject).to contain_cron('pg_dump backup job') .with( ensure: 'present', command: '/usr/local/sbin/pg_dump.sh', diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index a47e03beef..2ee8c6db4e 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -28,7 +28,7 @@ include_examples 'RedHat 7' it 'stops postgresql and changes the port #file' do - is_expected.to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') + expect(subject).to contain_file('/etc/systemd/system/postgresql.service.d/postgresql.conf') end end end @@ -37,8 +37,8 @@ let(:params) { { ensure: 'present', name: 'check_function_bodies', value: 'off' } } it 'with no quotes' do - is_expected.to contain_postgresql_conf('check_function_bodies').with(name: 'check_function_bodies', - value: 'off') + expect(subject).to contain_postgresql_conf('check_function_bodies').with(name: 'check_function_bodies', + value: 'off') end end @@ -46,7 +46,7 @@ let(:params) { { ensure: 'present', name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/' } } it 'restarts the server and change unix_socket_directories to the provided list' do - is_expected.to contain_postgresql_conf('unix_socket_directories') + expect(subject).to contain_postgresql_conf('unix_socket_directories') .with(name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/') .that_notifies('Class[postgresql::server::service]') diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 68482e360c..7faf481fc1 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -46,7 +46,7 @@ it { is_expected.to contain_postgresql__server__default_privileges('test') } it do - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') end end @@ -90,7 +90,7 @@ it do # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "test"') .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength @@ -161,7 +161,7 @@ class { 'postgresql::server': } it do # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES GRANT ALL ON SCHEMAS TO "test"') .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=UC' = ANY (defaclacl) AND nspname IS NULL and defaclobjtype = 'n')") # rubocop:enable Layout/LineLength @@ -280,7 +280,7 @@ class { 'postgresql::server': } it do # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema GRANT ALL ON TABLES TO "test"') .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname = 'my_schema' and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength @@ -307,7 +307,7 @@ class { 'postgresql::server': } it do # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES GRANT ALL ON TABLES TO "test"') .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt' = ANY (defaclacl) AND nspname IS NULL and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength @@ -336,7 +336,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do - is_expected.to contain_postgresql_psql('default_privileges:test') \ + expect(subject).to contain_postgresql_psql('default_privileges:test') \ .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) end end @@ -365,7 +365,7 @@ class {'postgresql::server':} it do # rubocop:disable Layout/LineLength - is_expected.to contain_postgresql_psql('default_privileges:test') + expect(subject).to contain_postgresql_psql('default_privileges:test') .with_command('ALTER DEFAULT PRIVILEGES FOR ROLE target IN SCHEMA public GRANT ALL ON TABLES TO "test"') .with_unless("SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE 'test=arwdDxt/target' = ANY (defaclacl) AND nspname = 'public' and defaclobjtype = 'r')") # rubocop:enable Layout/LineLength diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index 00935b2250..15a76bb68e 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -20,7 +20,7 @@ context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql('template_postgis: CREATE EXTENSION "postgis"') + expect(subject).to contain_postgresql_psql('template_postgis: CREATE EXTENSION "postgis"') .with(db: 'template_postgis', command: 'CREATE EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } end @@ -31,7 +31,7 @@ end it { - is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" SET SCHEMA "pg_catalog"') + expect(subject).to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" SET SCHEMA "pg_catalog"') } end @@ -41,7 +41,7 @@ end it { - is_expected.to contain_package('postgis') + expect(subject).to contain_package('postgis') .with(ensure: 'installed', name: 'postgis').that_comes_before('Postgresql_psql[template_postgis: CREATE EXTENSION "postgis"]') } end @@ -53,13 +53,13 @@ end it { - is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') + expect(subject).to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') .with(db: 'template_postgis', command: 'DROP EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } it { - is_expected.to contain_package('postgis').with(ensure: 'absent', - name: 'postgis') + expect(subject).to contain_package('postgis').with(ensure: 'absent', + name: 'postgis') } context 'when keeping package installed' do @@ -68,12 +68,12 @@ end it { - is_expected.to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') + expect(subject).to contain_postgresql_psql('template_postgis: DROP EXTENSION "postgis"') .with(db: 'template_postgis', command: 'DROP EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis]') } it { - is_expected.to contain_package('postgis') + expect(subject).to contain_package('postgis') .with(ensure: 'installed', name: 'postgis').that_requires('Postgresql_psql[template_postgis: DROP EXTENSION "postgis"]') } end @@ -87,7 +87,7 @@ end it { - is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE TO \'99.99.99\'') + expect(subject).to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE TO \'99.99.99\'') .with(db: 'template_postgis', unless: "SELECT 1 FROM pg_extension WHERE extname='postgis' AND extversion='99.99.99'").that_requires('Postgresql::Server::Database[template_postgis]') } end @@ -100,7 +100,7 @@ end it { - is_expected.to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE') + expect(subject).to contain_postgresql_psql('template_postgis: ALTER EXTENSION "postgis" UPDATE') .with(db: 'template_postgis', unless: "SELECT 1 FROM pg_available_extensions WHERE name = 'postgis' AND default_version = installed_version").that_requires('Postgresql::Server::Database[template_postgis]') } @@ -130,7 +130,7 @@ context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"') + expect(subject).to contain_postgresql_psql('template_postgis2: CREATE EXTENSION "postgis"') .with(db: 'template_postgis2', command: 'CREATE EXTENSION "postgis"').that_requires('Postgresql::Server::Database[template_postgis2]') } end @@ -153,7 +153,7 @@ end it { - is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + expect(subject).to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with(db: 'postgres', command: 'CREATE EXTENSION "pg_repack"') } end @@ -209,7 +209,7 @@ it { is_expected.to compile.with_all_deps } it { - is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + expect(subject).to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') .with_port(nil) } @@ -234,7 +234,7 @@ it { is_expected.to compile.with_all_deps } it { - is_expected.to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') + expect(subject).to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') .with_port('5678') } diff --git a/spec/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb index f3f60c910a..22b18f58c0 100644 --- a/spec/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -20,7 +20,7 @@ context 'with mandatory arguments only' do it { - is_expected.to contain_postgresql_psql("grant_role:#{title}") + expect(subject).to contain_postgresql_psql("grant_role:#{title}") .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true") # rubocop:disable Layout/LineLength .that_requires('Class[postgresql::server]') @@ -35,7 +35,7 @@ end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}") + expect(subject).to contain_postgresql_psql("grant_role:#{title}") .with(command: "GRANT \"#{params[:group]}\" TO \"#{params[:role]}\"", unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') = true", # rubocop:disable Layout/LineLength db: params[:psql_db], psql_user: params[:psql_user], @@ -49,7 +49,7 @@ end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}") + expect(subject).to contain_postgresql_psql("grant_role:#{title}") .with(command: "REVOKE \"#{params[:group]}\" FROM \"#{params[:role]}\"", unless: "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '#{params[:group]}' AND r_role.rolname = '#{params[:role]}') != true") # rubocop:disable Layout/LineLength .that_requires('Class[postgresql::server]') @@ -63,11 +63,11 @@ end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") + expect(subject).to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") } it { - is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") + expect(subject).not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") } end @@ -78,11 +78,11 @@ end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") + expect(subject).to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:group]}]") } it { - is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") + expect(subject).not_to contain_postgresql_psql("grant_role:#{title}").that_requires("Postgresql::Server::Role[#{params[:role]}]") } end @@ -92,11 +92,11 @@ end it { - is_expected.to contain_postgresql_psql("grant_role:#{title}").with_connect_settings('PGHOST' => 'postgres-db-server') + expect(subject).to contain_postgresql_psql("grant_role:#{title}").with_connect_settings('PGHOST' => 'postgres-db-server') } it { - is_expected.not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]') + expect(subject).not_to contain_postgresql_psql("grant_role:#{title}").that_requires('Class[postgresql::server]') } end end diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 9d3b9f0246..45106269fa 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -43,7 +43,7 @@ it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m) end @@ -67,7 +67,7 @@ it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON SEQUENCE "test" TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_sequence_privilege\('test',\s* 'test', 'USAGE'\)}m) end @@ -92,7 +92,7 @@ it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT USAGE ON ALL SEQUENCES IN SCHEMA "public" TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE NOT EXISTS \(\s*SELECT sequence_name\s* FROM information_schema\.sequences\s* WHERE sequence_schema='public'\s* EXCEPT DISTINCT\s* SELECT object_name as sequence_name\s* FROM .* WHERE .*grantee='test'\s* AND object_schema='public'\s* AND privilege_type='USAGE'\s*\)}m) # rubocop:disable Layout/LineLength end @@ -177,7 +177,7 @@ it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m) end @@ -206,7 +206,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do - is_expected.to contain_postgresql_psql('grant:test') \ + expect(subject).to contain_postgresql_psql('grant:test') \ .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) end end @@ -234,7 +234,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__role('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* PUBLIC}m) .with_unless(%r{SELECT 1 WHERE has_table_privilege\('public',\s*'myschema.mytable', 'INSERT'\)}m) end @@ -260,7 +260,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT EXECUTE ON FUNCTION test\(text,boolean\) TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'test\(text,boolean\)', 'EXECUTE'\)}m) end @@ -286,7 +286,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT EXECUTE ON FUNCTION myschema.test\(text,boolean\) TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_function_privilege\('test',\s* 'myschema.test\(text,boolean\)', 'EXECUTE'\)}m) end @@ -413,7 +413,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__grant('test') } it do - is_expected.to contain_postgresql_psql('grant:test') + expect(subject).to contain_postgresql_psql('grant:test') .with_command(%r{GRANT ALL ON TABLE "myschema"."mytable" TO\s* "test"}m) .with_unless(%r{SELECT 1 WHERE has_table_privilege\('test',\s*'myschema.mytable', 'INSERT'\)}m) .with_onlyif(%r{SELECT true FROM pg_tables WHERE tablename = 'mytable'}m) diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index d111216b3d..bdf5abcdf7 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -30,7 +30,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5}) end end @@ -52,7 +52,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{local\s+all\s+all\s+ident}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{local\s+all\s+all\s+ident}) end end @@ -76,7 +76,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar}) end end @@ -103,7 +103,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with( + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with( content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer}, ) end @@ -131,7 +131,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with( + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with( content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+scram-sha-256}, ) end @@ -156,7 +156,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '150') + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(order: '150') end end @@ -178,7 +178,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '12') + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(order: '12') end end @@ -200,7 +200,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '012') + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(order: '012') end end @@ -222,7 +222,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(order: '1234') + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(order: '1234') end end @@ -245,7 +245,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+\.domain\.tld\s+md5}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+\.domain\.tld\s+md5}) end end diff --git a/spec/defines/server/pg_ident_rule_spec.rb b/spec/defines/server/pg_ident_rule_spec.rb index 9b858c54e2..116330b5e9 100644 --- a/spec/defines/server/pg_ident_rule_spec.rb +++ b/spec/defines/server/pg_ident_rule_spec.rb @@ -30,7 +30,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('pg_ident_rule_test').with(content: %r{thatsmymap\s+systemuser\s+dbuser}) + expect(subject).to contain_concat__fragment('pg_ident_rule_test').with(content: %r{thatsmymap\s+systemuser\s+dbuser}) end end diff --git a/spec/defines/server/reassign_owned_by_spec.rb b/spec/defines/server/reassign_owned_by_spec.rb index db6e68a114..89c4b9192f 100644 --- a/spec/defines/server/reassign_owned_by_spec.rb +++ b/spec/defines/server/reassign_owned_by_spec.rb @@ -28,7 +28,7 @@ class {'postgresql::server':} it { is_expected.to contain_postgresql__server__reassign_owned_by('test') } it { - is_expected.to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') + expect(subject).to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_command('REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_onlyif(%r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) .that_requires('Service[postgresqld]') diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index c61a871f1b..766420510d 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -29,7 +29,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('test-recovery.conf') + expect(subject).to contain_concat__fragment('test-recovery.conf') .with(content: %r{restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'}) end end @@ -102,7 +102,7 @@ class { 'postgresql::server': } end it do - is_expected.to contain_concat__fragment('test-recovery.conf') + expect(subject).to contain_concat__fragment('test-recovery.conf') .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Layout/LineLength end end diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index 520bd771b8..e306e871c2 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -23,7 +23,7 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", @@ -31,7 +31,7 @@ end it 'has alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => 'Sensitive [value redacted]', @@ -49,7 +49,7 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", @@ -57,7 +57,7 @@ end it 'has alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => 'Sensitive [value redacted]', @@ -83,7 +83,7 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with_command('Sensitive [value redacted]') .with_sensitive('true') .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") @@ -93,7 +93,7 @@ end it 'has alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => 'Sensitive [value redacted]', 'port' => '5432', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', @@ -120,7 +120,7 @@ it { is_expected.to contain_postgresql__server__role('test') } it 'has create role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', @@ -128,7 +128,7 @@ end it 'has alter role for "test" user with password as ****' do - is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', 'unless' => 'Sensitive [value redacted]', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', @@ -149,7 +149,7 @@ end it 'does not have alter role for "test" user with password as **** if update_password is false' do - is_expected.not_to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + expect(subject).not_to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') end end @@ -165,7 +165,7 @@ end it 'has drop role for "test" user if ensure absent' do - is_expected.to contain_postgresql_psql('DROP ROLE "test"').that_requires('Service[postgresqld]') + expect(subject).to contain_postgresql_psql('DROP ROLE "test"').that_requires('Service[postgresqld]') end end diff --git a/spec/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb index dd584b959f..7d2cb9f08c 100644 --- a/spec/defines/validate_db_connection_spec.rb +++ b/spec/defines/validate_db_connection_spec.rb @@ -30,10 +30,10 @@ it { is_expected.to contain_postgresql__validate_db_connection('test') } it 'has proper path for validate command' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/usr/local/bin/validate_postgresql_connection.sh', - 4, - 30, - '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test']) + expect(subject).to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/usr/local/bin/validate_postgresql_connection.sh', + 4, + 30, + '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test']) end end @@ -58,11 +58,11 @@ class { 'postgresql::client': validcon_script_path => '/opt/something/validate.s end it 'has proper path for validate command and correct cwd' do - is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/opt/something/validate.sh', - 2, - 10, - '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test'], - cwd: '/var/tmp') + expect(subject).to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/opt/something/validate.sh', + 2, + 10, + '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test'], + cwd: '/var/tmp') end end end diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 9d6dca35fe..3cb3d942fe 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -17,7 +17,7 @@ 'order' => '100', }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -31,7 +31,7 @@ 'order' => '100', }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -45,7 +45,7 @@ 'order' => '100', }, } - is_expected.to run.with_params(input_array, 'test', 100).and_return(result) + expect(subject).to run.with_params(input_array, 'test', 100).and_return(result) end it do @@ -60,7 +60,7 @@ 'order' => '100', }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -75,7 +75,7 @@ 'order' => '100', }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -90,7 +90,7 @@ 'order' => '100', }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -106,7 +106,7 @@ }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end it do @@ -123,29 +123,29 @@ }, } - is_expected.to run.with_params([input], 'test', 100).and_return(result) + expect(subject).to run.with_params([input], 'test', 100).and_return(result) end end context 'error catching tests' do it do - is_expected.to run.with_params(['test'], 'test').and_raise_error(%r{expects 3 arguments, got 2}) + expect(subject).to run.with_params(['test'], 'test').and_raise_error(%r{expects 3 arguments, got 2}) end it do - is_expected.to run.with_params('test', 'test', 100).and_raise_error(%r{parameter 'acls' expects an Array value, got String}) + expect(subject).to run.with_params('test', 'test', 100).and_raise_error(%r{parameter 'acls' expects an Array value, got String}) end it do - is_expected.to run.with_params(['test'], 100, 'test').and_raise_error(%r{parameter 'id' expects a String value, got Integer}) + expect(subject).to run.with_params(['test'], 100, 'test').and_raise_error(%r{parameter 'id' expects a String value, got Integer}) end it do - is_expected.to run.with_params(['test'], 'test', 1).and_raise_error(%r{does not have enough parts}) + expect(subject).to run.with_params(['test'], 'test', 1).and_raise_error(%r{does not have enough parts}) end end it 'returns an empty hash when input is empty array' do - is_expected.to run.with_params([], 'test', 100).and_return({}) + expect(subject).to run.with_params([], 'test', 100).and_return({}) end end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 33e83b1b34..c4b9c3507e 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -48,31 +48,31 @@ def param(type, title, param) it { is_expected.not_to be_nil } it { - is_expected.to run.with_params('foo', 'bar').and_return( + expect(subject).to run.with_params('foo', 'bar').and_return( 'md596948aad3fcae80c08a35c9b5958cd89', ) } it { - is_expected.to run.with_params('foo', 1234).and_return( + expect(subject).to run.with_params('foo', 1234).and_return( 'md539a0e1b308278a8de5e007cd1f795920', ) } it { - is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( + expect(subject).to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( 'SCRAM-SHA-256$4096:Zm9v$ea66ynZ8cS9Ty4ZkEYicwC72StsKLSwjcXIXKMgepTk=:dJYmOU6BMCaWkQOB3lrXH9OAF3lW2n3NJ26NO7Srq7U=', ) } it { - is_expected.to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( + expect(subject).to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( 'SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=', ) } it 'raises an error if there is only 1 argument' do - is_expected.to run.with_params('foo').and_raise_error(StandardError) + expect(subject).to run.with_params('foo').and_raise_error(StandardError) end end @@ -80,23 +80,23 @@ def param(type, title, param) it { is_expected.not_to be_nil } it { - is_expected.to run.with_params('foo') - .and_return('$$foo$$') + expect(subject).to run.with_params('foo') + .and_return('$$foo$$') } it { - is_expected.to run.with_params('fo$$o') - .and_return('$ed$fo$$o$ed$') + expect(subject).to run.with_params('fo$$o') + .and_return('$ed$fo$$o$ed$') } it { - is_expected.to run.with_params('foo$') - .and_return('$a$foo$$a$') + expect(subject).to run.with_params('foo$') + .and_return('$a$foo$$a$') } it 'raises an error if there is more than 1 argument' do - is_expected.to run.with_params(['foo'], ['foo']) - .and_raise_error(StandardError) + expect(subject).to run.with_params(['foo'], ['foo']) + .and_raise_error(StandardError) end end From d13c35fdaae0df8130ce55e3ad2fa3c82085b061 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:39:28 +0100 Subject: [PATCH 0799/1000] (CONT-792) - Correct Style/CommentedKeyword --- .rubocop_todo.yml | 10 +++++----- spec/acceptance/server/reassign_owned_by_spec.rb | 2 +- spec/unit/puppet/type/postgresql_psql_spec.rb | 1 - .../puppet/type/postgresql_replication_slot_spec.rb | 2 +- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 528eef45fb..33de1d2e67 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,11 +160,11 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# Offense count: 1 -# This cop supports unsafe autocorrection (--autocorrect-all). -Style/CommentedKeyword: - Exclude: - - 'spec/acceptance/server/reassign_owned_by_spec.rb' +# # Offense count: 1 +# # This cop supports unsafe autocorrection (--autocorrect-all). +# Style/CommentedKeyword: +# Exclude: +# - 'spec/acceptance/server/reassign_owned_by_spec.rb' # Offense count: 1 # This cop supports unsafe autocorrection (--autocorrect-all). diff --git a/spec/acceptance/server/reassign_owned_by_spec.rb b/spec/acceptance/server/reassign_owned_by_spec.rb index 80a4807f21..4cbd3a49c1 100644 --- a/spec/acceptance/server/reassign_owned_by_spec.rb +++ b/spec/acceptance/server/reassign_owned_by_spec.rb @@ -126,7 +126,7 @@ class { 'postgresql::server': } end end end - end # it should reassign all objects + end end end ##################### diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 3258f902c3..650072822e 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -80,7 +80,6 @@ end end - # rubocop:disable RSpec/NamedSubject # rubocop:disable RSpec/SubjectStub describe '#command' do let(:attributes) { { command: 'SELECT stuff' } } diff --git a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb index 27423bcad5..058e0500cb 100644 --- a/spec/unit/puppet/type/postgresql_replication_slot_spec.rb +++ b/spec/unit/puppet/type/postgresql_replication_slot_spec.rb @@ -8,6 +8,6 @@ end it 'has a name parameter' do - expect(subject[:name]).to eq 'standby' # rubocop:disable RSpec/NamedSubject + expect(subject[:name]).to eq 'standby' end end From c9fd38d4016bda8502a58eba0e06646f3b7dd5a1 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:40:01 +0100 Subject: [PATCH 0800/1000] (CONT-792) - Correct Style/FrozenStringLiteralComment --- .rubocop_todo.yml | 14 -------------- .../functions/postgresql/prepend_sql_password.rb | 2 ++ 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 33de1d2e67..14bcd6b042 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,20 +160,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# # Offense count: 1 -# # This cop supports unsafe autocorrection (--autocorrect-all). -# Style/CommentedKeyword: -# Exclude: -# - 'spec/acceptance/server/reassign_owned_by_spec.rb' - -# Offense count: 1 -# This cop supports unsafe autocorrection (--autocorrect-all). -# Configuration parameters: EnforcedStyle. -# SupportedStyles: always, always_true, never -Style/FrozenStringLiteralComment: - Exclude: - - 'lib/puppet/functions/postgresql/prepend_sql_password.rb' - # Offense count: 1 # This cop supports unsafe autocorrection (--autocorrect-all). Style/GlobalStdStream: diff --git a/lib/puppet/functions/postgresql/prepend_sql_password.rb b/lib/puppet/functions/postgresql/prepend_sql_password.rb index f938d9af1f..f90f65e11a 100644 --- a/lib/puppet/functions/postgresql/prepend_sql_password.rb +++ b/lib/puppet/functions/postgresql/prepend_sql_password.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary This function exists for usage of a role password that is a deferred function Puppet::Functions.create_function(:'postgresql::prepend_sql_password') do # @param password From f87c0007e2f7b68fecd37ed69ffd0b3b2dc1bb97 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:41:08 +0100 Subject: [PATCH 0801/1000] (CONT-792) - Correct Style/GlobalStdStream --- .rubocop_todo.yml | 6 ------ tasks/sql.rb | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 14bcd6b042..8dad7a1794 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,12 +160,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# Offense count: 1 -# This cop supports unsafe autocorrection (--autocorrect-all). -Style/GlobalStdStream: - Exclude: - - 'tasks/sql.rb' - # Offense count: 9 # This cop supports safe autocorrection (--autocorrect). Style/IfUnlessModifier: diff --git a/tasks/sql.rb b/tasks/sql.rb index eb8193a38e..d350625a38 100755 --- a/tasks/sql.rb +++ b/tasks/sql.rb @@ -19,7 +19,7 @@ def get(sql, database, user, port, password, host) { status: stdout.strip } end -params = JSON.parse(STDIN.read) +params = JSON.parse($stdin.read) database = params['database'] host = params['host'] password = params['password'] From b14174961b3a841a3f9484896e25be60b9fa27b7 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:41:36 +0100 Subject: [PATCH 0802/1000] (CONT-792) - Correct Style/IfUnlessModifier --- .rubocop_todo.yml | 13 ------------- .../postgresql/postgresql_acls_to_resources_hash.rb | 4 +--- .../functions/postgresql/postgresql_password.rb | 4 +--- lib/puppet/provider/postgresql_psql/ruby.rb | 4 +--- .../provider/postgresql_replication_slot/ruby.rb | 4 +--- lib/puppet/type/postgresql_psql.rb | 4 +--- spec/acceptance/server/grant_role_spec.rb | 4 +--- spec/acceptance/server/grant_spec.rb | 4 +--- spec/acceptance/server/schema_spec.rb | 4 +--- spec/acceptance/z_alternative_pgdata_spec.rb | 4 +--- 10 files changed, 9 insertions(+), 40 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 8dad7a1794..5e525a0d40 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,19 +160,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# Offense count: 9 -# This cop supports safe autocorrection (--autocorrect). -Style/IfUnlessModifier: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' - - 'lib/puppet/functions/postgresql/postgresql_password.rb' - - 'lib/puppet/provider/postgresql_psql/ruby.rb' - - 'lib/puppet/provider/postgresql_replication_slot/ruby.rb' - - 'lib/puppet/type/postgresql_psql.rb' - - 'spec/acceptance/server/grant_role_spec.rb' - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/acceptance/server/schema_spec.rb' - - 'spec/acceptance/z_alternative_pgdata_spec.rb' # Offense count: 2 Style/MixinUsage: diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index f49c40c4e8..49dd4ccf65 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -38,9 +38,7 @@ def default_impl(acls, id, offset) } if parts[0] == 'local' resource['auth_method'] = parts[3] - if parts.length > 4 - resource['auth_option'] = parts.last(parts.length - 4).join(' ') - end + resource['auth_option'] = parts.last(parts.length - 4).join(' ') if parts.length > 4 elsif %r{^\d}.match?(parts[4]) resource['address'] = parts[3] + ' ' + parts[4] resource['auth_method'] = parts[5] diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 1f27fb5bba..350ae2f86d 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -28,9 +28,7 @@ end def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil) - if password.is_a?(String) && password.match?(%r{^(md5|SCRAM-SHA-256).+}) - return password - end + return password if password.is_a?(String) && password.match?(%r{^(md5|SCRAM-SHA-256).+}) password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index 1cfbbca094..eeba6723f7 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -9,9 +9,7 @@ def run_unless_sql_command(sql) end def run_sql_command(sql) - if resource[:search_path] - sql = "set search_path to #{Array(resource[:search_path]).join(',')}; #{sql}" - end + sql = "set search_path to #{Array(resource[:search_path]).join(',')}; #{sql}" if resource[:search_path] command = [resource[:psql_path]] command.push('-d', resource[:db]) if resource[:db] diff --git a/lib/puppet/provider/postgresql_replication_slot/ruby.rb b/lib/puppet/provider/postgresql_replication_slot/ruby.rb index 3a711308e4..31271cc51b 100644 --- a/lib/puppet/provider/postgresql_replication_slot/ruby.rb +++ b/lib/puppet/provider/postgresql_replication_slot/ruby.rb @@ -15,9 +15,7 @@ def self.instances def self.prefetch(resources) instances.each do |i| slot = resources[i.name] - if slot - slot.provider = i - end + slot.provider = i if slot end end diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 88039d4380..2db3cd34b4 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -110,9 +110,7 @@ def matches(value) validate do |values| Array(values).each do |value| - unless %r{\w+=}.match?(value) - raise ArgumentError, "Invalid environment setting '#{value}'" - end + raise ArgumentError, "Invalid environment setting '#{value}'" unless %r{\w+=}.match?(value) end end end diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index c9935f0c16..6a32dc03e8 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -8,9 +8,7 @@ let(:group) { 'test_group' } let(:password) { 'psql_grant_role_pw' } let(:version) do - if os[:family] == 'redhat' && os[:release].start_with?('5') - '8.1' - end + '8.1' if os[:family] == 'redhat' && os[:release].start_with?('5') end let(:pp_one) do <<-MANIFEST.unindent diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 98d50a9e2a..41b977eb96 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -79,9 +79,7 @@ class { 'postgresql::server': } end it 'is expected to run idempotently' do - if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') - idempotent_apply(pp) - end + idempotent_apply(pp) if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') end it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index 61a3f720bd..dc2bc5d6c3 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -4,9 +4,7 @@ describe 'postgresql::server::schema:' do let(:version) do - if os[:family] == 'redhat' && os[:release].start_with?('5') - '8.1' - end + '8.1' if os[:family] == 'redhat' && os[:release].start_with?('5') end let(:pp) do <<-MANIFEST.unindent diff --git a/spec/acceptance/z_alternative_pgdata_spec.rb b/spec/acceptance/z_alternative_pgdata_spec.rb index c3b581f02f..7c717c4344 100644 --- a/spec/acceptance/z_alternative_pgdata_spec.rb +++ b/spec/acceptance/z_alternative_pgdata_spec.rb @@ -7,9 +7,7 @@ describe 'postgresql::server', skip: 'IAC-1286' do before(:each) do - if os[:family] == 'sles' - skip "These test's currently do not work on SLES/Suse modules" - end + skip "These test's currently do not work on SLES/Suse modules" if os[:family] == 'sles' end it 'on an alternative pgdata location' do From 902cc7f375f528cf3cc082a31e7ae276d98a5057 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:42:15 +0100 Subject: [PATCH 0803/1000] (CONT-792) - Correct Style/MixinUsage --- .rubocop_todo.yml | 7 ------- spec/spec_helper.rb | 2 +- spec/spec_helper_local.rb | 2 +- 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 5e525a0d40..5ed4cbcc11 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,13 +160,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' - -# Offense count: 2 -Style/MixinUsage: - Exclude: - - 'spec/spec_helper.rb' - - 'spec/spec_helper_local.rb' - # Offense count: 5 # This cop supports unsafe autocorrection (--autocorrect-all). # Configuration parameters: EnforcedStyle, AllowedMethods, AllowedPatterns. diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 07db73426e..0463715e3d 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -9,7 +9,7 @@ require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) -include RspecPuppetFacts +include RspecPuppetFacts # rubocop:disable Style/MixinUsage default_facts = { puppetversion: Puppet.version, diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index c4b9c3507e..bff35ebbe3 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -101,7 +101,7 @@ def param(type, title, param) end # This duplicates spec_helper but we need it for add_custom_fact -include RspecPuppetFacts +include RspecPuppetFacts # rubocop:disable Style/MixinUsage # Rough conversion of grepping in the puppet source: # grep defaultfor lib/puppet/provider/service/*.rb # See https://github.com/voxpupuli/voxpupuli-test/blob/master/lib/voxpupuli/test/facts.rb From 53c864297d92b4d2702ae6449fe7da10373c8f0c Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:45:52 +0100 Subject: [PATCH 0804/1000] (CONT-792) - Correct Style/RedundantRegexpCharacterClass --- .rubocop_todo.yml | 15 --------------- spec/defines/server/recovery_spec.rb | 4 ++-- 2 files changed, 2 insertions(+), 17 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 5ed4cbcc11..9525355e62 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -160,15 +160,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# Offense count: 5 -# This cop supports unsafe autocorrection (--autocorrect-all). -# Configuration parameters: EnforcedStyle, AllowedMethods, AllowedPatterns. -# SupportedStyles: predicate, comparison -Style/NumericPredicate: - Exclude: - - 'spec/**/*' - - 'lib/puppet/type/postgresql_psql.rb' - # Offense count: 2 # Configuration parameters: AllowedMethods. # AllowedMethods: respond_to_missing? @@ -177,12 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 16 -# This cop supports safe autocorrection (--autocorrect). -Style/RedundantRegexpCharacterClass: - Exclude: - - 'spec/defines/server/recovery_spec.rb' - # Offense count: 7 # This cop supports safe autocorrection (--autocorrect). Style/RedundantRegexpEscape: diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index 766420510d..22efcceff1 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -30,7 +30,7 @@ class { 'postgresql::server': } it do expect(subject).to contain_concat__fragment('test-recovery.conf') - .with(content: %r{restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'}) + .with(content: %r{restore_command = 'restore_command'\n+recovery_target_timeline = 'recovery_target_timeline'}) end end @@ -103,7 +103,7 @@ class { 'postgresql::server': } it do expect(subject).to contain_concat__fragment('test-recovery.conf') - .with(content: %r{restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+}) # rubocop:disable Layout/LineLength + .with(content: %r{restore_command = 'restore_command'\n+archive_cleanup_command = 'archive_cleanup_command'\n+recovery_end_command = 'recovery_end_command'\n+recovery_target_name = 'recovery_target_name'\n+recovery_target_time = 'recovery_target_time'\n+recovery_target_xid = 'recovery_target_xid'\n+recovery_target_inclusive = true\n+recovery_target = 'recovery_target'\n+recovery_target_timeline = 'recovery_target_timeline'\n+pause_at_recovery_target = true\n+standby_mode = on\n+primary_conninfo = 'primary_conninfo'\n+primary_slot_name = 'primary_slot_name'\n+trigger_file = 'trigger_file'\n+recovery_min_apply_delay = 0\n+}) # rubocop:disable Layout/LineLength end end end From 973e15b40ea0b51688dc88fc93d2f15eb0efb5e9 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:48:15 +0100 Subject: [PATCH 0805/1000] (CONT-792) - Correct Style/RedundantRegexpEscape --- .rubocop_todo.yml | 8 -------- lib/puppet/provider/postgresql_conf/parsed.rb | 2 +- lib/puppet/type/postgresql_conf.rb | 2 +- spec/defines/server/pg_hba_rule_spec.rb | 8 ++++---- spec/spec_helper_acceptance_local.rb | 2 +- 5 files changed, 7 insertions(+), 15 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 9525355e62..1e2a6a985c 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,14 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 7 -# This cop supports safe autocorrection (--autocorrect). -Style/RedundantRegexpEscape: - Exclude: - - 'lib/puppet/provider/postgresql_conf/parsed.rb' - - 'lib/puppet/type/postgresql_conf.rb' - - 'spec/defines/server/pg_hba_rule_spec.rb' - - 'spec/spec_helper_acceptance_local.rb' # Offense count: 2 # This cop supports safe autocorrection (--autocorrect). diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index 99bdefeb96..f90570ce70 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -16,7 +16,7 @@ record_line :parsed, fields: ['name', 'value', 'comment'], optional: ['comment'], - match: %r{^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$}, + match: %r{^\s*([\w.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$}, to_line: proc { |h| # simple string and numeric values don't need to be enclosed in quotes val = if h[:value].is_a?(Numeric) diff --git a/lib/puppet/type/postgresql_conf.rb b/lib/puppet/type/postgresql_conf.rb index b27862236b..c014ac0fe8 100644 --- a/lib/puppet/type/postgresql_conf.rb +++ b/lib/puppet/type/postgresql_conf.rb @@ -9,7 +9,7 @@ desc 'The postgresql parameter name to manage.' isnamevar - newvalues(%r{^[\w\.]+$}) + newvalues(%r{^[\w.]+$}) end newproperty(:value) do diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index bdf5abcdf7..f42aa15e84 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -30,7 +30,7 @@ class { 'postgresql::server': } end it do - expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+1\.1\.1\.1/24\s+md5}) end end @@ -76,7 +76,7 @@ class { 'postgresql::server': } end it do - expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar}) + expect(subject).to contain_concat__fragment('pg_hba_rule_test').with(content: %r{host\s+all\s+all\s+0\.0\.0\.0/0\s+ldap\s+foo=bar}) end end @@ -104,7 +104,7 @@ class { 'postgresql::server': } it do expect(subject).to contain_concat__fragment('pg_hba_rule_test').with( - content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer}, + content: %r{local\s+all\s+all\s+0\.0\.0\.0/0\s+peer}, ) end end @@ -132,7 +132,7 @@ class { 'postgresql::server': } it do expect(subject).to contain_concat__fragment('pg_hba_rule_test').with( - content: %r{local\s+all\s+all\s+0\.0\.0\.0\/0\s+scram-sha-256}, + content: %r{local\s+all\s+all\s+0\.0\.0\.0/0\s+scram-sha-256}, ) end end diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index c7fc30a299..520c65d82a 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -85,7 +85,7 @@ def shellescape(str) # Treat multibyte characters as is. It is caller's responsibility # to encode the string in the right encoding for the shell # environment. - str.gsub!(%r{([^A-Za-z0-9_\-.,:\/@\n])}, '\\\\\\1') + str.gsub!(%r{([^A-Za-z0-9_\-.,:/@\n])}, '\\\\\\1') # A LF cannot be escaped with a backslash because a backslash + LF # combo is regarded as line continuation and simply ignored. From 80a089ff6d8f7aded94a9db64b04d1cec2250f78 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:48:40 +0100 Subject: [PATCH 0806/1000] (CONT-792) - Correct Style/RedundantStringEscape --- .rubocop_todo.yml | 7 ------- spec/acceptance/db_spec.rb | 2 +- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 1e2a6a985c..5a8df504bd 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,13 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' - -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -Style/RedundantStringEscape: - Exclude: - - 'spec/acceptance/db_spec.rb' - # Offense count: 1 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: EnforcedStyle. diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 42a453cb8c..e3d5549b28 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -23,7 +23,7 @@ class { 'postgresql::server': idempotent_apply(pp) # Verify that the postgres password works - run_shell("echo 'localhost:*:*:postgres:\'space password\'' > /root/.pgpass") + run_shell("echo 'localhost:*:*:postgres:'space password'' > /root/.pgpass") run_shell('chmod 600 /root/.pgpass') run_shell("psql -U postgres -h localhost --command='\\l'") From ca4c9a7b2f061b2c923a411602500596b6cb4553 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:49:07 +0100 Subject: [PATCH 0807/1000] (CONT-792) - Correct Style/RescueStandardError --- .rubocop_todo.yml | 8 -------- spec/spec_helper.rb | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 5a8df504bd..e7b7e0a8fe 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,14 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyle. -# SupportedStyles: implicit, explicit -Style/RescueStandardError: - Exclude: - - 'spec/spec_helper.rb' - # Offense count: 3 # This cop supports unsafe autocorrection (--autocorrect-all). # Configuration parameters: Mode. diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 0463715e3d..e6f671ad84 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -26,7 +26,7 @@ begin default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end From 6c89748e549e2f47e6869d9fb0111b98049c4208 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:49:46 +0100 Subject: [PATCH 0808/1000] (CONT-792) - Correct Style/StringConcatenation --- .rubocop_todo.yml | 9 --------- .../postgresql/postgresql_acls_to_resources_hash.rb | 2 +- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- lib/puppet/provider/postgresql_psql/ruby.rb | 2 +- 4 files changed, 3 insertions(+), 12 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index e7b7e0a8fe..4bfd3def14 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,15 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 3 -# This cop supports unsafe autocorrection (--autocorrect-all). -# Configuration parameters: Mode. -Style/StringConcatenation: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb' - - 'lib/puppet/functions/postgresql/postgresql_password.rb' - - 'lib/puppet/provider/postgresql_psql/ruby.rb' - # Offense count: 1 # This cop supports unsafe autocorrection (--autocorrect-all). # Configuration parameters: AllowMethodsWithArguments, AllowedMethods, AllowedPatterns, AllowComments. diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 49dd4ccf65..034b23054b 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -40,7 +40,7 @@ def default_impl(acls, id, offset) resource['auth_method'] = parts[3] resource['auth_option'] = parts.last(parts.length - 4).join(' ') if parts.length > 4 elsif %r{^\d}.match?(parts[4]) - resource['address'] = parts[3] + ' ' + parts[4] + resource['address'] = "#{parts[3]} #{parts[4]}" resource['auth_method'] = parts[5] resource['auth_option'] = parts.last(parts.length - 6).join(' ') if parts.length > 6 diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 350ae2f86d..1134b1f1ce 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -32,7 +32,7 @@ def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil password = password.unwrap if password.respond_to?(:unwrap) pass = if hash == 'md5' - 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) + "md5#{Digest::MD5.hexdigest(password.to_s + username.to_s)}" else pg_sha256(password, (salt || username)) end diff --git a/lib/puppet/provider/postgresql_psql/ruby.rb b/lib/puppet/provider/postgresql_psql/ruby.rb index eeba6723f7..671d6679bc 100644 --- a/lib/puppet/provider/postgresql_psql/ruby.rb +++ b/lib/puppet/provider/postgresql_psql/ruby.rb @@ -5,7 +5,7 @@ def run_unless_sql_command(sql) # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', # which makes it easier to parse and process the output. - run_sql_command('SELECT COUNT(*) FROM (' + sql + ') count') + run_sql_command("SELECT COUNT(*) FROM (#{sql}) count") end def run_sql_command(sql) From 45653efdd1e483ecb0296f7a79c4634fc23d85b7 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:50:35 +0100 Subject: [PATCH 0809/1000] (CONT-792) - Correct Style/SymbolProc --- .rubocop_todo.yml | 8 -------- spec/spec_helper_acceptance_local.rb | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 4bfd3def14..8230492bd1 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,14 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 1 -# This cop supports unsafe autocorrection (--autocorrect-all). -# Configuration parameters: AllowMethodsWithArguments, AllowedMethods, AllowedPatterns, AllowComments. -# AllowedMethods: define_method -Style/SymbolProc: - Exclude: - - 'spec/spec_helper_acceptance_local.rb' - # Offense count: 2 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: EnforcedStyle, AllowSafeAssignment. diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 520c65d82a..d6ef2bf3f6 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -9,7 +9,7 @@ class LitmusHelper class String def unindent - gsub(%r{^#{scan(%r{^\s*}).min_by { |l| l.length }}}, '') + gsub(%r{^#{scan(%r{^\s*}).min_by(&:length)}}, '') end end From c4b5bbf5bb475a5d233790ba09f5b738c45d06fb Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:51:00 +0100 Subject: [PATCH 0810/1000] (CONT-792) - Correct Style/TernaryParentheses --- .rubocop_todo.yml | 8 -------- spec/spec_helper_local.rb | 4 ++-- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 8230492bd1..c87cf07992 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -168,14 +168,6 @@ Style/OptionalBooleanParameter: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyle, AllowSafeAssignment. -# SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex -Style/TernaryParentheses: - Exclude: - - 'spec/spec_helper_local.rb' - # Offense count: 137 # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: EnforcedStyleForMultiline. diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index bff35ebbe3..9230d92ad0 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -118,9 +118,9 @@ def param(type, title, param) when 'openbsd' 'openbsd' when 'redhat' - facts[:operatingsystemrelease].to_i >= 7 ? 'systemd' : 'redhat' + (facts[:operatingsystemrelease].to_i >= 7) ? 'systemd' : 'redhat' when 'suse' - facts[:operatingsystemmajrelease].to_i >= 12 ? 'systemd' : 'redhat' + (facts[:operatingsystemmajrelease].to_i >= 12) ? 'systemd' : 'redhat' when 'windows' 'windows' else From 83be16ed29ec681acce4b7839f45d3490cfa5acf Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:51:23 +0100 Subject: [PATCH 0811/1000] (CONT-792) - Correct Style/TrailingCommaInHashLiteral --- .rubocop_todo.yml | 7 ---- .../postgresql_acls_to_resources_hash.rb | 2 +- .../postgresql/postgresql_password.rb | 2 +- lib/puppet/util/postgresql_validator.rb | 2 +- spec/classes/client_spec.rb | 4 +-- spec/classes/globals_spec.rb | 6 ++-- spec/classes/lib/devel_spec.rb | 4 +-- spec/classes/server/contrib_spec.rb | 2 +- spec/classes/server/plperl_spec.rb | 2 +- spec/classes/server/plpython_spec.rb | 2 +- spec/classes/server/postgis_spec.rb | 2 +- spec/classes/server_spec.rb | 26 +++++++------- spec/defines/server/database_grant_spec.rb | 2 +- spec/defines/server/db_spec.rb | 4 +-- .../defines/server/default_privileges_spec.rb | 28 +++++++-------- spec/defines/server/extension_spec.rb | 14 ++++---- spec/defines/server/grant_role_spec.rb | 2 +- spec/defines/server/grant_spec.rb | 36 +++++++++---------- spec/defines/server/pg_hba_rule_spec.rb | 22 ++++++------ spec/defines/server/pg_ident_rule_spec.rb | 4 +-- spec/defines/server/reassign_owned_by_spec.rb | 2 +- spec/defines/server/recovery_spec.rb | 6 ++-- spec/defines/server/role_spec.rb | 14 ++++---- spec/defines/server/schema_spec.rb | 4 +-- spec/defines/server/table_grant_spec.rb | 2 +- spec/defines/server/tablespace_spec.rb | 6 ++-- spec/defines/validate_db_connection_spec.rb | 4 +-- ..._postgresql_acls_to_resources_hash_spec.rb | 32 ++++++++--------- spec/spec_helper.rb | 2 +- spec/spec_helper_local.rb | 18 +++++----- spec/type_aliases/pg_hba_rules_spec.rb | 2 +- .../postgresql_conn_validator/ruby_spec.rb | 8 ++--- .../provider/postgresql_psql/ruby_spec.rb | 6 ++-- spec/unit/puppet/type/postgresql_psql_spec.rb | 2 +- 34 files changed, 137 insertions(+), 144 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index c87cf07992..48c14f7fb6 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -167,10 +167,3 @@ Style/OptionalBooleanParameter: Exclude: - 'lib/puppet/functions/postgresql/postgresql_password.rb' - 'lib/puppet/type/postgresql_psql.rb' - -# Offense count: 137 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyleForMultiline. -# SupportedStylesForMultiline: comma, consistent_comma, no_comma -Style/TrailingCommaInHashLiteral: - Enabled: false diff --git a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb index 034b23054b..5f18040c0d 100644 --- a/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb +++ b/lib/puppet/functions/postgresql/postgresql_acls_to_resources_hash.rb @@ -34,7 +34,7 @@ def default_impl(acls, id, offset) 'type' => parts[0], 'database' => parts[1], 'user' => parts[2], - 'order' => '%03d' % (offset + index), + 'order' => '%03d' % (offset + index) } if parts[0] == 'local' resource['auth_method'] = parts[3] diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 1134b1f1ce..8d1013374a 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -49,7 +49,7 @@ def pg_sha256(password, salt) iterations: '4096', salt: Base64.strict_encode64(salt), client_key: Base64.strict_encode64(client_key(digest)), - server_key: Base64.strict_encode64(server_key(digest)), + server_key: Base64.strict_encode64(server_key(digest)) } end diff --git a/lib/puppet/util/postgresql_validator.rb b/lib/puppet/util/postgresql_validator.rb index 87ba7353c9..6a3152b64f 100644 --- a/lib/puppet/util/postgresql_validator.rb +++ b/lib/puppet/util/postgresql_validator.rb @@ -17,7 +17,7 @@ def build_psql_cmd port: '--port', db_username: '--username', db_name: '--dbname', - command: '--command', + command: '--command' } args.each do |k, v| diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb index ddbe1f6518..55fee3ed54 100644 --- a/spec/classes/client_spec.rb +++ b/spec/classes/client_spec.rb @@ -11,7 +11,7 @@ validcon_script_path: '/opt/bin/my-validate-con.sh', package_ensure: 'absent', package_name: 'mypackage', - file_ensure: 'file', + file_ensure: 'file' } end @@ -50,7 +50,7 @@ class { 'postgresql::globals': describe 'with client package name explicitly set undef' do let :params do { - package_name: 'UNSET', + package_name: 'UNSET' } end diff --git a/spec/classes/globals_spec.rb b/spec/classes/globals_spec.rb index 2c91883c98..3a6f021ba3 100644 --- a/spec/classes/globals_spec.rb +++ b/spec/classes/globals_spec.rb @@ -15,7 +15,7 @@ describe 'manage_package_repo => true' do let(:params) do { - manage_package_repo: true, + manage_package_repo: true } end @@ -38,7 +38,7 @@ let(:params) do { manage_package_repo: true, - repo_proxy: 'http://proxy-server:8080', + repo_proxy: 'http://proxy-server:8080' } end @@ -63,7 +63,7 @@ { manage_package_repo: true, repo_baseurl: 'http://mirror.localrepo.com/pgdg-postgresql', - yum_repo_commonurl: 'http://mirror.localrepo.com/pgdg-common', + yum_repo_commonurl: 'http://mirror.localrepo.com/pgdg-common' } end diff --git a/spec/classes/lib/devel_spec.rb b/spec/classes/lib/devel_spec.rb index 9da1b73022..bbc4098dac 100644 --- a/spec/classes/lib/devel_spec.rb +++ b/spec/classes/lib/devel_spec.rb @@ -18,7 +18,7 @@ describe 'disable link_pg_config' do let(:params) do { - link_pg_config: false, + link_pg_config: false } end @@ -48,7 +48,7 @@ include_examples 'Gentoo' let :params do { - link_pg_config: false, + link_pg_config: false } end diff --git a/spec/classes/server/contrib_spec.rb b/spec/classes/server/contrib_spec.rb index c093c34f80..16e3139aa2 100644 --- a/spec/classes/server/contrib_spec.rb +++ b/spec/classes/server/contrib_spec.rb @@ -13,7 +13,7 @@ let(:params) do { package_name: 'mypackage', - package_ensure: 'absent', + package_ensure: 'absent' } end diff --git a/spec/classes/server/plperl_spec.rb b/spec/classes/server/plperl_spec.rb index 837a777fa4..a749d758eb 100644 --- a/spec/classes/server/plperl_spec.rb +++ b/spec/classes/server/plperl_spec.rb @@ -22,7 +22,7 @@ let :params do { package_ensure: 'absent', - package_name: 'mypackage', + package_name: 'mypackage' } end diff --git a/spec/classes/server/plpython_spec.rb b/spec/classes/server/plpython_spec.rb index 200f80984d..d657b67e36 100644 --- a/spec/classes/server/plpython_spec.rb +++ b/spec/classes/server/plpython_spec.rb @@ -22,7 +22,7 @@ let :params do { package_ensure: 'absent', - package_name: 'mypackage', + package_name: 'mypackage' } end diff --git a/spec/classes/server/postgis_spec.rb b/spec/classes/server/postgis_spec.rb index b23f5c66eb..eb149e7073 100644 --- a/spec/classes/server/postgis_spec.rb +++ b/spec/classes/server/postgis_spec.rb @@ -12,7 +12,7 @@ let(:params) do { package_name: 'mypackage', - package_ensure: 'absent', + package_ensure: 'absent' } end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 02c34e649f..865c967fc4 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -52,7 +52,7 @@ class { 'postgresql::globals': let(:params) do { service_ensure: 'running', - postgres_password: 'new-p@s$word-to-set', + postgres_password: 'new-p@s$word-to-set' } end @@ -76,7 +76,7 @@ class { 'postgresql::globals': let(:params) do { service_ensure: true, - postgres_password: 'new-p@s$word-to-set', + postgres_password: 'new-p@s$word-to-set' } end @@ -171,7 +171,7 @@ class { 'postgresql::globals': describe 'package_ensure => absent' do let(:params) do { - package_ensure: 'absent', + package_ensure: 'absent' } end @@ -187,7 +187,7 @@ class { 'postgresql::globals': describe 'needs_initdb => true' do let(:params) do { - needs_initdb: true, + needs_initdb: true } end @@ -219,8 +219,8 @@ class { 'postgresql::globals': let(:params) do { roles: { - username: { createdb: true }, - }, + username: { createdb: true } + } } end @@ -234,8 +234,8 @@ class { 'postgresql::globals': config_entries: { fsync: 'off', checkpoint_segments: '20', - remove_me: :undef, - }, + remove_me: :undef + } } end @@ -254,9 +254,9 @@ class { 'postgresql::globals': database: 'mydb', user: 'myuser', auth_method: 'md5', - address: '192.0.2.100', - }, - }, + address: '192.0.2.100' + } + } } end @@ -291,8 +291,8 @@ class { 'postgresql::globals': db_user: 'backupuser', db_password: 'backuppass', dir: '/tmp/backuptest', - manage_user: true, - }, + manage_user: true + } } end diff --git a/spec/defines/server/database_grant_spec.rb b/spec/defines/server/database_grant_spec.rb index 3951fa2b27..70ff90bb19 100644 --- a/spec/defines/server/database_grant_spec.rb +++ b/spec/defines/server/database_grant_spec.rb @@ -13,7 +13,7 @@ { privilege: 'ALL', db: 'test', - role: 'test', + role: 'test' } end diff --git a/spec/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb index 65677d9aa1..0051b678c9 100644 --- a/spec/defines/server/db_spec.rb +++ b/spec/defines/server/db_spec.rb @@ -14,7 +14,7 @@ { user: 'test', password: 'test', - owner: 'tester', + owner: 'tester' } end @@ -34,7 +34,7 @@ dbname: 'testtest', user: 'test', password: 'test', - owner: 'tester', + owner: 'tester' } end diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 7faf481fc1..860229b875 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -17,7 +17,7 @@ db: 'test', role: 'test', privilege: 'all', - object_type: 'tables', + object_type: 'tables' } end @@ -34,7 +34,7 @@ db: 'test', role: 'test', privilege: 'aLl', - object_type: 'TaBlEs', + object_type: 'TaBlEs' } end @@ -58,7 +58,7 @@ db: 'test', role: 'test', privilege: 'all', - object_type: 'wrong_type', + object_type: 'wrong_type' } end @@ -77,7 +77,7 @@ db: 'test', role: 'test', privilege: 'all', - object_type: 'tables', + object_type: 'tables' } end @@ -103,7 +103,7 @@ db: 'test', role: 'test', privilege: 'wrong_privilege', - object_type: 'tables', + object_type: 'tables' } end @@ -123,7 +123,7 @@ role: 'test', privilege: 'all', object_type: 'schemas', - schema: '', + schema: '' } end @@ -143,7 +143,7 @@ role: 'test', privilege: 'all', object_type: 'schemas', - schema: '', + schema: '' } end @@ -177,7 +177,7 @@ class { 'postgresql::server': } role: 'test', privilege: 'all', object_type: 'schemas', - schema: 'public', + schema: 'public' } end @@ -202,7 +202,7 @@ class { 'postgresql::server': } privilege: 'all', object_type: 'tables', connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.6' }, + 'DBVERSION' => '9.6' } } end @@ -224,7 +224,7 @@ class { 'postgresql::server': } object_type: 'tables', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', - 'PGPORT' => '1234' }, + 'PGPORT' => '1234' } } end @@ -247,7 +247,7 @@ class { 'postgresql::server': } connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', 'PGPORT' => '1234' }, - port: 5678, + port: 5678 } end @@ -320,7 +320,7 @@ class { 'postgresql::server': } db: 'test', role: 'test', privilege: 'all', - object_type: 'tables', + object_type: 'tables' } end @@ -348,7 +348,7 @@ class {'postgresql::server':} db: 'test', role: 'test', privilege: 'all', - object_type: 'tables', + object_type: 'tables' } end @@ -384,7 +384,7 @@ class {'postgresql::server':} psql_user: 'postgres', psql_db: 'db', port: 1542, - connect_settings: { 'DBVERSION' => '9.6' }, + connect_settings: { 'DBVERSION' => '9.6' } } end diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index 15a76bb68e..251f45a990 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -14,7 +14,7 @@ let(:title) { 'postgis' } let(:params) do { - database: 'template_postgis', + database: 'template_postgis' } end @@ -120,7 +120,7 @@ let(:params) do { database: 'template_postgis2', - extension: 'postgis', + extension: 'postgis' } end @@ -143,7 +143,7 @@ let(:params) do { database: 'postgres', - extension: 'pg_repack', + extension: 'pg_repack' } end @@ -162,7 +162,7 @@ let :params do { database: 'postgres', - extension: 'pg_repack', + extension: 'pg_repack' } end @@ -179,7 +179,7 @@ { database: 'postgres', extension: 'pg_repack', - port: 1234, + port: 1234 } end @@ -198,7 +198,7 @@ extension: 'pg_repack', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' }, + 'PGPORT' => '1234' } } end @@ -223,7 +223,7 @@ connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234' }, - port: 5678, + port: 5678 } end diff --git a/spec/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb index 22b18f58c0..31d45f7c8c 100644 --- a/spec/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -14,7 +14,7 @@ let(:params) do { group: 'my_group', - role: 'my_role', + role: 'my_role' } end diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 45106269fa..9b9a8e5235 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -13,7 +13,7 @@ let :params do { db: 'test', - role: 'test', + role: 'test' } end @@ -31,7 +31,7 @@ db: 'test', role: 'test', privilege: 'usage', - object_type: 'sequence', + object_type: 'sequence' } end @@ -55,7 +55,7 @@ db: 'test', role: 'test', privilege: 'usage', - object_type: 'SeQuEnCe', + object_type: 'SeQuEnCe' } end @@ -80,7 +80,7 @@ role: 'test', privilege: 'usage', object_type: 'all sequences in schema', - object_name: 'public', + object_name: 'public' } end @@ -104,7 +104,7 @@ db: 'test', role: 'test', connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1' }, + 'DBVERSION' => '9.1' } } end @@ -124,7 +124,7 @@ role: 'test', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' }, + 'PGPORT' => '1234' } } end @@ -145,7 +145,7 @@ connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234' }, - port: 5678, + port: 5678 } end @@ -165,7 +165,7 @@ role: 'test', privilege: 'all', object_name: ['myschema', 'mytable'], - object_type: 'table', + object_type: 'table' } end @@ -190,7 +190,7 @@ role: 'test', privilege: 'all', object_name: ['myschema', 'mytable'], - object_type: 'table', + object_type: 'table' } end @@ -218,7 +218,7 @@ class {'postgresql::server':} role: 'PUBLIC', privilege: 'all', object_name: ['myschema', 'mytable'], - object_type: 'table', + object_type: 'table' } end @@ -248,7 +248,7 @@ class {'postgresql::server':} privilege: 'execute', object_name: 'test', object_arguments: ['text', 'boolean'], - object_type: 'function', + object_type: 'function' } end @@ -274,7 +274,7 @@ class {'postgresql::server':} privilege: 'execute', object_name: ['myschema', 'test'], object_arguments: ['text', 'boolean'], - object_type: 'function', + object_type: 'function' } end @@ -306,7 +306,7 @@ class {'postgresql::server':} psql_user: 'postgres', psql_db: 'db', port: 1542, - connect_settings: {}, + connect_settings: {} } end @@ -320,7 +320,7 @@ class {'postgresql::server':} db: 'test', role: 'test', privilege: 'usage', - object_type: 'invalid', + object_type: 'invalid' } end @@ -338,7 +338,7 @@ class {'postgresql::server':} role: 'test', privilege: 'all', object_name: 1, - object_type: 'table', + object_type: 'table' } end @@ -356,7 +356,7 @@ class {'postgresql::server':} role: 'test', privilege: 'all', object_name: ['oops'], - object_type: 'table', + object_type: 'table' } end @@ -378,7 +378,7 @@ class {'postgresql::server':} role: 'test', privilege: 'all', object_name: ['myschema', 'mytable', 'oops'], - object_type: 'table', + object_type: 'table' } end @@ -401,7 +401,7 @@ class {'postgresql::server':} privilege: 'all', object_name: ['myschema', 'mytable'], object_type: 'table', - onlyif_exists: true, + onlyif_exists: true } end diff --git a/spec/defines/server/pg_hba_rule_spec.rb b/spec/defines/server/pg_hba_rule_spec.rb index f42aa15e84..7d1187001c 100644 --- a/spec/defines/server/pg_hba_rule_spec.rb +++ b/spec/defines/server/pg_hba_rule_spec.rb @@ -25,7 +25,7 @@ class { 'postgresql::server': } user: 'all', address: '1.1.1.1/24', auth_method: 'md5', - target: target, + target: target } end @@ -47,7 +47,7 @@ class { 'postgresql::server': } database: 'all', user: 'all', auth_method: 'ident', - target: target, + target: target } end @@ -71,7 +71,7 @@ class { 'postgresql::server': } address: '0.0.0.0/0', auth_method: 'ldap', auth_option: 'foo=bar', - target: target, + target: target } end @@ -98,7 +98,7 @@ class { 'postgresql::server': } user: 'all', address: '0.0.0.0/0', auth_method: 'peer', - target: target, + target: target } end @@ -126,7 +126,7 @@ class { 'postgresql::server': } user: 'all', address: '0.0.0.0/0', auth_method: 'scram-sha-256', - target: target, + target: target } end @@ -151,7 +151,7 @@ class { 'postgresql::server': } type: 'local', database: 'all', user: 'all', - auth_method: 'ident', + auth_method: 'ident' } end @@ -173,7 +173,7 @@ class { 'postgresql::server': } database: 'all', user: 'all', auth_method: 'ident', - order: '12', + order: '12' } end @@ -195,7 +195,7 @@ class { 'postgresql::server': } database: 'all', user: 'all', auth_method: 'ident', - order: 12, + order: 12 } end @@ -217,7 +217,7 @@ class { 'postgresql::server': } database: 'all', user: 'all', auth_method: 'ident', - order: 1234, + order: 1234 } end @@ -240,7 +240,7 @@ class { 'postgresql::server': } user: 'all', address: '.domain.tld', auth_method: 'md5', - target: target, + target: target } end @@ -263,7 +263,7 @@ class { 'postgresql::server': } user: 'all', address: '/45', auth_method: 'md5', - target: target, + target: target } end diff --git a/spec/defines/server/pg_ident_rule_spec.rb b/spec/defines/server/pg_ident_rule_spec.rb index 116330b5e9..77ebb61c84 100644 --- a/spec/defines/server/pg_ident_rule_spec.rb +++ b/spec/defines/server/pg_ident_rule_spec.rb @@ -25,7 +25,7 @@ class { 'postgresql::server': } { map_name: 'thatsmymap', system_username: 'systemuser', - database_username: 'dbuser', + database_username: 'dbuser' } end @@ -47,7 +47,7 @@ class { 'postgresql::server': } { map_name: 'thatsmymap', system_username: 'systemuser', - database_username: 'dbuser', + database_username: 'dbuser' } end diff --git a/spec/defines/server/reassign_owned_by_spec.rb b/spec/defines/server/reassign_owned_by_spec.rb index 89c4b9192f..d0cfb69202 100644 --- a/spec/defines/server/reassign_owned_by_spec.rb +++ b/spec/defines/server/reassign_owned_by_spec.rb @@ -13,7 +13,7 @@ { db: 'test', old_role: 'test_old_role', - new_role: 'test_new_role', + new_role: 'test_new_role' } end diff --git a/spec/defines/server/recovery_spec.rb b/spec/defines/server/recovery_spec.rb index 22efcceff1..0fc24f233f 100644 --- a/spec/defines/server/recovery_spec.rb +++ b/spec/defines/server/recovery_spec.rb @@ -24,7 +24,7 @@ class { 'postgresql::server': } let(:params) do { restore_command: 'restore_command', - recovery_target_timeline: 'recovery_target_timeline', + recovery_target_timeline: 'recovery_target_timeline' } end @@ -45,7 +45,7 @@ class { 'postgresql::server': } end let(:params) do { - restore_command: '', + restore_command: '' } end @@ -97,7 +97,7 @@ class { 'postgresql::server': } primary_conninfo: 'primary_conninfo', primary_slot_name: 'primary_slot_name', trigger_file: 'trigger_file', - recovery_min_apply_delay: 0, + recovery_min_apply_delay: 0 } end diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index e306e871c2..d1d61e7ff4 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -16,7 +16,7 @@ context 'with Password Datatype String' do let :params do { - password_hash: 'new-pa$s', + password_hash: 'new-pa$s' } end @@ -42,7 +42,7 @@ context 'with Password Datatype Sensitive[String]' do let :params do { - password_hash: sensitive('new-pa$s'), + password_hash: sensitive('new-pa$s') } end @@ -72,7 +72,7 @@ connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + 'PGPASSWORD' => 'login-pass' } } end @@ -109,7 +109,7 @@ 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + 'PGPASSWORD' => 'login-pass' } } end @@ -140,7 +140,7 @@ let :params do { password_hash: 'new-pa$s', - update_password: false, + update_password: false } end @@ -156,7 +156,7 @@ context 'with ensure set to absent' do let :params do { - ensure: 'absent', + ensure: 'absent' } end @@ -187,7 +187,7 @@ psql_group: 'postgresql', psql_path: '/usr/bin', module_workdir: '/tmp', - db: 'db', + db: 'db' } end diff --git a/spec/defines/server/schema_spec.rb b/spec/defines/server/schema_spec.rb index 8da588d67c..a7bbf28412 100644 --- a/spec/defines/server/schema_spec.rb +++ b/spec/defines/server/schema_spec.rb @@ -12,7 +12,7 @@ let :params do { owner: 'jane', - db: 'janedb', + db: 'janedb' } end @@ -26,7 +26,7 @@ let :params do { owner: 'nate', - db: 'natedb', + db: 'natedb' } end diff --git a/spec/defines/server/table_grant_spec.rb b/spec/defines/server/table_grant_spec.rb index 0fb0b86983..66c3624451 100644 --- a/spec/defines/server/table_grant_spec.rb +++ b/spec/defines/server/table_grant_spec.rb @@ -14,7 +14,7 @@ privilege: 'ALL', db: 'test', role: 'test', - table: 'foo', + table: 'foo' } end diff --git a/spec/defines/server/tablespace_spec.rb b/spec/defines/server/tablespace_spec.rb index f2dbfff732..a76eb4a392 100644 --- a/spec/defines/server/tablespace_spec.rb +++ b/spec/defines/server/tablespace_spec.rb @@ -11,7 +11,7 @@ let :params do { - location: '/srv/data/foo', + location: '/srv/data/foo' } end @@ -27,7 +27,7 @@ let :params do { location: '/srv/data/foo', - owner: 'test_owner', + owner: 'test_owner' } end @@ -38,7 +38,7 @@ let :params do { location: '/srv/data/foo', - manage_location: false, + manage_location: false } end diff --git a/spec/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb index 7d2cb9f08c..c428be4323 100644 --- a/spec/defines/validate_db_connection_spec.rb +++ b/spec/defines/validate_db_connection_spec.rb @@ -23,7 +23,7 @@ database_port: 5432, run_as: 'postgresq', sleep: 4, - tries: 30, + tries: 30 } end @@ -44,7 +44,7 @@ database_name: 'test', database_password: 'test', database_username: 'test', - database_port: 5432, + database_port: 5432 } end diff --git a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb index 3cb3d942fe..386f01d3e4 100644 --- a/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb +++ b/spec/functions/postgresql_postgresql_acls_to_resources_hash_spec.rb @@ -14,8 +14,8 @@ 'database' => 'all', 'user' => 'postgres', 'auth_method' => 'ident', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) end @@ -28,8 +28,8 @@ 'database' => 'all', 'user' => 'root', 'auth_method' => 'ident', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) end @@ -42,8 +42,8 @@ 'database' => 'all', 'user' => 'all', 'auth_method' => 'ident', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params(input_array, 'test', 100).and_return(result) end @@ -57,8 +57,8 @@ 'user' => 'all', 'address' => '127.0.0.1/32', 'auth_method' => 'md5', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) end @@ -72,8 +72,8 @@ 'user' => 'all', 'address' => '0.0.0.0/0', 'auth_method' => 'md5', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) end @@ -87,8 +87,8 @@ 'user' => 'all', 'address' => '::1/128', 'auth_method' => 'md5', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) end @@ -102,8 +102,8 @@ 'user' => 'all', 'address' => '1.1.1.1 255.255.255.0', 'auth_method' => 'md5', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) @@ -119,8 +119,8 @@ 'address' => '1.1.1.1 255.255.255.0', 'auth_method' => 'ldap', 'auth_option' => 'ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"', - 'order' => '100', - }, + 'order' => '100' + } } expect(subject).to run.with_params([input], 'test', 100).and_return(result) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e6f671ad84..1a8b68bde8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -13,7 +13,7 @@ default_facts = { puppetversion: Puppet.version, - facterversion: Facter.version, + facterversion: Facter.version } default_fact_files = [ diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 9230d92ad0..b54d1556cd 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -163,13 +163,13 @@ def param(type, title, param) 'release' => { 'full' => '33', 'major' => '33', - 'minor' => '33', + 'minor' => '33' }, - selinux: { 'enabled' => true }, + selinux: { 'enabled' => true } }, operatingsystem: 'Fedora', operatingsystemrelease: '33', - service_provider: 'systemd', + service_provider: 'systemd' } end end @@ -182,15 +182,15 @@ def param(type, title, param) name: 'Amazon', release: { 'full' => '1.0', - 'major' => '1', + 'major' => '1' }, - selinux: { 'enabled' => true }, + selinux: { 'enabled' => true } }, kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: true, - service_provider: 'redhat', + service_provider: 'redhat' } end end @@ -203,15 +203,15 @@ def param(type, title, param) name: 'Gentoo', release: { 'full' => 'unused', - 'major' => 'unused', + 'major' => 'unused' }, - selinux: { 'enabled' => false }, + selinux: { 'enabled' => false } }, kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', selinux: false, - service_provider: 'openrc', + service_provider: 'openrc' } end end diff --git a/spec/type_aliases/pg_hba_rules_spec.rb b/spec/type_aliases/pg_hba_rules_spec.rb index 7c3354b452..316de2f868 100644 --- a/spec/type_aliases/pg_hba_rules_spec.rb +++ b/spec/type_aliases/pg_hba_rules_spec.rb @@ -15,7 +15,7 @@ auth_method: 'md5', target: '/foo.conf', postgresql_version: '14', - order: 1, + order: 1 }, foo2: { description: 'pc', diff --git a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb index 8cd71e3913..ef18e65692 100644 --- a/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb @@ -5,7 +5,7 @@ describe Puppet::Type.type(:postgresql_conn_validator).provider(:ruby) do let(:resource) do Puppet::Type.type(:postgresql_conn_validator).new({ - name: 'testname', + name: 'testname' }.merge(attributes)) end let(:provider) { resource.provider } @@ -15,7 +15,7 @@ host: 'db.test.com', port: 4444, db_username: 'testuser', - db_password: 'testpass', + db_password: 'testpass' } end let(:connect_settings) do @@ -23,8 +23,8 @@ connect_settings: { PGPASSWORD: 'testpass', PGHOST: 'db.test.com', - PGPORT: '1234', - }, + PGPORT: '1234' + } } end diff --git a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb index a993b3b90b..9f2c3b55e1 100644 --- a/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ b/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb @@ -29,7 +29,7 @@ psql_user: 'spec_user', psql_group: 'spec_group', cwd: '/spec', - db: 'spec_db', + db: 'spec_db' } end @@ -46,7 +46,7 @@ describe 'with search_path string' do let(:attributes) do { - search_path: 'schema1', + search_path: 'schema1' } end @@ -62,7 +62,7 @@ describe 'with search_path array' do let(:attributes) do { - search_path: ['schema1', 'schema2'], + search_path: ['schema1', 'schema2'] } end diff --git a/spec/unit/puppet/type/postgresql_psql_spec.rb b/spec/unit/puppet/type/postgresql_psql_spec.rb index 650072822e..871645534d 100644 --- a/spec/unit/puppet/type/postgresql_psql_spec.rb +++ b/spec/unit/puppet/type/postgresql_psql_spec.rb @@ -36,7 +36,7 @@ refreshonly: :true, search_path: ['schema1', 'schema2'], connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1' }, + 'DBVERSION' => '9.1' } }.each do |attr, value| context attr do describe [attr] From c12e53c8996ed42253e8d8e183e27499c5958c9e Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Wed, 19 Apr 2023 17:56:14 +0100 Subject: [PATCH 0812/1000] (CONT-792) - Fix broken Acceptance --- .rubocop_todo.yml | 45 ++++++++++++++++++++++-------- lib/puppet/type/postgresql_psql.rb | 6 ++-- 2 files changed, 37 insertions(+), 14 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 48c14f7fb6..af25845765 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,3 +1,11 @@ +# This configuration was generated by +# `rubocop --auto-gen-config` +# on 2023-04-19 16:55:21 UTC using RuboCop version 1.48.1. +# The point is for the user to remove these configuration records +# one by one as the offenses are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of RuboCop, may require this file to be generated again. + # Offense count: 15 # This cop supports unsafe autocorrection (--autocorrect-all). Lint/BooleanSymbol: @@ -13,16 +21,22 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +Lint/RedundantCopEnableDirective: + Exclude: + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + # Offense count: 6 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. Metrics/AbcSize: - Max: 49 + Max: 48 -# Offense count: 8 +# Offense count: 7 # Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns, inherit_mode. # AllowedMethods: refine Metrics/BlockLength: - Max: 121 + Max: 119 # Offense count: 3 # Configuration parameters: AllowedMethods, AllowedPatterns. @@ -32,7 +46,7 @@ Metrics/CyclomaticComplexity: # Offense count: 6 # Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns. Metrics/MethodLength: - Max: 31 + Max: 29 # Offense count: 1 # Configuration parameters: CountKeywordArgs, MaxOptionalParameters. @@ -59,8 +73,7 @@ Naming/HeredocDelimiterNaming: - 'spec/defines/server/default_privileges_spec.rb' - 'spec/defines/server/grant_spec.rb' - -# Offense count: 104 +# Offense count: 101 # Configuration parameters: Prefixes, AllowedPatterns. # Prefixes: when, with, without RSpec/ContextWording: @@ -76,7 +89,6 @@ RSpec/DescribeClass: RSpec/ExampleLength: Max: 53 - # Offense count: 3 RSpec/ExpectInHook: Exclude: @@ -96,10 +108,6 @@ RSpec/FilePath: - 'spec/defines/server/instance/service.rb' - 'spec/unit/puppet/type/postgresql_conn_validator.rb' - -RSpec/NamedSubject: - Enabled: false - # Offense count: 2 RSpec/LeakyConstantDeclaration: Exclude: @@ -119,6 +127,12 @@ RSpec/MultipleExpectations: RSpec/MultipleMemoizedHelpers: Max: 18 +# Offense count: 208 +# Configuration parameters: EnforcedStyle, IgnoreSharedExamples. +# SupportedStyles: always, named_only +RSpec/NamedSubject: + Enabled: false + # Offense count: 1 # Configuration parameters: AllowedGroups. RSpec/NestedGroups: @@ -160,6 +174,15 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' +# Offense count: 3 +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: EnforcedStyle, AllowedMethods, AllowedPatterns. +# SupportedStyles: predicate, comparison +Style/NumericPredicate: + Exclude: + - 'spec/**/*' + - 'lib/puppet/type/postgresql_psql.rb' + # Offense count: 2 # Configuration parameters: AllowedMethods. # AllowedMethods: respond_to_missing? diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 2db3cd34b4..1fe67862e6 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -23,7 +23,7 @@ def retrieve def sync output, status = provider.run_sql_command(value) - raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status.zero? + raise("Error executing SQL; psql returned #{status}: '#{output}'") unless status.to_i.zero? end end @@ -38,7 +38,7 @@ def sync # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) - fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status.zero? # rubocop:disable Style/SignalException + fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status.to_i.zero? # rubocop:disable Style/SignalException result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'unless' clause") @@ -59,7 +59,7 @@ def matches(value) output, status = provider.run_unless_sql_command(value) status = output.exitcode if status.nil? - raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status.zero? + raise("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status.to_i.zero? result_count = output.strip.to_i debug("Found #{result_count} row(s) executing 'onlyif' clause") From a098797f8bd9e923d4b58f405b8cfa09d4d77c78 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Thu, 20 Apr 2023 14:38:29 +0100 Subject: [PATCH 0813/1000] (CONT-792) - Temp Acceptance Fix --- spec/spec_helper_acceptance_local.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index d6ef2bf3f6..b70a812737 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -16,9 +16,17 @@ def unindent RSpec.configure do |c| c.before :suite do install_dependencies + turn_off_strict_error end end +def turn_off_strict_error + # this is only temporary fix until we finish adding support for puppet 8 + # strict=warning is defaulted on puppet versions below 8, whereas puppet 8 has strict=error by default + # error is caused by 'onlyif_exists' in spec/acceptance/server/grant_spec.rb L78 (works when removed, but not what we want to test) + LitmusHelper.instance.run_shell("echo 'strict=warning\nstrict_variables=false' >> /etc/puppetlabs/puppet/puppet.conf") +end + def export_locales(locale) LitmusHelper.instance.run_shell('echo export PATH="/opt/puppetlabs/bin:$PATH" > ~/.bashrc') LitmusHelper.instance.run_shell('echo export LC_ALL="C" > /etc/profile.d/my-custom.lang.sh') From ababcf5c81fc4ae569a37b398e1093cb7b407a1c Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Thu, 20 Apr 2023 16:52:24 +0100 Subject: [PATCH 0814/1000] (CONT-792) - Correct Style/NumericPredicate --- .rubocop_todo.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index af25845765..5b4c7dc72a 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -174,15 +174,6 @@ Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' -# Offense count: 3 -# This cop supports unsafe autocorrection (--autocorrect-all). -# Configuration parameters: EnforcedStyle, AllowedMethods, AllowedPatterns. -# SupportedStyles: predicate, comparison -Style/NumericPredicate: - Exclude: - - 'spec/**/*' - - 'lib/puppet/type/postgresql_psql.rb' - # Offense count: 2 # Configuration parameters: AllowedMethods. # AllowedMethods: respond_to_missing? From 97c55f7063c60387d28b0390b1527ff4e5f61b4b Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Thu, 20 Apr 2023 16:59:41 +0100 Subject: [PATCH 0815/1000] (CONT-792) - Correct Lint/RedundantCopEnableDirective --- .rubocop_todo.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 5b4c7dc72a..0b099601f1 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -21,12 +21,6 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Lint/RedundantCopEnableDirective: - Exclude: - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - # Offense count: 6 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. Metrics/AbcSize: From 103e8b019e295c5ede74fe776e201cc6089322dd Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Fri, 21 Apr 2023 11:09:17 +0100 Subject: [PATCH 0816/1000] (maint) - Release prep v8.3.0 --- CHANGELOG.md | 2138 ++++++++++++++++++++++++------------------------- Rakefile | 1 - metadata.json | 2 +- 3 files changed, 1068 insertions(+), 1073 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d782ac47d..4d89dd0840 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,1445 +1,1441 @@ -# Change log + +# Changelog -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +All notable changes to this project will be documented in this file. -## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) (2022-08-23) +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). + +## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) - 2023-04-21 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.1...v8.3.0) + +### Added + +- convert ERB templates to EPP [#1399](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1399) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- (CONT-361) Syntax update [#1397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397) ([LukasAud](https://github.com/LukasAud)) +- Add multi instance support, refactoring reload.pp (6/x) [#1392](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1392) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring password.pp (5/x) [#1391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1391) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring late_initdb.pp (3/x) [#1384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1384) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring initdb.pp (2/x) [#1383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1383) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring config.pp (1/x) [#1382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1382) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- pg_hba_rule: Validate userinput in postgresql::server [#1376](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1376) ([bastelfreak](https://github.com/bastelfreak)) +- pg_hba_rule: Move `type` datatype to own type [#1375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1375) ([bastelfreak](https://github.com/bastelfreak)) +- pg_hba_rule does not properly verify address parameter [#1372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1372) ([tuxmea](https://github.com/tuxmea)) + +### Fixed + +- Ubuntu 14/16/17: Drop code leftovers [#1388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1388) ([bastelfreak](https://github.com/bastelfreak)) +- remove debian 8 and 9 corpses [#1387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1387) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Archlinux client and server package names were swapped around [#1381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1381) ([tobixen](https://github.com/tobixen)) +- apt::source: configure repo only for current architecture [#1380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1380) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - (CONT-189) Remove support for RedHat6 / OracleLinux6 / Scientific6 [#1371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1371) ([david22swan](https://github.com/david22swan)) +- pdksync - (CONT-130) - Dropping Support for Debian 9 [#1368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1368) ([jordanbreen28](https://github.com/jordanbreen28)) +- (maint) Codebase Hardening [#1366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1366) ([david22swan](https://github.com/david22swan)) +- Fix table grant with schema [#1315](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1315) ([vaol](https://github.com/vaol)) + +## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) - 2022-08-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.0...v8.2.1) ### Fixed -- Fix puppet-strings documentation [\#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) -- \(GH-1360\) Reverting REFERENCE.md changes [\#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) -- Only require password when used [\#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) +- Fix puppet-strings documentation [#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) +- (GH-1360) Reverting REFERENCE.md changes [#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) +- Only require password when used [#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) -## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-23) +## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) - 2022-08-23 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.1.0...v8.2.0) ### Added -- pdksync - \(GH-cat-11\) Certify Support for Ubuntu 22.04 [\#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) -- \(MODULES-11251\) Add support for backup provider "pg\_dump" [\#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) +- pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04 [#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) +- (MODULES-11251) Add support for backup provider "pg_dump" [#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) ### Fixed -- Ensure multiple postgresql::server::recovery resources can be defined [\#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) +- Ensure multiple postgresql::server::recovery resources can be defined [#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) -## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) (2022-07-21) +## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) - 2022-07-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.0.0...v8.1.0) ### Added -- Fix service status detection on Debian-based OSes [\#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) -- \(FM-8971\) allow deferred function for role pwd [\#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) -- Set version for Fedora 36 [\#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) -- Add Red Hat Enterprise Linux 9 support [\#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) +- Fix service status detection on Debian-based OSes [#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) +- (FM-8971) allow deferred function for role pwd [#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) +- Set version for Fedora 36 [#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) +- Add Red Hat Enterprise Linux 9 support [#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(GH-1352\) - Updating postgresql service version on SLES [\#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) -- Respect $service\_status on Red Hat-based distros [\#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) -- Add version for Ubuntu 22.04 [\#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) -- README.md: correct postgresql\_conn\_validator example [\#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) -- pdksync - \(GH-iac-334\) Remove Support for Ubuntu 14.04/16.04 [\#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) -- Remove unused variable in reload.pp [\#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) -- Use systemctl reload on EL 7 and higher [\#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) +- (GH-1352) - Updating postgresql service version on SLES [#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) +- Respect $service_status on Red Hat-based distros [#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) +- Add version for Ubuntu 22.04 [#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) +- README.md: correct postgresql_conn_validator example [#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - (GH-iac-334) Remove Support for Ubuntu 14.04/16.04 [#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) +- Remove unused variable in reload.pp [#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) +- Use systemctl reload on EL 7 and higher [#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) -## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-03) +## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) - 2022-03-03 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) -### Changed - -- Support setting default\_privileges on all schemas [\#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) - ### Added -- add default version for Fedora 35 [\#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) -- add scram-sha-256 support [\#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) -- add support for Ubuntu Hirsute and Impish [\#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) -- Allow systemd to mask postgresql service file [\#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) -- Make ::contrib a noop on OSes without a contrib package [\#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) -- pdksync - \(IAC-1753\) - Add Support for AlmaLinux 8 [\#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) -- MODULES-11201: add service\_name for Ubuntu 18.04 and later [\#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) -- pdksync - \(IAC-1751\) - Add Support for Rocky 8 [\#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) -- Default privileges support schemas [\#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) -- Support target\_role in default\_privileges [\#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) +- add default version for Fedora 35 [#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) +- add scram-sha-256 support [#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) +- add support for Ubuntu Hirsute and Impish [#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) +- Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) +- Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) +- pdksync - (IAC-1753) - Add Support for AlmaLinux 8 [#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) +- MODULES-11201: add service_name for Ubuntu 18.04 and later [#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) +- pdksync - (IAC-1751) - Add Support for Rocky 8 [#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) +- Default privileges support schemas [#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) +- Support target_role in default_privileges [#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) + +### Changed +- Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) ### Fixed -- pdksync - \(IAC-1787\) Remove Support for CentOS 6 [\#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) -- Fix python package name in RHEL/CentOS 8 [\#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) -- Drop further code for Debian 6 and Ubuntu 10 [\#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) +- pdksync - (IAC-1787) Remove Support for CentOS 6 [#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) +- Fix python package name in RHEL/CentOS 8 [#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) +- Drop further code for Debian 6 and Ubuntu 10 [#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) -## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-28) +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) - 2021-09-28 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.1...v7.5.0) ### Added -- Use Puppet-Datatype Sensitive for Passwords [\#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) +- Use Puppet-Datatype Sensitive for Passwords [#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) ### Fixed -- \(IAC-1598\) - Remove Support for Debian 8 [\#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) -- Inline file contents in the catalog [\#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) -- Fix changing default encoding [\#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) +- (IAC-1598) - Remove Support for Debian 8 [#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) +- Inline file contents in the catalog [#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) +- Fix changing default encoding [#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) -## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) (2021-08-25) +## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) - 2021-08-25 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.0...v7.4.1) ### Fixed -- \(maint\) Allow stdlib 8.0.0 [\#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) +- (maint) Allow stdlib 8.0.0 [#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) -## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) (2021-08-24) +## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) - 2021-08-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.3.0...v7.4.0) ### Added -- pdksync - \(IAC-1709\) - Add Support for Debian 11 [\#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) +- pdksync - (IAC-1709) - Add Support for Debian 11 [#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) ### Fixed -- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [\#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) +- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) -## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) (2021-08-03) +## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) - 2021-08-03 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.2.0...v7.3.0) ### Added -- MODULES-11049 - Implement default privileges changes [\#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) +- MODULES-11049 - Implement default privileges changes [#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) ### Fixed -- Do not add version component to repo definition [\#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) -- \(MODULES-8700\) Autorequire the service in postgresql\_psql [\#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) +- Do not add version component to repo definition [#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) +- (MODULES-8700) Autorequire the service in postgresql_psql [#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) -## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-24) +## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) - 2021-05-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.1.0...v7.2.0) ### Added -- \(MODULES-11069\) add default version for fedora 34 [\#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) -- MODULES-11047 - Allow managing rights for PUBLIC role [\#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) +- (MODULES-11069) add default version for fedora 34 [#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) +- MODULES-11047 - Allow managing rights for PUBLIC role [#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) -## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) (2021-04-12) +## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) - 2021-04-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.3...v7.1.0) ### Added -- Add new common repo which contains add-ons [\#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) +- Add new common repo which contains add-ons [#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) -## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) (2021-04-12) +## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) - 2021-04-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.2...v7.0.3) -## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) (2021-03-15) +## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) - 2021-03-15 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.1...v7.0.2) ### Fixed -- \(MODULES-10957\) Override the set\_sensitive\_parameters method [\#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) +- (MODULES-10957) Override the set_sensitive_parameters method [#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) -## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) (2021-03-08) +## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) - 2021-03-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.0...v7.0.1) ### Fixed -- Ensure port is a string in psql command [\#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) +- Ensure port is a string in psql command [#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) -## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) (2021-03-04) +## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) - 2021-03-04 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) -### Changed - -- pdksync - \(MAINT\) Remove SLES 11 support [\#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) - ### Added -- Add DNF module management [\#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) +- Add DNF module management [#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) -## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) (2021-02-22) +### Changed +- pdksync - (MAINT) Remove SLES 11 support [#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - (MAINT) Remove RHEL 5 family support [#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) + +## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) - 2021-02-22 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) ### Fixed -- Fix command shell escaping [\#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) +- Fix command shell escaping [#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) -## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) (2021-02-09) +## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) - 2021-02-09 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.0...v6.10.1) -### Fixed - -- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) - -## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-08) +## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) - 2021-02-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.9.0...v6.10.0) ### Added -- Set default PostgreSQL version for FreeBSD [\#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) -- Clean up globals logic to support CentOS 8 stream [\#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) +- Set default PostgreSQL version for FreeBSD [#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) +- Clean up globals logic to support CentOS 8 stream [#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(bug\) fix systemd daemon-reload order when updating service files [\#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) -- Fix postgresql::sql task when password is not set [\#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) +- Also perform systemd daemon-reload on Puppet 6.1+ [#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) +- (bug) fix systemd daemon-reload order when updating service files [#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) +- Fix postgresql::sql task when password is not set [#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) -## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) (2021-01-18) +## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) - 2021-01-18 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.8.0...v6.9.0) ### Added -- pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) -- Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) +- pdksync - (feat) - Add support for puppet 7 [#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) +- Manage postgresql_conf_path file permissions [#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(maint\) updated defaults for rhel7 policycoreutils [\#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) -- \(IAC-1189\) - Fix for SLES 15 SP 1 and later [\#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) -- Change - Use systemd drop-in directory for unit overrides [\#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) +- (maint) updated defaults for rhel7 policycoreutils [#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) +- (IAC-1189) - Fix for SLES 15 SP 1 and later [#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) +- Change - Use systemd drop-in directory for unit overrides [#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) -## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) (2020-09-28) +## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) - 2020-09-29 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.7.0...v6.8.0) ### Added -- add hostgssenc type to pg\_hba rules [\#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) -- Allow removal of config\_entries via main class [\#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) +- add hostgssenc type to pg_hba rules [#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) +- Allow removal of config_entries via main class [#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) ### Fixed -- Fix contrib package name under debian 10 [\#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) +- Fix contrib package name under debian 10 [#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) -## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) (2020-08-28) +## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) - 2020-08-28 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) ### Added -- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) +- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch `main` [#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) -### Fixed - -- Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) - -## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) (2020-06-02) +## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) - 2020-06-22 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.5.0...v6.6.0) ### Added -- \(IAC-746\) - Add ubuntu 20.04 support [\#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) +- (IAC-746) - Add ubuntu 20.04 support [#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) ### Fixed -- Fix custom port in extension [\#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) +- Invert psql/package dependency logic [#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) +- Fix custom port in extension [#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) -## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) (2020-05-13) +## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) - 2020-05-13 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.4.0...v6.5.0) ### Added -- service\_ensure =\> true is now an allowed value \(aliased to running\) [\#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) -- Finish conversion of `postgresql_acls_to_resources_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) -- Allow usage of grant and role when not managing postgresql::server [\#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) -- Add version configs for SLES 12 SP 3 to 5 [\#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) -- Add extra parameter "extra\_systemd\_config" [\#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) +- service_ensure => true is now an allowed value (aliased to running) [#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) +- Finish conversion of `postgresql_acls_to_resources_hash` function [#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_escape` function [#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_password` function [#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) +- Allow usage of grant and role when not managing postgresql::server [#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) +- Add version configs for SLES 12 SP 3 to 5 [#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) +- Add extra parameter "extra_systemd_config" [#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) ### Fixed -- \(MODULES-10610\) Use correct lower bound for concat version [\#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) +- (MODULES-10610) Use correct lower bound for concat version [#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) -## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) (2020-03-17) +## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) - 2020-03-17 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.3.0...v6.4.0) ### Added -- Add Fedora 31 compatibility [\#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) -- feat: enable different database resource name in extension [\#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) -- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) -- Puppet 4 functions [\#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) +- Add Fedora 31 compatibility [#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) +- feat: enable different database resource name in extension [#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) +- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored [#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) +- Puppet 4 functions [#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) ### Fixed -- Fix incorrectly quoted GRANT cmd on functions [\#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) -- Correct versioncmp logic in config.pp [\#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) -- Treat $version as an integer for comparison, defaults to string [\#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) -- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) -- fix missing systemd override config for EL8 \(CentOS and RHEL\) [\#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) +- Fix incorrectly quoted GRANT cmd on functions [#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) +- Correct versioncmp logic in config.pp [#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) +- Treat $version as an integer for comparison, defaults to string [#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) +- Allow usage of PUBLIC role [#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) +- fix missing systemd override config for EL8 (CentOS and RHEL) [#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) -## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-18) +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) - 2019-12-18 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.3.0) ### Added -- Add support for granting privileges on functions [\#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) -- \(FM-8679\) - Support added for CentOS 8 [\#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) -- MODULES-10041 - allow define password\_encryption for version above 10 [\#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) +- Add support for granting privileges on functions [#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) +- (FM-8679) - Support added for CentOS 8 [#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) +- MODULES-10041 - allow define password_encryption for version above 10 [#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) ### Fixed -- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) +- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) -## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) +## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) - 2019-09-13 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) ### Added -- FM-8408 - add support on Debian10 [\#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) -- Fix/directory defined twice [\#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) -- Adding SLES 15 [\#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) -- \(FM-7500\) conversion to use litmus [\#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) +- FM-8408 - add support on Debian10 [#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) +- Fix/directory defined twice [#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) +- Adding SLES 15 [#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) +- (FM-7500) conversion to use litmus [#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) ### Fixed -- \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) -- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) -- Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) -- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) +- (MODULES-9658) - custom ports are not labeled correctly [#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) +- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) +- Grant all tables in schema fixup [#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) +- (MODULES-9219) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) -## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) +## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) - 2019-06-04 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.0.0...v6.1.0) ### Added -- \(FM-8031\) Add RedHat 8 support [\#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) +- (FM-8031) Add RedHat 8 support [#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) -## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) (2019-05-14) +## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) - 2019-05-14 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) -### Changed - -- pdksync - \(MODULES-8444\) - Raise lower Puppet bound [\#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) -- \(maint\) remove inconsistent extra variable [\#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) - ### Added -- Add Fedora 30 compatibility [\#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) -- Include EL8 version for config checks [\#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) +- Add Fedora 30 compatibility [#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) +- Include EL8 version for config checks [#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) + +### Changed +- pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) +- (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) ### Fixed -- Support current version of puppetlabs/apt. [\#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) -- change username/group/datadir defaults for FreeBSD [\#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) +- Support current version of puppetlabs/apt. [#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) +- change username/group/datadir defaults for FreeBSD [#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) -## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) (2019-02-14) +## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) - 2019-02-14 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.0...5.12.1) ### Fixed -- \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) -- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) +- (FM-7811) - Use postgresql 9.4 for SLES 11 sp4 [#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) +- (MODULES-8553) Further cleanup for package tag issues [#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) -## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) +## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) - 2019-02-01 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.11.0...5.12.0) ### Added -- \(MODULES-3804\) Fix sort order of pg\_hba\_rule entries [\#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) +- (MODULES-3804) Fix sort order of pg_hba_rule entries [#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) ### Fixed -- \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) -- \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) -- pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) +- (MODULES-8553) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) +- (MODULES-8352) Don't use empty encoding string on initdb [#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) +- pdksync - (FM-7655) Fix rubygems-update for ruby < 2.3 [#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) -## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) (2018-11-21) +## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) - 2018-11-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.10.0...5.11.0) ### Added -- Add postgis support for postgres 10 [\#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) +- Add postgis support for postgres 10 [#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) ### Fixed -- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) -- Ignore .psqlrc so output is clean and doesn't break Puppet [\#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) -- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [\#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) +- Strip quotes from role names [#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) +- Ignore .psqlrc so output is clean and doesn't break Puppet [#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) +- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) -## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) (2018-09-27) +## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) - 2018-09-27 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.9.0...5.10.0) ### Added -- pdksync - \(MODULES-6805\) metadata.json shows support for puppet 6 [\#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) +- pdksync - (MODULES-6805) metadata.json shows support for puppet 6 [#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) -## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) (2018-09-06) +## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) - 2018-09-07 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.8.0...5.9.0) ### Added -- pdksync - \(MODULES-7705\) - Bumping stdlib dependency from \< 5.0.0 to \< 6.0.0 [\#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) +- pdksync - (MODULES-7705) - Bumping stdlib dependency from < 5.0.0 to < 6.0.0 [#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) -## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) +## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) - 2018-08-07 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) ### Added -- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [\#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) +- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) -## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) (2018-07-19) +## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) - 2018-07-20 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.6.0...5.7.0) ### Added -- \(MODULES-7479\) Update postgresql to support Ubuntu 18.04 [\#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) -- \(MODULES-6542\) - Adding SLES 11 & 12 to metadata [\#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-7479) Update postgresql to support Ubuntu 18.04 [#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) +- (MODULES-6542) - Adding SLES 11 & 12 to metadata [#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) ### Fixed -- \(MODULES-7479\) Ensure net-tools is installed when testing on Ubuntu 18.04 [\#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) -- \(MODULES-7460\) - Updating grant table to include INSERT privileges [\#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) -- Fix packages choice for ubuntu 17.10 [\#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) +- (MODULES-7479) Ensure net-tools is installed when testing on Ubuntu 18.04 [#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) +- (MODULES-7460) - Updating grant table to include INSERT privileges [#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) +- Fix packages choice for ubuntu 17.10 [#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) -## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) (2018-06-20) +## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) - 2018-06-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.5.0...5.6.0) -### Changed +## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) - 2018-06-19 -- Fix creation of recovery.conf file when recovery configuration is not specified [\#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) ### Added -- Add compatibility for Fedora 28 [\#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) -- \(MODULES-5994\) Add debian 9 [\#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) -- Adding default Postgresql version for Ubuntu 18.04 [\#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) - -### Fixed +- Add compatibility for Fedora 28 [#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) +- (MODULES-5994) Add debian 9 [#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) +- Adding default Postgresql version for Ubuntu 18.04 [#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) +- Parameters `roles`, `config_entires`, and `pg_hba_rules` to `postgresql::server` for hiera [#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) -- Fix quoting on schema owners [\#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) - -## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-06) - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) +### Changed +- Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) -### Added +### Fixed -- Parameters `roles`, `config_entires`, and `pg_hba_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) +- Fix quoting on schema owners [#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) -## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-22) +## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) - 2018-03-27 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.3.0...5.4.0) ### Added -- \(MODULES-6330\) PDK convert 1.4.1 [\#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) -- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) +- (MODULES-6330) PDK convert 1.4.1 [#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) +- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database_grant` [#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) ### Fixed -- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) - -## 5.3.0 -### Summary -Implements rubocop changes within the module, alongside other smaller changes. - -#### Added -- ensure=>absent added to postgresql::server:role. -- Support added for Fedora 27. -- scram-sha-256 added as a valid ph_hba_rule auth method. -- 9.6 settings inherited for later PgSQL versions on FreeBSD. -- A require has been added for puppet. - -#### Changed -- Changes made to avoid the useless loading of files by augeas. -- Modulesync changes. -- psql_path defaulted to postgresql::server::psql_path. -- Rubocop changes have been made. - -#### Removed -- Debian 9 support deprecated. - -## Supported Release 5.2.1 -### Summary -Bug fix for issue introduced in 5.2.0 - -#### Fixed -- issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) - -## Supported Release 5.2.0 -### Summary -Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. - -#### Added -- Added default postgresql version of Ubuntu 17.4 version to the globals.pp file. -- Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. -- Use postgresql 9.6 for the newest SLES and openSUSE releases. -- Enhanced --data-checksums on initdb. -- Added support for Debian version 9. -- Added a `version` parameter. - -#### Changed -- Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. -- Installation method for apt in the spec_helper_acceptance, this is a temporary workaround due to issues with module installation. - -#### Fixed -- Updated spec tests to remove deprecation warnings. -- Docs formatting. -- Pass default_connect_settings to validate service ([MODULES-4682](https://tickets.puppetlabs.com/browse/MODULES-4682)) -- Rocket Alignment for Lint. -- Fixed changes in error messages in tests ([MODULES-5378](https://tickets.puppetlabs.com/browse/MODULES-5378)) - -#### Removed -- Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) -- Removed unsupported Debian version 6. -- Removed numeric order override. - -## Supported Release 5.1.0 -### Summary -This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. - -#### Features -- Updating translations for readmes/README_ja_JP.md -- add defined type postgresql::server::reassign_owned_by -- Allow order parameter to be string value -- prep for puppet 5 ([MODULES-5144](https://tickets.puppetlabs.com/browse/MODULES-5144)) -- add data_checksums option to initdb -- parameter ensure of custom resource postgresql_replication_slot is not documented ([MODULES-2989](https://tickets.puppetlabs.com/browse/MODULES-2989)) - -#### Bug Fixes -- Adding a space for header formatting -- use https for apt.postgresql.org repo -- msync puppet 5 and ruby 2.4 ([MODULES-5197](https://tickets.puppetlabs.com/browse/MODULES-5187)) -- Only run test on postgresql >= 9.0 ([FM-6240](https://tickets.puppetlabs.com/browse/FM-6240)) -- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash - -## Supported Release 5.0.0 -### Summary -This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. - -#### Added -- `locales/` directory, .pot file, and i18n `config.yaml`. ([FM-6116](https://tickets.puppet.com/browse/FM-6116)) -- `update_password` parameter to toggle password management per role. -- **Puppet 4** type validation. -- new `postgresql_conn_validator` custom type and deprecated `validate_db_connection`. ([MODULES-1394](https://tickets.puppet.com/browse/MODULES-1394)) - -#### Changed -- default postgis versions in postgresql::globals to use newer versions. -- puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) -- default value for `log_line_prefix` to `undef`. -- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. -- use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. -- lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) - -#### Fixed -- deprecated apt::source parameters(`key`,`key_source`, & `include_src`). -- default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) -- use of force parameter on concat resources. - -## Supported Release 4.9.0 -### Summary -This release adds several types and, among other bugs, fixes an issue with the yum URL. - -#### Features -- Modifying ownership of databases and schemas now available (MODULES-3247) -- Use `module_workdir` to specify a custom directory in which to execute psql commands -- `grant_role` and `grant` types added! -- Support for parallel unit testing (parallel_tests) -- Override download/installation repo URL with `repo_baseurl` -- Set your timezone with `timezone` -- Grant privileges on LANGUAGEs -- Added support for Debian Stretch and Ubuntu Yakkety Yak - -#### Bugfixes -- Usernames and passwords are now converted to strings before password hash is created -- Specify default database name if it is not the username -- Update to yum repo -- Schema name conflicts fix - -## Supported Release 4.8.0 -### Summary -This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. - -#### Features -- Add `default_connect_settings` parameter to `postgresql::server` -- Running under strict variables is now supported -- Add timestamps into logs by default - -#### Bugfixes -- Obscure password in postgresql\_psql type -- Fix ip address quoting in postgresql\_conf type -- Fix handling of systemd service on Ubuntu -- Mark log_min_duration_statement setting as requiring a service restart -- Add fixes for Fedora 23, Fedora 24, FreeBSD, OpenBSD -- Fix environment handling to avoid "Overriding environment setting" message -- Work around PUP-6385, using empty arrays instead of undef when specifying resource relationships -- README editorial pass -- Reduce whitespace in templates -- Update build/test infrastructure - -## Supported Release 4.7.1 -### Summary -This release contains some bugfixes and documentation updates. - -#### Bugfixes -- (MODULES-3024) Quote database objects when creating databases. -- Properly escape case where password ends with '$'. -- Fixes password change when postgres is configure to non-standard port. -- Unpins concat dependency to be able to use concat 2.x. -- Workaround to fix installing on Amazon Linux. -- Fixes proper defaulting of `$service_provider` parameter. -- Fixes postgres server init script naming on Amazon Linux. -- Fixes service reload parameter on Arch Linux. -- Adds missing onlyif_function to sequence grant code. -- Fixes to the markdown of the README. - -## Supported Release 4.7.0 -### Summary -A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. - -#### Features -- Remote DB support - Connection-settings allows a hash of options that can be used when connecting to a remote DB. -- Debian 8 support. -- Updated systemd-override to support fedora and CentOS paths. -- Adds the ability to define the extension name separately from the title of the resource, which allows you to add the extension to more than one database. -- Added parameter to disable automatic service restarts on config changes. -- Ubuntu 15.10 compatibility. -- OpenBSD version is now 9.4. -- Added .gitattributes to maintain line endings for .sh and .rb files. -- Adds default postgis version for 9.5. -- Allows float postgresql_conf values. -- Schedule apt update after install of repo. - -#### Bugfixes -- Fixed systemd-override for RedHat systems with unmanaged Yum repos. -- Removed inherits postgresql::params. -- Multi-node tests are now not ran by default. -- Change apt::pin to apt_postgresql_org to prevent error message. -- Removed syntax error near UTF8. -- Removal of extra blanks and backslashes in README. -- Double quotes now used around database name to prevent syntax error. -- Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. -- Fixed paths to work on Amazon Linux. -- Fixed quotes around locale options. -- Huge README update. -- Update to use current msync configs. -- Fixes postgresql::server acceptance test descriptions. - -## Supported Release 4.6.1 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-09-01 - Supported Release 4.6.0 -### Summary -This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. - -#### Features -- Support setting a proxy for yum operations -- Allow for undefined PostGIS version -- Decouple pg_hba_rule from postgresql::server - -#### Bugfixes -- Fix postgis default package name on RedHat - -## 2015-07-27 - Supported Release 4.5.0 -### Summary -This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to -the psql resource. - -### Features -- Add `onlyif` parameter to `postgresql_psql` -- Add unsupported compatibility with Ubuntu 15.04 -- Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 -- Add `postgresql::server::grant::onlyif_exists` attribute -- Add `postgresql::server::table_grant::onlyif_exists` attribute -- Add granting permissions on sequences - -### Bugfixes -- Added docs for `postgresql::server::grant` -- Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls -- Fix 9.4 for `postgresql::server::pg_hba_rule` - -## 2015-07-07 - Supported Release 4.4.2 -### Summary -This release fixes a bug introduced in 4.4.0. - -#### Bugfixes -- Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) - -## 2015-07-01 - Supported Release 4.4.1 -### Summary -This release fixes RHEL 7 & Fedora with manage_package_repo switched on. - -#### Bugfixes -- Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 - -## 2015-06-30 - Supported Release 4.4.0 -### Summary -This release has several new features, bugfixes, and test improvements. - -#### Features -- Adds a resource to manage recovery.conf. -- Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. -- Adds support for plpython package management. -- Adds support for postgresql-docs management. -- Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) -- Updates puppetlabs-apt module dependency to support version 2.1.0. - -#### Bugfixes -- Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser -- Fix setting postgres role password (MODULES-1869) -- Fix execution command with puppet <3.4 (MODULES-1923) -- Fix Puppet.newtype deprecation warning (MODULES-2007) -- Fix systemd override for manage_repo package versions -- Fix Copy snakeoil certificate and key instead of symlinking - -#### Test Improvements -- Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. -- Enables Unit testing on Travis CI with Puppet 4. -- Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. - -## 2015-03-24 - Supported Release 4.3.0 -### Summary -This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. - -#### Features -- Add `postgresql::server::logdir` parameter to manage the logdir -- Add `environment` parameter to `postgresql_psql` -- Add `postgresql_replication_slot` custom resource - -#### Bugfixes -- Fix for Puppet 4 -- Don't print postgresql\_psql password in command -- Allow `postgresql::validate_db_connection` for more than one host+port+database combo -- Fix service command on Debian 8 and up -- Fix `postgresql::server::extension` to work with custom user/group/port -- Fix `postgresql::server::initdb` to work with custom user/group/port -- Fix changing template1 encoding -- Fix default `postgresql::server::grant::object_name` value -- Fix idempotency of granting all tables in schema with `puppet::server::grant` -- Fix lint warnings -- Fix apt key to use 40 character key and bump puppetlabs-apt to >= 1.8.0 < 2.0.0 - - -##2015-03-10 - Supported Release 4.2.0 -###Summary - -This release has several new features including support for server extensions, improved grant support, and a number of bugfixes. - -####Features -- Changes to support OpenBSD -- Add `service_reload` parameter to `postgresql::server` -- Add `comment` parameter to `postgresql::server::database` (MODULES-1153) -- Add `postgresql::server::extension` defined type -- Add postgresql versions for utopic and jessie -- Update `postgresql::server::grant` to support 'GRANT SCHEMA' and 'ALL TABLES IN SCHEMA' - -####Bugfixes -- Lint cleanup -- Remove outdated upgrade info from README -- Use correct TCP port when checking password -- Create role before database -- Fix template1 encoding on Debian -- Require server package before user permissions -- Fix `service_status` default for FreeBSD to allow PostgreSQL to start the first run -- Fix invalid US-ASCII byte sequence in `postgresql::server::grant` comments -- Reverted to default behavior for Debian systems as `pg_config` should not be overwritten (MODULES-1485) - -##2014-11-04 - Supported Release 4.1.0 -###Summary - -This release adds the ability to change the PGDATA directory, and also includes documentation and test updates, future parser support, and a few other new features. - -####Features -- Future parser support -- Documentation updates -- Test updates -- Add a link from `/etc/sysconfig/pgsql/postgresql-${version}` to `/etc/sysconfig/pgsql/postgresql` to support init scripts from the postgresql.org repo -- Add support for changing the PGDATA directory -- Set default versions for Fedora 21 and FreeBSD - -##2014-09-03 - Supported Release 4.0.0 -###Summary - -This release removes the uninstall ability from the module, removes the firewall -management, overhauls all of the acceptance testing, as well as adds better -support for SuSE and Fedora. - -###Backwards Incompatible changes. - -- Uninstall code removal. -- Firewall management for Postgres. -- Set manage_pg_ident_conf to true. - -####Uninstallation removal - -We rely heavily on the ability to uninstall and reinstall postgres throughout -our testing code, testing features like "can I move from the distribution -packages to the upstream packages through the module" and over time we've -learnt that the uninstall code simply doesn't work a lot of the time. It -leaves traces of postgres behind or fails to remove certain packages on Ubuntu, -and generally causes bits to be left on your system that you didn't expect. - -When we then reinstall things fail because it's not a true clean slate, and -this causes us enormous problems during test. We've spent weeks and months -working on these tests and they simply don't hold up well across the full range -of PE platforms. - -Due to all these problems we've decided to take a stance on uninstalling in -general. We feel that in 2014 it's completely reasonable and normal to have a -good provisioning pipeline combined with your configuration management and the -"correct" way to uninstall a fully installed service like postgresql is to -simply reprovision the server without it in the first place. As a general rule -this is how I personally like to work and I think is a good practice. - -####I'm not OK with this! - -We understand that there are environments and situations in which it's not easy -to do that. What if you accidently deployed Postgres on 100,000 nodes? In the -future we're going to take a look at building some example 'profiles' to be -found under examples/ within this module that can uninstall postgres on popular -platforms. These can be modified and used in your specific case to uninstall -postgresql. They will be much more brute force and reliant on deleting entire -directories and require you to do more work up front in specifying where things -are installed but we think it'll prove to be a much cleaner mechanism for this -kind of thing rather than trying to weave it into the main module logic itself. - -####Features -- Removal of uninstall. -- Removal of firewall management. -- Tests ported to rspec3. -- Acceptance tests rewritten. -- Add a defined type for creating database schemas. -- Add a pg_ident_rule defined type. -- Set manage_pg_ident_conf to true. -- Manage pg_ident.conf by default. -- Improve selinux support for tablespace. -- Remove deprecation warnings. -- Support changing PGDATA on RedHat. -- Add SLES 11 support. - -####Bugfixes -- Link pg_config binary into /usr/bin. -- Fix fedora support by using systemd. -- Initdb should create xlogdir if set. -- Use a regular expression to match the major OS version on Ubuntu. - -##2014-07-31 - Supported Release 3.4.2 -###Summary - -This release fixes recent Fedora versions. - -####Features -####Bugfixes -- Fix Fedora. - -##2014-07-15 - Supported Release 3.4.1 -###Summary - -This release merely updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. - -##2014-04-14 - Supported Release 3.4.0 -###Summary - -This feature rolls up several important features, the biggest being PostGIS -handling and allowing `port` to be set on postgresql::server in order to -change the port that Postgres listens on. We've added support for RHEL7 -and Ubuntu 14.04, as well as allowing you to manage the service via -`service_ensure` finally. - -####Features -- Added `perl_package_name` for installing bindings. -- Added `service_ensure` for allowing control of services. -- Added `postgis_version` and postgis class for installing postgis. -- Added `port` for selecting the port Postgres runs on. -- Add support for RHEL7 and Ubuntu 14.04. -- Add `default_db` to postgresql::server::database. -- Widen the selection of unquoted parameters in postgresql_conf{} -- Require the service within postgresql::server::reload for RHEL7. -- Add `inherit` to postgresql::server::role. - -####Bugfixes - -##2014-03-04 - Supported Release 3.3.3 -###Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -####Features -####Bugfixes -####Known Bugs -* SLES is not supported. - -##2014-03-04 - Supported Release 3.3.2 -###Summary -This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. - -####Bugfixes -- Correct psql path when setting password on custom versions. -- Documentation updates -- Test updates - -####Known Bugs -* SLES is not supported. - - -##2014-02-12 - Version 3.3.1 -####Bugfix: -- Allow dynamic rubygems host - - -##2014-01-28 - Version 3.3.0 - -###Summary - -This release rolls up a bunch of bugfixes our users have found and fixed for -us over the last few months. This improves things for 9.1 users, and makes -this module usable on FreeBSD. - -This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues -thanks to Puppet::Util::SUIDManager.run_and_capture. - -####Features - - Add lc_ config entry settings - - Can pass template at database creation. - - Add FreeBSD support. - - Add support for customer `xlogdir` parameter. - - Switch tests from rspec-system to beaker. (This isn't really a feature) - -####Bugfixes - - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. - - Fix NOREPLICATION option for Postgres 9.1 - - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf - - Add $postgresql::server::client_package_name, referred to by install.pp - - Add missing service_provider/service_name descriptions in ::globals. - - Fix several smaller typos/issues throughout. - - Exec['postgresql_initdb'] needs to be done after $datadir exists - - Prevent defined resources from floating in the catalog. - - Fix granting all privileges on a table. - - Add some missing privileges. - - Remove deprecated and unused concat::fragment parameters. - - -##2013-11-05 - Version 3.2.0 - -###Summary - -Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. - -####Features -- Add versions for Ubuntu 13.10 and 14.04. -- Use default_database in validate_db_connection instead of a hardcoded -'postgres' -- Add globals/params layering for default_database. -- Allow specification of default database name. - -####Bugs -- Fixes to the README. - - -##2013-10-25 - Version 3.1.0 - -###Summary - -This is a minor feature and bug fix release. - -Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. +- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. [#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) -The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. +## [5.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.3.0) - 2018-02-26 -And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.1...5.3.0) -####Features -- Defined $default_version for Fedora 17 (Bret Comnes) -- add search_path attribute to postgresql_psql resource (Jeremy Kitchen) -- (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) - -####Bugs -- enabling defined postgres user password without resetting on every puppet run (jonoterc) -- periods are valid in configuration variables also (Jeremy Kitchen) -- Add zero length string to join() function (Jarl Stefansson) -- add require of install to reload class (cdenneen) -- (GH-198) Fix race condition on postgresql startup (Ken Barber) -- Remove concat::setup for include in preparation for the next concat release (Ken Barber) - - -##2013-10-14 - Version 3.0.0 - -Final release of 3.0, enjoy! - - -##2013-10-14 - Version 3.0.0-rc3 - -###Summary - -Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well -as allowing owner to be passed into x. - -####Features -- `manage_pg_hba_conf` parameter added to control pg_hba.conf management. -- `owner` parameter added to server::db. - - -##2013-10-09 - Version 3.0.0-rc2 - -###Summary - -A few bugfixes have been found since -rc1. - -####Fixes -- Special case for $datadir on Amazon -- Fix documentation about username/password for the postgresql_hash function - - -##2013-10-01 - Version 3.0.0-rc1 - -###Summary - -Version 3 was a major rewrite to fix some internal dependency issues, and to -make the new Public API more clear. As a consequence a lot of things have -changed for version 3 and older revisions that we will try to outline here. - -(NOTE: The format of this CHANGELOG differs to normal in an attempt to -explain the scope of changes) - -* Server specific objects now moved under `postgresql::server::` namespace: - -To restructure server specific elements under the `postgresql::server::` -namespaces the following objects were renamed as such: - -`postgresql::database` -> `postgresql::server::database` -`postgresql::database_grant` -> `postgresql::server::database_grant` -`postgresql::db` -> `postgresql::server::db` -`postgresql::grant` -> `postgresql::server::grant` -`postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` -`postgresql::plperl` -> `postgresql::server::plperl` -`postgresql::contrib` -> `postgresql::server::contrib` -`postgresql::role` -> `postgresql::server::role` -`postgresql::table_grant` -> `postgresql::server::table_grant` -`postgresql::tablespace` -> `postgresql::server::tablespace` - -* New `postgresql::server::config_entry` resource for managing configuration: - -Previously we used the `file_line` resource to modify `postgresql.conf`. This -new revision now adds a new resource named `postgresql::server::config_entry` -for managing this file. For example: - -```puppet - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } -``` - -If you were using `file_line` for this purpose, you should change to this new -methodology. - -* `postgresql_puppet_extras.conf` has been removed: - -Now that we have a methodology for managing `postgresql.conf`, and due to -concerns over the file management methodology using an `exec { 'touch ...': }` -as a way to create an empty file the existing postgresql\_puppet\_extras.conf -file is no longer managed by this module. - -If you wish to recreate this methodology yourself, use this pattern: - -```puppet - class { 'postgresql::server': } - - $extras = "/tmp/include.conf" - - file { $extras: - content => 'max_connections = 123', - notify => Class['postgresql::server::service'], - }-> - postgresql::server::config_entry { 'include': - value => $extras, - } -``` - -* All uses of the parameter `charset` changed to `encoding`: - -Since PostgreSQL uses the terminology `encoding` not `charset` the parameter -has been made consisent across all classes and resources. - -* The `postgresql` base class is no longer how you set globals: - -The old global override pattern was less then optimal so it has been fixed, -however we decided to demark this properly by specifying these overrides in -the class `postgresql::global`. Consult the documentation for this class now -to see what options are available. - -Also, some parameter elements have been moved between this and the -`postgresql::server` class where it made sense. - -* `config_hash` parameter collapsed for the `postgresql::server` class: - -Because the `config_hash` was really passing data through to what was in -effect an internal class (`postgresql::config`). And since we don't want this -kind of internal exposure the parameters were collapsed up into the -`postgresql::server` class directly. - -* Lots of changes to 'private' or 'undocumented' classes: - -If you were using these before, these have changed names. You should only use -what is documented in this README.md, and if you don't have what you need you -should raise a patch to add that feature to a public API. All internal classes -now have a comment at the top indicating them as private to make sure the -message is clear that they are not supported as Public API. - -* `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: - -The defaults should be good enough for most cases (if not raise a bug) but if -you simply need an escape hatch, this setting will turn off the defaults. If -you want to do this, it may affect the rest of the module so make sure you -replace the rules with something that continues operation. - -* `postgresql::database_user` has now been removed: - -Use `postgresql::server::role` instead. - -* `postgresql::psql` resource has now been removed: - -Use `postgresql_psql` instead. In the future we may recreate this as a wrapper -to add extra capability, but it will not match the old behaviour. - -* `postgresql_default_version` fact has now been removed: - -It didn't make sense to have this logic in a fact any more, the logic has been -moved into `postgresql::params`. - -* `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: - -The older concat module is now deprecated and moved into the -`puppetlabs/concat` namespace. Functionality is more or less identical, but -you may need to intervene during the installing of this package - as both use -the same `concat` namespace. - ---- -##2013-09-09 Release 2.5.0 - -###Summary - -The focus of this release is primarily to capture the fixes done to the -types and providers to make sure refreshonly works properly and to set -the stage for the large scale refactoring work of 3.0.0. - -####Features +### Fixed +- defaulted psql_path to postgresql::server::psql_path [#947](https://github.com/puppetlabs/puppetlabs-postgresql/pull/947) ([crayfishx](https://github.com/crayfishx)) -####Bugfixes -- Use boolean for refreshonly. -- Fix postgresql::plperl documentation. -- Add two missing parameters to config::beforeservice -- Style fixes +### Other +- (maint) - Skip run_puppet_access_login on LTS [#956](https://github.com/puppetlabs/puppetlabs-postgresql/pull/956) ([pmcmaw](https://github.com/pmcmaw)) +- add task listing to README, edit [#955](https://github.com/puppetlabs/puppetlabs-postgresql/pull/955) ([jbondpdx](https://github.com/jbondpdx)) +- 5.3.0 Pre Release [#954](https://github.com/puppetlabs/puppetlabs-postgresql/pull/954) ([david22swan](https://github.com/david22swan)) +- Rubocop Process Complete [#953](https://github.com/puppetlabs/puppetlabs-postgresql/pull/953) ([david22swan](https://github.com/david22swan)) +- (MODULES-6608) - Adding puppet requirement for tasks versioncmp in beaker-task_helper [#952](https://github.com/puppetlabs/puppetlabs-postgresql/pull/952) ([pmcmaw](https://github.com/pmcmaw)) +- Support extension schemas [#948](https://github.com/puppetlabs/puppetlabs-postgresql/pull/948) ([hasegeli](https://github.com/hasegeli)) +- (maint) modulesync 65530a4 Update Travis [#946](https://github.com/puppetlabs/puppetlabs-postgresql/pull/946) ([michaeltlombardi](https://github.com/michaeltlombardi)) +- Inherit 9.6 settings for later PgSQL version on FreeBSD [#945](https://github.com/puppetlabs/puppetlabs-postgresql/pull/945) ([olevole](https://github.com/olevole)) +- (maint) - modulesync 384f4c1 [#944](https://github.com/puppetlabs/puppetlabs-postgresql/pull/944) ([tphoney](https://github.com/tphoney)) +- According to the puppet doc, Pattern should be a list of regex. [#942](https://github.com/puppetlabs/puppetlabs-postgresql/pull/942) ([PierreR](https://github.com/PierreR)) +- MODULES-6194 - Add scram-sha-256 as a valid pg_hba_rule auth method [#941](https://github.com/puppetlabs/puppetlabs-postgresql/pull/941) ([f3nry](https://github.com/f3nry)) +- (maint) - modulesync 1d81b6a [#939](https://github.com/puppetlabs/puppetlabs-postgresql/pull/939) ([pmcmaw](https://github.com/pmcmaw)) +- Merge back release (5.2.1) into master [#938](https://github.com/puppetlabs/puppetlabs-postgresql/pull/938) ([glennsarti](https://github.com/glennsarti)) +- (MODULES-6014) Add support for Fedora 27 to puppetlabs-postgresql [#937](https://github.com/puppetlabs/puppetlabs-postgresql/pull/937) ([blackknight36](https://github.com/blackknight36)) +- This pull request fixes an augeas warning [#935](https://github.com/puppetlabs/puppetlabs-postgresql/pull/935) ([iakovgan](https://github.com/iakovgan)) +- FM-6445 add a task [#930](https://github.com/puppetlabs/puppetlabs-postgresql/pull/930) ([tphoney](https://github.com/tphoney)) +- add ensure=>absent to postgresql::server::role [#897](https://github.com/puppetlabs/puppetlabs-postgresql/pull/897) ([georgehansper](https://github.com/georgehansper)) -##2013-08-01 Release 2.4.1 +## [5.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.1) - 2017-11-14 -###Summary +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.0...5.2.1) -This minor bugfix release solves an idempotency issue when using plain text -passwords for the password_hash parameter for the postgresql::role defined -type. Without this, users would continually see resource changes everytime -your run Puppet. +### Fixed -####Bugfixes -- Alter role call not idempotent with cleartext passwords (Ken Barber) +- add parameter "version" to postgresql::server::extension - fix dependency on database [#932](https://github.com/puppetlabs/puppetlabs-postgresql/pull/932) ([georgehansper](https://github.com/georgehansper)) + +### Other + +- (maint) - Removing Debian 9 [#936](https://github.com/puppetlabs/puppetlabs-postgresql/pull/936) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-5956) fixes for postgresql release [#934](https://github.com/puppetlabs/puppetlabs-postgresql/pull/934) ([jbondpdx](https://github.com/jbondpdx)) +- (MODULES-5955) release prep for 5.2.1 [#933](https://github.com/puppetlabs/puppetlabs-postgresql/pull/933) ([eputnam](https://github.com/eputnam)) +- 5.2.0 Release Mergeback [#928](https://github.com/puppetlabs/puppetlabs-postgresql/pull/928) ([HelenCampbell](https://github.com/HelenCampbell)) + +## [5.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.0) - 2017-10-09 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.1.0...5.2.0) + +### Other + +- Updates to Changelog for release prep [#927](https://github.com/puppetlabs/puppetlabs-postgresql/pull/927) ([pmcmaw](https://github.com/pmcmaw)) +- Merge master into release [#926](https://github.com/puppetlabs/puppetlabs-postgresql/pull/926) ([HelenCampbell](https://github.com/HelenCampbell)) +- (PUP-8008) monkey patch spec_helper_acceptance [#925](https://github.com/puppetlabs/puppetlabs-postgresql/pull/925) ([eputnam](https://github.com/eputnam)) +- (PUP-8008) monkey patch spec_helper_acceptance [#924](https://github.com/puppetlabs/puppetlabs-postgresql/pull/924) ([eputnam](https://github.com/eputnam)) +- (FM-6386) Minor docs fixup for 5.2.0 release [#923](https://github.com/puppetlabs/puppetlabs-postgresql/pull/923) ([HAIL9000](https://github.com/HAIL9000)) +- Removing Debian 6 and adding Debian 9 [#921](https://github.com/puppetlabs/puppetlabs-postgresql/pull/921) ([pmcmaw](https://github.com/pmcmaw)) +- 5.2.0 Release Prep [#920](https://github.com/puppetlabs/puppetlabs-postgresql/pull/920) ([HelenCampbell](https://github.com/HelenCampbell)) +- Updates test to reflect new error message [#919](https://github.com/puppetlabs/puppetlabs-postgresql/pull/919) ([HelenCampbell](https://github.com/HelenCampbell)) +- (maint) modulesync 892c4cf [#918](https://github.com/puppetlabs/puppetlabs-postgresql/pull/918) ([HAIL9000](https://github.com/HAIL9000)) +- enhance --data-checksums on initdb [#915](https://github.com/puppetlabs/puppetlabs-postgresql/pull/915) ([mmoll](https://github.com/mmoll)) +- use postgresql 9.6 for the newest SLES and openSUSE releases [#914](https://github.com/puppetlabs/puppetlabs-postgresql/pull/914) ([tampakrap](https://github.com/tampakrap)) +- Change - Add support for Fedora 26 [#913](https://github.com/puppetlabs/puppetlabs-postgresql/pull/913) ([blackknight36](https://github.com/blackknight36)) +- (MODULES-5501) - Remove unsupported Ubuntu [#912](https://github.com/puppetlabs/puppetlabs-postgresql/pull/912) ([pmcmaw](https://github.com/pmcmaw)) +- Added default posgresql version of Ubuntu 17.4 version to the global… [#911](https://github.com/puppetlabs/puppetlabs-postgresql/pull/911) ([hozmaster](https://github.com/hozmaster)) +- (MODULES-4854) remove allow_deprecations [#910](https://github.com/puppetlabs/puppetlabs-postgresql/pull/910) ([eputnam](https://github.com/eputnam)) +- MODULES-5378 fix the change in error message [#909](https://github.com/puppetlabs/puppetlabs-postgresql/pull/909) ([tphoney](https://github.com/tphoney)) +- MODULES-5378 fix error message checking in test [#908](https://github.com/puppetlabs/puppetlabs-postgresql/pull/908) ([tphoney](https://github.com/tphoney)) +- (maint) modulesync 915cde70e20 [#907](https://github.com/puppetlabs/puppetlabs-postgresql/pull/907) ([glennsarti](https://github.com/glennsarti)) +- (MODULES-5232) - Updating docs formatting. [#905](https://github.com/puppetlabs/puppetlabs-postgresql/pull/905) ([pmcmaw](https://github.com/pmcmaw)) +- 5.1.0 Release Mergeback [#904](https://github.com/puppetlabs/puppetlabs-postgresql/pull/904) ([HelenCampbell](https://github.com/HelenCampbell)) +- Replace deprecated function calls [#901](https://github.com/puppetlabs/puppetlabs-postgresql/pull/901) ([matonb](https://github.com/matonb)) +- Default contcat order [#900](https://github.com/puppetlabs/puppetlabs-postgresql/pull/900) ([matonb](https://github.com/matonb)) +- Deprecated tests [#899](https://github.com/puppetlabs/puppetlabs-postgresql/pull/899) ([matonb](https://github.com/matonb)) +- add parameter "version" to postgresql::server::extension to update the extension version [#896](https://github.com/puppetlabs/puppetlabs-postgresql/pull/896) ([georgehansper](https://github.com/georgehansper)) +- (MODULES-4682) Pass default_connect_settings to validate service [#862](https://github.com/puppetlabs/puppetlabs-postgresql/pull/862) ([vinzent](https://github.com/vinzent)) + +## [5.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.1.0) - 2017-07-17 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.0.0...5.1.0) + +### Other + +- (MODULES-4711) - 5.1.0 Release Prep [#903](https://github.com/puppetlabs/puppetlabs-postgresql/pull/903) ([pmcmaw](https://github.com/pmcmaw)) +- Adding a space for header formatting [#902](https://github.com/puppetlabs/puppetlabs-postgresql/pull/902) ([pmcmaw](https://github.com/pmcmaw)) +- (FM-6240) only run test on postgresql >= 9.0 [#898](https://github.com/puppetlabs/puppetlabs-postgresql/pull/898) ([tphoney](https://github.com/tphoney)) +- (MODULES-5187) mysnc puppet 5 and ruby 2.4 [#895](https://github.com/puppetlabs/puppetlabs-postgresql/pull/895) ([eputnam](https://github.com/eputnam)) +- add defined type postgresql::server::reassign_owned_by [#894](https://github.com/puppetlabs/puppetlabs-postgresql/pull/894) ([georgehansper](https://github.com/georgehansper)) +- Allow order parameter to be string value [#893](https://github.com/puppetlabs/puppetlabs-postgresql/pull/893) ([matonb](https://github.com/matonb)) +- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash [#892](https://github.com/puppetlabs/puppetlabs-postgresql/pull/892) ([mmoll](https://github.com/mmoll)) +- (MODULES-5144) Prep for puppet 5 [#889](https://github.com/puppetlabs/puppetlabs-postgresql/pull/889) ([hunner](https://github.com/hunner)) +- use https for apt.postgresql.org repo [#888](https://github.com/puppetlabs/puppetlabs-postgresql/pull/888) ([hex2a](https://github.com/hex2a)) +- 5.0.0 mergeback [#887](https://github.com/puppetlabs/puppetlabs-postgresql/pull/887) ([hunner](https://github.com/hunner)) +- MODULES-2989 parameter ensure of custom resource postgresql_replication_slot is not documented [#884](https://github.com/puppetlabs/puppetlabs-postgresql/pull/884) ([MartyEwings](https://github.com/MartyEwings)) +- add data_checksums option to initdb [#878](https://github.com/puppetlabs/puppetlabs-postgresql/pull/878) ([tjikkun](https://github.com/tjikkun)) + +## [5.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.0.0) - 2017-06-21 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.9.0...5.0.0) +### Changed +- Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) +- Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) + +### Other + +- (maint) address more changelog cleanup [#886](https://github.com/puppetlabs/puppetlabs-postgresql/pull/886) ([eputnam](https://github.com/eputnam)) +- (maint) changelog cleanup for 5.0.0 [#885](https://github.com/puppetlabs/puppetlabs-postgresql/pull/885) ([eputnam](https://github.com/eputnam)) +- (MODULES-5062) release prep 5.0.0 [#883](https://github.com/puppetlabs/puppetlabs-postgresql/pull/883) ([eputnam](https://github.com/eputnam)) +- (maint) fix for connection validator [#882](https://github.com/puppetlabs/puppetlabs-postgresql/pull/882) ([eputnam](https://github.com/eputnam)) +- (MODULES-5050) Fix for grant_schema_spec [#881](https://github.com/puppetlabs/puppetlabs-postgresql/pull/881) ([eputnam](https://github.com/eputnam)) +- (MODULES-5050) pass auth_option in grant_role_spec [#880](https://github.com/puppetlabs/puppetlabs-postgresql/pull/880) ([eputnam](https://github.com/eputnam)) +- (MODULES-1394) replace validate_db_connection type with custom type [#879](https://github.com/puppetlabs/puppetlabs-postgresql/pull/879) ([eputnam](https://github.com/eputnam)) +- Cleanup README [#877](https://github.com/puppetlabs/puppetlabs-postgresql/pull/877) ([hasegeli](https://github.com/hasegeli)) +- (maint) mock structured facts [#875](https://github.com/puppetlabs/puppetlabs-postgresql/pull/875) ([eputnam](https://github.com/eputnam)) +- (maint) Fix docs for #870 [#873](https://github.com/puppetlabs/puppetlabs-postgresql/pull/873) ([hunner](https://github.com/hunner)) +- MODULES-4826 puppetlabs-postgresql: Update the version compatibility to >= 4.7.0 < 5.0.0 [#871](https://github.com/puppetlabs/puppetlabs-postgresql/pull/871) ([marsmensch](https://github.com/marsmensch)) +- (MODULES-4947) bump apt dependency in metadata + fixtures [#869](https://github.com/puppetlabs/puppetlabs-postgresql/pull/869) ([bastelfreak](https://github.com/bastelfreak)) +- Maintain config entries for PostgreSQL 10 [#868](https://github.com/puppetlabs/puppetlabs-postgresql/pull/868) ([hasegeli](https://github.com/hasegeli)) +- (MODULES-4906) Add support for concat 3.0.0 and 4.0.0 [#867](https://github.com/puppetlabs/puppetlabs-postgresql/pull/867) ([dhollinger](https://github.com/dhollinger)) +- Release mergeback [#866](https://github.com/puppetlabs/puppetlabs-postgresql/pull/866) ([hunner](https://github.com/hunner)) +- MODULES-4324 - README Updates for Translation. [#864](https://github.com/puppetlabs/puppetlabs-postgresql/pull/864) ([pmcmaw](https://github.com/pmcmaw)) +- [MODULES-4598] Revert "Revert "fix default params for SUSE family OSes"" [#863](https://github.com/puppetlabs/puppetlabs-postgresql/pull/863) ([mmoll](https://github.com/mmoll)) +- [msync] 786266 Implement puppet-module-gems, a45803 Remove metadata.json from locales config [#860](https://github.com/puppetlabs/puppetlabs-postgresql/pull/860) ([wilson208](https://github.com/wilson208)) +- [MODULES-4598] Revert "fix default params for SUSE family OSes" [#858](https://github.com/puppetlabs/puppetlabs-postgresql/pull/858) ([wilson208](https://github.com/wilson208)) +- (FM-6116) - Adding POT file for metadata.json [#857](https://github.com/puppetlabs/puppetlabs-postgresql/pull/857) ([pmcmaw](https://github.com/pmcmaw)) +- [MODULES-4528] Replace Puppet.version.to_f version comparison from spec_helper.rb [#856](https://github.com/puppetlabs/puppetlabs-postgresql/pull/856) ([wilson208](https://github.com/wilson208)) +- Align postgis default version with postgres version [#854](https://github.com/puppetlabs/puppetlabs-postgresql/pull/854) ([georgehansper](https://github.com/georgehansper)) +- (maint) Fix CI issue where acceptance tests fail on SLES [#853](https://github.com/puppetlabs/puppetlabs-postgresql/pull/853) ([wilson208](https://github.com/wilson208)) +- Migrate to puppet4 datatypes [#852](https://github.com/puppetlabs/puppetlabs-postgresql/pull/852) ([bastelfreak](https://github.com/bastelfreak)) +- fix default params for SUSE family OSes [#851](https://github.com/puppetlabs/puppetlabs-postgresql/pull/851) ([tampakrap](https://github.com/tampakrap)) +- Allowo to disable managing passwords for users [#846](https://github.com/puppetlabs/puppetlabs-postgresql/pull/846) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) +- Change - Remove deprecated force parameter on concat resources [#843](https://github.com/puppetlabs/puppetlabs-postgresql/pull/843) ([blackknight36](https://github.com/blackknight36)) +- Remove deprecated force parameter from concat [#831](https://github.com/puppetlabs/puppetlabs-postgresql/pull/831) ([ekohl](https://github.com/ekohl)) + +## [4.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.9.0) - 2017-03-09 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.8.0...4.9.0) -##2013-07-19 Release 2.4.0 +### Changed +- Fix deprecated apt::source parameters [#805](https://github.com/puppetlabs/puppetlabs-postgresql/pull/805) ([adepretis](https://github.com/adepretis)) + +### Other + +- release prep for 4.9.0 [#849](https://github.com/puppetlabs/puppetlabs-postgresql/pull/849) ([eputnam](https://github.com/eputnam)) +- Update $allowed_auth_methods for newer PostgreSQL versions 9.5 and 9.6 [#848](https://github.com/puppetlabs/puppetlabs-postgresql/pull/848) ([ardrigh](https://github.com/ardrigh)) +- (MODULES-1707) add logic to params.pp for jdbc driver package on Debian [#847](https://github.com/puppetlabs/puppetlabs-postgresql/pull/847) ([eputnam](https://github.com/eputnam)) +- (MODULES-1508) add support for unix_socket_directories [#845](https://github.com/puppetlabs/puppetlabs-postgresql/pull/845) ([eputnam](https://github.com/eputnam)) +- (maint) accomodate old pgsql version [#844](https://github.com/puppetlabs/puppetlabs-postgresql/pull/844) ([eputnam](https://github.com/eputnam)) +- support Debian/stretch and Ubuntu/yakkety [#842](https://github.com/puppetlabs/puppetlabs-postgresql/pull/842) ([mmoll](https://github.com/mmoll)) +- (maint) fix grant_spec test [#841](https://github.com/puppetlabs/puppetlabs-postgresql/pull/841) ([eputnam](https://github.com/eputnam)) +- (maint) Schemas for a db should come after db [#840](https://github.com/puppetlabs/puppetlabs-postgresql/pull/840) ([hunner](https://github.com/hunner)) +- (MODULES-1127) allow LANGUAGE as valid object_type [#838](https://github.com/puppetlabs/puppetlabs-postgresql/pull/838) ([eputnam](https://github.com/eputnam)) +- Fix typo: hostnosssl [#837](https://github.com/puppetlabs/puppetlabs-postgresql/pull/837) ([df7cb](https://github.com/df7cb)) +- Implement beaker-module_install_helper and cleanup spec_helper_acceptance.rb [#836](https://github.com/puppetlabs/puppetlabs-postgresql/pull/836) ([wilson208](https://github.com/wilson208)) +- (MODULES-4098) Sync the rest of the files [#835](https://github.com/puppetlabs/puppetlabs-postgresql/pull/835) ([hunner](https://github.com/hunner)) +- Fix validation script to work with dash [#833](https://github.com/puppetlabs/puppetlabs-postgresql/pull/833) ([sathieu](https://github.com/sathieu)) +- (MODULES-4097) Sync travis.yml [#832](https://github.com/puppetlabs/puppetlabs-postgresql/pull/832) ([hunner](https://github.com/hunner)) +- Remove unnecessary `client_package_name` parameter from server. [#830](https://github.com/puppetlabs/puppetlabs-postgresql/pull/830) ([tdevelioglu](https://github.com/tdevelioglu)) +- F25 update [#829](https://github.com/puppetlabs/puppetlabs-postgresql/pull/829) ([blackknight36](https://github.com/blackknight36)) +- (FM-5972) gettext and spec.opts [#828](https://github.com/puppetlabs/puppetlabs-postgresql/pull/828) ([eputnam](https://github.com/eputnam)) +- Change - Ensure that the postgres data dir has proper selinux context [#827](https://github.com/puppetlabs/puppetlabs-postgresql/pull/827) ([blackknight36](https://github.com/blackknight36)) +- (maint) fixes for grant_spec [#826](https://github.com/puppetlabs/puppetlabs-postgresql/pull/826) ([eputnam](https://github.com/eputnam)) +- (FM-5939) removes spec.opts [#825](https://github.com/puppetlabs/puppetlabs-postgresql/pull/825) ([eputnam](https://github.com/eputnam)) +- (MODULES-3631) msync Gemfile for 1.9 frozen strings [#824](https://github.com/puppetlabs/puppetlabs-postgresql/pull/824) ([hunner](https://github.com/hunner)) +- Support granting SELECT and UPDATE permission on sequences (MODULES-4158) [#823](https://github.com/puppetlabs/puppetlabs-postgresql/pull/823) ([chris-reeves](https://github.com/chris-reeves)) +- Pick 808 [#821](https://github.com/puppetlabs/puppetlabs-postgresql/pull/821) ([tphoney](https://github.com/tphoney)) +- Override repo urls [#820](https://github.com/puppetlabs/puppetlabs-postgresql/pull/820) ([DavidS](https://github.com/DavidS)) +- Set permissions/ownership on rpm gpg key [#819](https://github.com/puppetlabs/puppetlabs-postgresql/pull/819) ([benpillet](https://github.com/benpillet)) +- (MODULES-4051) updates yum repo [#818](https://github.com/puppetlabs/puppetlabs-postgresql/pull/818) ([eputnam](https://github.com/eputnam)) +- Change default user, group and data directory to proper value on Free… [#816](https://github.com/puppetlabs/puppetlabs-postgresql/pull/816) ([olevole](https://github.com/olevole)) +- (MODULES-3704) Update gemfile template to be identical [#815](https://github.com/puppetlabs/puppetlabs-postgresql/pull/815) ([hunner](https://github.com/hunner)) +- MODULES-3816 no release 3.4.3 fixing changelog [#814](https://github.com/puppetlabs/puppetlabs-postgresql/pull/814) ([tphoney](https://github.com/tphoney)) +- Fix grant documentation [#813](https://github.com/puppetlabs/puppetlabs-postgresql/pull/813) ([hasegeli](https://github.com/hasegeli)) +- Change - Add default postgres version for Fedora 24 to globals class [#811](https://github.com/puppetlabs/puppetlabs-postgresql/pull/811) ([blackknight36](https://github.com/blackknight36)) +- Add support for Gentoo-based operatingsystems [#810](https://github.com/puppetlabs/puppetlabs-postgresql/pull/810) ([optiz0r](https://github.com/optiz0r)) +- Fixed unless check in grant_role so that it can grant roles to superusers [#809](https://github.com/puppetlabs/puppetlabs-postgresql/pull/809) ([crispygoth](https://github.com/crispygoth)) +- (MODULES-3983) Update parallel_tests for ruby 2.0.0 [#807](https://github.com/puppetlabs/puppetlabs-postgresql/pull/807) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-1850) replace validate_string by validate_re for real verification on input [#806](https://github.com/puppetlabs/puppetlabs-postgresql/pull/806) ([jhooyberghs](https://github.com/jhooyberghs)) +- globals: add postgis version for 9.6 [#804](https://github.com/puppetlabs/puppetlabs-postgresql/pull/804) ([costela](https://github.com/costela)) +- Adding a negative test case for grant role [#802](https://github.com/puppetlabs/puppetlabs-postgresql/pull/802) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-3844) adds single revoke test [#800](https://github.com/puppetlabs/puppetlabs-postgresql/pull/800) ([eputnam](https://github.com/eputnam)) +- Update modulesync_config [51f469d] [#799](https://github.com/puppetlabs/puppetlabs-postgresql/pull/799) ([DavidS](https://github.com/DavidS)) +- Remove duplicate RedHat default section [#798](https://github.com/puppetlabs/puppetlabs-postgresql/pull/798) ([jesusaurus](https://github.com/jesusaurus)) +- Support changing database tablespaces [#795](https://github.com/puppetlabs/puppetlabs-postgresql/pull/795) ([hasegeli](https://github.com/hasegeli)) +- Fix SQL style on role.pp [#794](https://github.com/puppetlabs/puppetlabs-postgresql/pull/794) ([hasegeli](https://github.com/hasegeli)) +- Default role of grant_role to namevar [#793](https://github.com/puppetlabs/puppetlabs-postgresql/pull/793) ([hasegeli](https://github.com/hasegeli)) +- Improvements around changing owners [#792](https://github.com/puppetlabs/puppetlabs-postgresql/pull/792) ([hasegeli](https://github.com/hasegeli)) +- Revert "Update config_entry.pp add ability to set log_min_duration_statement" [#791](https://github.com/puppetlabs/puppetlabs-postgresql/pull/791) ([hasegeli](https://github.com/hasegeli)) +- (#3858) Fix unless check in grant_role to work with roles as well as users [#788](https://github.com/puppetlabs/puppetlabs-postgresql/pull/788) ([thunderkeys](https://github.com/thunderkeys)) +- Update modulesync_config [a3fe424] [#787](https://github.com/puppetlabs/puppetlabs-postgresql/pull/787) ([DavidS](https://github.com/DavidS)) +- Allow working directory to be configurable via globals (instead of always using /tmp) [#786](https://github.com/puppetlabs/puppetlabs-postgresql/pull/786) ([hdeadman](https://github.com/hdeadman)) +- handle case where default database name is not the same as user [#785](https://github.com/puppetlabs/puppetlabs-postgresql/pull/785) ([hdeadman](https://github.com/hdeadman)) +- Merge back [#783](https://github.com/puppetlabs/puppetlabs-postgresql/pull/783) ([DavidS](https://github.com/DavidS)) +- (MAINT) Update for modulesync_config 72d19f184 [#782](https://github.com/puppetlabs/puppetlabs-postgresql/pull/782) ([DavidS](https://github.com/DavidS)) +- Add .erb suffix to recovery.conf template [#777](https://github.com/puppetlabs/puppetlabs-postgresql/pull/777) ([tdevelioglu](https://github.com/tdevelioglu)) +- Allow username and password as integers [#774](https://github.com/puppetlabs/puppetlabs-postgresql/pull/774) ([sathieu](https://github.com/sathieu)) +- Grant role with unit tests [#762](https://github.com/puppetlabs/puppetlabs-postgresql/pull/762) ([janfabry](https://github.com/janfabry)) + +## [4.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.8.0) - 2016-07-26 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.1...4.8.0) + +### Other + +- Prep for 4.8.0 [#781](https://github.com/puppetlabs/puppetlabs-postgresql/pull/781) ([DavidS](https://github.com/DavidS)) +- (MODULES-3247) Enable schema and database ownership change [#779](https://github.com/puppetlabs/puppetlabs-postgresql/pull/779) ([ntpttr](https://github.com/ntpttr)) +- (MODULES-3581) modulesync [067d08a] [#778](https://github.com/puppetlabs/puppetlabs-postgresql/pull/778) ([DavidS](https://github.com/DavidS)) +- {maint} modulesync 0794b2c [#776](https://github.com/puppetlabs/puppetlabs-postgresql/pull/776) ([tphoney](https://github.com/tphoney)) +- Update config_entry.pp add ability to set log_min_duration_statement [#773](https://github.com/puppetlabs/puppetlabs-postgresql/pull/773) ([micah-uber](https://github.com/micah-uber)) +- Let the module handle OpenBSD 6.x versions [#772](https://github.com/puppetlabs/puppetlabs-postgresql/pull/772) ([buzzdeee](https://github.com/buzzdeee)) +- (MODULES-3442) Use empty array for missing resource relationships [#771](https://github.com/puppetlabs/puppetlabs-postgresql/pull/771) ([domcleal](https://github.com/domcleal)) +- don't create empty lines in recovery template [#769](https://github.com/puppetlabs/puppetlabs-postgresql/pull/769) ([bastelfreak](https://github.com/bastelfreak)) +- (maint) fix broken links in readme [#767](https://github.com/puppetlabs/puppetlabs-postgresql/pull/767) ([wkalt](https://github.com/wkalt)) +- (MODULES-3416) Add Fedora 24 with PostgreSQL 9.5 [#766](https://github.com/puppetlabs/puppetlabs-postgresql/pull/766) ([domcleal](https://github.com/domcleal)) +- Don't overwrite or calculate the environment twice [#761](https://github.com/puppetlabs/puppetlabs-postgresql/pull/761) ([janfabry](https://github.com/janfabry)) +- Fix validation script to work with FreeBSD. [#760](https://github.com/puppetlabs/puppetlabs-postgresql/pull/760) ([blackknight36](https://github.com/blackknight36)) +- Update to newest modulesync_configs [9ca280f] [#759](https://github.com/puppetlabs/puppetlabs-postgresql/pull/759) ([DavidS](https://github.com/DavidS)) +- (MODULES-3241) Add fedora 23 [#758](https://github.com/puppetlabs/puppetlabs-postgresql/pull/758) ([hunner](https://github.com/hunner)) +- (maint) fix test to run under strict variables [#755](https://github.com/puppetlabs/puppetlabs-postgresql/pull/755) ([DavidS](https://github.com/DavidS)) +- Adds timestamps into logs by default [#754](https://github.com/puppetlabs/puppetlabs-postgresql/pull/754) ([xprazak2](https://github.com/xprazak2)) +- Minor Fixes on the Documentation [#752](https://github.com/puppetlabs/puppetlabs-postgresql/pull/752) ([hasegeli](https://github.com/hasegeli)) +- prevent information leak of database user password [#749](https://github.com/puppetlabs/puppetlabs-postgresql/pull/749) ([buzzdeee](https://github.com/buzzdeee)) +- Remove unused variable and update template comment [#748](https://github.com/puppetlabs/puppetlabs-postgresql/pull/748) ([hunner](https://github.com/hunner)) +- Fix issues with missing parameters in `server` class [#747](https://github.com/puppetlabs/puppetlabs-postgresql/pull/747) ([cyberious](https://github.com/cyberious)) +- Ubuntu/vidid and newer use systemd [#746](https://github.com/puppetlabs/puppetlabs-postgresql/pull/746) ([mmoll](https://github.com/mmoll)) +- Mergeback 4.7.x to master [#745](https://github.com/puppetlabs/puppetlabs-postgresql/pull/745) ([bmjen](https://github.com/bmjen)) + +## [4.7.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.1) - 2016-02-18 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.0...4.7.1) + +### Other + +- Update quoting because addresses are not floats [#744](https://github.com/puppetlabs/puppetlabs-postgresql/pull/744) ([hunner](https://github.com/hunner)) +- 4.7.1 Release Prep [#743](https://github.com/puppetlabs/puppetlabs-postgresql/pull/743) ([bmjen](https://github.com/bmjen)) +- Revert "Add postgresql_version fact" [#742](https://github.com/puppetlabs/puppetlabs-postgresql/pull/742) ([bmjen](https://github.com/bmjen)) +- (FM-4046) Update to current msync configs [006831f] [#741](https://github.com/puppetlabs/puppetlabs-postgresql/pull/741) ([DavidS](https://github.com/DavidS)) +- Add missing onlyif_function to sequence grant code [#738](https://github.com/puppetlabs/puppetlabs-postgresql/pull/738) ([cfrantsen](https://github.com/cfrantsen)) +- correcting formatting error in README [#737](https://github.com/puppetlabs/puppetlabs-postgresql/pull/737) ([jbondpdx](https://github.com/jbondpdx)) +- postgres server init script naming on amazon linux ami [#736](https://github.com/puppetlabs/puppetlabs-postgresql/pull/736) ([Aselinux](https://github.com/Aselinux)) +- Correctly set $service_provider [#735](https://github.com/puppetlabs/puppetlabs-postgresql/pull/735) ([antaflos](https://github.com/antaflos)) +- Archlinux service reload parameter is incorrect. [#734](https://github.com/puppetlabs/puppetlabs-postgresql/pull/734) ([gfokkema](https://github.com/gfokkema)) +- Fix markdown error in README [#732](https://github.com/puppetlabs/puppetlabs-postgresql/pull/732) ([martijn](https://github.com/martijn)) +- amazon linux defaults to postgresql92 now [#731](https://github.com/puppetlabs/puppetlabs-postgresql/pull/731) ([shawn-sterling](https://github.com/shawn-sterling)) +- 4.7.x mergeback to master [#730](https://github.com/puppetlabs/puppetlabs-postgresql/pull/730) ([bmjen](https://github.com/bmjen)) +- Fix quoting [#729](https://github.com/puppetlabs/puppetlabs-postgresql/pull/729) ([hunner](https://github.com/hunner)) +- Allow puppetlabs-concat 2.x [#725](https://github.com/puppetlabs/puppetlabs-postgresql/pull/725) ([brandonweeks](https://github.com/brandonweeks)) +- Add postgresql_version fact [#720](https://github.com/puppetlabs/puppetlabs-postgresql/pull/720) ([jyaworski](https://github.com/jyaworski)) +- Fix password change failing [#719](https://github.com/puppetlabs/puppetlabs-postgresql/pull/719) ([matonb](https://github.com/matonb)) + +## [4.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.0) - 2016-02-02 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.1...4.7.0) + +### Other + +- (MODULES-3024) Quote database objects when creating databases [#727](https://github.com/puppetlabs/puppetlabs-postgresql/pull/727) ([supercow](https://github.com/supercow)) +- Escape case where password ends with '$'. [#726](https://github.com/puppetlabs/puppetlabs-postgresql/pull/726) ([Farzy](https://github.com/Farzy)) +- Changelog, metadata and nodeset update for 4.7.0 [#724](https://github.com/puppetlabs/puppetlabs-postgresql/pull/724) ([HelenCampbell](https://github.com/HelenCampbell)) +- Whoops [#723](https://github.com/puppetlabs/puppetlabs-postgresql/pull/723) ([hunner](https://github.com/hunner)) +- MODULES-3019 - Schedule apt update after install of repo [#722](https://github.com/puppetlabs/puppetlabs-postgresql/pull/722) ([erikanderson](https://github.com/erikanderson)) +- (MODULES-2960) Allow float postgresql_conf values [#721](https://github.com/puppetlabs/puppetlabs-postgresql/pull/721) ([hunner](https://github.com/hunner)) +- FM-4657: postgresql edit pass [#718](https://github.com/puppetlabs/puppetlabs-postgresql/pull/718) ([jbondpdx](https://github.com/jbondpdx)) +- Fix postgresql::server acceptance test descriptions [#717](https://github.com/puppetlabs/puppetlabs-postgresql/pull/717) ([gerhardsam](https://github.com/gerhardsam)) +- Add default postgis version for 9.5 [#716](https://github.com/puppetlabs/puppetlabs-postgresql/pull/716) ([hunner](https://github.com/hunner)) +- (FM-4049) update to modulesync_configs [#715](https://github.com/puppetlabs/puppetlabs-postgresql/pull/715) ([DavidS](https://github.com/DavidS)) +- DOC-1496: README re-write. [#714](https://github.com/puppetlabs/puppetlabs-postgresql/pull/714) ([jtappa](https://github.com/jtappa)) +- OpenBSD 5.9 will also ship a PostgreSQL 9.4 version [#712](https://github.com/puppetlabs/puppetlabs-postgresql/pull/712) ([buzzdeee](https://github.com/buzzdeee)) +- Add support for Ubuntu 15.10 [#711](https://github.com/puppetlabs/puppetlabs-postgresql/pull/711) ([pherjung](https://github.com/pherjung)) +- 4.6.x Mergeback [#710](https://github.com/puppetlabs/puppetlabs-postgresql/pull/710) ([HelenCampbell](https://github.com/HelenCampbell)) +- readme update: postgresql::server::db is a defined type not a class [#709](https://github.com/puppetlabs/puppetlabs-postgresql/pull/709) ([jessereynolds](https://github.com/jessereynolds)) + +## [4.6.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.1) - 2015-12-04 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.0...4.6.1) -###Summary +### Added -This updates adds the ability to change permissions on tables, create template -databases from normal databases, manage PL-Perl's postgres package, and -disable the management of `pg_hba.conf`. +- Added parameter to disable automatic service restarts on config changes [#699](https://github.com/puppetlabs/puppetlabs-postgresql/pull/699) ([sw0x2A](https://github.com/sw0x2A)) -####Features -- Add `postgresql::table_grant` defined resource -- Add `postgresql::plperl` class -- Add `manage_pg_hba_conf` parameter to the `postgresql::config` class -- Add `istemplate` parameter to the `postgresql::database` define +### Other -####Bugfixes -- Update `postgresql::role` class to be able to update roles when modified -instead of only on creation. -- Update tests -- Fix documentation of `postgresql::database_grant` +- fix quote around locale options [#708](https://github.com/puppetlabs/puppetlabs-postgresql/pull/708) ([freegenie](https://github.com/freegenie)) +- 4.6.1 release prep [#707](https://github.com/puppetlabs/puppetlabs-postgresql/pull/707) ([tphoney](https://github.com/tphoney)) +- (maint) removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs [#706](https://github.com/puppetlabs/puppetlabs-postgresql/pull/706) ([bmjen](https://github.com/bmjen)) +- OpenBSD version is now 9.4 [#705](https://github.com/puppetlabs/puppetlabs-postgresql/pull/705) ([oriold](https://github.com/oriold)) +- Fix default paths for Amazon Linux [#704](https://github.com/puppetlabs/puppetlabs-postgresql/pull/704) ([downsj2](https://github.com/downsj2)) +- Fix line endings [#703](https://github.com/puppetlabs/puppetlabs-postgresql/pull/703) ([karyon](https://github.com/karyon)) +- Use double qoutes around database name. [#702](https://github.com/puppetlabs/puppetlabs-postgresql/pull/702) ([stintel](https://github.com/stintel)) +- Remove extra blanks and backslashes. [#701](https://github.com/puppetlabs/puppetlabs-postgresql/pull/701) ([smortex](https://github.com/smortex)) +- syntax error near UTF8 [#700](https://github.com/puppetlabs/puppetlabs-postgresql/pull/700) ([BobVanB](https://github.com/BobVanB)) +- "fedora 22 postgresql version 9.4" [#698](https://github.com/puppetlabs/puppetlabs-postgresql/pull/698) ([nibalizer](https://github.com/nibalizer)) +- Change apt::pin to apt_postgresql_org to prevent error message [#695](https://github.com/puppetlabs/puppetlabs-postgresql/pull/695) ([Danie](https://github.com/Danie)) +- MODULES-2525 - updated systemd-override to support fedora and CentOS paths for systemd [#694](https://github.com/puppetlabs/puppetlabs-postgresql/pull/694) ([jbehrends](https://github.com/jbehrends)) +- Fixes MODULES_2059 - adds extension argument [#693](https://github.com/puppetlabs/puppetlabs-postgresql/pull/693) ([frconil](https://github.com/frconil)) +- 4.6.x mergeback to master [#692](https://github.com/puppetlabs/puppetlabs-postgresql/pull/692) ([bmjen](https://github.com/bmjen)) +- updates metadata.json to match Puppet 4.x PMT output [#691](https://github.com/puppetlabs/puppetlabs-postgresql/pull/691) ([bmjen](https://github.com/bmjen)) +- removed inherits postgresql::params [#679](https://github.com/puppetlabs/puppetlabs-postgresql/pull/679) ([vicinus](https://github.com/vicinus)) +## [4.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.0) - 2015-09-01 -##2.3.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.5.0...4.6.0) -This feature release includes the following changes: +### Other -* Add a new parameter `owner` to the `database` type. This can be used to - grant ownership of a new database to a specific user. (Bruno Harbulot) -* Add support for operating systems other than Debian/RedHat, as long as the - user supplies custom values for all of the required paths, package names, etc. - (Chris Price) -* Improved integration testing (Ken Barber) +- (MAINT) do not run the multi-node tests by default [#689](https://github.com/puppetlabs/puppetlabs-postgresql/pull/689) ([DavidS](https://github.com/DavidS)) +- (MODULES-661) Remote DB support [#688](https://github.com/puppetlabs/puppetlabs-postgresql/pull/688) ([DavidS](https://github.com/DavidS)) +- 4_6_0 release prep [#682](https://github.com/puppetlabs/puppetlabs-postgresql/pull/682) ([tphoney](https://github.com/tphoney)) +- Decouple pg_hba_rule from postgresql::server [#678](https://github.com/puppetlabs/puppetlabs-postgresql/pull/678) ([npwalker](https://github.com/npwalker)) +- (MODULES-2211) Fixed systemd-override for RedHat systems with unmanag… [#677](https://github.com/puppetlabs/puppetlabs-postgresql/pull/677) ([cavaliercoder](https://github.com/cavaliercoder)) +- Fix postgis default package name on RedHat [#674](https://github.com/puppetlabs/puppetlabs-postgresql/pull/674) ([ckaenzig](https://github.com/ckaenzig)) +- Add proxy option for yum repositories [#672](https://github.com/puppetlabs/puppetlabs-postgresql/pull/672) ([GoozeyX](https://github.com/GoozeyX)) +- Allow for undefined PostGIS version. [#671](https://github.com/puppetlabs/puppetlabs-postgresql/pull/671) ([SteveMaddison](https://github.com/SteveMaddison)) +## [4.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.5.0) - 2015-07-28 -##2.2.1 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.2...4.5.0) -This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. +### Other -Users of previous versions might have seen this error: +- Prep 4.5.0 [#676](https://github.com/puppetlabs/puppetlabs-postgresql/pull/676) ([hunner](https://github.com/hunner)) +- Mergeback 4.4.x to master [#670](https://github.com/puppetlabs/puppetlabs-postgresql/pull/670) ([hunner](https://github.com/hunner)) +- Update README.md [#666](https://github.com/puppetlabs/puppetlabs-postgresql/pull/666) ([levenaux](https://github.com/levenaux)) - Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" +## [4.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.2) - 2015-07-08 -This patch should correct that. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.1...4.4.2) -#### Detail Changes +### Added -* Set /tmp as default CWD for postgresql_psql +- (#2056) Added 9.4, corrected past versions based on docs [#625](https://github.com/puppetlabs/puppetlabs-postgresql/pull/625) ([cjestel](https://github.com/cjestel)) + +### Other + +- Fix incorrect metadata [#669](https://github.com/puppetlabs/puppetlabs-postgresql/pull/669) ([hunner](https://github.com/hunner)) +- updates metadata.json to include support for pe 2015.2 [#668](https://github.com/puppetlabs/puppetlabs-postgresql/pull/668) ([bmjen](https://github.com/bmjen)) +- 4.4.2 prep [#667](https://github.com/puppetlabs/puppetlabs-postgresql/pull/667) ([bmjen](https://github.com/bmjen)) +- Support granting permission on sequences. [#665](https://github.com/puppetlabs/puppetlabs-postgresql/pull/665) ([bmjen](https://github.com/bmjen)) +- (MODULES-2185) Fix `withenv` execution under Puppet 2.7 [#664](https://github.com/puppetlabs/puppetlabs-postgresql/pull/664) ([domcleal](https://github.com/domcleal)) +- 4.4.x mergeback [#662](https://github.com/puppetlabs/puppetlabs-postgresql/pull/662) ([bmjen](https://github.com/bmjen)) +- Add default values for more openSUSE and SLES distro versions [#615](https://github.com/puppetlabs/puppetlabs-postgresql/pull/615) ([tampakrap](https://github.com/tampakrap)) + +## [4.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.1) - 2015-07-01 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.0...4.4.1) + +### Other + +- Increment version number for 4.4.1 [#660](https://github.com/puppetlabs/puppetlabs-postgresql/pull/660) ([DavidS](https://github.com/DavidS)) +- (MODULES-2181) Fix variable scope for systemd-override [#659](https://github.com/puppetlabs/puppetlabs-postgresql/pull/659) ([kbarber](https://github.com/kbarber)) + +## [4.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.0) - 2015-06-30 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.3.0...4.4.0) + +### Other + +- fixes postgresql::server:recovery acceptance tests [#658](https://github.com/puppetlabs/puppetlabs-postgresql/pull/658) ([bmjen](https://github.com/bmjen)) +- adds acceptance tests for postgresql::server::recovery resource [#657](https://github.com/puppetlabs/puppetlabs-postgresql/pull/657) ([bmjen](https://github.com/bmjen)) +- updates release date on CHANGELOG [#655](https://github.com/puppetlabs/puppetlabs-postgresql/pull/655) ([bmjen](https://github.com/bmjen)) +- (FM-2931) fixes logic problem with onlyif type param validation. [#654](https://github.com/puppetlabs/puppetlabs-postgresql/pull/654) ([bmjen](https://github.com/bmjen)) +- (FM-2923) install net-tools for tests [#653](https://github.com/puppetlabs/puppetlabs-postgresql/pull/653) ([bmjen](https://github.com/bmjen)) +- (FM-2923) install net-tools for tests [#651](https://github.com/puppetlabs/puppetlabs-postgresql/pull/651) ([DavidS](https://github.com/DavidS)) +- (maint) Fix tests from #527 merge - Looks like copy tests mismatched logic of when it should expect changes [#650](https://github.com/puppetlabs/puppetlabs-postgresql/pull/650) ([cyberious](https://github.com/cyberious)) +- Sync with master [#648](https://github.com/puppetlabs/puppetlabs-postgresql/pull/648) ([bmjen](https://github.com/bmjen)) +- Unpins apt 1.8 dependency in fixtures.yml and spec_helper_acceptance. [#647](https://github.com/puppetlabs/puppetlabs-postgresql/pull/647) ([bmjen](https://github.com/bmjen)) +- Release 4.4.0 prep [#646](https://github.com/puppetlabs/puppetlabs-postgresql/pull/646) ([bmjen](https://github.com/bmjen)) +- (maint) Add beaker-puppet_install_helper and fix fact bug [#645](https://github.com/puppetlabs/puppetlabs-postgresql/pull/645) ([cyberious](https://github.com/cyberious)) +- Update dependencies [#644](https://github.com/puppetlabs/puppetlabs-postgresql/pull/644) ([underscorgan](https://github.com/underscorgan)) +- Show support for Puppet v4 in the metadata [#643](https://github.com/puppetlabs/puppetlabs-postgresql/pull/643) ([ghoneycutt](https://github.com/ghoneycutt)) +- tightens concat dependency to < 2.0.0 [#641](https://github.com/puppetlabs/puppetlabs-postgresql/pull/641) ([bmjen](https://github.com/bmjen)) +- Fixed systemd override for manage_repo package versions [#639](https://github.com/puppetlabs/puppetlabs-postgresql/pull/639) ([cdenneen](https://github.com/cdenneen)) +- Updated travisci file to remove allow_failures on Puppet 4 [#635](https://github.com/puppetlabs/puppetlabs-postgresql/pull/635) ([jonnytdevops](https://github.com/jonnytdevops)) +- Add plpython and postgresql-docs classes [#634](https://github.com/puppetlabs/puppetlabs-postgresql/pull/634) ([DavidS](https://github.com/DavidS)) +- disabling pg_hba_conf_defaults should not disable ipv4acls and ipv6ac… [#633](https://github.com/puppetlabs/puppetlabs-postgresql/pull/633) ([b0e](https://github.com/b0e)) +- Copy snakeoil certificate and key instead of symlinking [#629](https://github.com/puppetlabs/puppetlabs-postgresql/pull/629) ([mcanevet](https://github.com/mcanevet)) +- Support puppetlabs-concat 2.x [#626](https://github.com/puppetlabs/puppetlabs-postgresql/pull/626) ([domcleal](https://github.com/domcleal)) +- add ubuntu/vivid support [#624](https://github.com/puppetlabs/puppetlabs-postgresql/pull/624) ([saimonn](https://github.com/saimonn)) +- (#2049) Make title of psql resource for schema creation unique [#623](https://github.com/puppetlabs/puppetlabs-postgresql/pull/623) ([dirkweinhardt](https://github.com/dirkweinhardt)) +- Modulesync updates [#619](https://github.com/puppetlabs/puppetlabs-postgresql/pull/619) ([underscorgan](https://github.com/underscorgan)) +- Apt fix [#618](https://github.com/puppetlabs/puppetlabs-postgresql/pull/618) ([tphoney](https://github.com/tphoney)) +- (MODULES-2007) Fix Puppet.newtype deprecation warning [#616](https://github.com/puppetlabs/puppetlabs-postgresql/pull/616) ([roman-mueller](https://github.com/roman-mueller)) +- update fixtures file with new concat dependencies [#612](https://github.com/puppetlabs/puppetlabs-postgresql/pull/612) ([bmjen](https://github.com/bmjen)) +- Antaflos patch 2 [#609](https://github.com/puppetlabs/puppetlabs-postgresql/pull/609) ([hunner](https://github.com/hunner)) +- MODULES-1923 - Use the correct command with Puppet < 3.4 [#608](https://github.com/puppetlabs/puppetlabs-postgresql/pull/608) ([underscorgan](https://github.com/underscorgan)) +- Merge 4.3.x back to master [#605](https://github.com/puppetlabs/puppetlabs-postgresql/pull/605) ([hunner](https://github.com/hunner)) +- (MODULES-1761) Provide defined resource for managing recovery.conf [#603](https://github.com/puppetlabs/puppetlabs-postgresql/pull/603) ([dacrome](https://github.com/dacrome)) +- Reorder environment and require parameter, to unbreak [#602](https://github.com/puppetlabs/puppetlabs-postgresql/pull/602) ([buzzdeee](https://github.com/buzzdeee)) +- Fix URLs in metadata.json [#599](https://github.com/puppetlabs/puppetlabs-postgresql/pull/599) ([raphink](https://github.com/raphink)) +- (BKR-147) add Gemfile setting for BEAKER_VERSION for puppet... [#596](https://github.com/puppetlabs/puppetlabs-postgresql/pull/596) ([anodelman](https://github.com/anodelman)) +- Update apt key to full 40characters [#591](https://github.com/puppetlabs/puppetlabs-postgresql/pull/591) ([exptom](https://github.com/exptom)) +- Add param for specifying validate connection script in postgresql::client. [#410](https://github.com/puppetlabs/puppetlabs-postgresql/pull/410) ([riton](https://github.com/riton)) + +## [4.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.3.0) - 2015-03-25 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.2.0...4.3.0) + +### Other + +- Update readme with types docs [#598](https://github.com/puppetlabs/puppetlabs-postgresql/pull/598) ([hunner](https://github.com/hunner)) +- Update changelog for merge of #591 [#597](https://github.com/puppetlabs/puppetlabs-postgresql/pull/597) ([hunner](https://github.com/hunner)) +- Supported Release 4.3.0 [#595](https://github.com/puppetlabs/puppetlabs-postgresql/pull/595) ([hunner](https://github.com/hunner)) +- Testing updates [#593](https://github.com/puppetlabs/puppetlabs-postgresql/pull/593) ([cmurphy](https://github.com/cmurphy)) +- (MODULES-1878) properly quote create and drop extension statements [#592](https://github.com/puppetlabs/puppetlabs-postgresql/pull/592) ([exi](https://github.com/exi)) +- Since this was in an osfamily block it was getting picked up on ubuntu [#588](https://github.com/puppetlabs/puppetlabs-postgresql/pull/588) ([underscorgan](https://github.com/underscorgan)) +- Fix acceptance tests for EL [#587](https://github.com/puppetlabs/puppetlabs-postgresql/pull/587) ([underscorgan](https://github.com/underscorgan)) +- Adjust $service_status for Debian Jessie [#586](https://github.com/puppetlabs/puppetlabs-postgresql/pull/586) ([raphink](https://github.com/raphink)) +- Use space. Join seems to be defaulting to comma. [#585](https://github.com/puppetlabs/puppetlabs-postgresql/pull/585) ([kwolf-zz](https://github.com/kwolf-zz)) +- Fix specs for #567 [#584](https://github.com/puppetlabs/puppetlabs-postgresql/pull/584) ([hunner](https://github.com/hunner)) +- Fix the handling of run_unless_sql_command in puppet 4 [#583](https://github.com/puppetlabs/puppetlabs-postgresql/pull/583) ([hunner](https://github.com/hunner)) +- postgresql::server::extension needs to have defaults for postgresql_psql [#582](https://github.com/puppetlabs/puppetlabs-postgresql/pull/582) ([rvstaveren](https://github.com/rvstaveren)) +- Merge 4.2.x to master [#581](https://github.com/puppetlabs/puppetlabs-postgresql/pull/581) ([underscorgan](https://github.com/underscorgan)) +- Replication type [#580](https://github.com/puppetlabs/puppetlabs-postgresql/pull/580) ([raphink](https://github.com/raphink)) +- (MODULES-1834) Be less strict when changing template1 encoding [#579](https://github.com/puppetlabs/puppetlabs-postgresql/pull/579) ([sathieu](https://github.com/sathieu)) +- Make granting on ALL TABLES IN SCHEMA idempotent [#564](https://github.com/puppetlabs/puppetlabs-postgresql/pull/564) ([antaflos](https://github.com/antaflos)) +- Allowing validation of db connection for more than one user and port [#560](https://github.com/puppetlabs/puppetlabs-postgresql/pull/560) ([uuid0](https://github.com/uuid0)) + +## [4.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.2.0) - 2015-03-10 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.1.0...4.2.0) + +### Other + +- Remove references to host parameter since the vote was to revert that [#578](https://github.com/puppetlabs/puppetlabs-postgresql/pull/578) ([underscorgan](https://github.com/underscorgan)) +- Revert "(MODULES-661) Add host parameter to psql commands" [#577](https://github.com/puppetlabs/puppetlabs-postgresql/pull/577) ([underscorgan](https://github.com/underscorgan)) +- 4.2.0 prep [#576](https://github.com/puppetlabs/puppetlabs-postgresql/pull/576) ([underscorgan](https://github.com/underscorgan)) +- Rework defaults for `$object_name` in `postgresql::server::grant` [#574](https://github.com/puppetlabs/puppetlabs-postgresql/pull/574) ([underscorgan](https://github.com/underscorgan)) +- Openbsd support [#573](https://github.com/puppetlabs/puppetlabs-postgresql/pull/573) ([underscorgan](https://github.com/underscorgan)) +- README had outdated upgrade info [#572](https://github.com/puppetlabs/puppetlabs-postgresql/pull/572) ([underscorgan](https://github.com/underscorgan)) +- (MAINT) Fixes incorrect rspec it description [#570](https://github.com/puppetlabs/puppetlabs-postgresql/pull/570) ([petems](https://github.com/petems)) +- (MODULES-661) Add host parameter to psql commands [#568](https://github.com/puppetlabs/puppetlabs-postgresql/pull/568) ([petems](https://github.com/petems)) +- Use correct TCP port when checking password [#567](https://github.com/puppetlabs/puppetlabs-postgresql/pull/567) ([antaflos](https://github.com/antaflos)) +- Fix for future parser [#566](https://github.com/puppetlabs/puppetlabs-postgresql/pull/566) ([mcanevet](https://github.com/mcanevet)) +- create role before database [#565](https://github.com/puppetlabs/puppetlabs-postgresql/pull/565) ([gerhardsam](https://github.com/gerhardsam)) +- This wasn't matching anything other than psql 8 [#562](https://github.com/puppetlabs/puppetlabs-postgresql/pull/562) ([hunner](https://github.com/hunner)) +- doc links should point to /current/ rather than a specific version [#561](https://github.com/puppetlabs/puppetlabs-postgresql/pull/561) ([igalic](https://github.com/igalic)) +- Fix comment detection [#559](https://github.com/puppetlabs/puppetlabs-postgresql/pull/559) ([hunner](https://github.com/hunner)) +- Fix comment detection [#558](https://github.com/puppetlabs/puppetlabs-postgresql/pull/558) ([hunner](https://github.com/hunner)) +- Require server package before user permissions [#557](https://github.com/puppetlabs/puppetlabs-postgresql/pull/557) ([hunner](https://github.com/hunner)) +- Pin rspec gems [#556](https://github.com/puppetlabs/puppetlabs-postgresql/pull/556) ([cmurphy](https://github.com/cmurphy)) +- change example of postgresql::server::role definition to version 3 [#555](https://github.com/puppetlabs/puppetlabs-postgresql/pull/555) ([phaf](https://github.com/phaf)) +- FreeBSD PostgreSQL wouldn't start first time [#554](https://github.com/puppetlabs/puppetlabs-postgresql/pull/554) ([leepa](https://github.com/leepa)) +- Replace require by include [#553](https://github.com/puppetlabs/puppetlabs-postgresql/pull/553) ([PierreR](https://github.com/PierreR)) +- Fix lint warnings [#552](https://github.com/puppetlabs/puppetlabs-postgresql/pull/552) ([juniorsysadmin](https://github.com/juniorsysadmin)) +- (MODULES-1153) Add database comment parameter [#551](https://github.com/puppetlabs/puppetlabs-postgresql/pull/551) ([juniorsysadmin](https://github.com/juniorsysadmin)) +- Fix invalid byte sequence in US-ASCII error [#549](https://github.com/puppetlabs/puppetlabs-postgresql/pull/549) ([arioch](https://github.com/arioch)) +- Add IntelliJ files to the ignore list [#548](https://github.com/puppetlabs/puppetlabs-postgresql/pull/548) ([cmurphy](https://github.com/cmurphy)) +- Update .travis.yml, Gemfile, Rakefile, and CONTRIBUTING.md [#544](https://github.com/puppetlabs/puppetlabs-postgresql/pull/544) ([cmurphy](https://github.com/cmurphy)) +- Update README.md [#542](https://github.com/puppetlabs/puppetlabs-postgresql/pull/542) ([dhoppe](https://github.com/dhoppe)) +- Minor README internal resource linking fixes. [#541](https://github.com/puppetlabs/puppetlabs-postgresql/pull/541) ([bemosior](https://github.com/bemosior)) +- Fix/encoding [#540](https://github.com/puppetlabs/puppetlabs-postgresql/pull/540) ([mcanevet](https://github.com/mcanevet)) +- MODULES-1522 Add service_manage parameter [#539](https://github.com/puppetlabs/puppetlabs-postgresql/pull/539) ([juniorsysadmin](https://github.com/juniorsysadmin)) +- Allow per-schema grants and support for 'ALL TABLES IN SCHEMA' [#538](https://github.com/puppetlabs/puppetlabs-postgresql/pull/538) ([mattbostock](https://github.com/mattbostock)) +- Update for using Geppetto plugin in CI [#537](https://github.com/puppetlabs/puppetlabs-postgresql/pull/537) ([justinstoller](https://github.com/justinstoller)) +- Fixing autodetected version for Debian Jessie, which should use postgresql 9.4 [#535](https://github.com/puppetlabs/puppetlabs-postgresql/pull/535) ([Zouuup](https://github.com/Zouuup)) +- MODULES-1485 Reverted to default behavior for Debian systems as pg_config should not be overridden [#534](https://github.com/puppetlabs/puppetlabs-postgresql/pull/534) ([cyberious](https://github.com/cyberious)) +- FM-1523: Added module summary to metadata.json [#532](https://github.com/puppetlabs/puppetlabs-postgresql/pull/532) ([jbondpdx](https://github.com/jbondpdx)) +- add utopic support [#529](https://github.com/puppetlabs/puppetlabs-postgresql/pull/529) ([pherjung](https://github.com/pherjung)) +- merge 4.1.x into master [#526](https://github.com/puppetlabs/puppetlabs-postgresql/pull/526) ([underscorgan](https://github.com/underscorgan)) +- Add postgresql::server::extension definition [#521](https://github.com/puppetlabs/puppetlabs-postgresql/pull/521) ([raphink](https://github.com/raphink)) + +## [4.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.1.0) - 2014-11-04 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.0.0...4.1.0) + +### Other + +- Let's actually have the version number [#525](https://github.com/puppetlabs/puppetlabs-postgresql/pull/525) ([underscorgan](https://github.com/underscorgan)) +- Fix errors with future parser [#520](https://github.com/puppetlabs/puppetlabs-postgresql/pull/520) ([underscorgan](https://github.com/underscorgan)) +- 4.1.0 prep [#519](https://github.com/puppetlabs/puppetlabs-postgresql/pull/519) ([underscorgan](https://github.com/underscorgan)) +- Fix data directory handling [#517](https://github.com/puppetlabs/puppetlabs-postgresql/pull/517) ([cmurphy](https://github.com/cmurphy)) +- Added fc21 default version [#516](https://github.com/puppetlabs/puppetlabs-postgresql/pull/516) ([david-caro](https://github.com/david-caro)) +- Link to the sysconfig file for the init script of the PGDG postgresql se... [#515](https://github.com/puppetlabs/puppetlabs-postgresql/pull/515) ([lofic](https://github.com/lofic)) +- Adds support for PGDATA changing [#514](https://github.com/puppetlabs/puppetlabs-postgresql/pull/514) ([mixacha](https://github.com/mixacha)) +- Update PE compatibility info in metadata [#512](https://github.com/puppetlabs/puppetlabs-postgresql/pull/512) ([cmurphy](https://github.com/cmurphy)) +- Add some missing params documentation [#508](https://github.com/puppetlabs/puppetlabs-postgresql/pull/508) ([ckaenzig](https://github.com/ckaenzig)) +- $login parameter in server/role.pp defaults to true. doc says false. [#506](https://github.com/puppetlabs/puppetlabs-postgresql/pull/506) ([tobyw4n](https://github.com/tobyw4n)) +- fix future parser error [#504](https://github.com/puppetlabs/puppetlabs-postgresql/pull/504) ([steeef](https://github.com/steeef)) +- Fixed description for schema example [#503](https://github.com/puppetlabs/puppetlabs-postgresql/pull/503) ([petehayes](https://github.com/petehayes)) +- Fix some typo's in Readme and specfile. [#502](https://github.com/puppetlabs/puppetlabs-postgresql/pull/502) ([aswen](https://github.com/aswen)) +- postgresql.org now has a RHEL7 repo available [#501](https://github.com/puppetlabs/puppetlabs-postgresql/pull/501) ([cfeskens](https://github.com/cfeskens)) +- ticket/MODULES-1298 [#484](https://github.com/puppetlabs/puppetlabs-postgresql/pull/484) ([tbartelmess](https://github.com/tbartelmess)) + +## [4.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.0.0) - 2014-09-10 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.2...4.0.0) + +### Other + +- We don't test on Scientific 7 [#499](https://github.com/puppetlabs/puppetlabs-postgresql/pull/499) ([underscorgan](https://github.com/underscorgan)) +- Include postgresql::server class for specs [#497](https://github.com/puppetlabs/puppetlabs-postgresql/pull/497) ([hunner](https://github.com/hunner)) +- Update metadata for 4.0 [#496](https://github.com/puppetlabs/puppetlabs-postgresql/pull/496) ([underscorgan](https://github.com/underscorgan)) +- Force concat install [#493](https://github.com/puppetlabs/puppetlabs-postgresql/pull/493) ([underscorgan](https://github.com/underscorgan)) +- Force concat install [#492](https://github.com/puppetlabs/puppetlabs-postgresql/pull/492) ([underscorgan](https://github.com/underscorgan)) +- Remove trailing whitespace. [#489](https://github.com/puppetlabs/puppetlabs-postgresql/pull/489) ([apenney](https://github.com/apenney)) +- Fix port changing. [#488](https://github.com/puppetlabs/puppetlabs-postgresql/pull/488) ([apenney](https://github.com/apenney)) +- Allow failures. [#487](https://github.com/puppetlabs/puppetlabs-postgresql/pull/487) ([apenney](https://github.com/apenney)) +- Fix the spec helper to apply selinux to agents only. [#486](https://github.com/puppetlabs/puppetlabs-postgresql/pull/486) ([apenney](https://github.com/apenney)) +- This can't be refreshonly. [#485](https://github.com/puppetlabs/puppetlabs-postgresql/pull/485) ([apenney](https://github.com/apenney)) +- Unfortunately this didn't work on > 9.3 in practice. [#483](https://github.com/puppetlabs/puppetlabs-postgresql/pull/483) ([apenney](https://github.com/apenney)) +- Revert "Support changing PGDATA on RedHat" [#481](https://github.com/puppetlabs/puppetlabs-postgresql/pull/481) ([apenney](https://github.com/apenney)) +- Update spec_helper for more consistency [#480](https://github.com/puppetlabs/puppetlabs-postgresql/pull/480) ([underscorgan](https://github.com/underscorgan)) +- Fix indentation. [#479](https://github.com/puppetlabs/puppetlabs-postgresql/pull/479) ([apenney](https://github.com/apenney)) +- Fix lsbmajdistreleasee fact for Ubuntu [#477](https://github.com/puppetlabs/puppetlabs-postgresql/pull/477) ([kbarber](https://github.com/kbarber)) +- Remove firewall management [#476](https://github.com/puppetlabs/puppetlabs-postgresql/pull/476) ([hunner](https://github.com/hunner)) +- Bump deps for postgresql 4.0 release [#475](https://github.com/puppetlabs/puppetlabs-postgresql/pull/475) ([hunner](https://github.com/hunner)) +- Don't test on 3.5.0.rc3 any more [#474](https://github.com/puppetlabs/puppetlabs-postgresql/pull/474) ([hunner](https://github.com/hunner)) +- Support changing PGDATA on RedHat [#473](https://github.com/puppetlabs/puppetlabs-postgresql/pull/473) ([mhjacks](https://github.com/mhjacks)) +- Fixed deprecation warning for class param in server.pp. [#471](https://github.com/puppetlabs/puppetlabs-postgresql/pull/471) ([poikilotherm](https://github.com/poikilotherm)) +- remove duplicatie "description" line from Metadata.json [#470](https://github.com/puppetlabs/puppetlabs-postgresql/pull/470) ([igalic](https://github.com/igalic)) +- Fixes the accidental erasing of pg_ident.conf [#464](https://github.com/puppetlabs/puppetlabs-postgresql/pull/464) ([txaj](https://github.com/txaj)) +- doc: Fix anchor links in README TOC [#459](https://github.com/puppetlabs/puppetlabs-postgresql/pull/459) ([juxtin](https://github.com/juxtin)) +- Add correct documentation for pg_ident_rule type [#458](https://github.com/puppetlabs/puppetlabs-postgresql/pull/458) ([stdietrich](https://github.com/stdietrich)) +- MODULES-1213 link pg_config binary into /usr/bin if not already in /usr/bin or /usr/local/bin [#450](https://github.com/puppetlabs/puppetlabs-postgresql/pull/450) ([jantman](https://github.com/jantman)) +- Initdb should create xlogdir if it has been set. [#448](https://github.com/puppetlabs/puppetlabs-postgresql/pull/448) ([aswen](https://github.com/aswen)) +- Add support for SLES 11 [#437](https://github.com/puppetlabs/puppetlabs-postgresql/pull/437) ([dinerroger](https://github.com/dinerroger)) + +## [3.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.2) - 2014-08-06 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.1...3.4.2) + +### Other + +- This seems to fix up selinux for tablespace. [#463](https://github.com/puppetlabs/puppetlabs-postgresql/pull/463) ([apenney](https://github.com/apenney)) +- Prepare 3.4.2 release. [#462](https://github.com/puppetlabs/puppetlabs-postgresql/pull/462) ([apenney](https://github.com/apenney)) +- Make sure this works on Fedora as well as RHEL7. [#461](https://github.com/puppetlabs/puppetlabs-postgresql/pull/461) ([apenney](https://github.com/apenney)) +- Manage pg_ident.conf by default [#460](https://github.com/puppetlabs/puppetlabs-postgresql/pull/460) ([hunner](https://github.com/hunner)) +- doc: use postgresql::*server*::tablespace in example [#457](https://github.com/puppetlabs/puppetlabs-postgresql/pull/457) ([igalic](https://github.com/igalic)) +- defined type for creating database schemas [#456](https://github.com/puppetlabs/puppetlabs-postgresql/pull/456) ([igalic](https://github.com/igalic)) +- Merge 3.4.x changes into master. [#454](https://github.com/puppetlabs/puppetlabs-postgresql/pull/454) ([apenney](https://github.com/apenney)) +- Fix Fedora support by configuring systemd, not /etc/sysconfig [#453](https://github.com/puppetlabs/puppetlabs-postgresql/pull/453) ([kbarber](https://github.com/kbarber)) +- Create the pg_ident_rule defined type [#452](https://github.com/puppetlabs/puppetlabs-postgresql/pull/452) ([txaj](https://github.com/txaj)) + +## [3.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.1) - 2014-07-21 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.0...3.4.1) + +### Other + +- Prepare a 3.4.1 release. [#451](https://github.com/puppetlabs/puppetlabs-postgresql/pull/451) ([apenney](https://github.com/apenney)) +- Spec tests rewrite [#449](https://github.com/puppetlabs/puppetlabs-postgresql/pull/449) ([apenney](https://github.com/apenney)) +- Remove the ensure => absent uninstall code. [#442](https://github.com/puppetlabs/puppetlabs-postgresql/pull/442) ([apenney](https://github.com/apenney)) + +## [3.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.0) - 2014-07-09 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.3...3.4.0) +### Added -##2.2.0 +- postgis support [#280](https://github.com/puppetlabs/puppetlabs-postgresql/pull/280) ([kitchen](https://github.com/kitchen)) -This feature release introduces a number of new features and bug fixes. +### Fixed -First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. +- Fix postgresql_conf quote logic [#297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/297) ([reidmv](https://github.com/reidmv)) + +### Other + +- Reword the postgis unsupported information. [#444](https://github.com/puppetlabs/puppetlabs-postgresql/pull/444) ([apenney](https://github.com/apenney)) +- Add validate and lint tasks to travis script [#443](https://github.com/puppetlabs/puppetlabs-postgresql/pull/443) ([cmurphy](https://github.com/cmurphy)) +- Remove postgis support for now. [#441](https://github.com/puppetlabs/puppetlabs-postgresql/pull/441) ([apenney](https://github.com/apenney)) +- This corrects the location of the pg_hba config file on debian oses in tests [#440](https://github.com/puppetlabs/puppetlabs-postgresql/pull/440) ([justinstoller](https://github.com/justinstoller)) +- Synchronize .travis.yml [#439](https://github.com/puppetlabs/puppetlabs-postgresql/pull/439) ([cmurphy](https://github.com/cmurphy)) +- Fix trailing }. [#436](https://github.com/puppetlabs/puppetlabs-postgresql/pull/436) ([apenney](https://github.com/apenney)) +- Start synchronizing module files [#435](https://github.com/puppetlabs/puppetlabs-postgresql/pull/435) ([cmurphy](https://github.com/cmurphy)) +- So long, Modulefile! [#434](https://github.com/puppetlabs/puppetlabs-postgresql/pull/434) ([apenney](https://github.com/apenney)) +- Add workaround for selinux. [#433](https://github.com/puppetlabs/puppetlabs-postgresql/pull/433) ([apenney](https://github.com/apenney)) +- Clean the yum cache before adding repo [#430](https://github.com/puppetlabs/puppetlabs-postgresql/pull/430) ([hunner](https://github.com/hunner)) +- Rspec pinning [#429](https://github.com/puppetlabs/puppetlabs-postgresql/pull/429) ([underscorgan](https://github.com/underscorgan)) +- Fix Ubuntu 14.04 tests for now. [#427](https://github.com/puppetlabs/puppetlabs-postgresql/pull/427) ([apenney](https://github.com/apenney)) +- (MODULES-775) Fix refresh/unless parameter interactions [#426](https://github.com/puppetlabs/puppetlabs-postgresql/pull/426) ([domcleal](https://github.com/domcleal)) +- Log output on failures [#425](https://github.com/puppetlabs/puppetlabs-postgresql/pull/425) ([hunner](https://github.com/hunner)) +- Remove eq('') tests thanks to the new deprecation warnings. [#424](https://github.com/puppetlabs/puppetlabs-postgresql/pull/424) ([apenney](https://github.com/apenney)) +- Ensure db user exists before validating db connection [#422](https://github.com/puppetlabs/puppetlabs-postgresql/pull/422) ([claytono](https://github.com/claytono)) +- Change selector statements to have default listed last [#421](https://github.com/puppetlabs/puppetlabs-postgresql/pull/421) ([blkperl](https://github.com/blkperl)) +- 3.4.0 prep [#420](https://github.com/puppetlabs/puppetlabs-postgresql/pull/420) ([underscorgan](https://github.com/underscorgan)) +- Set fallback postgis_version to undef so that catalog still compiles if d... [#419](https://github.com/puppetlabs/puppetlabs-postgresql/pull/419) ([mcanevet](https://github.com/mcanevet)) +- Add RHEL7 and Ubuntu 14.04. [#417](https://github.com/puppetlabs/puppetlabs-postgresql/pull/417) ([apenney](https://github.com/apenney)) +- Merge33x [#416](https://github.com/puppetlabs/puppetlabs-postgresql/pull/416) ([apenney](https://github.com/apenney)) +- [WIP] Fixes to tests and RHEL7 support. [#415](https://github.com/puppetlabs/puppetlabs-postgresql/pull/415) ([apenney](https://github.com/apenney)) +- Support Debian Jessie [#414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/414) ([lucas42](https://github.com/lucas42)) +- tag postgresql-jdbc package to fix package repo dependency [#413](https://github.com/puppetlabs/puppetlabs-postgresql/pull/413) ([rdark](https://github.com/rdark)) +- Fix tests 1404 [#412](https://github.com/puppetlabs/puppetlabs-postgresql/pull/412) ([apenney](https://github.com/apenney)) +- [WIP] (don't merge) Fix for Ubuntu 14.04. [#411](https://github.com/puppetlabs/puppetlabs-postgresql/pull/411) ([apenney](https://github.com/apenney)) +- Update apt.postgresql.org key url [#409](https://github.com/puppetlabs/puppetlabs-postgresql/pull/409) ([mnencia](https://github.com/mnencia)) +- Fix wrong config option in README [#408](https://github.com/puppetlabs/puppetlabs-postgresql/pull/408) ([fredj](https://github.com/fredj)) +- (MODULES-630) Deprecate postgresql::server::version [#407](https://github.com/puppetlabs/puppetlabs-postgresql/pull/407) ([hunner](https://github.com/hunner)) +- Fix how to run the acceptance tests [#406](https://github.com/puppetlabs/puppetlabs-postgresql/pull/406) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) +- Add support for port parameter to postgresql::server [#404](https://github.com/puppetlabs/puppetlabs-postgresql/pull/404) ([thunderkeys](https://github.com/thunderkeys)) +- Add strict_variables support in unit tests [#402](https://github.com/puppetlabs/puppetlabs-postgresql/pull/402) ([mcanevet](https://github.com/mcanevet)) +- Add class postgresql::lib::perl for perl support [#401](https://github.com/puppetlabs/puppetlabs-postgresql/pull/401) ([cfeskens](https://github.com/cfeskens)) +- Fixed travis by updating Gemfile to pin Rake to 10.1.1 [#398](https://github.com/puppetlabs/puppetlabs-postgresql/pull/398) ([igalic](https://github.com/igalic)) +- Allow the ex- and import of postgresql::server::db [#397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/397) ([pieterlexis](https://github.com/pieterlexis)) +- Postgresql server role inherit support [#395](https://github.com/puppetlabs/puppetlabs-postgresql/pull/395) ([thunderkeys](https://github.com/thunderkeys)) +- Fix unit tests with rspec-puppet 1.0 [#393](https://github.com/puppetlabs/puppetlabs-postgresql/pull/393) ([mcanevet](https://github.com/mcanevet)) +- Fix FreeBSD support [#391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/391) ([geoffgarside](https://github.com/geoffgarside)) +- change pg_hba.conf to be owned by postgres user account [#372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/372) ([jhoblitt](https://github.com/jhoblitt)) + +## [3.3.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.3) - 2014-03-06 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.2...3.3.3) + +### Other + +- Remove autorelease [#388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/388) ([hunner](https://github.com/hunner)) +- Change error detection for version to after other parameters [#387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/387) ([hunner](https://github.com/hunner)) +- Prepare 3.3.3 supported release. [#386](https://github.com/puppetlabs/puppetlabs-postgresql/pull/386) ([apenney](https://github.com/apenney)) +- Replace the symlink with the actual file to resolve a PMT issue. [#385](https://github.com/puppetlabs/puppetlabs-postgresql/pull/385) ([apenney](https://github.com/apenney)) + +## [3.3.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.2) - 2014-03-03 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.1...3.3.2) + +### Other + +- Patch metadata [#384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/384) ([hunner](https://github.com/hunner)) +- Add install instructions for supported module version [#383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/383) ([lrnrthr](https://github.com/lrnrthr)) +- Supported Release 3.3.2 [#382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/382) ([hunner](https://github.com/hunner)) +- Prepare metadata for supported modules release. [#381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/381) ([apenney](https://github.com/apenney)) +- Adds "Release Notes/Known Bugs" to Changelog, updates file format to markdown, standardizes the format of previous entries [#380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/380) ([lrnrthr](https://github.com/lrnrthr)) +- Use the correct encoding. [#379](https://github.com/puppetlabs/puppetlabs-postgresql/pull/379) ([apenney](https://github.com/apenney)) +- Fix the locale generation for Debian. [#378](https://github.com/puppetlabs/puppetlabs-postgresql/pull/378) ([apenney](https://github.com/apenney)) +- Ensure we call out the locales-all requirement. [#377](https://github.com/puppetlabs/puppetlabs-postgresql/pull/377) ([apenney](https://github.com/apenney)) +- Add class apt for manage_package_repo => true [#375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/375) ([hunner](https://github.com/hunner)) +- Missed these [#374](https://github.com/puppetlabs/puppetlabs-postgresql/pull/374) ([hunner](https://github.com/hunner)) +- Add unsupported platforms [#373](https://github.com/puppetlabs/puppetlabs-postgresql/pull/373) ([hunner](https://github.com/hunner)) +- Switch to a regex match to ignore \n's. [#371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/371) ([apenney](https://github.com/apenney)) +- Missing lsbdistid stub for apt module [#369](https://github.com/puppetlabs/puppetlabs-postgresql/pull/369) ([hunner](https://github.com/hunner)) +- This fixes this test to work in the face of oppressive SELinux! [#368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/368) ([apenney](https://github.com/apenney)) +- remove trailing whitespace [#366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/366) ([justinstoller](https://github.com/justinstoller)) +- use fully-qualified path to psql to set password [#365](https://github.com/puppetlabs/puppetlabs-postgresql/pull/365) ([igalic](https://github.com/igalic)) +- Release 3.3.1 [#364](https://github.com/puppetlabs/puppetlabs-postgresql/pull/364) ([hunner](https://github.com/hunner)) + +## [3.3.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.1) - 2014-02-12 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.0...3.3.1) + +### Other + +- Allow custom gemsource [#363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/363) ([hunner](https://github.com/hunner)) +- Prepare a 3.3.0 release. [#356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/356) ([apenney](https://github.com/apenney)) + +## [3.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.0) - 2014-01-28 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.2.0...3.3.0) - class { 'postgresql::python': - } +### Added -You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). +- Add support to custom xlogdir parameter [#256](https://github.com/puppetlabs/puppetlabs-postgresql/pull/256) ([mnencia](https://github.com/mnencia)) + +### Other + +- Prepare a 3.3.0 release. [#356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/356) ([apenney](https://github.com/apenney)) +- Travis [#354](https://github.com/puppetlabs/puppetlabs-postgresql/pull/354) ([ghoneycutt](https://github.com/ghoneycutt)) +- Beaker specs [#353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/353) ([apenney](https://github.com/apenney)) +- Update README.md [#349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/349) ([riconnon](https://github.com/riconnon)) +- Fix typo, clearly from a copy/paste mistake [#347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/347) ([mhagander](https://github.com/mhagander)) +- fix for concat error [#343](https://github.com/puppetlabs/puppetlabs-postgresql/pull/343) ([flypenguin](https://github.com/flypenguin)) +- use Puppet::Util::Execute.execute with puppet >= 3.4 [#340](https://github.com/puppetlabs/puppetlabs-postgresql/pull/340) ([jhoblitt](https://github.com/jhoblitt)) +- Rspec puppet fixes [#339](https://github.com/puppetlabs/puppetlabs-postgresql/pull/339) ([jhoblitt](https://github.com/jhoblitt)) +- README.md postgresql::globals class parameter description fix [#335](https://github.com/puppetlabs/puppetlabs-postgresql/pull/335) ([dgolja](https://github.com/dgolja)) +- Fix NOREPLICATION option for Postgres 9.1 [#333](https://github.com/puppetlabs/puppetlabs-postgresql/pull/333) ([brandonwamboldt](https://github.com/brandonwamboldt)) +- (feat) Add FreeBSD Support [#327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/327) ([zachfi](https://github.com/zachfi)) +- $postgresql::server::client_package_name is referred from install.pp, bu... [#325](https://github.com/puppetlabs/puppetlabs-postgresql/pull/325) ([aadamovich](https://github.com/aadamovich)) +- Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf [#324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/324) ([aadamovich](https://github.com/aadamovich)) +- Unable to run spec tests from behind firewall [#323](https://github.com/puppetlabs/puppetlabs-postgresql/pull/323) ([](https://github.com/)) +- Added newline at end of file [#322](https://github.com/puppetlabs/puppetlabs-postgresql/pull/322) ([bcomnes](https://github.com/bcomnes)) +- (FM-486) Fix deprecated Puppet::Util::SUIDManager.run_and_capture [#320](https://github.com/puppetlabs/puppetlabs-postgresql/pull/320) ([apenney](https://github.com/apenney)) +- Prevent float of defined resource. [#317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/317) ([tmclaugh](https://github.com/tmclaugh)) +- Can pass template at database creation [#316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/316) ([mcanevet](https://github.com/mcanevet)) +- Exec['postgresql_initdb'] needs to be done after $datadir exists [#313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/313) ([tmclaugh](https://github.com/tmclaugh)) +- Remove deprecated and unused parameters to concat::fragment [#311](https://github.com/puppetlabs/puppetlabs-postgresql/pull/311) ([kronn](https://github.com/kronn)) +- Fix table_grant_spec to show a bug [#310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/310) ([mcanevet](https://github.com/mcanevet)) +- add lc_* config entry settings [#309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/309) ([leehanel](https://github.com/leehanel)) +- Prepare a 3.2.0 release. [#306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/306) ([apenney](https://github.com/apenney)) + +## [3.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.2.0) - 2013-11-05 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.1.0...3.2.0) + +### Other + +- Missing depedenncy '->' and class misspelled (missing ending s) [#302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/302) ([dgolja](https://github.com/dgolja)) +- Spelling and redundancy fix in README [#301](https://github.com/puppetlabs/puppetlabs-postgresql/pull/301) ([dawik](https://github.com/dawik)) +- Allow specification of default database name [#298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/298) ([reidmv](https://github.com/reidmv)) +- Add default PostgreSQL version for Ubuntu 13.10 [#296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/296) ([kamilszymanski](https://github.com/kamilszymanski)) +- Release 3.1.0 [#294](https://github.com/puppetlabs/puppetlabs-postgresql/pull/294) ([kbarber](https://github.com/kbarber)) + +## [3.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.1.0) - 2013-10-25 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0...3.1.0) -We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. +### Fixed -This release in particular has largely been contributed by the community members below, a big thanks to one and all. +- (GH-198) Fix race condition on startup [#292](https://github.com/puppetlabs/puppetlabs-postgresql/pull/292) ([kbarber](https://github.com/kbarber)) -#### Detailed Changes +### Other -* Add support for psycopg installation (Flaper Fesp and Dan Prince) -* Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) -* Add ability to create users without a password (Bruno Harbulot) -* Three Puppet 2.6 fixes (Dominic Cleal) -* Add explicit call to concat::setup when creating concat file (Dominic Cleal) -* Fix readme typo (Jordi Boggiano) -* Update postgres_default_version for Ubuntu (Kamil Szymanski) -* Allow to set connection for noew role (Kamil Szymanski) -* Fix pg_hba_rule for postgres local access (Kamil Szymanski) -* Fix versions for travis-ci (Ken Barber) -* Add replication support (Jordi Boggiano) -* Cleaned up and added unit tests (Ken Barber) -* Generalization to provide more flexability in postgresql configuration (Karel Brezina) -* Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) -* Allow SQL commands to be run against a specific DB (Carlos Villela) -* Drop trailing comma to support Puppet 2.6 (Michael Arnold) +- Add autopublishing. [#295](https://github.com/puppetlabs/puppetlabs-postgresql/pull/295) ([apenney](https://github.com/apenney)) +- Release 3.1.0 [#294](https://github.com/puppetlabs/puppetlabs-postgresql/pull/294) ([kbarber](https://github.com/kbarber)) +- Update server.pp [#291](https://github.com/puppetlabs/puppetlabs-postgresql/pull/291) ([cdenneen](https://github.com/cdenneen)) +- Add zero length string to join() function [#286](https://github.com/puppetlabs/puppetlabs-postgresql/pull/286) ([antevens](https://github.com/antevens)) +- periods are valid in configuration variables also [#284](https://github.com/puppetlabs/puppetlabs-postgresql/pull/284) ([kitchen](https://github.com/kitchen)) +- enable setting the postgres user's password without resetting the password on every puppet run [#281](https://github.com/puppetlabs/puppetlabs-postgresql/pull/281) ([jonoterc](https://github.com/jonoterc)) +- Prepare 3.0.0 release. [#279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/279) ([apenney](https://github.com/apenney)) +- add search_path attribute to postgresql_psql resource [#275](https://github.com/puppetlabs/puppetlabs-postgresql/pull/275) ([kitchen](https://github.com/kitchen)) +- Defined $default_version for Fedora 17 [#264](https://github.com/puppetlabs/puppetlabs-postgresql/pull/264) ([bcomnes](https://github.com/bcomnes)) +## [3.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0) - 2013-10-16 -##2.1.1 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc3...3.0.0) +### Other -This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: +- Prepare 3.0.0-rc3 release. [#278](https://github.com/puppetlabs/puppetlabs-postgresql/pull/278) ([apenney](https://github.com/apenney)) - Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: +## [3.0.0-rc3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc3) - 2013-10-16 -And the postgresql log entry: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc2...3.0.0-rc3) - FATAL: unrecognized configuration parameter "include" +### Other -This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. +- Prepare 3.0.0-rc3 release. [#278](https://github.com/puppetlabs/puppetlabs-postgresql/pull/278) ([apenney](https://github.com/apenney)) +- Expose owner in db definition [#273](https://github.com/puppetlabs/puppetlabs-postgresql/pull/273) ([ares](https://github.com/ares)) +- Prepare 3.0.0-rc2 release. [#272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/272) ([apenney](https://github.com/apenney)) +- Add a parameter to (un)manage pg_hba.conf [#261](https://github.com/puppetlabs/puppetlabs-postgresql/pull/261) ([mcanevet](https://github.com/mcanevet)) -#### Detailed Changes +## [3.0.0-rc2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc2) - 2013-10-09 -2013-01-21 - Ken Barber -* Only install `include` directive and included file on PostgreSQL >= 8.2 -* Add system tests for Centos 5 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc1...3.0.0-rc2) +### Other -##2.1.0 +- Prepare 3.0.0-rc2 release. [#272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/272) ([apenney](https://github.com/apenney)) +- FM-103: Add metadata.json to all modules. [#269](https://github.com/puppetlabs/puppetlabs-postgresql/pull/269) ([apenney](https://github.com/apenney)) +- Fix documentation about username/password for the postgresql_hash functi... [#268](https://github.com/puppetlabs/puppetlabs-postgresql/pull/268) ([duritong](https://github.com/duritong)) +- fixed the rspec test to include 'sha1' in [#267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/267) ([neilnorthrop](https://github.com/neilnorthrop)) +- Special case for $datadir on Amazon [#262](https://github.com/puppetlabs/puppetlabs-postgresql/pull/262) ([bcomnes](https://github.com/bcomnes)) +- Prepare 3.0.0 release. [#259](https://github.com/puppetlabs/puppetlabs-postgresql/pull/259) ([apenney](https://github.com/apenney)) -This release is primarily a feature release, introducing some new helpful constructs to the module. +## [3.0.0-rc1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc1) - 2013-10-02 -For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.5.0...3.0.0-rc1) -We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: +### Other - postgresql::tablespace { 'dbspace': - location => '/srv/dbspace', - } +- Prepare 3.0.0 release. [#259](https://github.com/puppetlabs/puppetlabs-postgresql/pull/259) ([apenney](https://github.com/apenney)) +- Fix license file. [#258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/258) ([apenney](https://github.com/apenney)) +- Support apt.postgresql.org version specific packages. [#255](https://github.com/puppetlabs/puppetlabs-postgresql/pull/255) ([mnencia](https://github.com/mnencia)) +- Validate authentication method against server version [#251](https://github.com/puppetlabs/puppetlabs-postgresql/pull/251) ([kamilszymanski](https://github.com/kamilszymanski)) +- lint fixes [#250](https://github.com/puppetlabs/puppetlabs-postgresql/pull/250) ([kamilszymanski](https://github.com/kamilszymanski)) +- Added Archlinux Support [#249](https://github.com/puppetlabs/puppetlabs-postgresql/pull/249) ([aboe76](https://github.com/aboe76)) +- Fixing small typos [#248](https://github.com/puppetlabs/puppetlabs-postgresql/pull/248) ([ggeldenhuis](https://github.com/ggeldenhuis)) +- Pgsql major rewrite with features [#245](https://github.com/puppetlabs/puppetlabs-postgresql/pull/245) ([kbarber](https://github.com/kbarber)) +- Remove trailing comma which breaks 2.6 compat [#239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/239) ([GregSutcliffe](https://github.com/GregSutcliffe)) +- Remove 3.0, 3.1, and 2.6 to shrink the test matrix. [#237](https://github.com/puppetlabs/puppetlabs-postgresql/pull/237) ([apenney](https://github.com/apenney)) -We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: +## [2.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.5.0) - 2013-09-09 - postgresql::db { 'mydatabase': - user => 'myuser', - password => 'mypassword', - encoding => 'UTF8', - locale => 'en_NG', - } +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.1...2.5.0) -There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: +### Other - class { 'postgresql::java': } +- 2.5.0 release. [#243](https://github.com/puppetlabs/puppetlabs-postgresql/pull/243) ([apenney](https://github.com/apenney)) +- Remove 3.0, 3.1, and 2.6 to shrink the test matrix. [#237](https://github.com/puppetlabs/puppetlabs-postgresql/pull/237) ([apenney](https://github.com/apenney)) +- Style fixes (and a bugfix) [#236](https://github.com/puppetlabs/puppetlabs-postgresql/pull/236) ([apenney](https://github.com/apenney)) +- Add missing documentation for istemplate parameter [#235](https://github.com/puppetlabs/puppetlabs-postgresql/pull/235) ([kamilszymanski](https://github.com/kamilszymanski)) +- Add README entry for postgresql::plperl [#229](https://github.com/puppetlabs/puppetlabs-postgresql/pull/229) ([mcanevet](https://github.com/mcanevet)) +- Alter escaping in postgresql::config::afterservice [#218](https://github.com/puppetlabs/puppetlabs-postgresql/pull/218) ([fiddyspence](https://github.com/fiddyspence)) +- Handle refreshonly correctly [#212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/212) ([hunner](https://github.com/hunner)) +- Tag the postgresql-contrib package as postgresql [#209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/209) ([mnencia](https://github.com/mnencia)) -And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: +## [2.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.1) - 2013-08-01 - postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - } +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.0...2.4.1) -Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. +### Fixed -A big thanks to all those listed below who made this feature release possible :-). +- (GH-216) Alter role call not idempotent with cleartext passwords [#225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/225) ([kbarber](https://github.com/kbarber)) -#### Detailed Changes +### Other -2013-01-18 - Simão Fontes & Flaper Fesp -* Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility +- Release 2.4.1 [#228](https://github.com/puppetlabs/puppetlabs-postgresql/pull/228) ([kbarber](https://github.com/kbarber)) -2013-01-18 - Lauren Rother -* Updated README.md to conform with best practices template +## [2.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.0) - 2013-08-01 -2013-01-09 - Adrien Thebo -* Update postgresql_default_version to 9.1 for Debian 7.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.3.0...2.4.0) -2013-01-28 - Karel Brezina -* Add support for tablespaces +### Other -2013-01-16 - Chris Price & Karel Brezina -* Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. +- Release 2.4.0 [#213](https://github.com/puppetlabs/puppetlabs-postgresql/pull/213) ([hunner](https://github.com/hunner)) +- Add grant abilities for more that databases [#208](https://github.com/puppetlabs/puppetlabs-postgresql/pull/208) ([hunner](https://github.com/hunner)) +- Add support for installing PL/Perl [#205](https://github.com/puppetlabs/puppetlabs-postgresql/pull/205) ([mcanevet](https://github.com/mcanevet)) +- Add support for istemplate parameter where creating db [#204](https://github.com/puppetlabs/puppetlabs-postgresql/pull/204) ([mcanevet](https://github.com/mcanevet)) +- Fix the non-defaults test failing to use UTF8 [#194](https://github.com/puppetlabs/puppetlabs-postgresql/pull/194) ([kbarber](https://github.com/kbarber)) +- Rename wrongly named test-files [#192](https://github.com/puppetlabs/puppetlabs-postgresql/pull/192) ([kronn](https://github.com/kronn)) +- Update Modulefile and Changelog for 2.3.0 release [#191](https://github.com/puppetlabs/puppetlabs-postgresql/pull/191) ([cprice404](https://github.com/cprice404)) -2013-01-31 - jv -* Fix typo in README.pp for postgresql::db example +## [2.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.3.0) - 2013-06-06 -2013-02-03 - Ken Barber -* Add unit tests and travis-ci support +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.1...2.3.0) -2013-02-02 - Ken Barber -* Add locale parameter support to the 'postgresql' class +### Other -2013-01-21 - Michael Arnold -* Add a class for install the packages containing the PostgreSQL JDBC jar +- Update docs to reflect new `owner` parameter for `::database` type. [#190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/190) ([cprice404](https://github.com/cprice404)) +- Add more distributions [#189](https://github.com/puppetlabs/puppetlabs-postgresql/pull/189) ([kbarber](https://github.com/kbarber)) +- Don't hard-code postgres user's username for pg_hba [#188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/188) ([cprice404](https://github.com/cprice404)) +- Convert system tests to use rspec-system [#186](https://github.com/puppetlabs/puppetlabs-postgresql/pull/186) ([kbarber](https://github.com/kbarber)) +- Correct README [#184](https://github.com/puppetlabs/puppetlabs-postgresql/pull/184) ([MaxMartin](https://github.com/MaxMartin)) +- Fix example command in README for running system tests on a distro [#179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/179) ([cprice404](https://github.com/cprice404)) +- Setting the owner of the database with createdb. [#156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/156) ([harbulot](https://github.com/harbulot)) -2013-02-06 - fhrbek -* Coding style fixes to reduce warnings in puppet-lint and Geppetto +## [2.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.1) - 2013-04-29 -2013-02-10 - Ken Barber -* Provide new defined resource for managing pg_hba.conf +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.0...2.2.1) -2013-02-11 - Ken Barber -* Fix bug with reload of Postgresql on Redhat/Centos +### Other -2013-02-15 - Erik Dalén -* Fix more style issues to reduce warnings in puppet-lint and Geppetto +- Release 2.2.1 + Changelog [#176](https://github.com/puppetlabs/puppetlabs-postgresql/pull/176) ([kbarber](https://github.com/kbarber)) +- Set /tmp as default CWD for postgresql_psql [#151](https://github.com/puppetlabs/puppetlabs-postgresql/pull/151) ([antaflos](https://github.com/antaflos)) + +## [2.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.0) - 2013-04-26 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.1...2.2.0) + +### Other -2013-02-15 - Erik Dalén -* Fix case whereby we were modifying a hash after creation +- Release 2.2.0 [#175](https://github.com/puppetlabs/puppetlabs-postgresql/pull/175) ([kbarber](https://github.com/kbarber)) +- Increase stdlib dependency to include 5.x [#174](https://github.com/puppetlabs/puppetlabs-postgresql/pull/174) ([kbarber](https://github.com/kbarber)) +- Adds new postgresql::python module. [#172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/172) ([dprince](https://github.com/dprince)) +- Add default PostgreSQL version for Ubuntu 13.04 [#171](https://github.com/puppetlabs/puppetlabs-postgresql/pull/171) ([kamilszymanski](https://github.com/kamilszymanski)) +- Three Puppet 2.6 fixes [#162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/162) ([domcleal](https://github.com/domcleal)) +- Add explicit call to concat::setup when creating concat file [#161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/161) ([domcleal](https://github.com/domcleal)) +- Adding the ability to create users without a password. [#158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/158) ([harbulot](https://github.com/harbulot)) +- Fix readme typo [#145](https://github.com/puppetlabs/puppetlabs-postgresql/pull/145) ([Seldaek](https://github.com/Seldaek)) +- Update postgres_default_version for Ubuntu [#143](https://github.com/puppetlabs/puppetlabs-postgresql/pull/143) ([kamilszymanski](https://github.com/kamilszymanski)) +- Allow to set connection limit for new role [#142](https://github.com/puppetlabs/puppetlabs-postgresql/pull/142) ([kamilszymanski](https://github.com/kamilszymanski)) +- fix pg_hba_rule for postgres local access [#141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/141) ([kamilszymanski](https://github.com/kamilszymanski)) +- Fix versions for travis-ci [#140](https://github.com/puppetlabs/puppetlabs-postgresql/pull/140) ([kbarber](https://github.com/kbarber)) +- Ticket/master/128 provide more custom parameters for custom packaging [#138](https://github.com/puppetlabs/puppetlabs-postgresql/pull/138) ([kbarber](https://github.com/kbarber)) +- Create dependent directory for sudoers so tests work on Centos 5 [#137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/137) ([kbarber](https://github.com/kbarber)) +- Add supprot for contrib package [#135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/135) ([kamilszymanski](https://github.com/kamilszymanski)) +- Allow SQL commands to be run against a specific DB [#134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/134) ([cv](https://github.com/cv)) +- Restore support for Puppet 2.6. [#133](https://github.com/puppetlabs/puppetlabs-postgresql/pull/133) ([razorsedge](https://github.com/razorsedge)) +- Add support for the REPLICATION flag when creating roles [#129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/129) ([Seldaek](https://github.com/Seldaek)) +## [2.1.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.1) - 2013-02-22 -##2.0.1 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.0...2.1.1) -Minor bugfix release. +### Other -2013-01-16 - Chris Price - * Fix revoke command in database.pp to support postgres 8.1 (43ded42) +- Change Modulefile and Changelog for Release 2.1.1 [#132](https://github.com/puppetlabs/puppetlabs-postgresql/pull/132) ([kbarber](https://github.com/kbarber)) +- Ticket/master/130 unsupported include directive postgres 81 [#131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/131) ([kbarber](https://github.com/kbarber)) -2013-01-15 - Jordi Boggiano - * Add support for ubuntu 12.10 status (3504405) +## [2.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.0) - 2013-02-20 -##2.0.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.1...2.1.0) -Many thanks to the following people who contributed patches to this -release: +### Other -* Adrien Thebo -* Albert Koch -* Andreas Ntaflos -* Brett Porter -* Chris Price -* dharwood -* Etienne Pelletier -* Florin Broasca -* Henrik -* Hunter Haugen -* Jari Bakken -* Jordi Boggiano -* Ken Barber -* nzakaria -* Richard Arends -* Spenser Gilliland -* stormcrow -* William Van Hevelingen +- Increment version, cleanup and changelog for release 2.1.0 [#123](https://github.com/puppetlabs/puppetlabs-postgresql/pull/123) ([kbarber](https://github.com/kbarber)) +- fix lots of style issues [#121](https://github.com/puppetlabs/puppetlabs-postgresql/pull/121) ([dalen](https://github.com/dalen)) +- Provide new defined resources for managing pg_hba.conf [#120](https://github.com/puppetlabs/puppetlabs-postgresql/pull/120) ([kbarber](https://github.com/kbarber)) +- Reverted some of the coding style fixes [#118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/118) ([fhrbek](https://github.com/fhrbek)) +- Coding style fixes [#117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/117) ([fhrbek](https://github.com/fhrbek)) +- Feature/jdbc [#116](https://github.com/puppetlabs/puppetlabs-postgresql/pull/116) ([razorsedge](https://github.com/razorsedge)) +- Add unit tests and travis-ci support [#115](https://github.com/puppetlabs/puppetlabs-postgresql/pull/115) ([kbarber](https://github.com/kbarber)) +- Add locale parameter support [#108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/108) ([kbarber](https://github.com/kbarber)) +- Support for included configuration file [#105](https://github.com/puppetlabs/puppetlabs-postgresql/pull/105) ([kbrezina](https://github.com/kbrezina)) +- Minor typo fix in README [#104](https://github.com/puppetlabs/puppetlabs-postgresql/pull/104) ([boinger](https://github.com/boinger)) +- Support for tablespaces [#100](https://github.com/puppetlabs/puppetlabs-postgresql/pull/100) ([kbrezina](https://github.com/kbrezina)) -Notable features: +## [2.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.1) - 2013-01-30 - * Add support for versions of postgres other than the system default version - (which varies depending on OS distro). This includes optional support for - automatically managing the package repo for the "official" postgres yum/apt - repos. (Major thanks to Etienne Pelletier and - Ken Barber for their tireless efforts and patience on this - feature set!) For example usage see `tests/official-postgresql-repos.pp`. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.0...2.0.1) - * Add some support for Debian Wheezy and Ubuntu Quantal +### Other - * Add new `postgres_psql` type with a Ruby provider, to replace the old - exec-based `psql` type. This gives us much more flexibility around - executing SQL statements and controlling their logging / reports output. +- Update postgres_default_version to 9.1 for debian 7.0 [#94](https://github.com/puppetlabs/puppetlabs-postgresql/pull/94) ([adrienthebo](https://github.com/adrienthebo)) +- Updated content to conform to README best practices template [#89](https://github.com/puppetlabs/puppetlabs-postgresql/pull/89) ([lrnrthr](https://github.com/lrnrthr)) +- Removed trailing comma. Makes puppet fail [#88](https://github.com/puppetlabs/puppetlabs-postgresql/pull/88) ([flaper87](https://github.com/flaper87)) +- Syntax error in params.pp file [#87](https://github.com/puppetlabs/puppetlabs-postgresql/pull/87) ([sfontes](https://github.com/sfontes)) +- Fix revoke command in database.pp to support postgres 8.1 [#83](https://github.com/puppetlabs/puppetlabs-postgresql/pull/83) ([cprice404](https://github.com/cprice404)) +- Update CHANGELOG, README, Modulefile for 2.0.0 release [#81](https://github.com/puppetlabs/puppetlabs-postgresql/pull/81) ([cprice404](https://github.com/cprice404)) +- Add support for ubuntu 12.10 status [#79](https://github.com/puppetlabs/puppetlabs-postgresql/pull/79) ([Seldaek](https://github.com/Seldaek)) - * Major refactor of the "spec" tests--which are actually more like - acceptance tests. We now support testing against multiple OS distros - via vagrant, and the framework is in place to allow us to very easily add - more distros. Currently testing against Cent6 and Ubuntu 10.04. +## [2.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.0) - 2013-01-15 - * Fixed a bug that was preventing multiple databases from being owned by the - same user - (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/1.0.0...2.0.0) - * Add support for ACLs for finer-grained control of user/interface access - (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) +### Other - * Many other bug fixes and improvements! +- Add a "require" to make sure the service is up before trying to create a... [#80](https://github.com/puppetlabs/puppetlabs-postgresql/pull/80) ([cprice404](https://github.com/cprice404)) +- Fix error message in default version fact [#78](https://github.com/puppetlabs/puppetlabs-postgresql/pull/78) ([cprice404](https://github.com/cprice404)) +- Update stdlib dependency to reflect semantic versioning [#77](https://github.com/puppetlabs/puppetlabs-postgresql/pull/77) ([cprice404](https://github.com/cprice404)) +- Kbarber ticket/master/manage postgres apt repo [#75](https://github.com/puppetlabs/puppetlabs-postgresql/pull/75) ([cprice404](https://github.com/cprice404)) +- Fix merge issue from AMZ linux patch [#70](https://github.com/puppetlabs/puppetlabs-postgresql/pull/70) ([cprice404](https://github.com/cprice404)) +- Provide version for ubuntu 12.10 [#69](https://github.com/puppetlabs/puppetlabs-postgresql/pull/69) ([Seldaek](https://github.com/Seldaek)) +- Change API to expose non-default pg version support via main type [#66](https://github.com/puppetlabs/puppetlabs-postgresql/pull/66) ([cprice404](https://github.com/cprice404)) +- Fix inherits issue with validate_db_connection [#62](https://github.com/puppetlabs/puppetlabs-postgresql/pull/62) ([kbarber](https://github.com/kbarber)) +- Add Debian wheezy support for default version fact [#59](https://github.com/puppetlabs/puppetlabs-postgresql/pull/59) ([adrienthebo](https://github.com/adrienthebo)) +- Turn the exec in validate_db_connection.pp around [#58](https://github.com/puppetlabs/puppetlabs-postgresql/pull/58) ([Mosibi](https://github.com/Mosibi)) +- Syntax Error [#55](https://github.com/puppetlabs/puppetlabs-postgresql/pull/55) ([Spenser309](https://github.com/Spenser309)) +- add optional cwd to the postgres_psql command [#50](https://github.com/puppetlabs/puppetlabs-postgresql/pull/50) ([brettporter](https://github.com/brettporter)) +- Moved remote access for other users to end of IPv4 section [#49](https://github.com/puppetlabs/puppetlabs-postgresql/pull/49) ([nzakaria](https://github.com/nzakaria)) +- Fix default version for Ubuntu and Debian [#48](https://github.com/puppetlabs/puppetlabs-postgresql/pull/48) ([florinbroasca](https://github.com/florinbroasca)) +- Fix GPG key for yum.postgresl.org [#47](https://github.com/puppetlabs/puppetlabs-postgresql/pull/47) ([cprice404](https://github.com/cprice404)) +- Rework `postgres_default_version` fact [#46](https://github.com/puppetlabs/puppetlabs-postgresql/pull/46) ([cprice404](https://github.com/cprice404)) +- Feature/master/support non default versions [#43](https://github.com/puppetlabs/puppetlabs-postgresql/pull/43) ([cprice404](https://github.com/cprice404)) +- Maint/master/support more distros in tests [#42](https://github.com/puppetlabs/puppetlabs-postgresql/pull/42) ([cprice404](https://github.com/cprice404)) +- Updated. This will fix initdb failures. [#40](https://github.com/puppetlabs/puppetlabs-postgresql/pull/40) ([Spenser309](https://github.com/Spenser309)) +- Amz linux [#39](https://github.com/puppetlabs/puppetlabs-postgresql/pull/39) ([haf](https://github.com/haf)) +- Set sensible path in exec to reload postgres [#35](https://github.com/puppetlabs/puppetlabs-postgresql/pull/35) ([antaflos](https://github.com/antaflos)) +- Reload postgresql after changes to pg_hba.conf [#33](https://github.com/puppetlabs/puppetlabs-postgresql/pull/33) ([antaflos](https://github.com/antaflos)) +- Properly quote database name when using postgresql::psql [#32](https://github.com/puppetlabs/puppetlabs-postgresql/pull/32) ([antaflos](https://github.com/antaflos)) +- Issue #28 [#29](https://github.com/puppetlabs/puppetlabs-postgresql/pull/29) ([etiennep](https://github.com/etiennep)) +- Initial working implementation of ruby psql type/provider [#25](https://github.com/puppetlabs/puppetlabs-postgresql/pull/25) ([cprice404](https://github.com/cprice404)) +- Puppet lint fixes and test typo [#24](https://github.com/puppetlabs/puppetlabs-postgresql/pull/24) ([blkperl](https://github.com/blkperl)) +- Support special characters in database role name [#23](https://github.com/puppetlabs/puppetlabs-postgresql/pull/23) ([albertkoch](https://github.com/albertkoch)) +- Update README.md [#22](https://github.com/puppetlabs/puppetlabs-postgresql/pull/22) ([cprice404](https://github.com/cprice404)) +- Defining ACLs in pg_hba.conf [#20](https://github.com/puppetlabs/puppetlabs-postgresql/pull/20) ([dharwood](https://github.com/dharwood)) +- Fix path for `/bin/cat` [#19](https://github.com/puppetlabs/puppetlabs-postgresql/pull/19) ([jarib](https://github.com/jarib)) + +## [1.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/1.0.0) - 2012-10-24 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.3.0...1.0.0) + +### Other + +- Adjust ownership to Puppet Labs [#21](https://github.com/puppetlabs/puppetlabs-postgresql/pull/21) ([ryanycoleman](https://github.com/ryanycoleman)) +- Add postgresql::devel for development dependencies [#17](https://github.com/puppetlabs/puppetlabs-postgresql/pull/17) ([adrienthebo](https://github.com/adrienthebo)) +- Add sample usage for postgresql::server class. [#16](https://github.com/puppetlabs/puppetlabs-postgresql/pull/16) ([bjoernalbers](https://github.com/bjoernalbers)) +- Warnings etc [#13](https://github.com/puppetlabs/puppetlabs-postgresql/pull/13) ([haf](https://github.com/haf)) +- Update status for postgres service on Debian [#12](https://github.com/puppetlabs/puppetlabs-postgresql/pull/12) ([haus](https://github.com/haus)) +- Give the persist-firewall Exec a more explicit name [#11](https://github.com/puppetlabs/puppetlabs-postgresql/pull/11) ([cprice404](https://github.com/cprice404)) ---- -##1.0.0 +## [release-0.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.3.0) - 2012-09-17 -2012-09-17 - Version 0.3.0 released +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.2.0...release-0.3.0) -2012-09-14 - Chris Price - * Add a type for validating a postgres connection (ce4a049) +### Other -2012-08-25 - Jari Bakken - * Remove trailing commas. (e6af5e5) +- Feature/master/connection validator [#9](https://github.com/puppetlabs/puppetlabs-postgresql/pull/9) ([cprice404](https://github.com/cprice404)) +- Remove $service_provider setting for ubuntu [#8](https://github.com/puppetlabs/puppetlabs-postgresql/pull/8) ([haus](https://github.com/haus)) +- Remove trailing commas for Puppet 2.7.1 compatibility [#3](https://github.com/puppetlabs/puppetlabs-postgresql/pull/3) ([jarib](https://github.com/jarib)) +- Update Modulefile to reflect latest dependencies [#2](https://github.com/puppetlabs/puppetlabs-postgresql/pull/2) ([cprice404](https://github.com/cprice404)) -2012-08-16 - Version 0.2.0 released +## [release-0.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.2.0) - 2012-08-16 -[5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 -[5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.0.1...release-0.2.0) +### Other -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* +- Feature/master/align with puppetlabs mysql [#1](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1) ([cprice404](https://github.com/cprice404)) + +## [release-0.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.0.1) - 2012-05-02 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/01c9cbeb7c3bd5c7bd067c5d7438df7d34027fbc...release-0.0.1) diff --git a/Rakefile b/Rakefile index c4c0a26650..c06d80b84a 100644 --- a/Rakefile +++ b/Rakefile @@ -4,7 +4,6 @@ require 'bundler' require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? diff --git a/metadata.json b/metadata.json index 0543336fc5..e818650bd9 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "8.2.1", + "version": "8.3.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 35c84765d9c7174cd7a2545cecf5796419a74c36 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Fri, 21 Apr 2023 11:43:23 +0100 Subject: [PATCH 0817/1000] (maint) - Release prep v9.0.0 --- CHANGELOG.md | 2154 +++++++++++++++++----------------- REFERENCE.md | 3124 ++++++++++++++++++++++++++++++------------------- metadata.json | 2 +- 3 files changed, 3035 insertions(+), 2245 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d89dd0840..db1823d26d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,1441 +1,1481 @@ - -# Changelog +# Change log -All notable changes to this project will be documented in this file. +All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v9.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.0) (2023-04-21) -## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) - 2023-04-21 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.3.0...v9.0.0) + +### Changed + +- \(CONT-792\) - Add Puppet 8/Drop Puppet 6 [\#1414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1414) ([jordanbreen28](https://github.com/jordanbreen28)) + +## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) (2023-04-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.1...v8.3.0) ### Added -- convert ERB templates to EPP [#1399](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1399) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- (CONT-361) Syntax update [#1397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397) ([LukasAud](https://github.com/LukasAud)) -- Add multi instance support, refactoring reload.pp (6/x) [#1392](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1392) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring password.pp (5/x) [#1391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1391) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring late_initdb.pp (3/x) [#1384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1384) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring initdb.pp (2/x) [#1383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1383) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring config.pp (1/x) [#1382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1382) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- pg_hba_rule: Validate userinput in postgresql::server [#1376](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1376) ([bastelfreak](https://github.com/bastelfreak)) -- pg_hba_rule: Move `type` datatype to own type [#1375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1375) ([bastelfreak](https://github.com/bastelfreak)) -- pg_hba_rule does not properly verify address parameter [#1372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1372) ([tuxmea](https://github.com/tuxmea)) +- convert ERB templates to EPP [\#1399](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1399) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- \(CONT-361\) Syntax update [\#1397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397) ([LukasAud](https://github.com/LukasAud)) +- Add multi instance support, refactoring reload.pp \(6/x\) [\#1392](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1392) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring password.pp \(5/x\) [\#1391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1391) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring late\_initdb.pp \(3/x\) [\#1384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1384) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring initdb.pp \(2/x\) [\#1383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1383) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring config.pp \(1/x\) [\#1382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1382) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- pg\_hba\_rule: Validate userinput in postgresql::server [\#1376](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1376) ([bastelfreak](https://github.com/bastelfreak)) +- pg\_hba\_rule: Move `type` datatype to own type [\#1375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1375) ([bastelfreak](https://github.com/bastelfreak)) +- pg\_hba\_rule does not properly verify address parameter [\#1372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1372) ([tuxmea](https://github.com/tuxmea)) ### Fixed -- Ubuntu 14/16/17: Drop code leftovers [#1388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1388) ([bastelfreak](https://github.com/bastelfreak)) -- remove debian 8 and 9 corpses [#1387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1387) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Archlinux client and server package names were swapped around [#1381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1381) ([tobixen](https://github.com/tobixen)) -- apt::source: configure repo only for current architecture [#1380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1380) ([bastelfreak](https://github.com/bastelfreak)) -- pdksync - (CONT-189) Remove support for RedHat6 / OracleLinux6 / Scientific6 [#1371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1371) ([david22swan](https://github.com/david22swan)) -- pdksync - (CONT-130) - Dropping Support for Debian 9 [#1368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1368) ([jordanbreen28](https://github.com/jordanbreen28)) -- (maint) Codebase Hardening [#1366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1366) ([david22swan](https://github.com/david22swan)) -- Fix table grant with schema [#1315](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1315) ([vaol](https://github.com/vaol)) +- Ubuntu 14/16/17: Drop code leftovers [\#1388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1388) ([bastelfreak](https://github.com/bastelfreak)) +- remove debian 8 and 9 corpses [\#1387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1387) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Archlinux client and server package names were swapped around [\#1381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1381) ([tobixen](https://github.com/tobixen)) +- apt::source: configure repo only for current architecture [\#1380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1380) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - \(CONT-189\) Remove support for RedHat6 / OracleLinux6 / Scientific6 [\#1371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1371) ([david22swan](https://github.com/david22swan)) +- pdksync - \(CONT-130\) - Dropping Support for Debian 9 [\#1368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1368) ([jordanbreen28](https://github.com/jordanbreen28)) +- \(maint\) Codebase Hardening [\#1366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1366) ([david22swan](https://github.com/david22swan)) +- Fix table grant with schema [\#1315](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1315) ([vaol](https://github.com/vaol)) -## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) - 2022-08-24 +## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) (2022-08-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.0...v8.2.1) ### Fixed -- Fix puppet-strings documentation [#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) -- (GH-1360) Reverting REFERENCE.md changes [#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) -- Only require password when used [#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) +- Fix puppet-strings documentation [\#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) +- \(GH-1360\) Reverting REFERENCE.md changes [\#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) +- Only require password when used [\#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) -## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) - 2022-08-23 +## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-23) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.1.0...v8.2.0) ### Added -- pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04 [#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) -- (MODULES-11251) Add support for backup provider "pg_dump" [#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) +- pdksync - \(GH-cat-11\) Certify Support for Ubuntu 22.04 [\#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) +- \(MODULES-11251\) Add support for backup provider "pg\_dump" [\#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) ### Fixed -- Ensure multiple postgresql::server::recovery resources can be defined [#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) +- Ensure multiple postgresql::server::recovery resources can be defined [\#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) -## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) - 2022-07-21 +## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) (2022-07-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.0.0...v8.1.0) ### Added -- Fix service status detection on Debian-based OSes [#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) -- (FM-8971) allow deferred function for role pwd [#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) -- Set version for Fedora 36 [#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) -- Add Red Hat Enterprise Linux 9 support [#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) +- Fix service status detection on Debian-based OSes [\#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) +- \(FM-8971\) allow deferred function for role pwd [\#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) +- Set version for Fedora 36 [\#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) +- Add Red Hat Enterprise Linux 9 support [\#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) ### Fixed -- (GH-1352) - Updating postgresql service version on SLES [#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) -- Respect $service_status on Red Hat-based distros [#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) -- Add version for Ubuntu 22.04 [#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) -- README.md: correct postgresql_conn_validator example [#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) -- pdksync - (GH-iac-334) Remove Support for Ubuntu 14.04/16.04 [#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) -- Remove unused variable in reload.pp [#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) -- Use systemctl reload on EL 7 and higher [#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) +- \(GH-1352\) - Updating postgresql service version on SLES [\#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) +- Respect $service\_status on Red Hat-based distros [\#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) +- Add version for Ubuntu 22.04 [\#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) +- README.md: correct postgresql\_conn\_validator example [\#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - \(GH-iac-334\) Remove Support for Ubuntu 14.04/16.04 [\#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) +- Remove unused variable in reload.pp [\#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) +- Use systemctl reload on EL 7 and higher [\#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) -## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) - 2022-03-03 +## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-03) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) -### Added +### Changed -- add default version for Fedora 35 [#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) -- add scram-sha-256 support [#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) -- add support for Ubuntu Hirsute and Impish [#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) -- Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) -- Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) -- pdksync - (IAC-1753) - Add Support for AlmaLinux 8 [#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) -- MODULES-11201: add service_name for Ubuntu 18.04 and later [#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) -- pdksync - (IAC-1751) - Add Support for Rocky 8 [#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) -- Default privileges support schemas [#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) -- Support target_role in default_privileges [#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) +- Support setting default\_privileges on all schemas [\#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) -### Changed -- Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) +### Added + +- add default version for Fedora 35 [\#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) +- add scram-sha-256 support [\#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) +- add support for Ubuntu Hirsute and Impish [\#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) +- Allow systemd to mask postgresql service file [\#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) +- Make ::contrib a noop on OSes without a contrib package [\#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) +- pdksync - \(IAC-1753\) - Add Support for AlmaLinux 8 [\#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) +- MODULES-11201: add service\_name for Ubuntu 18.04 and later [\#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) +- pdksync - \(IAC-1751\) - Add Support for Rocky 8 [\#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) +- Default privileges support schemas [\#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) +- Support target\_role in default\_privileges [\#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) ### Fixed -- pdksync - (IAC-1787) Remove Support for CentOS 6 [#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) -- Fix python package name in RHEL/CentOS 8 [#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) -- Drop further code for Debian 6 and Ubuntu 10 [#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) +- pdksync - \(IAC-1787\) Remove Support for CentOS 6 [\#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) +- Fix python package name in RHEL/CentOS 8 [\#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) +- Drop further code for Debian 6 and Ubuntu 10 [\#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) -## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) - 2021-09-28 +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.1...v7.5.0) ### Added -- Use Puppet-Datatype Sensitive for Passwords [#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) +- Use Puppet-Datatype Sensitive for Passwords [\#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) ### Fixed -- (IAC-1598) - Remove Support for Debian 8 [#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) -- Inline file contents in the catalog [#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) -- Fix changing default encoding [#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) +- \(IAC-1598\) - Remove Support for Debian 8 [\#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) +- Inline file contents in the catalog [\#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) +- Fix changing default encoding [\#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) -## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) - 2021-08-25 +## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) (2021-08-25) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.0...v7.4.1) ### Fixed -- (maint) Allow stdlib 8.0.0 [#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) +- \(maint\) Allow stdlib 8.0.0 [\#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) -## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) - 2021-08-24 +## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) (2021-08-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.3.0...v7.4.0) ### Added -- pdksync - (IAC-1709) - Add Support for Debian 11 [#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) +- pdksync - \(IAC-1709\) - Add Support for Debian 11 [\#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) ### Fixed -- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) +- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [\#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) -## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) - 2021-08-03 +## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) (2021-08-03) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.2.0...v7.3.0) ### Added -- MODULES-11049 - Implement default privileges changes [#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) +- MODULES-11049 - Implement default privileges changes [\#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) ### Fixed -- Do not add version component to repo definition [#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) -- (MODULES-8700) Autorequire the service in postgresql_psql [#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) +- Do not add version component to repo definition [\#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) +- \(MODULES-8700\) Autorequire the service in postgresql\_psql [\#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) -## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) - 2021-05-24 +## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.1.0...v7.2.0) ### Added -- (MODULES-11069) add default version for fedora 34 [#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) -- MODULES-11047 - Allow managing rights for PUBLIC role [#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) +- \(MODULES-11069\) add default version for fedora 34 [\#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) +- MODULES-11047 - Allow managing rights for PUBLIC role [\#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) -## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) - 2021-04-12 +## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) (2021-04-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.3...v7.1.0) ### Added -- Add new common repo which contains add-ons [#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) +- Add new common repo which contains add-ons [\#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) -## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) - 2021-04-12 +## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) (2021-04-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.2...v7.0.3) -## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) - 2021-03-15 +## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) (2021-03-15) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.1...v7.0.2) ### Fixed -- (MODULES-10957) Override the set_sensitive_parameters method [#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) +- \(MODULES-10957\) Override the set\_sensitive\_parameters method [\#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) -## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) - 2021-03-08 +## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) (2021-03-08) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.0...v7.0.1) ### Fixed -- Ensure port is a string in psql command [#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) +- Ensure port is a string in psql command [\#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) -## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) - 2021-03-04 +## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) (2021-03-04) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) -### Added +### Changed -- Add DNF module management [#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) +- pdksync - \(MAINT\) Remove SLES 11 support [\#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) -### Changed -- pdksync - (MAINT) Remove SLES 11 support [#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - (MAINT) Remove RHEL 5 family support [#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) +### Added + +- Add DNF module management [\#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) -## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) - 2021-02-22 +## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) (2021-02-22) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) ### Fixed -- Fix command shell escaping [#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) +- Fix command shell escaping [\#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) -## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) - 2021-02-09 +## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) (2021-02-09) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.0...v6.10.1) -## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) - 2021-02-08 +### Fixed + +- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) + +## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-08) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.9.0...v6.10.0) ### Added -- Set default PostgreSQL version for FreeBSD [#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) -- Clean up globals logic to support CentOS 8 stream [#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) +- Set default PostgreSQL version for FreeBSD [\#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) +- Clean up globals logic to support CentOS 8 stream [\#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) ### Fixed -- Also perform systemd daemon-reload on Puppet 6.1+ [#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) -- (bug) fix systemd daemon-reload order when updating service files [#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) -- Fix postgresql::sql task when password is not set [#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) +- \(bug\) fix systemd daemon-reload order when updating service files [\#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) +- Fix postgresql::sql task when password is not set [\#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) -## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) - 2021-01-18 +## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) (2021-01-18) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.8.0...v6.9.0) ### Added -- pdksync - (feat) - Add support for puppet 7 [#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) -- Manage postgresql_conf_path file permissions [#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) +- pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) +- Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) ### Fixed -- (maint) updated defaults for rhel7 policycoreutils [#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) -- (IAC-1189) - Fix for SLES 15 SP 1 and later [#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) -- Change - Use systemd drop-in directory for unit overrides [#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) +- \(maint\) updated defaults for rhel7 policycoreutils [\#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) +- \(IAC-1189\) - Fix for SLES 15 SP 1 and later [\#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) +- Change - Use systemd drop-in directory for unit overrides [\#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) -## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) - 2020-09-29 +## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) (2020-09-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.7.0...v6.8.0) ### Added -- add hostgssenc type to pg_hba rules [#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) -- Allow removal of config_entries via main class [#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) +- add hostgssenc type to pg\_hba rules [\#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) +- Allow removal of config\_entries via main class [\#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) ### Fixed -- Fix contrib package name under debian 10 [#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) +- Fix contrib package name under debian 10 [\#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) -## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) - 2020-08-28 +## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) (2020-08-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) ### Added -- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch `main` [#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) -## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) - 2020-06-22 +## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) (2020-06-02) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.5.0...v6.6.0) ### Added -- (IAC-746) - Add ubuntu 20.04 support [#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) +- \(IAC-746\) - Add ubuntu 20.04 support [\#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) ### Fixed -- Invert psql/package dependency logic [#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) -- Fix custom port in extension [#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) +- Fix custom port in extension [\#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) -## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) - 2020-05-13 +## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) (2020-05-13) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.4.0...v6.5.0) ### Added -- service_ensure => true is now an allowed value (aliased to running) [#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) -- Finish conversion of `postgresql_acls_to_resources_hash` function [#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql_escape` function [#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql_password` function [#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) -- Allow usage of grant and role when not managing postgresql::server [#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) -- Add version configs for SLES 12 SP 3 to 5 [#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) -- Add extra parameter "extra_systemd_config" [#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) +- service\_ensure =\> true is now an allowed value \(aliased to running\) [\#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) +- Finish conversion of `postgresql\_acls\_to\_resources\_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql\_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql\_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) +- Allow usage of grant and role when not managing postgresql::server [\#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) +- Add version configs for SLES 12 SP 3 to 5 [\#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) +- Add extra parameter "extra\_systemd\_config" [\#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) ### Fixed -- (MODULES-10610) Use correct lower bound for concat version [#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) +- \(MODULES-10610\) Use correct lower bound for concat version [\#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) -## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) - 2020-03-17 +## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) (2020-03-17) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.3.0...v6.4.0) ### Added -- Add Fedora 31 compatibility [#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) -- feat: enable different database resource name in extension [#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) -- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored [#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) -- Puppet 4 functions [#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) +- Add Fedora 31 compatibility [\#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) +- feat: enable different database resource name in extension [\#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) +- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) +- Puppet 4 functions [\#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) ### Fixed -- Fix incorrectly quoted GRANT cmd on functions [#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) -- Correct versioncmp logic in config.pp [#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) -- Treat $version as an integer for comparison, defaults to string [#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) -- Allow usage of PUBLIC role [#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) -- fix missing systemd override config for EL8 (CentOS and RHEL) [#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) +- Fix incorrectly quoted GRANT cmd on functions [\#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) +- Correct versioncmp logic in config.pp [\#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) +- Treat $version as an integer for comparison, defaults to string [\#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) +- fix missing systemd override config for EL8 \(CentOS and RHEL\) [\#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) -## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) - 2019-12-18 +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-18) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.3.0) ### Added -- Add support for granting privileges on functions [#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) -- (FM-8679) - Support added for CentOS 8 [#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) -- MODULES-10041 - allow define password_encryption for version above 10 [#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) +- Add support for granting privileges on functions [\#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) +- \(FM-8679\) - Support added for CentOS 8 [\#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) +- MODULES-10041 - allow define password\_encryption for version above 10 [\#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) ### Fixed -- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) +- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) -## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) - 2019-09-13 +## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) ### Added -- FM-8408 - add support on Debian10 [#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) -- Fix/directory defined twice [#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) -- Adding SLES 15 [#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) -- (FM-7500) conversion to use litmus [#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) +- FM-8408 - add support on Debian10 [\#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) +- Fix/directory defined twice [\#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) +- Adding SLES 15 [\#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) +- \(FM-7500\) conversion to use litmus [\#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) ### Fixed -- (MODULES-9658) - custom ports are not labeled correctly [#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) -- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) -- Grant all tables in schema fixup [#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) -- (MODULES-9219) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) +- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) +- \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) +- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) +- Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) +- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) -## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) - 2019-06-04 +## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.0.0...v6.1.0) ### Added -- (FM-8031) Add RedHat 8 support [#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) +- \(FM-8031\) Add RedHat 8 support [\#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) -## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) - 2019-05-14 +## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) (2019-05-14) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) -### Added +### Changed -- Add Fedora 30 compatibility [#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) -- Include EL8 version for config checks [#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) +- pdksync - \(MODULES-8444\) - Raise lower Puppet bound [\#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) +- \(maint\) remove inconsistent extra variable [\#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) -### Changed -- pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) -- (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) +### Added + +- Add Fedora 30 compatibility [\#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) +- Include EL8 version for config checks [\#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) ### Fixed -- Support current version of puppetlabs/apt. [#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) -- change username/group/datadir defaults for FreeBSD [#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) +- Support current version of puppetlabs/apt. [\#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) +- change username/group/datadir defaults for FreeBSD [\#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) -## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) - 2019-02-14 +## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) (2019-02-14) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.0...5.12.1) ### Fixed -- (FM-7811) - Use postgresql 9.4 for SLES 11 sp4 [#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) -- (MODULES-8553) Further cleanup for package tag issues [#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) +- \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) +- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) -## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) - 2019-02-01 +## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.11.0...5.12.0) ### Added -- (MODULES-3804) Fix sort order of pg_hba_rule entries [#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) +- \(MODULES-3804\) Fix sort order of pg\_hba\_rule entries [\#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) ### Fixed -- (MODULES-8553) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) -- (MODULES-8352) Don't use empty encoding string on initdb [#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) -- pdksync - (FM-7655) Fix rubygems-update for ruby < 2.3 [#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) +- \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) +- \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) +- pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) -## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) - 2018-11-21 +## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) (2018-11-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.10.0...5.11.0) ### Added -- Add postgis support for postgres 10 [#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) +- Add postgis support for postgres 10 [\#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) ### Fixed -- Strip quotes from role names [#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) -- Ignore .psqlrc so output is clean and doesn't break Puppet [#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) -- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) +- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) +- Ignore .psqlrc so output is clean and doesn't break Puppet [\#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) +- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [\#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) -## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) - 2018-09-27 +## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) (2018-09-27) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.9.0...5.10.0) ### Added -- pdksync - (MODULES-6805) metadata.json shows support for puppet 6 [#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) +- pdksync - \(MODULES-6805\) metadata.json shows support for puppet 6 [\#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) -## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) - 2018-09-07 +## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) (2018-09-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.8.0...5.9.0) ### Added -- pdksync - (MODULES-7705) - Bumping stdlib dependency from < 5.0.0 to < 6.0.0 [#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) +- pdksync - \(MODULES-7705\) - Bumping stdlib dependency from \< 5.0.0 to \< 6.0.0 [\#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) -## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) - 2018-08-07 +## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) ### Added -- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) +- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [\#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) -## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) - 2018-07-20 +## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) (2018-07-19) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.6.0...5.7.0) ### Added -- (MODULES-7479) Update postgresql to support Ubuntu 18.04 [#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) -- (MODULES-6542) - Adding SLES 11 & 12 to metadata [#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) +- \(MODULES-7479\) Update postgresql to support Ubuntu 18.04 [\#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) +- \(MODULES-6542\) - Adding SLES 11 & 12 to metadata [\#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) ### Fixed -- (MODULES-7479) Ensure net-tools is installed when testing on Ubuntu 18.04 [#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) -- (MODULES-7460) - Updating grant table to include INSERT privileges [#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) -- Fix packages choice for ubuntu 17.10 [#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) +- \(MODULES-7479\) Ensure net-tools is installed when testing on Ubuntu 18.04 [\#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) +- \(MODULES-7460\) - Updating grant table to include INSERT privileges [\#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) +- Fix packages choice for ubuntu 17.10 [\#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) -## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) - 2018-06-21 +## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) (2018-06-20) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.5.0...5.6.0) -## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) - 2018-06-19 +### Changed -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) +- Fix creation of recovery.conf file when recovery configuration is not specified [\#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) ### Added -- Add compatibility for Fedora 28 [#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) -- (MODULES-5994) Add debian 9 [#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) -- Adding default Postgresql version for Ubuntu 18.04 [#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) -- Parameters `roles`, `config_entires`, and `pg_hba_rules` to `postgresql::server` for hiera [#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) - -### Changed -- Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) +- Add compatibility for Fedora 28 [\#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) +- \(MODULES-5994\) Add debian 9 [\#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) +- Adding default Postgresql version for Ubuntu 18.04 [\#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) ### Fixed -- Fix quoting on schema owners [#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) +- Fix quoting on schema owners [\#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) + +## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-06) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) + +### Added + +- Parameters `roles`, `config\_entires`, and `pg\_hba\_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) -## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) - 2018-03-27 +## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-22) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.3.0...5.4.0) ### Added -- (MODULES-6330) PDK convert 1.4.1 [#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) -- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database_grant` [#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) +- \(MODULES-6330\) PDK convert 1.4.1 [\#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) +- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database\_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) ### Fixed -- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. [#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) +- Documentation error, `reassign\_owned\_by` uses `\*\_role` not `\*\_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) + +## 5.3.0 +### Summary +Implements rubocop changes within the module, alongside other smaller changes. + +#### Added +- ensure=>absent added to postgresql::server:role. +- Support added for Fedora 27. +- scram-sha-256 added as a valid ph_hba_rule auth method. +- 9.6 settings inherited for later PgSQL versions on FreeBSD. +- A require has been added for puppet. + +#### Changed +- Changes made to avoid the useless loading of files by augeas. +- Modulesync changes. +- psql_path defaulted to postgresql::server::psql_path. +- Rubocop changes have been made. + +#### Removed +- Debian 9 support deprecated. + +## Supported Release 5.2.1 +### Summary +Bug fix for issue introduced in 5.2.0 + +#### Fixed +- issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) + +## Supported Release 5.2.0 +### Summary +Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. + +#### Added +- Added default postgresql version of Ubuntu 17.4 version to the globals.pp file. +- Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. +- Use postgresql 9.6 for the newest SLES and openSUSE releases. +- Enhanced --data-checksums on initdb. +- Added support for Debian version 9. +- Added a `version` parameter. + +#### Changed +- Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. +- Installation method for apt in the spec_helper_acceptance, this is a temporary workaround due to issues with module installation. + +#### Fixed +- Updated spec tests to remove deprecation warnings. +- Docs formatting. +- Pass default_connect_settings to validate service ([MODULES-4682](https://tickets.puppetlabs.com/browse/MODULES-4682)) +- Rocket Alignment for Lint. +- Fixed changes in error messages in tests ([MODULES-5378](https://tickets.puppetlabs.com/browse/MODULES-5378)) + +#### Removed +- Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) +- Removed unsupported Debian version 6. +- Removed numeric order override. + +## Supported Release 5.1.0 +### Summary +This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. + +#### Features +- Updating translations for readmes/README_ja_JP.md +- add defined type postgresql::server::reassign_owned_by +- Allow order parameter to be string value +- prep for puppet 5 ([MODULES-5144](https://tickets.puppetlabs.com/browse/MODULES-5144)) +- add data_checksums option to initdb +- parameter ensure of custom resource postgresql_replication_slot is not documented ([MODULES-2989](https://tickets.puppetlabs.com/browse/MODULES-2989)) + +#### Bug Fixes +- Adding a space for header formatting +- use https for apt.postgresql.org repo +- msync puppet 5 and ruby 2.4 ([MODULES-5197](https://tickets.puppetlabs.com/browse/MODULES-5187)) +- Only run test on postgresql >= 9.0 ([FM-6240](https://tickets.puppetlabs.com/browse/FM-6240)) +- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash + +## Supported Release 5.0.0 +### Summary +This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. + +#### Added +- `locales/` directory, .pot file, and i18n `config.yaml`. ([FM-6116](https://tickets.puppet.com/browse/FM-6116)) +- `update_password` parameter to toggle password management per role. +- **Puppet 4** type validation. +- new `postgresql_conn_validator` custom type and deprecated `validate_db_connection`. ([MODULES-1394](https://tickets.puppet.com/browse/MODULES-1394)) + +#### Changed +- default postgis versions in postgresql::globals to use newer versions. +- puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) +- default value for `log_line_prefix` to `undef`. +- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. +- use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. +- lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) + +#### Fixed +- deprecated apt::source parameters(`key`,`key_source`, & `include_src`). +- default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) +- use of force parameter on concat resources. + +## Supported Release 4.9.0 +### Summary +This release adds several types and, among other bugs, fixes an issue with the yum URL. + +#### Features +- Modifying ownership of databases and schemas now available (MODULES-3247) +- Use `module_workdir` to specify a custom directory in which to execute psql commands +- `grant_role` and `grant` types added! +- Support for parallel unit testing (parallel_tests) +- Override download/installation repo URL with `repo_baseurl` +- Set your timezone with `timezone` +- Grant privileges on LANGUAGEs +- Added support for Debian Stretch and Ubuntu Yakkety Yak + +#### Bugfixes +- Usernames and passwords are now converted to strings before password hash is created +- Specify default database name if it is not the username +- Update to yum repo +- Schema name conflicts fix + +## Supported Release 4.8.0 +### Summary +This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. + +#### Features +- Add `default_connect_settings` parameter to `postgresql::server` +- Running under strict variables is now supported +- Add timestamps into logs by default + +#### Bugfixes +- Obscure password in postgresql\_psql type +- Fix ip address quoting in postgresql\_conf type +- Fix handling of systemd service on Ubuntu +- Mark log_min_duration_statement setting as requiring a service restart +- Add fixes for Fedora 23, Fedora 24, FreeBSD, OpenBSD +- Fix environment handling to avoid "Overriding environment setting" message +- Work around PUP-6385, using empty arrays instead of undef when specifying resource relationships +- README editorial pass +- Reduce whitespace in templates +- Update build/test infrastructure + +## Supported Release 4.7.1 +### Summary +This release contains some bugfixes and documentation updates. + +#### Bugfixes +- (MODULES-3024) Quote database objects when creating databases. +- Properly escape case where password ends with '$'. +- Fixes password change when postgres is configure to non-standard port. +- Unpins concat dependency to be able to use concat 2.x. +- Workaround to fix installing on Amazon Linux. +- Fixes proper defaulting of `$service_provider` parameter. +- Fixes postgres server init script naming on Amazon Linux. +- Fixes service reload parameter on Arch Linux. +- Adds missing onlyif_function to sequence grant code. +- Fixes to the markdown of the README. + +## Supported Release 4.7.0 +### Summary +A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. + +#### Features +- Remote DB support - Connection-settings allows a hash of options that can be used when connecting to a remote DB. +- Debian 8 support. +- Updated systemd-override to support fedora and CentOS paths. +- Adds the ability to define the extension name separately from the title of the resource, which allows you to add the extension to more than one database. +- Added parameter to disable automatic service restarts on config changes. +- Ubuntu 15.10 compatibility. +- OpenBSD version is now 9.4. +- Added .gitattributes to maintain line endings for .sh and .rb files. +- Adds default postgis version for 9.5. +- Allows float postgresql_conf values. +- Schedule apt update after install of repo. + +#### Bugfixes +- Fixed systemd-override for RedHat systems with unmanaged Yum repos. +- Removed inherits postgresql::params. +- Multi-node tests are now not ran by default. +- Change apt::pin to apt_postgresql_org to prevent error message. +- Removed syntax error near UTF8. +- Removal of extra blanks and backslashes in README. +- Double quotes now used around database name to prevent syntax error. +- Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. +- Fixed paths to work on Amazon Linux. +- Fixed quotes around locale options. +- Huge README update. +- Update to use current msync configs. +- Fixes postgresql::server acceptance test descriptions. + +## Supported Release 4.6.1 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + +## 2015-09-01 - Supported Release 4.6.0 +### Summary +This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. + +#### Features +- Support setting a proxy for yum operations +- Allow for undefined PostGIS version +- Decouple pg_hba_rule from postgresql::server + +#### Bugfixes +- Fix postgis default package name on RedHat + +## 2015-07-27 - Supported Release 4.5.0 +### Summary +This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to +the psql resource. + +### Features +- Add `onlyif` parameter to `postgresql_psql` +- Add unsupported compatibility with Ubuntu 15.04 +- Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 +- Add `postgresql::server::grant::onlyif_exists` attribute +- Add `postgresql::server::table_grant::onlyif_exists` attribute +- Add granting permissions on sequences + +### Bugfixes +- Added docs for `postgresql::server::grant` +- Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls +- Fix 9.4 for `postgresql::server::pg_hba_rule` + +## 2015-07-07 - Supported Release 4.4.2 +### Summary +This release fixes a bug introduced in 4.4.0. + +#### Bugfixes +- Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) + +## 2015-07-01 - Supported Release 4.4.1 +### Summary +This release fixes RHEL 7 & Fedora with manage_package_repo switched on. + +#### Bugfixes +- Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 + +## 2015-06-30 - Supported Release 4.4.0 +### Summary +This release has several new features, bugfixes, and test improvements. + +#### Features +- Adds a resource to manage recovery.conf. +- Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. +- Adds support for plpython package management. +- Adds support for postgresql-docs management. +- Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) +- Updates puppetlabs-apt module dependency to support version 2.1.0. + +#### Bugfixes +- Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser +- Fix setting postgres role password (MODULES-1869) +- Fix execution command with puppet <3.4 (MODULES-1923) +- Fix Puppet.newtype deprecation warning (MODULES-2007) +- Fix systemd override for manage_repo package versions +- Fix Copy snakeoil certificate and key instead of symlinking + +#### Test Improvements +- Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. +- Enables Unit testing on Travis CI with Puppet 4. +- Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. + +## 2015-03-24 - Supported Release 4.3.0 +### Summary +This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. + +#### Features +- Add `postgresql::server::logdir` parameter to manage the logdir +- Add `environment` parameter to `postgresql_psql` +- Add `postgresql_replication_slot` custom resource + +#### Bugfixes +- Fix for Puppet 4 +- Don't print postgresql\_psql password in command +- Allow `postgresql::validate_db_connection` for more than one host+port+database combo +- Fix service command on Debian 8 and up +- Fix `postgresql::server::extension` to work with custom user/group/port +- Fix `postgresql::server::initdb` to work with custom user/group/port +- Fix changing template1 encoding +- Fix default `postgresql::server::grant::object_name` value +- Fix idempotency of granting all tables in schema with `puppet::server::grant` +- Fix lint warnings +- Fix apt key to use 40 character key and bump puppetlabs-apt to >= 1.8.0 < 2.0.0 + + +##2015-03-10 - Supported Release 4.2.0 +###Summary + +This release has several new features including support for server extensions, improved grant support, and a number of bugfixes. + +####Features +- Changes to support OpenBSD +- Add `service_reload` parameter to `postgresql::server` +- Add `comment` parameter to `postgresql::server::database` (MODULES-1153) +- Add `postgresql::server::extension` defined type +- Add postgresql versions for utopic and jessie +- Update `postgresql::server::grant` to support 'GRANT SCHEMA' and 'ALL TABLES IN SCHEMA' + +####Bugfixes +- Lint cleanup +- Remove outdated upgrade info from README +- Use correct TCP port when checking password +- Create role before database +- Fix template1 encoding on Debian +- Require server package before user permissions +- Fix `service_status` default for FreeBSD to allow PostgreSQL to start the first run +- Fix invalid US-ASCII byte sequence in `postgresql::server::grant` comments +- Reverted to default behavior for Debian systems as `pg_config` should not be overwritten (MODULES-1485) + +##2014-11-04 - Supported Release 4.1.0 +###Summary + +This release adds the ability to change the PGDATA directory, and also includes documentation and test updates, future parser support, and a few other new features. + +####Features +- Future parser support +- Documentation updates +- Test updates +- Add a link from `/etc/sysconfig/pgsql/postgresql-${version}` to `/etc/sysconfig/pgsql/postgresql` to support init scripts from the postgresql.org repo +- Add support for changing the PGDATA directory +- Set default versions for Fedora 21 and FreeBSD + +##2014-09-03 - Supported Release 4.0.0 +###Summary + +This release removes the uninstall ability from the module, removes the firewall +management, overhauls all of the acceptance testing, as well as adds better +support for SuSE and Fedora. + +###Backwards Incompatible changes. + +- Uninstall code removal. +- Firewall management for Postgres. +- Set manage_pg_ident_conf to true. + +####Uninstallation removal + +We rely heavily on the ability to uninstall and reinstall postgres throughout +our testing code, testing features like "can I move from the distribution +packages to the upstream packages through the module" and over time we've +learnt that the uninstall code simply doesn't work a lot of the time. It +leaves traces of postgres behind or fails to remove certain packages on Ubuntu, +and generally causes bits to be left on your system that you didn't expect. + +When we then reinstall things fail because it's not a true clean slate, and +this causes us enormous problems during test. We've spent weeks and months +working on these tests and they simply don't hold up well across the full range +of PE platforms. + +Due to all these problems we've decided to take a stance on uninstalling in +general. We feel that in 2014 it's completely reasonable and normal to have a +good provisioning pipeline combined with your configuration management and the +"correct" way to uninstall a fully installed service like postgresql is to +simply reprovision the server without it in the first place. As a general rule +this is how I personally like to work and I think is a good practice. + +####I'm not OK with this! + +We understand that there are environments and situations in which it's not easy +to do that. What if you accidently deployed Postgres on 100,000 nodes? In the +future we're going to take a look at building some example 'profiles' to be +found under examples/ within this module that can uninstall postgres on popular +platforms. These can be modified and used in your specific case to uninstall +postgresql. They will be much more brute force and reliant on deleting entire +directories and require you to do more work up front in specifying where things +are installed but we think it'll prove to be a much cleaner mechanism for this +kind of thing rather than trying to weave it into the main module logic itself. + +####Features +- Removal of uninstall. +- Removal of firewall management. +- Tests ported to rspec3. +- Acceptance tests rewritten. +- Add a defined type for creating database schemas. +- Add a pg_ident_rule defined type. +- Set manage_pg_ident_conf to true. +- Manage pg_ident.conf by default. +- Improve selinux support for tablespace. +- Remove deprecation warnings. +- Support changing PGDATA on RedHat. +- Add SLES 11 support. + +####Bugfixes +- Link pg_config binary into /usr/bin. +- Fix fedora support by using systemd. +- Initdb should create xlogdir if set. +- Use a regular expression to match the major OS version on Ubuntu. + +##2014-07-31 - Supported Release 3.4.2 +###Summary + +This release fixes recent Fedora versions. + +####Features +####Bugfixes +- Fix Fedora. + +##2014-07-15 - Supported Release 3.4.1 +###Summary + +This release merely updates metadata.json so the module can be uninstalled and +upgraded via the puppet module command. + +##2014-04-14 - Supported Release 3.4.0 +###Summary + +This feature rolls up several important features, the biggest being PostGIS +handling and allowing `port` to be set on postgresql::server in order to +change the port that Postgres listens on. We've added support for RHEL7 +and Ubuntu 14.04, as well as allowing you to manage the service via +`service_ensure` finally. -## [5.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.3.0) - 2018-02-26 +####Features +- Added `perl_package_name` for installing bindings. +- Added `service_ensure` for allowing control of services. +- Added `postgis_version` and postgis class for installing postgis. +- Added `port` for selecting the port Postgres runs on. +- Add support for RHEL7 and Ubuntu 14.04. +- Add `default_db` to postgresql::server::database. +- Widen the selection of unquoted parameters in postgresql_conf{} +- Require the service within postgresql::server::reload for RHEL7. +- Add `inherit` to postgresql::server::role. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.1...5.3.0) +####Bugfixes -### Fixed +##2014-03-04 - Supported Release 3.3.3 +###Summary + +This is a supported release. This release removes a testing symlink that can +cause trouble on systems where /var is on a seperate filesystem from the +modulepath. -- defaulted psql_path to postgresql::server::psql_path [#947](https://github.com/puppetlabs/puppetlabs-postgresql/pull/947) ([crayfishx](https://github.com/crayfishx)) +####Features +####Bugfixes +####Known Bugs +* SLES is not supported. -### Other +##2014-03-04 - Supported Release 3.3.2 +###Summary +This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. -- (maint) - Skip run_puppet_access_login on LTS [#956](https://github.com/puppetlabs/puppetlabs-postgresql/pull/956) ([pmcmaw](https://github.com/pmcmaw)) -- add task listing to README, edit [#955](https://github.com/puppetlabs/puppetlabs-postgresql/pull/955) ([jbondpdx](https://github.com/jbondpdx)) -- 5.3.0 Pre Release [#954](https://github.com/puppetlabs/puppetlabs-postgresql/pull/954) ([david22swan](https://github.com/david22swan)) -- Rubocop Process Complete [#953](https://github.com/puppetlabs/puppetlabs-postgresql/pull/953) ([david22swan](https://github.com/david22swan)) -- (MODULES-6608) - Adding puppet requirement for tasks versioncmp in beaker-task_helper [#952](https://github.com/puppetlabs/puppetlabs-postgresql/pull/952) ([pmcmaw](https://github.com/pmcmaw)) -- Support extension schemas [#948](https://github.com/puppetlabs/puppetlabs-postgresql/pull/948) ([hasegeli](https://github.com/hasegeli)) -- (maint) modulesync 65530a4 Update Travis [#946](https://github.com/puppetlabs/puppetlabs-postgresql/pull/946) ([michaeltlombardi](https://github.com/michaeltlombardi)) -- Inherit 9.6 settings for later PgSQL version on FreeBSD [#945](https://github.com/puppetlabs/puppetlabs-postgresql/pull/945) ([olevole](https://github.com/olevole)) -- (maint) - modulesync 384f4c1 [#944](https://github.com/puppetlabs/puppetlabs-postgresql/pull/944) ([tphoney](https://github.com/tphoney)) -- According to the puppet doc, Pattern should be a list of regex. [#942](https://github.com/puppetlabs/puppetlabs-postgresql/pull/942) ([PierreR](https://github.com/PierreR)) -- MODULES-6194 - Add scram-sha-256 as a valid pg_hba_rule auth method [#941](https://github.com/puppetlabs/puppetlabs-postgresql/pull/941) ([f3nry](https://github.com/f3nry)) -- (maint) - modulesync 1d81b6a [#939](https://github.com/puppetlabs/puppetlabs-postgresql/pull/939) ([pmcmaw](https://github.com/pmcmaw)) -- Merge back release (5.2.1) into master [#938](https://github.com/puppetlabs/puppetlabs-postgresql/pull/938) ([glennsarti](https://github.com/glennsarti)) -- (MODULES-6014) Add support for Fedora 27 to puppetlabs-postgresql [#937](https://github.com/puppetlabs/puppetlabs-postgresql/pull/937) ([blackknight36](https://github.com/blackknight36)) -- This pull request fixes an augeas warning [#935](https://github.com/puppetlabs/puppetlabs-postgresql/pull/935) ([iakovgan](https://github.com/iakovgan)) -- FM-6445 add a task [#930](https://github.com/puppetlabs/puppetlabs-postgresql/pull/930) ([tphoney](https://github.com/tphoney)) -- add ensure=>absent to postgresql::server::role [#897](https://github.com/puppetlabs/puppetlabs-postgresql/pull/897) ([georgehansper](https://github.com/georgehansper)) +####Bugfixes +- Correct psql path when setting password on custom versions. +- Documentation updates +- Test updates -## [5.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.1) - 2017-11-14 +####Known Bugs +* SLES is not supported. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.0...5.2.1) -### Fixed +##2014-02-12 - Version 3.3.1 +####Bugfix: +- Allow dynamic rubygems host -- add parameter "version" to postgresql::server::extension - fix dependency on database [#932](https://github.com/puppetlabs/puppetlabs-postgresql/pull/932) ([georgehansper](https://github.com/georgehansper)) - -### Other - -- (maint) - Removing Debian 9 [#936](https://github.com/puppetlabs/puppetlabs-postgresql/pull/936) ([pmcmaw](https://github.com/pmcmaw)) -- (MODULES-5956) fixes for postgresql release [#934](https://github.com/puppetlabs/puppetlabs-postgresql/pull/934) ([jbondpdx](https://github.com/jbondpdx)) -- (MODULES-5955) release prep for 5.2.1 [#933](https://github.com/puppetlabs/puppetlabs-postgresql/pull/933) ([eputnam](https://github.com/eputnam)) -- 5.2.0 Release Mergeback [#928](https://github.com/puppetlabs/puppetlabs-postgresql/pull/928) ([HelenCampbell](https://github.com/HelenCampbell)) - -## [5.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.0) - 2017-10-09 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.1.0...5.2.0) - -### Other - -- Updates to Changelog for release prep [#927](https://github.com/puppetlabs/puppetlabs-postgresql/pull/927) ([pmcmaw](https://github.com/pmcmaw)) -- Merge master into release [#926](https://github.com/puppetlabs/puppetlabs-postgresql/pull/926) ([HelenCampbell](https://github.com/HelenCampbell)) -- (PUP-8008) monkey patch spec_helper_acceptance [#925](https://github.com/puppetlabs/puppetlabs-postgresql/pull/925) ([eputnam](https://github.com/eputnam)) -- (PUP-8008) monkey patch spec_helper_acceptance [#924](https://github.com/puppetlabs/puppetlabs-postgresql/pull/924) ([eputnam](https://github.com/eputnam)) -- (FM-6386) Minor docs fixup for 5.2.0 release [#923](https://github.com/puppetlabs/puppetlabs-postgresql/pull/923) ([HAIL9000](https://github.com/HAIL9000)) -- Removing Debian 6 and adding Debian 9 [#921](https://github.com/puppetlabs/puppetlabs-postgresql/pull/921) ([pmcmaw](https://github.com/pmcmaw)) -- 5.2.0 Release Prep [#920](https://github.com/puppetlabs/puppetlabs-postgresql/pull/920) ([HelenCampbell](https://github.com/HelenCampbell)) -- Updates test to reflect new error message [#919](https://github.com/puppetlabs/puppetlabs-postgresql/pull/919) ([HelenCampbell](https://github.com/HelenCampbell)) -- (maint) modulesync 892c4cf [#918](https://github.com/puppetlabs/puppetlabs-postgresql/pull/918) ([HAIL9000](https://github.com/HAIL9000)) -- enhance --data-checksums on initdb [#915](https://github.com/puppetlabs/puppetlabs-postgresql/pull/915) ([mmoll](https://github.com/mmoll)) -- use postgresql 9.6 for the newest SLES and openSUSE releases [#914](https://github.com/puppetlabs/puppetlabs-postgresql/pull/914) ([tampakrap](https://github.com/tampakrap)) -- Change - Add support for Fedora 26 [#913](https://github.com/puppetlabs/puppetlabs-postgresql/pull/913) ([blackknight36](https://github.com/blackknight36)) -- (MODULES-5501) - Remove unsupported Ubuntu [#912](https://github.com/puppetlabs/puppetlabs-postgresql/pull/912) ([pmcmaw](https://github.com/pmcmaw)) -- Added default posgresql version of Ubuntu 17.4 version to the global… [#911](https://github.com/puppetlabs/puppetlabs-postgresql/pull/911) ([hozmaster](https://github.com/hozmaster)) -- (MODULES-4854) remove allow_deprecations [#910](https://github.com/puppetlabs/puppetlabs-postgresql/pull/910) ([eputnam](https://github.com/eputnam)) -- MODULES-5378 fix the change in error message [#909](https://github.com/puppetlabs/puppetlabs-postgresql/pull/909) ([tphoney](https://github.com/tphoney)) -- MODULES-5378 fix error message checking in test [#908](https://github.com/puppetlabs/puppetlabs-postgresql/pull/908) ([tphoney](https://github.com/tphoney)) -- (maint) modulesync 915cde70e20 [#907](https://github.com/puppetlabs/puppetlabs-postgresql/pull/907) ([glennsarti](https://github.com/glennsarti)) -- (MODULES-5232) - Updating docs formatting. [#905](https://github.com/puppetlabs/puppetlabs-postgresql/pull/905) ([pmcmaw](https://github.com/pmcmaw)) -- 5.1.0 Release Mergeback [#904](https://github.com/puppetlabs/puppetlabs-postgresql/pull/904) ([HelenCampbell](https://github.com/HelenCampbell)) -- Replace deprecated function calls [#901](https://github.com/puppetlabs/puppetlabs-postgresql/pull/901) ([matonb](https://github.com/matonb)) -- Default contcat order [#900](https://github.com/puppetlabs/puppetlabs-postgresql/pull/900) ([matonb](https://github.com/matonb)) -- Deprecated tests [#899](https://github.com/puppetlabs/puppetlabs-postgresql/pull/899) ([matonb](https://github.com/matonb)) -- add parameter "version" to postgresql::server::extension to update the extension version [#896](https://github.com/puppetlabs/puppetlabs-postgresql/pull/896) ([georgehansper](https://github.com/georgehansper)) -- (MODULES-4682) Pass default_connect_settings to validate service [#862](https://github.com/puppetlabs/puppetlabs-postgresql/pull/862) ([vinzent](https://github.com/vinzent)) - -## [5.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.1.0) - 2017-07-17 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.0.0...5.1.0) - -### Other - -- (MODULES-4711) - 5.1.0 Release Prep [#903](https://github.com/puppetlabs/puppetlabs-postgresql/pull/903) ([pmcmaw](https://github.com/pmcmaw)) -- Adding a space for header formatting [#902](https://github.com/puppetlabs/puppetlabs-postgresql/pull/902) ([pmcmaw](https://github.com/pmcmaw)) -- (FM-6240) only run test on postgresql >= 9.0 [#898](https://github.com/puppetlabs/puppetlabs-postgresql/pull/898) ([tphoney](https://github.com/tphoney)) -- (MODULES-5187) mysnc puppet 5 and ruby 2.4 [#895](https://github.com/puppetlabs/puppetlabs-postgresql/pull/895) ([eputnam](https://github.com/eputnam)) -- add defined type postgresql::server::reassign_owned_by [#894](https://github.com/puppetlabs/puppetlabs-postgresql/pull/894) ([georgehansper](https://github.com/georgehansper)) -- Allow order parameter to be string value [#893](https://github.com/puppetlabs/puppetlabs-postgresql/pull/893) ([matonb](https://github.com/matonb)) -- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash [#892](https://github.com/puppetlabs/puppetlabs-postgresql/pull/892) ([mmoll](https://github.com/mmoll)) -- (MODULES-5144) Prep for puppet 5 [#889](https://github.com/puppetlabs/puppetlabs-postgresql/pull/889) ([hunner](https://github.com/hunner)) -- use https for apt.postgresql.org repo [#888](https://github.com/puppetlabs/puppetlabs-postgresql/pull/888) ([hex2a](https://github.com/hex2a)) -- 5.0.0 mergeback [#887](https://github.com/puppetlabs/puppetlabs-postgresql/pull/887) ([hunner](https://github.com/hunner)) -- MODULES-2989 parameter ensure of custom resource postgresql_replication_slot is not documented [#884](https://github.com/puppetlabs/puppetlabs-postgresql/pull/884) ([MartyEwings](https://github.com/MartyEwings)) -- add data_checksums option to initdb [#878](https://github.com/puppetlabs/puppetlabs-postgresql/pull/878) ([tjikkun](https://github.com/tjikkun)) - -## [5.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.0.0) - 2017-06-21 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.9.0...5.0.0) -### Changed -- Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) -- Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) - -### Other - -- (maint) address more changelog cleanup [#886](https://github.com/puppetlabs/puppetlabs-postgresql/pull/886) ([eputnam](https://github.com/eputnam)) -- (maint) changelog cleanup for 5.0.0 [#885](https://github.com/puppetlabs/puppetlabs-postgresql/pull/885) ([eputnam](https://github.com/eputnam)) -- (MODULES-5062) release prep 5.0.0 [#883](https://github.com/puppetlabs/puppetlabs-postgresql/pull/883) ([eputnam](https://github.com/eputnam)) -- (maint) fix for connection validator [#882](https://github.com/puppetlabs/puppetlabs-postgresql/pull/882) ([eputnam](https://github.com/eputnam)) -- (MODULES-5050) Fix for grant_schema_spec [#881](https://github.com/puppetlabs/puppetlabs-postgresql/pull/881) ([eputnam](https://github.com/eputnam)) -- (MODULES-5050) pass auth_option in grant_role_spec [#880](https://github.com/puppetlabs/puppetlabs-postgresql/pull/880) ([eputnam](https://github.com/eputnam)) -- (MODULES-1394) replace validate_db_connection type with custom type [#879](https://github.com/puppetlabs/puppetlabs-postgresql/pull/879) ([eputnam](https://github.com/eputnam)) -- Cleanup README [#877](https://github.com/puppetlabs/puppetlabs-postgresql/pull/877) ([hasegeli](https://github.com/hasegeli)) -- (maint) mock structured facts [#875](https://github.com/puppetlabs/puppetlabs-postgresql/pull/875) ([eputnam](https://github.com/eputnam)) -- (maint) Fix docs for #870 [#873](https://github.com/puppetlabs/puppetlabs-postgresql/pull/873) ([hunner](https://github.com/hunner)) -- MODULES-4826 puppetlabs-postgresql: Update the version compatibility to >= 4.7.0 < 5.0.0 [#871](https://github.com/puppetlabs/puppetlabs-postgresql/pull/871) ([marsmensch](https://github.com/marsmensch)) -- (MODULES-4947) bump apt dependency in metadata + fixtures [#869](https://github.com/puppetlabs/puppetlabs-postgresql/pull/869) ([bastelfreak](https://github.com/bastelfreak)) -- Maintain config entries for PostgreSQL 10 [#868](https://github.com/puppetlabs/puppetlabs-postgresql/pull/868) ([hasegeli](https://github.com/hasegeli)) -- (MODULES-4906) Add support for concat 3.0.0 and 4.0.0 [#867](https://github.com/puppetlabs/puppetlabs-postgresql/pull/867) ([dhollinger](https://github.com/dhollinger)) -- Release mergeback [#866](https://github.com/puppetlabs/puppetlabs-postgresql/pull/866) ([hunner](https://github.com/hunner)) -- MODULES-4324 - README Updates for Translation. [#864](https://github.com/puppetlabs/puppetlabs-postgresql/pull/864) ([pmcmaw](https://github.com/pmcmaw)) -- [MODULES-4598] Revert "Revert "fix default params for SUSE family OSes"" [#863](https://github.com/puppetlabs/puppetlabs-postgresql/pull/863) ([mmoll](https://github.com/mmoll)) -- [msync] 786266 Implement puppet-module-gems, a45803 Remove metadata.json from locales config [#860](https://github.com/puppetlabs/puppetlabs-postgresql/pull/860) ([wilson208](https://github.com/wilson208)) -- [MODULES-4598] Revert "fix default params for SUSE family OSes" [#858](https://github.com/puppetlabs/puppetlabs-postgresql/pull/858) ([wilson208](https://github.com/wilson208)) -- (FM-6116) - Adding POT file for metadata.json [#857](https://github.com/puppetlabs/puppetlabs-postgresql/pull/857) ([pmcmaw](https://github.com/pmcmaw)) -- [MODULES-4528] Replace Puppet.version.to_f version comparison from spec_helper.rb [#856](https://github.com/puppetlabs/puppetlabs-postgresql/pull/856) ([wilson208](https://github.com/wilson208)) -- Align postgis default version with postgres version [#854](https://github.com/puppetlabs/puppetlabs-postgresql/pull/854) ([georgehansper](https://github.com/georgehansper)) -- (maint) Fix CI issue where acceptance tests fail on SLES [#853](https://github.com/puppetlabs/puppetlabs-postgresql/pull/853) ([wilson208](https://github.com/wilson208)) -- Migrate to puppet4 datatypes [#852](https://github.com/puppetlabs/puppetlabs-postgresql/pull/852) ([bastelfreak](https://github.com/bastelfreak)) -- fix default params for SUSE family OSes [#851](https://github.com/puppetlabs/puppetlabs-postgresql/pull/851) ([tampakrap](https://github.com/tampakrap)) -- Allowo to disable managing passwords for users [#846](https://github.com/puppetlabs/puppetlabs-postgresql/pull/846) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) -- Change - Remove deprecated force parameter on concat resources [#843](https://github.com/puppetlabs/puppetlabs-postgresql/pull/843) ([blackknight36](https://github.com/blackknight36)) -- Remove deprecated force parameter from concat [#831](https://github.com/puppetlabs/puppetlabs-postgresql/pull/831) ([ekohl](https://github.com/ekohl)) - -## [4.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.9.0) - 2017-03-09 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.8.0...4.9.0) +##2014-01-28 - Version 3.3.0 -### Changed -- Fix deprecated apt::source parameters [#805](https://github.com/puppetlabs/puppetlabs-postgresql/pull/805) ([adepretis](https://github.com/adepretis)) - -### Other - -- release prep for 4.9.0 [#849](https://github.com/puppetlabs/puppetlabs-postgresql/pull/849) ([eputnam](https://github.com/eputnam)) -- Update $allowed_auth_methods for newer PostgreSQL versions 9.5 and 9.6 [#848](https://github.com/puppetlabs/puppetlabs-postgresql/pull/848) ([ardrigh](https://github.com/ardrigh)) -- (MODULES-1707) add logic to params.pp for jdbc driver package on Debian [#847](https://github.com/puppetlabs/puppetlabs-postgresql/pull/847) ([eputnam](https://github.com/eputnam)) -- (MODULES-1508) add support for unix_socket_directories [#845](https://github.com/puppetlabs/puppetlabs-postgresql/pull/845) ([eputnam](https://github.com/eputnam)) -- (maint) accomodate old pgsql version [#844](https://github.com/puppetlabs/puppetlabs-postgresql/pull/844) ([eputnam](https://github.com/eputnam)) -- support Debian/stretch and Ubuntu/yakkety [#842](https://github.com/puppetlabs/puppetlabs-postgresql/pull/842) ([mmoll](https://github.com/mmoll)) -- (maint) fix grant_spec test [#841](https://github.com/puppetlabs/puppetlabs-postgresql/pull/841) ([eputnam](https://github.com/eputnam)) -- (maint) Schemas for a db should come after db [#840](https://github.com/puppetlabs/puppetlabs-postgresql/pull/840) ([hunner](https://github.com/hunner)) -- (MODULES-1127) allow LANGUAGE as valid object_type [#838](https://github.com/puppetlabs/puppetlabs-postgresql/pull/838) ([eputnam](https://github.com/eputnam)) -- Fix typo: hostnosssl [#837](https://github.com/puppetlabs/puppetlabs-postgresql/pull/837) ([df7cb](https://github.com/df7cb)) -- Implement beaker-module_install_helper and cleanup spec_helper_acceptance.rb [#836](https://github.com/puppetlabs/puppetlabs-postgresql/pull/836) ([wilson208](https://github.com/wilson208)) -- (MODULES-4098) Sync the rest of the files [#835](https://github.com/puppetlabs/puppetlabs-postgresql/pull/835) ([hunner](https://github.com/hunner)) -- Fix validation script to work with dash [#833](https://github.com/puppetlabs/puppetlabs-postgresql/pull/833) ([sathieu](https://github.com/sathieu)) -- (MODULES-4097) Sync travis.yml [#832](https://github.com/puppetlabs/puppetlabs-postgresql/pull/832) ([hunner](https://github.com/hunner)) -- Remove unnecessary `client_package_name` parameter from server. [#830](https://github.com/puppetlabs/puppetlabs-postgresql/pull/830) ([tdevelioglu](https://github.com/tdevelioglu)) -- F25 update [#829](https://github.com/puppetlabs/puppetlabs-postgresql/pull/829) ([blackknight36](https://github.com/blackknight36)) -- (FM-5972) gettext and spec.opts [#828](https://github.com/puppetlabs/puppetlabs-postgresql/pull/828) ([eputnam](https://github.com/eputnam)) -- Change - Ensure that the postgres data dir has proper selinux context [#827](https://github.com/puppetlabs/puppetlabs-postgresql/pull/827) ([blackknight36](https://github.com/blackknight36)) -- (maint) fixes for grant_spec [#826](https://github.com/puppetlabs/puppetlabs-postgresql/pull/826) ([eputnam](https://github.com/eputnam)) -- (FM-5939) removes spec.opts [#825](https://github.com/puppetlabs/puppetlabs-postgresql/pull/825) ([eputnam](https://github.com/eputnam)) -- (MODULES-3631) msync Gemfile for 1.9 frozen strings [#824](https://github.com/puppetlabs/puppetlabs-postgresql/pull/824) ([hunner](https://github.com/hunner)) -- Support granting SELECT and UPDATE permission on sequences (MODULES-4158) [#823](https://github.com/puppetlabs/puppetlabs-postgresql/pull/823) ([chris-reeves](https://github.com/chris-reeves)) -- Pick 808 [#821](https://github.com/puppetlabs/puppetlabs-postgresql/pull/821) ([tphoney](https://github.com/tphoney)) -- Override repo urls [#820](https://github.com/puppetlabs/puppetlabs-postgresql/pull/820) ([DavidS](https://github.com/DavidS)) -- Set permissions/ownership on rpm gpg key [#819](https://github.com/puppetlabs/puppetlabs-postgresql/pull/819) ([benpillet](https://github.com/benpillet)) -- (MODULES-4051) updates yum repo [#818](https://github.com/puppetlabs/puppetlabs-postgresql/pull/818) ([eputnam](https://github.com/eputnam)) -- Change default user, group and data directory to proper value on Free… [#816](https://github.com/puppetlabs/puppetlabs-postgresql/pull/816) ([olevole](https://github.com/olevole)) -- (MODULES-3704) Update gemfile template to be identical [#815](https://github.com/puppetlabs/puppetlabs-postgresql/pull/815) ([hunner](https://github.com/hunner)) -- MODULES-3816 no release 3.4.3 fixing changelog [#814](https://github.com/puppetlabs/puppetlabs-postgresql/pull/814) ([tphoney](https://github.com/tphoney)) -- Fix grant documentation [#813](https://github.com/puppetlabs/puppetlabs-postgresql/pull/813) ([hasegeli](https://github.com/hasegeli)) -- Change - Add default postgres version for Fedora 24 to globals class [#811](https://github.com/puppetlabs/puppetlabs-postgresql/pull/811) ([blackknight36](https://github.com/blackknight36)) -- Add support for Gentoo-based operatingsystems [#810](https://github.com/puppetlabs/puppetlabs-postgresql/pull/810) ([optiz0r](https://github.com/optiz0r)) -- Fixed unless check in grant_role so that it can grant roles to superusers [#809](https://github.com/puppetlabs/puppetlabs-postgresql/pull/809) ([crispygoth](https://github.com/crispygoth)) -- (MODULES-3983) Update parallel_tests for ruby 2.0.0 [#807](https://github.com/puppetlabs/puppetlabs-postgresql/pull/807) ([pmcmaw](https://github.com/pmcmaw)) -- (MODULES-1850) replace validate_string by validate_re for real verification on input [#806](https://github.com/puppetlabs/puppetlabs-postgresql/pull/806) ([jhooyberghs](https://github.com/jhooyberghs)) -- globals: add postgis version for 9.6 [#804](https://github.com/puppetlabs/puppetlabs-postgresql/pull/804) ([costela](https://github.com/costela)) -- Adding a negative test case for grant role [#802](https://github.com/puppetlabs/puppetlabs-postgresql/pull/802) ([pmcmaw](https://github.com/pmcmaw)) -- (MODULES-3844) adds single revoke test [#800](https://github.com/puppetlabs/puppetlabs-postgresql/pull/800) ([eputnam](https://github.com/eputnam)) -- Update modulesync_config [51f469d] [#799](https://github.com/puppetlabs/puppetlabs-postgresql/pull/799) ([DavidS](https://github.com/DavidS)) -- Remove duplicate RedHat default section [#798](https://github.com/puppetlabs/puppetlabs-postgresql/pull/798) ([jesusaurus](https://github.com/jesusaurus)) -- Support changing database tablespaces [#795](https://github.com/puppetlabs/puppetlabs-postgresql/pull/795) ([hasegeli](https://github.com/hasegeli)) -- Fix SQL style on role.pp [#794](https://github.com/puppetlabs/puppetlabs-postgresql/pull/794) ([hasegeli](https://github.com/hasegeli)) -- Default role of grant_role to namevar [#793](https://github.com/puppetlabs/puppetlabs-postgresql/pull/793) ([hasegeli](https://github.com/hasegeli)) -- Improvements around changing owners [#792](https://github.com/puppetlabs/puppetlabs-postgresql/pull/792) ([hasegeli](https://github.com/hasegeli)) -- Revert "Update config_entry.pp add ability to set log_min_duration_statement" [#791](https://github.com/puppetlabs/puppetlabs-postgresql/pull/791) ([hasegeli](https://github.com/hasegeli)) -- (#3858) Fix unless check in grant_role to work with roles as well as users [#788](https://github.com/puppetlabs/puppetlabs-postgresql/pull/788) ([thunderkeys](https://github.com/thunderkeys)) -- Update modulesync_config [a3fe424] [#787](https://github.com/puppetlabs/puppetlabs-postgresql/pull/787) ([DavidS](https://github.com/DavidS)) -- Allow working directory to be configurable via globals (instead of always using /tmp) [#786](https://github.com/puppetlabs/puppetlabs-postgresql/pull/786) ([hdeadman](https://github.com/hdeadman)) -- handle case where default database name is not the same as user [#785](https://github.com/puppetlabs/puppetlabs-postgresql/pull/785) ([hdeadman](https://github.com/hdeadman)) -- Merge back [#783](https://github.com/puppetlabs/puppetlabs-postgresql/pull/783) ([DavidS](https://github.com/DavidS)) -- (MAINT) Update for modulesync_config 72d19f184 [#782](https://github.com/puppetlabs/puppetlabs-postgresql/pull/782) ([DavidS](https://github.com/DavidS)) -- Add .erb suffix to recovery.conf template [#777](https://github.com/puppetlabs/puppetlabs-postgresql/pull/777) ([tdevelioglu](https://github.com/tdevelioglu)) -- Allow username and password as integers [#774](https://github.com/puppetlabs/puppetlabs-postgresql/pull/774) ([sathieu](https://github.com/sathieu)) -- Grant role with unit tests [#762](https://github.com/puppetlabs/puppetlabs-postgresql/pull/762) ([janfabry](https://github.com/janfabry)) - -## [4.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.8.0) - 2016-07-26 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.1...4.8.0) - -### Other - -- Prep for 4.8.0 [#781](https://github.com/puppetlabs/puppetlabs-postgresql/pull/781) ([DavidS](https://github.com/DavidS)) -- (MODULES-3247) Enable schema and database ownership change [#779](https://github.com/puppetlabs/puppetlabs-postgresql/pull/779) ([ntpttr](https://github.com/ntpttr)) -- (MODULES-3581) modulesync [067d08a] [#778](https://github.com/puppetlabs/puppetlabs-postgresql/pull/778) ([DavidS](https://github.com/DavidS)) -- {maint} modulesync 0794b2c [#776](https://github.com/puppetlabs/puppetlabs-postgresql/pull/776) ([tphoney](https://github.com/tphoney)) -- Update config_entry.pp add ability to set log_min_duration_statement [#773](https://github.com/puppetlabs/puppetlabs-postgresql/pull/773) ([micah-uber](https://github.com/micah-uber)) -- Let the module handle OpenBSD 6.x versions [#772](https://github.com/puppetlabs/puppetlabs-postgresql/pull/772) ([buzzdeee](https://github.com/buzzdeee)) -- (MODULES-3442) Use empty array for missing resource relationships [#771](https://github.com/puppetlabs/puppetlabs-postgresql/pull/771) ([domcleal](https://github.com/domcleal)) -- don't create empty lines in recovery template [#769](https://github.com/puppetlabs/puppetlabs-postgresql/pull/769) ([bastelfreak](https://github.com/bastelfreak)) -- (maint) fix broken links in readme [#767](https://github.com/puppetlabs/puppetlabs-postgresql/pull/767) ([wkalt](https://github.com/wkalt)) -- (MODULES-3416) Add Fedora 24 with PostgreSQL 9.5 [#766](https://github.com/puppetlabs/puppetlabs-postgresql/pull/766) ([domcleal](https://github.com/domcleal)) -- Don't overwrite or calculate the environment twice [#761](https://github.com/puppetlabs/puppetlabs-postgresql/pull/761) ([janfabry](https://github.com/janfabry)) -- Fix validation script to work with FreeBSD. [#760](https://github.com/puppetlabs/puppetlabs-postgresql/pull/760) ([blackknight36](https://github.com/blackknight36)) -- Update to newest modulesync_configs [9ca280f] [#759](https://github.com/puppetlabs/puppetlabs-postgresql/pull/759) ([DavidS](https://github.com/DavidS)) -- (MODULES-3241) Add fedora 23 [#758](https://github.com/puppetlabs/puppetlabs-postgresql/pull/758) ([hunner](https://github.com/hunner)) -- (maint) fix test to run under strict variables [#755](https://github.com/puppetlabs/puppetlabs-postgresql/pull/755) ([DavidS](https://github.com/DavidS)) -- Adds timestamps into logs by default [#754](https://github.com/puppetlabs/puppetlabs-postgresql/pull/754) ([xprazak2](https://github.com/xprazak2)) -- Minor Fixes on the Documentation [#752](https://github.com/puppetlabs/puppetlabs-postgresql/pull/752) ([hasegeli](https://github.com/hasegeli)) -- prevent information leak of database user password [#749](https://github.com/puppetlabs/puppetlabs-postgresql/pull/749) ([buzzdeee](https://github.com/buzzdeee)) -- Remove unused variable and update template comment [#748](https://github.com/puppetlabs/puppetlabs-postgresql/pull/748) ([hunner](https://github.com/hunner)) -- Fix issues with missing parameters in `server` class [#747](https://github.com/puppetlabs/puppetlabs-postgresql/pull/747) ([cyberious](https://github.com/cyberious)) -- Ubuntu/vidid and newer use systemd [#746](https://github.com/puppetlabs/puppetlabs-postgresql/pull/746) ([mmoll](https://github.com/mmoll)) -- Mergeback 4.7.x to master [#745](https://github.com/puppetlabs/puppetlabs-postgresql/pull/745) ([bmjen](https://github.com/bmjen)) - -## [4.7.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.1) - 2016-02-18 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.0...4.7.1) - -### Other - -- Update quoting because addresses are not floats [#744](https://github.com/puppetlabs/puppetlabs-postgresql/pull/744) ([hunner](https://github.com/hunner)) -- 4.7.1 Release Prep [#743](https://github.com/puppetlabs/puppetlabs-postgresql/pull/743) ([bmjen](https://github.com/bmjen)) -- Revert "Add postgresql_version fact" [#742](https://github.com/puppetlabs/puppetlabs-postgresql/pull/742) ([bmjen](https://github.com/bmjen)) -- (FM-4046) Update to current msync configs [006831f] [#741](https://github.com/puppetlabs/puppetlabs-postgresql/pull/741) ([DavidS](https://github.com/DavidS)) -- Add missing onlyif_function to sequence grant code [#738](https://github.com/puppetlabs/puppetlabs-postgresql/pull/738) ([cfrantsen](https://github.com/cfrantsen)) -- correcting formatting error in README [#737](https://github.com/puppetlabs/puppetlabs-postgresql/pull/737) ([jbondpdx](https://github.com/jbondpdx)) -- postgres server init script naming on amazon linux ami [#736](https://github.com/puppetlabs/puppetlabs-postgresql/pull/736) ([Aselinux](https://github.com/Aselinux)) -- Correctly set $service_provider [#735](https://github.com/puppetlabs/puppetlabs-postgresql/pull/735) ([antaflos](https://github.com/antaflos)) -- Archlinux service reload parameter is incorrect. [#734](https://github.com/puppetlabs/puppetlabs-postgresql/pull/734) ([gfokkema](https://github.com/gfokkema)) -- Fix markdown error in README [#732](https://github.com/puppetlabs/puppetlabs-postgresql/pull/732) ([martijn](https://github.com/martijn)) -- amazon linux defaults to postgresql92 now [#731](https://github.com/puppetlabs/puppetlabs-postgresql/pull/731) ([shawn-sterling](https://github.com/shawn-sterling)) -- 4.7.x mergeback to master [#730](https://github.com/puppetlabs/puppetlabs-postgresql/pull/730) ([bmjen](https://github.com/bmjen)) -- Fix quoting [#729](https://github.com/puppetlabs/puppetlabs-postgresql/pull/729) ([hunner](https://github.com/hunner)) -- Allow puppetlabs-concat 2.x [#725](https://github.com/puppetlabs/puppetlabs-postgresql/pull/725) ([brandonweeks](https://github.com/brandonweeks)) -- Add postgresql_version fact [#720](https://github.com/puppetlabs/puppetlabs-postgresql/pull/720) ([jyaworski](https://github.com/jyaworski)) -- Fix password change failing [#719](https://github.com/puppetlabs/puppetlabs-postgresql/pull/719) ([matonb](https://github.com/matonb)) - -## [4.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.0) - 2016-02-02 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.1...4.7.0) - -### Other - -- (MODULES-3024) Quote database objects when creating databases [#727](https://github.com/puppetlabs/puppetlabs-postgresql/pull/727) ([supercow](https://github.com/supercow)) -- Escape case where password ends with '$'. [#726](https://github.com/puppetlabs/puppetlabs-postgresql/pull/726) ([Farzy](https://github.com/Farzy)) -- Changelog, metadata and nodeset update for 4.7.0 [#724](https://github.com/puppetlabs/puppetlabs-postgresql/pull/724) ([HelenCampbell](https://github.com/HelenCampbell)) -- Whoops [#723](https://github.com/puppetlabs/puppetlabs-postgresql/pull/723) ([hunner](https://github.com/hunner)) -- MODULES-3019 - Schedule apt update after install of repo [#722](https://github.com/puppetlabs/puppetlabs-postgresql/pull/722) ([erikanderson](https://github.com/erikanderson)) -- (MODULES-2960) Allow float postgresql_conf values [#721](https://github.com/puppetlabs/puppetlabs-postgresql/pull/721) ([hunner](https://github.com/hunner)) -- FM-4657: postgresql edit pass [#718](https://github.com/puppetlabs/puppetlabs-postgresql/pull/718) ([jbondpdx](https://github.com/jbondpdx)) -- Fix postgresql::server acceptance test descriptions [#717](https://github.com/puppetlabs/puppetlabs-postgresql/pull/717) ([gerhardsam](https://github.com/gerhardsam)) -- Add default postgis version for 9.5 [#716](https://github.com/puppetlabs/puppetlabs-postgresql/pull/716) ([hunner](https://github.com/hunner)) -- (FM-4049) update to modulesync_configs [#715](https://github.com/puppetlabs/puppetlabs-postgresql/pull/715) ([DavidS](https://github.com/DavidS)) -- DOC-1496: README re-write. [#714](https://github.com/puppetlabs/puppetlabs-postgresql/pull/714) ([jtappa](https://github.com/jtappa)) -- OpenBSD 5.9 will also ship a PostgreSQL 9.4 version [#712](https://github.com/puppetlabs/puppetlabs-postgresql/pull/712) ([buzzdeee](https://github.com/buzzdeee)) -- Add support for Ubuntu 15.10 [#711](https://github.com/puppetlabs/puppetlabs-postgresql/pull/711) ([pherjung](https://github.com/pherjung)) -- 4.6.x Mergeback [#710](https://github.com/puppetlabs/puppetlabs-postgresql/pull/710) ([HelenCampbell](https://github.com/HelenCampbell)) -- readme update: postgresql::server::db is a defined type not a class [#709](https://github.com/puppetlabs/puppetlabs-postgresql/pull/709) ([jessereynolds](https://github.com/jessereynolds)) - -## [4.6.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.1) - 2015-12-04 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.0...4.6.1) +###Summary -### Added +This release rolls up a bunch of bugfixes our users have found and fixed for +us over the last few months. This improves things for 9.1 users, and makes +this module usable on FreeBSD. -- Added parameter to disable automatic service restarts on config changes [#699](https://github.com/puppetlabs/puppetlabs-postgresql/pull/699) ([sw0x2A](https://github.com/sw0x2A)) +This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues +thanks to Puppet::Util::SUIDManager.run_and_capture. -### Other +####Features + - Add lc_ config entry settings + - Can pass template at database creation. + - Add FreeBSD support. + - Add support for customer `xlogdir` parameter. + - Switch tests from rspec-system to beaker. (This isn't really a feature) -- fix quote around locale options [#708](https://github.com/puppetlabs/puppetlabs-postgresql/pull/708) ([freegenie](https://github.com/freegenie)) -- 4.6.1 release prep [#707](https://github.com/puppetlabs/puppetlabs-postgresql/pull/707) ([tphoney](https://github.com/tphoney)) -- (maint) removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs [#706](https://github.com/puppetlabs/puppetlabs-postgresql/pull/706) ([bmjen](https://github.com/bmjen)) -- OpenBSD version is now 9.4 [#705](https://github.com/puppetlabs/puppetlabs-postgresql/pull/705) ([oriold](https://github.com/oriold)) -- Fix default paths for Amazon Linux [#704](https://github.com/puppetlabs/puppetlabs-postgresql/pull/704) ([downsj2](https://github.com/downsj2)) -- Fix line endings [#703](https://github.com/puppetlabs/puppetlabs-postgresql/pull/703) ([karyon](https://github.com/karyon)) -- Use double qoutes around database name. [#702](https://github.com/puppetlabs/puppetlabs-postgresql/pull/702) ([stintel](https://github.com/stintel)) -- Remove extra blanks and backslashes. [#701](https://github.com/puppetlabs/puppetlabs-postgresql/pull/701) ([smortex](https://github.com/smortex)) -- syntax error near UTF8 [#700](https://github.com/puppetlabs/puppetlabs-postgresql/pull/700) ([BobVanB](https://github.com/BobVanB)) -- "fedora 22 postgresql version 9.4" [#698](https://github.com/puppetlabs/puppetlabs-postgresql/pull/698) ([nibalizer](https://github.com/nibalizer)) -- Change apt::pin to apt_postgresql_org to prevent error message [#695](https://github.com/puppetlabs/puppetlabs-postgresql/pull/695) ([Danie](https://github.com/Danie)) -- MODULES-2525 - updated systemd-override to support fedora and CentOS paths for systemd [#694](https://github.com/puppetlabs/puppetlabs-postgresql/pull/694) ([jbehrends](https://github.com/jbehrends)) -- Fixes MODULES_2059 - adds extension argument [#693](https://github.com/puppetlabs/puppetlabs-postgresql/pull/693) ([frconil](https://github.com/frconil)) -- 4.6.x mergeback to master [#692](https://github.com/puppetlabs/puppetlabs-postgresql/pull/692) ([bmjen](https://github.com/bmjen)) -- updates metadata.json to match Puppet 4.x PMT output [#691](https://github.com/puppetlabs/puppetlabs-postgresql/pull/691) ([bmjen](https://github.com/bmjen)) -- removed inherits postgresql::params [#679](https://github.com/puppetlabs/puppetlabs-postgresql/pull/679) ([vicinus](https://github.com/vicinus)) +####Bugfixes + - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. + - Fix NOREPLICATION option for Postgres 9.1 + - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf + - Add $postgresql::server::client_package_name, referred to by install.pp + - Add missing service_provider/service_name descriptions in ::globals. + - Fix several smaller typos/issues throughout. + - Exec['postgresql_initdb'] needs to be done after $datadir exists + - Prevent defined resources from floating in the catalog. + - Fix granting all privileges on a table. + - Add some missing privileges. + - Remove deprecated and unused concat::fragment parameters. -## [4.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.0) - 2015-09-01 -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.5.0...4.6.0) +##2013-11-05 - Version 3.2.0 -### Other +###Summary -- (MAINT) do not run the multi-node tests by default [#689](https://github.com/puppetlabs/puppetlabs-postgresql/pull/689) ([DavidS](https://github.com/DavidS)) -- (MODULES-661) Remote DB support [#688](https://github.com/puppetlabs/puppetlabs-postgresql/pull/688) ([DavidS](https://github.com/DavidS)) -- 4_6_0 release prep [#682](https://github.com/puppetlabs/puppetlabs-postgresql/pull/682) ([tphoney](https://github.com/tphoney)) -- Decouple pg_hba_rule from postgresql::server [#678](https://github.com/puppetlabs/puppetlabs-postgresql/pull/678) ([npwalker](https://github.com/npwalker)) -- (MODULES-2211) Fixed systemd-override for RedHat systems with unmanag… [#677](https://github.com/puppetlabs/puppetlabs-postgresql/pull/677) ([cavaliercoder](https://github.com/cavaliercoder)) -- Fix postgis default package name on RedHat [#674](https://github.com/puppetlabs/puppetlabs-postgresql/pull/674) ([ckaenzig](https://github.com/ckaenzig)) -- Add proxy option for yum repositories [#672](https://github.com/puppetlabs/puppetlabs-postgresql/pull/672) ([GoozeyX](https://github.com/GoozeyX)) -- Allow for undefined PostGIS version. [#671](https://github.com/puppetlabs/puppetlabs-postgresql/pull/671) ([SteveMaddison](https://github.com/SteveMaddison)) +Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. -## [4.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.5.0) - 2015-07-28 +####Features +- Add versions for Ubuntu 13.10 and 14.04. +- Use default_database in validate_db_connection instead of a hardcoded +'postgres' +- Add globals/params layering for default_database. +- Allow specification of default database name. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.2...4.5.0) +####Bugs +- Fixes to the README. -### Other -- Prep 4.5.0 [#676](https://github.com/puppetlabs/puppetlabs-postgresql/pull/676) ([hunner](https://github.com/hunner)) -- Mergeback 4.4.x to master [#670](https://github.com/puppetlabs/puppetlabs-postgresql/pull/670) ([hunner](https://github.com/hunner)) -- Update README.md [#666](https://github.com/puppetlabs/puppetlabs-postgresql/pull/666) ([levenaux](https://github.com/levenaux)) +##2013-10-25 - Version 3.1.0 -## [4.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.2) - 2015-07-08 +###Summary -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.1...4.4.2) +This is a minor feature and bug fix release. -### Added +Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. -- (#2056) Added 9.4, corrected past versions based on docs [#625](https://github.com/puppetlabs/puppetlabs-postgresql/pull/625) ([cjestel](https://github.com/cjestel)) - -### Other - -- Fix incorrect metadata [#669](https://github.com/puppetlabs/puppetlabs-postgresql/pull/669) ([hunner](https://github.com/hunner)) -- updates metadata.json to include support for pe 2015.2 [#668](https://github.com/puppetlabs/puppetlabs-postgresql/pull/668) ([bmjen](https://github.com/bmjen)) -- 4.4.2 prep [#667](https://github.com/puppetlabs/puppetlabs-postgresql/pull/667) ([bmjen](https://github.com/bmjen)) -- Support granting permission on sequences. [#665](https://github.com/puppetlabs/puppetlabs-postgresql/pull/665) ([bmjen](https://github.com/bmjen)) -- (MODULES-2185) Fix `withenv` execution under Puppet 2.7 [#664](https://github.com/puppetlabs/puppetlabs-postgresql/pull/664) ([domcleal](https://github.com/domcleal)) -- 4.4.x mergeback [#662](https://github.com/puppetlabs/puppetlabs-postgresql/pull/662) ([bmjen](https://github.com/bmjen)) -- Add default values for more openSUSE and SLES distro versions [#615](https://github.com/puppetlabs/puppetlabs-postgresql/pull/615) ([tampakrap](https://github.com/tampakrap)) - -## [4.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.1) - 2015-07-01 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.0...4.4.1) - -### Other - -- Increment version number for 4.4.1 [#660](https://github.com/puppetlabs/puppetlabs-postgresql/pull/660) ([DavidS](https://github.com/DavidS)) -- (MODULES-2181) Fix variable scope for systemd-override [#659](https://github.com/puppetlabs/puppetlabs-postgresql/pull/659) ([kbarber](https://github.com/kbarber)) - -## [4.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.0) - 2015-06-30 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.3.0...4.4.0) - -### Other - -- fixes postgresql::server:recovery acceptance tests [#658](https://github.com/puppetlabs/puppetlabs-postgresql/pull/658) ([bmjen](https://github.com/bmjen)) -- adds acceptance tests for postgresql::server::recovery resource [#657](https://github.com/puppetlabs/puppetlabs-postgresql/pull/657) ([bmjen](https://github.com/bmjen)) -- updates release date on CHANGELOG [#655](https://github.com/puppetlabs/puppetlabs-postgresql/pull/655) ([bmjen](https://github.com/bmjen)) -- (FM-2931) fixes logic problem with onlyif type param validation. [#654](https://github.com/puppetlabs/puppetlabs-postgresql/pull/654) ([bmjen](https://github.com/bmjen)) -- (FM-2923) install net-tools for tests [#653](https://github.com/puppetlabs/puppetlabs-postgresql/pull/653) ([bmjen](https://github.com/bmjen)) -- (FM-2923) install net-tools for tests [#651](https://github.com/puppetlabs/puppetlabs-postgresql/pull/651) ([DavidS](https://github.com/DavidS)) -- (maint) Fix tests from #527 merge - Looks like copy tests mismatched logic of when it should expect changes [#650](https://github.com/puppetlabs/puppetlabs-postgresql/pull/650) ([cyberious](https://github.com/cyberious)) -- Sync with master [#648](https://github.com/puppetlabs/puppetlabs-postgresql/pull/648) ([bmjen](https://github.com/bmjen)) -- Unpins apt 1.8 dependency in fixtures.yml and spec_helper_acceptance. [#647](https://github.com/puppetlabs/puppetlabs-postgresql/pull/647) ([bmjen](https://github.com/bmjen)) -- Release 4.4.0 prep [#646](https://github.com/puppetlabs/puppetlabs-postgresql/pull/646) ([bmjen](https://github.com/bmjen)) -- (maint) Add beaker-puppet_install_helper and fix fact bug [#645](https://github.com/puppetlabs/puppetlabs-postgresql/pull/645) ([cyberious](https://github.com/cyberious)) -- Update dependencies [#644](https://github.com/puppetlabs/puppetlabs-postgresql/pull/644) ([underscorgan](https://github.com/underscorgan)) -- Show support for Puppet v4 in the metadata [#643](https://github.com/puppetlabs/puppetlabs-postgresql/pull/643) ([ghoneycutt](https://github.com/ghoneycutt)) -- tightens concat dependency to < 2.0.0 [#641](https://github.com/puppetlabs/puppetlabs-postgresql/pull/641) ([bmjen](https://github.com/bmjen)) -- Fixed systemd override for manage_repo package versions [#639](https://github.com/puppetlabs/puppetlabs-postgresql/pull/639) ([cdenneen](https://github.com/cdenneen)) -- Updated travisci file to remove allow_failures on Puppet 4 [#635](https://github.com/puppetlabs/puppetlabs-postgresql/pull/635) ([jonnytdevops](https://github.com/jonnytdevops)) -- Add plpython and postgresql-docs classes [#634](https://github.com/puppetlabs/puppetlabs-postgresql/pull/634) ([DavidS](https://github.com/DavidS)) -- disabling pg_hba_conf_defaults should not disable ipv4acls and ipv6ac… [#633](https://github.com/puppetlabs/puppetlabs-postgresql/pull/633) ([b0e](https://github.com/b0e)) -- Copy snakeoil certificate and key instead of symlinking [#629](https://github.com/puppetlabs/puppetlabs-postgresql/pull/629) ([mcanevet](https://github.com/mcanevet)) -- Support puppetlabs-concat 2.x [#626](https://github.com/puppetlabs/puppetlabs-postgresql/pull/626) ([domcleal](https://github.com/domcleal)) -- add ubuntu/vivid support [#624](https://github.com/puppetlabs/puppetlabs-postgresql/pull/624) ([saimonn](https://github.com/saimonn)) -- (#2049) Make title of psql resource for schema creation unique [#623](https://github.com/puppetlabs/puppetlabs-postgresql/pull/623) ([dirkweinhardt](https://github.com/dirkweinhardt)) -- Modulesync updates [#619](https://github.com/puppetlabs/puppetlabs-postgresql/pull/619) ([underscorgan](https://github.com/underscorgan)) -- Apt fix [#618](https://github.com/puppetlabs/puppetlabs-postgresql/pull/618) ([tphoney](https://github.com/tphoney)) -- (MODULES-2007) Fix Puppet.newtype deprecation warning [#616](https://github.com/puppetlabs/puppetlabs-postgresql/pull/616) ([roman-mueller](https://github.com/roman-mueller)) -- update fixtures file with new concat dependencies [#612](https://github.com/puppetlabs/puppetlabs-postgresql/pull/612) ([bmjen](https://github.com/bmjen)) -- Antaflos patch 2 [#609](https://github.com/puppetlabs/puppetlabs-postgresql/pull/609) ([hunner](https://github.com/hunner)) -- MODULES-1923 - Use the correct command with Puppet < 3.4 [#608](https://github.com/puppetlabs/puppetlabs-postgresql/pull/608) ([underscorgan](https://github.com/underscorgan)) -- Merge 4.3.x back to master [#605](https://github.com/puppetlabs/puppetlabs-postgresql/pull/605) ([hunner](https://github.com/hunner)) -- (MODULES-1761) Provide defined resource for managing recovery.conf [#603](https://github.com/puppetlabs/puppetlabs-postgresql/pull/603) ([dacrome](https://github.com/dacrome)) -- Reorder environment and require parameter, to unbreak [#602](https://github.com/puppetlabs/puppetlabs-postgresql/pull/602) ([buzzdeee](https://github.com/buzzdeee)) -- Fix URLs in metadata.json [#599](https://github.com/puppetlabs/puppetlabs-postgresql/pull/599) ([raphink](https://github.com/raphink)) -- (BKR-147) add Gemfile setting for BEAKER_VERSION for puppet... [#596](https://github.com/puppetlabs/puppetlabs-postgresql/pull/596) ([anodelman](https://github.com/anodelman)) -- Update apt key to full 40characters [#591](https://github.com/puppetlabs/puppetlabs-postgresql/pull/591) ([exptom](https://github.com/exptom)) -- Add param for specifying validate connection script in postgresql::client. [#410](https://github.com/puppetlabs/puppetlabs-postgresql/pull/410) ([riton](https://github.com/riton)) - -## [4.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.3.0) - 2015-03-25 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.2.0...4.3.0) - -### Other - -- Update readme with types docs [#598](https://github.com/puppetlabs/puppetlabs-postgresql/pull/598) ([hunner](https://github.com/hunner)) -- Update changelog for merge of #591 [#597](https://github.com/puppetlabs/puppetlabs-postgresql/pull/597) ([hunner](https://github.com/hunner)) -- Supported Release 4.3.0 [#595](https://github.com/puppetlabs/puppetlabs-postgresql/pull/595) ([hunner](https://github.com/hunner)) -- Testing updates [#593](https://github.com/puppetlabs/puppetlabs-postgresql/pull/593) ([cmurphy](https://github.com/cmurphy)) -- (MODULES-1878) properly quote create and drop extension statements [#592](https://github.com/puppetlabs/puppetlabs-postgresql/pull/592) ([exi](https://github.com/exi)) -- Since this was in an osfamily block it was getting picked up on ubuntu [#588](https://github.com/puppetlabs/puppetlabs-postgresql/pull/588) ([underscorgan](https://github.com/underscorgan)) -- Fix acceptance tests for EL [#587](https://github.com/puppetlabs/puppetlabs-postgresql/pull/587) ([underscorgan](https://github.com/underscorgan)) -- Adjust $service_status for Debian Jessie [#586](https://github.com/puppetlabs/puppetlabs-postgresql/pull/586) ([raphink](https://github.com/raphink)) -- Use space. Join seems to be defaulting to comma. [#585](https://github.com/puppetlabs/puppetlabs-postgresql/pull/585) ([kwolf-zz](https://github.com/kwolf-zz)) -- Fix specs for #567 [#584](https://github.com/puppetlabs/puppetlabs-postgresql/pull/584) ([hunner](https://github.com/hunner)) -- Fix the handling of run_unless_sql_command in puppet 4 [#583](https://github.com/puppetlabs/puppetlabs-postgresql/pull/583) ([hunner](https://github.com/hunner)) -- postgresql::server::extension needs to have defaults for postgresql_psql [#582](https://github.com/puppetlabs/puppetlabs-postgresql/pull/582) ([rvstaveren](https://github.com/rvstaveren)) -- Merge 4.2.x to master [#581](https://github.com/puppetlabs/puppetlabs-postgresql/pull/581) ([underscorgan](https://github.com/underscorgan)) -- Replication type [#580](https://github.com/puppetlabs/puppetlabs-postgresql/pull/580) ([raphink](https://github.com/raphink)) -- (MODULES-1834) Be less strict when changing template1 encoding [#579](https://github.com/puppetlabs/puppetlabs-postgresql/pull/579) ([sathieu](https://github.com/sathieu)) -- Make granting on ALL TABLES IN SCHEMA idempotent [#564](https://github.com/puppetlabs/puppetlabs-postgresql/pull/564) ([antaflos](https://github.com/antaflos)) -- Allowing validation of db connection for more than one user and port [#560](https://github.com/puppetlabs/puppetlabs-postgresql/pull/560) ([uuid0](https://github.com/uuid0)) - -## [4.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.2.0) - 2015-03-10 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.1.0...4.2.0) - -### Other - -- Remove references to host parameter since the vote was to revert that [#578](https://github.com/puppetlabs/puppetlabs-postgresql/pull/578) ([underscorgan](https://github.com/underscorgan)) -- Revert "(MODULES-661) Add host parameter to psql commands" [#577](https://github.com/puppetlabs/puppetlabs-postgresql/pull/577) ([underscorgan](https://github.com/underscorgan)) -- 4.2.0 prep [#576](https://github.com/puppetlabs/puppetlabs-postgresql/pull/576) ([underscorgan](https://github.com/underscorgan)) -- Rework defaults for `$object_name` in `postgresql::server::grant` [#574](https://github.com/puppetlabs/puppetlabs-postgresql/pull/574) ([underscorgan](https://github.com/underscorgan)) -- Openbsd support [#573](https://github.com/puppetlabs/puppetlabs-postgresql/pull/573) ([underscorgan](https://github.com/underscorgan)) -- README had outdated upgrade info [#572](https://github.com/puppetlabs/puppetlabs-postgresql/pull/572) ([underscorgan](https://github.com/underscorgan)) -- (MAINT) Fixes incorrect rspec it description [#570](https://github.com/puppetlabs/puppetlabs-postgresql/pull/570) ([petems](https://github.com/petems)) -- (MODULES-661) Add host parameter to psql commands [#568](https://github.com/puppetlabs/puppetlabs-postgresql/pull/568) ([petems](https://github.com/petems)) -- Use correct TCP port when checking password [#567](https://github.com/puppetlabs/puppetlabs-postgresql/pull/567) ([antaflos](https://github.com/antaflos)) -- Fix for future parser [#566](https://github.com/puppetlabs/puppetlabs-postgresql/pull/566) ([mcanevet](https://github.com/mcanevet)) -- create role before database [#565](https://github.com/puppetlabs/puppetlabs-postgresql/pull/565) ([gerhardsam](https://github.com/gerhardsam)) -- This wasn't matching anything other than psql 8 [#562](https://github.com/puppetlabs/puppetlabs-postgresql/pull/562) ([hunner](https://github.com/hunner)) -- doc links should point to /current/ rather than a specific version [#561](https://github.com/puppetlabs/puppetlabs-postgresql/pull/561) ([igalic](https://github.com/igalic)) -- Fix comment detection [#559](https://github.com/puppetlabs/puppetlabs-postgresql/pull/559) ([hunner](https://github.com/hunner)) -- Fix comment detection [#558](https://github.com/puppetlabs/puppetlabs-postgresql/pull/558) ([hunner](https://github.com/hunner)) -- Require server package before user permissions [#557](https://github.com/puppetlabs/puppetlabs-postgresql/pull/557) ([hunner](https://github.com/hunner)) -- Pin rspec gems [#556](https://github.com/puppetlabs/puppetlabs-postgresql/pull/556) ([cmurphy](https://github.com/cmurphy)) -- change example of postgresql::server::role definition to version 3 [#555](https://github.com/puppetlabs/puppetlabs-postgresql/pull/555) ([phaf](https://github.com/phaf)) -- FreeBSD PostgreSQL wouldn't start first time [#554](https://github.com/puppetlabs/puppetlabs-postgresql/pull/554) ([leepa](https://github.com/leepa)) -- Replace require by include [#553](https://github.com/puppetlabs/puppetlabs-postgresql/pull/553) ([PierreR](https://github.com/PierreR)) -- Fix lint warnings [#552](https://github.com/puppetlabs/puppetlabs-postgresql/pull/552) ([juniorsysadmin](https://github.com/juniorsysadmin)) -- (MODULES-1153) Add database comment parameter [#551](https://github.com/puppetlabs/puppetlabs-postgresql/pull/551) ([juniorsysadmin](https://github.com/juniorsysadmin)) -- Fix invalid byte sequence in US-ASCII error [#549](https://github.com/puppetlabs/puppetlabs-postgresql/pull/549) ([arioch](https://github.com/arioch)) -- Add IntelliJ files to the ignore list [#548](https://github.com/puppetlabs/puppetlabs-postgresql/pull/548) ([cmurphy](https://github.com/cmurphy)) -- Update .travis.yml, Gemfile, Rakefile, and CONTRIBUTING.md [#544](https://github.com/puppetlabs/puppetlabs-postgresql/pull/544) ([cmurphy](https://github.com/cmurphy)) -- Update README.md [#542](https://github.com/puppetlabs/puppetlabs-postgresql/pull/542) ([dhoppe](https://github.com/dhoppe)) -- Minor README internal resource linking fixes. [#541](https://github.com/puppetlabs/puppetlabs-postgresql/pull/541) ([bemosior](https://github.com/bemosior)) -- Fix/encoding [#540](https://github.com/puppetlabs/puppetlabs-postgresql/pull/540) ([mcanevet](https://github.com/mcanevet)) -- MODULES-1522 Add service_manage parameter [#539](https://github.com/puppetlabs/puppetlabs-postgresql/pull/539) ([juniorsysadmin](https://github.com/juniorsysadmin)) -- Allow per-schema grants and support for 'ALL TABLES IN SCHEMA' [#538](https://github.com/puppetlabs/puppetlabs-postgresql/pull/538) ([mattbostock](https://github.com/mattbostock)) -- Update for using Geppetto plugin in CI [#537](https://github.com/puppetlabs/puppetlabs-postgresql/pull/537) ([justinstoller](https://github.com/justinstoller)) -- Fixing autodetected version for Debian Jessie, which should use postgresql 9.4 [#535](https://github.com/puppetlabs/puppetlabs-postgresql/pull/535) ([Zouuup](https://github.com/Zouuup)) -- MODULES-1485 Reverted to default behavior for Debian systems as pg_config should not be overridden [#534](https://github.com/puppetlabs/puppetlabs-postgresql/pull/534) ([cyberious](https://github.com/cyberious)) -- FM-1523: Added module summary to metadata.json [#532](https://github.com/puppetlabs/puppetlabs-postgresql/pull/532) ([jbondpdx](https://github.com/jbondpdx)) -- add utopic support [#529](https://github.com/puppetlabs/puppetlabs-postgresql/pull/529) ([pherjung](https://github.com/pherjung)) -- merge 4.1.x into master [#526](https://github.com/puppetlabs/puppetlabs-postgresql/pull/526) ([underscorgan](https://github.com/underscorgan)) -- Add postgresql::server::extension definition [#521](https://github.com/puppetlabs/puppetlabs-postgresql/pull/521) ([raphink](https://github.com/raphink)) - -## [4.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.1.0) - 2014-11-04 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.0.0...4.1.0) - -### Other - -- Let's actually have the version number [#525](https://github.com/puppetlabs/puppetlabs-postgresql/pull/525) ([underscorgan](https://github.com/underscorgan)) -- Fix errors with future parser [#520](https://github.com/puppetlabs/puppetlabs-postgresql/pull/520) ([underscorgan](https://github.com/underscorgan)) -- 4.1.0 prep [#519](https://github.com/puppetlabs/puppetlabs-postgresql/pull/519) ([underscorgan](https://github.com/underscorgan)) -- Fix data directory handling [#517](https://github.com/puppetlabs/puppetlabs-postgresql/pull/517) ([cmurphy](https://github.com/cmurphy)) -- Added fc21 default version [#516](https://github.com/puppetlabs/puppetlabs-postgresql/pull/516) ([david-caro](https://github.com/david-caro)) -- Link to the sysconfig file for the init script of the PGDG postgresql se... [#515](https://github.com/puppetlabs/puppetlabs-postgresql/pull/515) ([lofic](https://github.com/lofic)) -- Adds support for PGDATA changing [#514](https://github.com/puppetlabs/puppetlabs-postgresql/pull/514) ([mixacha](https://github.com/mixacha)) -- Update PE compatibility info in metadata [#512](https://github.com/puppetlabs/puppetlabs-postgresql/pull/512) ([cmurphy](https://github.com/cmurphy)) -- Add some missing params documentation [#508](https://github.com/puppetlabs/puppetlabs-postgresql/pull/508) ([ckaenzig](https://github.com/ckaenzig)) -- $login parameter in server/role.pp defaults to true. doc says false. [#506](https://github.com/puppetlabs/puppetlabs-postgresql/pull/506) ([tobyw4n](https://github.com/tobyw4n)) -- fix future parser error [#504](https://github.com/puppetlabs/puppetlabs-postgresql/pull/504) ([steeef](https://github.com/steeef)) -- Fixed description for schema example [#503](https://github.com/puppetlabs/puppetlabs-postgresql/pull/503) ([petehayes](https://github.com/petehayes)) -- Fix some typo's in Readme and specfile. [#502](https://github.com/puppetlabs/puppetlabs-postgresql/pull/502) ([aswen](https://github.com/aswen)) -- postgresql.org now has a RHEL7 repo available [#501](https://github.com/puppetlabs/puppetlabs-postgresql/pull/501) ([cfeskens](https://github.com/cfeskens)) -- ticket/MODULES-1298 [#484](https://github.com/puppetlabs/puppetlabs-postgresql/pull/484) ([tbartelmess](https://github.com/tbartelmess)) - -## [4.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.0.0) - 2014-09-10 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.2...4.0.0) - -### Other - -- We don't test on Scientific 7 [#499](https://github.com/puppetlabs/puppetlabs-postgresql/pull/499) ([underscorgan](https://github.com/underscorgan)) -- Include postgresql::server class for specs [#497](https://github.com/puppetlabs/puppetlabs-postgresql/pull/497) ([hunner](https://github.com/hunner)) -- Update metadata for 4.0 [#496](https://github.com/puppetlabs/puppetlabs-postgresql/pull/496) ([underscorgan](https://github.com/underscorgan)) -- Force concat install [#493](https://github.com/puppetlabs/puppetlabs-postgresql/pull/493) ([underscorgan](https://github.com/underscorgan)) -- Force concat install [#492](https://github.com/puppetlabs/puppetlabs-postgresql/pull/492) ([underscorgan](https://github.com/underscorgan)) -- Remove trailing whitespace. [#489](https://github.com/puppetlabs/puppetlabs-postgresql/pull/489) ([apenney](https://github.com/apenney)) -- Fix port changing. [#488](https://github.com/puppetlabs/puppetlabs-postgresql/pull/488) ([apenney](https://github.com/apenney)) -- Allow failures. [#487](https://github.com/puppetlabs/puppetlabs-postgresql/pull/487) ([apenney](https://github.com/apenney)) -- Fix the spec helper to apply selinux to agents only. [#486](https://github.com/puppetlabs/puppetlabs-postgresql/pull/486) ([apenney](https://github.com/apenney)) -- This can't be refreshonly. [#485](https://github.com/puppetlabs/puppetlabs-postgresql/pull/485) ([apenney](https://github.com/apenney)) -- Unfortunately this didn't work on > 9.3 in practice. [#483](https://github.com/puppetlabs/puppetlabs-postgresql/pull/483) ([apenney](https://github.com/apenney)) -- Revert "Support changing PGDATA on RedHat" [#481](https://github.com/puppetlabs/puppetlabs-postgresql/pull/481) ([apenney](https://github.com/apenney)) -- Update spec_helper for more consistency [#480](https://github.com/puppetlabs/puppetlabs-postgresql/pull/480) ([underscorgan](https://github.com/underscorgan)) -- Fix indentation. [#479](https://github.com/puppetlabs/puppetlabs-postgresql/pull/479) ([apenney](https://github.com/apenney)) -- Fix lsbmajdistreleasee fact for Ubuntu [#477](https://github.com/puppetlabs/puppetlabs-postgresql/pull/477) ([kbarber](https://github.com/kbarber)) -- Remove firewall management [#476](https://github.com/puppetlabs/puppetlabs-postgresql/pull/476) ([hunner](https://github.com/hunner)) -- Bump deps for postgresql 4.0 release [#475](https://github.com/puppetlabs/puppetlabs-postgresql/pull/475) ([hunner](https://github.com/hunner)) -- Don't test on 3.5.0.rc3 any more [#474](https://github.com/puppetlabs/puppetlabs-postgresql/pull/474) ([hunner](https://github.com/hunner)) -- Support changing PGDATA on RedHat [#473](https://github.com/puppetlabs/puppetlabs-postgresql/pull/473) ([mhjacks](https://github.com/mhjacks)) -- Fixed deprecation warning for class param in server.pp. [#471](https://github.com/puppetlabs/puppetlabs-postgresql/pull/471) ([poikilotherm](https://github.com/poikilotherm)) -- remove duplicatie "description" line from Metadata.json [#470](https://github.com/puppetlabs/puppetlabs-postgresql/pull/470) ([igalic](https://github.com/igalic)) -- Fixes the accidental erasing of pg_ident.conf [#464](https://github.com/puppetlabs/puppetlabs-postgresql/pull/464) ([txaj](https://github.com/txaj)) -- doc: Fix anchor links in README TOC [#459](https://github.com/puppetlabs/puppetlabs-postgresql/pull/459) ([juxtin](https://github.com/juxtin)) -- Add correct documentation for pg_ident_rule type [#458](https://github.com/puppetlabs/puppetlabs-postgresql/pull/458) ([stdietrich](https://github.com/stdietrich)) -- MODULES-1213 link pg_config binary into /usr/bin if not already in /usr/bin or /usr/local/bin [#450](https://github.com/puppetlabs/puppetlabs-postgresql/pull/450) ([jantman](https://github.com/jantman)) -- Initdb should create xlogdir if it has been set. [#448](https://github.com/puppetlabs/puppetlabs-postgresql/pull/448) ([aswen](https://github.com/aswen)) -- Add support for SLES 11 [#437](https://github.com/puppetlabs/puppetlabs-postgresql/pull/437) ([dinerroger](https://github.com/dinerroger)) - -## [3.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.2) - 2014-08-06 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.1...3.4.2) - -### Other - -- This seems to fix up selinux for tablespace. [#463](https://github.com/puppetlabs/puppetlabs-postgresql/pull/463) ([apenney](https://github.com/apenney)) -- Prepare 3.4.2 release. [#462](https://github.com/puppetlabs/puppetlabs-postgresql/pull/462) ([apenney](https://github.com/apenney)) -- Make sure this works on Fedora as well as RHEL7. [#461](https://github.com/puppetlabs/puppetlabs-postgresql/pull/461) ([apenney](https://github.com/apenney)) -- Manage pg_ident.conf by default [#460](https://github.com/puppetlabs/puppetlabs-postgresql/pull/460) ([hunner](https://github.com/hunner)) -- doc: use postgresql::*server*::tablespace in example [#457](https://github.com/puppetlabs/puppetlabs-postgresql/pull/457) ([igalic](https://github.com/igalic)) -- defined type for creating database schemas [#456](https://github.com/puppetlabs/puppetlabs-postgresql/pull/456) ([igalic](https://github.com/igalic)) -- Merge 3.4.x changes into master. [#454](https://github.com/puppetlabs/puppetlabs-postgresql/pull/454) ([apenney](https://github.com/apenney)) -- Fix Fedora support by configuring systemd, not /etc/sysconfig [#453](https://github.com/puppetlabs/puppetlabs-postgresql/pull/453) ([kbarber](https://github.com/kbarber)) -- Create the pg_ident_rule defined type [#452](https://github.com/puppetlabs/puppetlabs-postgresql/pull/452) ([txaj](https://github.com/txaj)) - -## [3.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.1) - 2014-07-21 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.0...3.4.1) - -### Other - -- Prepare a 3.4.1 release. [#451](https://github.com/puppetlabs/puppetlabs-postgresql/pull/451) ([apenney](https://github.com/apenney)) -- Spec tests rewrite [#449](https://github.com/puppetlabs/puppetlabs-postgresql/pull/449) ([apenney](https://github.com/apenney)) -- Remove the ensure => absent uninstall code. [#442](https://github.com/puppetlabs/puppetlabs-postgresql/pull/442) ([apenney](https://github.com/apenney)) - -## [3.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.0) - 2014-07-09 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.3...3.4.0) +The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. -### Added +And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. -- postgis support [#280](https://github.com/puppetlabs/puppetlabs-postgresql/pull/280) ([kitchen](https://github.com/kitchen)) +####Features +- Defined $default_version for Fedora 17 (Bret Comnes) +- add search_path attribute to postgresql_psql resource (Jeremy Kitchen) +- (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) -### Fixed +####Bugs +- enabling defined postgres user password without resetting on every puppet run (jonoterc) +- periods are valid in configuration variables also (Jeremy Kitchen) +- Add zero length string to join() function (Jarl Stefansson) +- add require of install to reload class (cdenneen) +- (GH-198) Fix race condition on postgresql startup (Ken Barber) +- Remove concat::setup for include in preparation for the next concat release (Ken Barber) -- Fix postgresql_conf quote logic [#297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/297) ([reidmv](https://github.com/reidmv)) - -### Other - -- Reword the postgis unsupported information. [#444](https://github.com/puppetlabs/puppetlabs-postgresql/pull/444) ([apenney](https://github.com/apenney)) -- Add validate and lint tasks to travis script [#443](https://github.com/puppetlabs/puppetlabs-postgresql/pull/443) ([cmurphy](https://github.com/cmurphy)) -- Remove postgis support for now. [#441](https://github.com/puppetlabs/puppetlabs-postgresql/pull/441) ([apenney](https://github.com/apenney)) -- This corrects the location of the pg_hba config file on debian oses in tests [#440](https://github.com/puppetlabs/puppetlabs-postgresql/pull/440) ([justinstoller](https://github.com/justinstoller)) -- Synchronize .travis.yml [#439](https://github.com/puppetlabs/puppetlabs-postgresql/pull/439) ([cmurphy](https://github.com/cmurphy)) -- Fix trailing }. [#436](https://github.com/puppetlabs/puppetlabs-postgresql/pull/436) ([apenney](https://github.com/apenney)) -- Start synchronizing module files [#435](https://github.com/puppetlabs/puppetlabs-postgresql/pull/435) ([cmurphy](https://github.com/cmurphy)) -- So long, Modulefile! [#434](https://github.com/puppetlabs/puppetlabs-postgresql/pull/434) ([apenney](https://github.com/apenney)) -- Add workaround for selinux. [#433](https://github.com/puppetlabs/puppetlabs-postgresql/pull/433) ([apenney](https://github.com/apenney)) -- Clean the yum cache before adding repo [#430](https://github.com/puppetlabs/puppetlabs-postgresql/pull/430) ([hunner](https://github.com/hunner)) -- Rspec pinning [#429](https://github.com/puppetlabs/puppetlabs-postgresql/pull/429) ([underscorgan](https://github.com/underscorgan)) -- Fix Ubuntu 14.04 tests for now. [#427](https://github.com/puppetlabs/puppetlabs-postgresql/pull/427) ([apenney](https://github.com/apenney)) -- (MODULES-775) Fix refresh/unless parameter interactions [#426](https://github.com/puppetlabs/puppetlabs-postgresql/pull/426) ([domcleal](https://github.com/domcleal)) -- Log output on failures [#425](https://github.com/puppetlabs/puppetlabs-postgresql/pull/425) ([hunner](https://github.com/hunner)) -- Remove eq('') tests thanks to the new deprecation warnings. [#424](https://github.com/puppetlabs/puppetlabs-postgresql/pull/424) ([apenney](https://github.com/apenney)) -- Ensure db user exists before validating db connection [#422](https://github.com/puppetlabs/puppetlabs-postgresql/pull/422) ([claytono](https://github.com/claytono)) -- Change selector statements to have default listed last [#421](https://github.com/puppetlabs/puppetlabs-postgresql/pull/421) ([blkperl](https://github.com/blkperl)) -- 3.4.0 prep [#420](https://github.com/puppetlabs/puppetlabs-postgresql/pull/420) ([underscorgan](https://github.com/underscorgan)) -- Set fallback postgis_version to undef so that catalog still compiles if d... [#419](https://github.com/puppetlabs/puppetlabs-postgresql/pull/419) ([mcanevet](https://github.com/mcanevet)) -- Add RHEL7 and Ubuntu 14.04. [#417](https://github.com/puppetlabs/puppetlabs-postgresql/pull/417) ([apenney](https://github.com/apenney)) -- Merge33x [#416](https://github.com/puppetlabs/puppetlabs-postgresql/pull/416) ([apenney](https://github.com/apenney)) -- [WIP] Fixes to tests and RHEL7 support. [#415](https://github.com/puppetlabs/puppetlabs-postgresql/pull/415) ([apenney](https://github.com/apenney)) -- Support Debian Jessie [#414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/414) ([lucas42](https://github.com/lucas42)) -- tag postgresql-jdbc package to fix package repo dependency [#413](https://github.com/puppetlabs/puppetlabs-postgresql/pull/413) ([rdark](https://github.com/rdark)) -- Fix tests 1404 [#412](https://github.com/puppetlabs/puppetlabs-postgresql/pull/412) ([apenney](https://github.com/apenney)) -- [WIP] (don't merge) Fix for Ubuntu 14.04. [#411](https://github.com/puppetlabs/puppetlabs-postgresql/pull/411) ([apenney](https://github.com/apenney)) -- Update apt.postgresql.org key url [#409](https://github.com/puppetlabs/puppetlabs-postgresql/pull/409) ([mnencia](https://github.com/mnencia)) -- Fix wrong config option in README [#408](https://github.com/puppetlabs/puppetlabs-postgresql/pull/408) ([fredj](https://github.com/fredj)) -- (MODULES-630) Deprecate postgresql::server::version [#407](https://github.com/puppetlabs/puppetlabs-postgresql/pull/407) ([hunner](https://github.com/hunner)) -- Fix how to run the acceptance tests [#406](https://github.com/puppetlabs/puppetlabs-postgresql/pull/406) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) -- Add support for port parameter to postgresql::server [#404](https://github.com/puppetlabs/puppetlabs-postgresql/pull/404) ([thunderkeys](https://github.com/thunderkeys)) -- Add strict_variables support in unit tests [#402](https://github.com/puppetlabs/puppetlabs-postgresql/pull/402) ([mcanevet](https://github.com/mcanevet)) -- Add class postgresql::lib::perl for perl support [#401](https://github.com/puppetlabs/puppetlabs-postgresql/pull/401) ([cfeskens](https://github.com/cfeskens)) -- Fixed travis by updating Gemfile to pin Rake to 10.1.1 [#398](https://github.com/puppetlabs/puppetlabs-postgresql/pull/398) ([igalic](https://github.com/igalic)) -- Allow the ex- and import of postgresql::server::db [#397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/397) ([pieterlexis](https://github.com/pieterlexis)) -- Postgresql server role inherit support [#395](https://github.com/puppetlabs/puppetlabs-postgresql/pull/395) ([thunderkeys](https://github.com/thunderkeys)) -- Fix unit tests with rspec-puppet 1.0 [#393](https://github.com/puppetlabs/puppetlabs-postgresql/pull/393) ([mcanevet](https://github.com/mcanevet)) -- Fix FreeBSD support [#391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/391) ([geoffgarside](https://github.com/geoffgarside)) -- change pg_hba.conf to be owned by postgres user account [#372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/372) ([jhoblitt](https://github.com/jhoblitt)) - -## [3.3.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.3) - 2014-03-06 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.2...3.3.3) - -### Other - -- Remove autorelease [#388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/388) ([hunner](https://github.com/hunner)) -- Change error detection for version to after other parameters [#387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/387) ([hunner](https://github.com/hunner)) -- Prepare 3.3.3 supported release. [#386](https://github.com/puppetlabs/puppetlabs-postgresql/pull/386) ([apenney](https://github.com/apenney)) -- Replace the symlink with the actual file to resolve a PMT issue. [#385](https://github.com/puppetlabs/puppetlabs-postgresql/pull/385) ([apenney](https://github.com/apenney)) - -## [3.3.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.2) - 2014-03-03 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.1...3.3.2) - -### Other - -- Patch metadata [#384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/384) ([hunner](https://github.com/hunner)) -- Add install instructions for supported module version [#383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/383) ([lrnrthr](https://github.com/lrnrthr)) -- Supported Release 3.3.2 [#382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/382) ([hunner](https://github.com/hunner)) -- Prepare metadata for supported modules release. [#381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/381) ([apenney](https://github.com/apenney)) -- Adds "Release Notes/Known Bugs" to Changelog, updates file format to markdown, standardizes the format of previous entries [#380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/380) ([lrnrthr](https://github.com/lrnrthr)) -- Use the correct encoding. [#379](https://github.com/puppetlabs/puppetlabs-postgresql/pull/379) ([apenney](https://github.com/apenney)) -- Fix the locale generation for Debian. [#378](https://github.com/puppetlabs/puppetlabs-postgresql/pull/378) ([apenney](https://github.com/apenney)) -- Ensure we call out the locales-all requirement. [#377](https://github.com/puppetlabs/puppetlabs-postgresql/pull/377) ([apenney](https://github.com/apenney)) -- Add class apt for manage_package_repo => true [#375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/375) ([hunner](https://github.com/hunner)) -- Missed these [#374](https://github.com/puppetlabs/puppetlabs-postgresql/pull/374) ([hunner](https://github.com/hunner)) -- Add unsupported platforms [#373](https://github.com/puppetlabs/puppetlabs-postgresql/pull/373) ([hunner](https://github.com/hunner)) -- Switch to a regex match to ignore \n's. [#371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/371) ([apenney](https://github.com/apenney)) -- Missing lsbdistid stub for apt module [#369](https://github.com/puppetlabs/puppetlabs-postgresql/pull/369) ([hunner](https://github.com/hunner)) -- This fixes this test to work in the face of oppressive SELinux! [#368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/368) ([apenney](https://github.com/apenney)) -- remove trailing whitespace [#366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/366) ([justinstoller](https://github.com/justinstoller)) -- use fully-qualified path to psql to set password [#365](https://github.com/puppetlabs/puppetlabs-postgresql/pull/365) ([igalic](https://github.com/igalic)) -- Release 3.3.1 [#364](https://github.com/puppetlabs/puppetlabs-postgresql/pull/364) ([hunner](https://github.com/hunner)) - -## [3.3.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.1) - 2014-02-12 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.0...3.3.1) - -### Other - -- Allow custom gemsource [#363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/363) ([hunner](https://github.com/hunner)) -- Prepare a 3.3.0 release. [#356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/356) ([apenney](https://github.com/apenney)) - -## [3.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.0) - 2014-01-28 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.2.0...3.3.0) -### Added +##2013-10-14 - Version 3.0.0 -- Add support to custom xlogdir parameter [#256](https://github.com/puppetlabs/puppetlabs-postgresql/pull/256) ([mnencia](https://github.com/mnencia)) - -### Other - -- Prepare a 3.3.0 release. [#356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/356) ([apenney](https://github.com/apenney)) -- Travis [#354](https://github.com/puppetlabs/puppetlabs-postgresql/pull/354) ([ghoneycutt](https://github.com/ghoneycutt)) -- Beaker specs [#353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/353) ([apenney](https://github.com/apenney)) -- Update README.md [#349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/349) ([riconnon](https://github.com/riconnon)) -- Fix typo, clearly from a copy/paste mistake [#347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/347) ([mhagander](https://github.com/mhagander)) -- fix for concat error [#343](https://github.com/puppetlabs/puppetlabs-postgresql/pull/343) ([flypenguin](https://github.com/flypenguin)) -- use Puppet::Util::Execute.execute with puppet >= 3.4 [#340](https://github.com/puppetlabs/puppetlabs-postgresql/pull/340) ([jhoblitt](https://github.com/jhoblitt)) -- Rspec puppet fixes [#339](https://github.com/puppetlabs/puppetlabs-postgresql/pull/339) ([jhoblitt](https://github.com/jhoblitt)) -- README.md postgresql::globals class parameter description fix [#335](https://github.com/puppetlabs/puppetlabs-postgresql/pull/335) ([dgolja](https://github.com/dgolja)) -- Fix NOREPLICATION option for Postgres 9.1 [#333](https://github.com/puppetlabs/puppetlabs-postgresql/pull/333) ([brandonwamboldt](https://github.com/brandonwamboldt)) -- (feat) Add FreeBSD Support [#327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/327) ([zachfi](https://github.com/zachfi)) -- $postgresql::server::client_package_name is referred from install.pp, bu... [#325](https://github.com/puppetlabs/puppetlabs-postgresql/pull/325) ([aadamovich](https://github.com/aadamovich)) -- Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf [#324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/324) ([aadamovich](https://github.com/aadamovich)) -- Unable to run spec tests from behind firewall [#323](https://github.com/puppetlabs/puppetlabs-postgresql/pull/323) ([](https://github.com/)) -- Added newline at end of file [#322](https://github.com/puppetlabs/puppetlabs-postgresql/pull/322) ([bcomnes](https://github.com/bcomnes)) -- (FM-486) Fix deprecated Puppet::Util::SUIDManager.run_and_capture [#320](https://github.com/puppetlabs/puppetlabs-postgresql/pull/320) ([apenney](https://github.com/apenney)) -- Prevent float of defined resource. [#317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/317) ([tmclaugh](https://github.com/tmclaugh)) -- Can pass template at database creation [#316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/316) ([mcanevet](https://github.com/mcanevet)) -- Exec['postgresql_initdb'] needs to be done after $datadir exists [#313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/313) ([tmclaugh](https://github.com/tmclaugh)) -- Remove deprecated and unused parameters to concat::fragment [#311](https://github.com/puppetlabs/puppetlabs-postgresql/pull/311) ([kronn](https://github.com/kronn)) -- Fix table_grant_spec to show a bug [#310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/310) ([mcanevet](https://github.com/mcanevet)) -- add lc_* config entry settings [#309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/309) ([leehanel](https://github.com/leehanel)) -- Prepare a 3.2.0 release. [#306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/306) ([apenney](https://github.com/apenney)) - -## [3.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.2.0) - 2013-11-05 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.1.0...3.2.0) - -### Other - -- Missing depedenncy '->' and class misspelled (missing ending s) [#302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/302) ([dgolja](https://github.com/dgolja)) -- Spelling and redundancy fix in README [#301](https://github.com/puppetlabs/puppetlabs-postgresql/pull/301) ([dawik](https://github.com/dawik)) -- Allow specification of default database name [#298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/298) ([reidmv](https://github.com/reidmv)) -- Add default PostgreSQL version for Ubuntu 13.10 [#296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/296) ([kamilszymanski](https://github.com/kamilszymanski)) -- Release 3.1.0 [#294](https://github.com/puppetlabs/puppetlabs-postgresql/pull/294) ([kbarber](https://github.com/kbarber)) - -## [3.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.1.0) - 2013-10-25 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0...3.1.0) +Final release of 3.0, enjoy! -### Fixed -- (GH-198) Fix race condition on startup [#292](https://github.com/puppetlabs/puppetlabs-postgresql/pull/292) ([kbarber](https://github.com/kbarber)) +##2013-10-14 - Version 3.0.0-rc3 -### Other +###Summary -- Add autopublishing. [#295](https://github.com/puppetlabs/puppetlabs-postgresql/pull/295) ([apenney](https://github.com/apenney)) -- Release 3.1.0 [#294](https://github.com/puppetlabs/puppetlabs-postgresql/pull/294) ([kbarber](https://github.com/kbarber)) -- Update server.pp [#291](https://github.com/puppetlabs/puppetlabs-postgresql/pull/291) ([cdenneen](https://github.com/cdenneen)) -- Add zero length string to join() function [#286](https://github.com/puppetlabs/puppetlabs-postgresql/pull/286) ([antevens](https://github.com/antevens)) -- periods are valid in configuration variables also [#284](https://github.com/puppetlabs/puppetlabs-postgresql/pull/284) ([kitchen](https://github.com/kitchen)) -- enable setting the postgres user's password without resetting the password on every puppet run [#281](https://github.com/puppetlabs/puppetlabs-postgresql/pull/281) ([jonoterc](https://github.com/jonoterc)) -- Prepare 3.0.0 release. [#279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/279) ([apenney](https://github.com/apenney)) -- add search_path attribute to postgresql_psql resource [#275](https://github.com/puppetlabs/puppetlabs-postgresql/pull/275) ([kitchen](https://github.com/kitchen)) -- Defined $default_version for Fedora 17 [#264](https://github.com/puppetlabs/puppetlabs-postgresql/pull/264) ([bcomnes](https://github.com/bcomnes)) +Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well +as allowing owner to be passed into x. -## [3.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0) - 2013-10-16 +####Features +- `manage_pg_hba_conf` parameter added to control pg_hba.conf management. +- `owner` parameter added to server::db. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc3...3.0.0) -### Other +##2013-10-09 - Version 3.0.0-rc2 -- Prepare 3.0.0-rc3 release. [#278](https://github.com/puppetlabs/puppetlabs-postgresql/pull/278) ([apenney](https://github.com/apenney)) +###Summary -## [3.0.0-rc3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc3) - 2013-10-16 +A few bugfixes have been found since -rc1. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc2...3.0.0-rc3) +####Fixes +- Special case for $datadir on Amazon +- Fix documentation about username/password for the postgresql_hash function -### Other -- Prepare 3.0.0-rc3 release. [#278](https://github.com/puppetlabs/puppetlabs-postgresql/pull/278) ([apenney](https://github.com/apenney)) -- Expose owner in db definition [#273](https://github.com/puppetlabs/puppetlabs-postgresql/pull/273) ([ares](https://github.com/ares)) -- Prepare 3.0.0-rc2 release. [#272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/272) ([apenney](https://github.com/apenney)) -- Add a parameter to (un)manage pg_hba.conf [#261](https://github.com/puppetlabs/puppetlabs-postgresql/pull/261) ([mcanevet](https://github.com/mcanevet)) +##2013-10-01 - Version 3.0.0-rc1 -## [3.0.0-rc2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc2) - 2013-10-09 +###Summary -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc1...3.0.0-rc2) +Version 3 was a major rewrite to fix some internal dependency issues, and to +make the new Public API more clear. As a consequence a lot of things have +changed for version 3 and older revisions that we will try to outline here. -### Other +(NOTE: The format of this CHANGELOG differs to normal in an attempt to +explain the scope of changes) -- Prepare 3.0.0-rc2 release. [#272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/272) ([apenney](https://github.com/apenney)) -- FM-103: Add metadata.json to all modules. [#269](https://github.com/puppetlabs/puppetlabs-postgresql/pull/269) ([apenney](https://github.com/apenney)) -- Fix documentation about username/password for the postgresql_hash functi... [#268](https://github.com/puppetlabs/puppetlabs-postgresql/pull/268) ([duritong](https://github.com/duritong)) -- fixed the rspec test to include 'sha1' in [#267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/267) ([neilnorthrop](https://github.com/neilnorthrop)) -- Special case for $datadir on Amazon [#262](https://github.com/puppetlabs/puppetlabs-postgresql/pull/262) ([bcomnes](https://github.com/bcomnes)) -- Prepare 3.0.0 release. [#259](https://github.com/puppetlabs/puppetlabs-postgresql/pull/259) ([apenney](https://github.com/apenney)) +* Server specific objects now moved under `postgresql::server::` namespace: -## [3.0.0-rc1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc1) - 2013-10-02 +To restructure server specific elements under the `postgresql::server::` +namespaces the following objects were renamed as such: -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.5.0...3.0.0-rc1) +`postgresql::database` -> `postgresql::server::database` +`postgresql::database_grant` -> `postgresql::server::database_grant` +`postgresql::db` -> `postgresql::server::db` +`postgresql::grant` -> `postgresql::server::grant` +`postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` +`postgresql::plperl` -> `postgresql::server::plperl` +`postgresql::contrib` -> `postgresql::server::contrib` +`postgresql::role` -> `postgresql::server::role` +`postgresql::table_grant` -> `postgresql::server::table_grant` +`postgresql::tablespace` -> `postgresql::server::tablespace` -### Other +* New `postgresql::server::config_entry` resource for managing configuration: -- Prepare 3.0.0 release. [#259](https://github.com/puppetlabs/puppetlabs-postgresql/pull/259) ([apenney](https://github.com/apenney)) -- Fix license file. [#258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/258) ([apenney](https://github.com/apenney)) -- Support apt.postgresql.org version specific packages. [#255](https://github.com/puppetlabs/puppetlabs-postgresql/pull/255) ([mnencia](https://github.com/mnencia)) -- Validate authentication method against server version [#251](https://github.com/puppetlabs/puppetlabs-postgresql/pull/251) ([kamilszymanski](https://github.com/kamilszymanski)) -- lint fixes [#250](https://github.com/puppetlabs/puppetlabs-postgresql/pull/250) ([kamilszymanski](https://github.com/kamilszymanski)) -- Added Archlinux Support [#249](https://github.com/puppetlabs/puppetlabs-postgresql/pull/249) ([aboe76](https://github.com/aboe76)) -- Fixing small typos [#248](https://github.com/puppetlabs/puppetlabs-postgresql/pull/248) ([ggeldenhuis](https://github.com/ggeldenhuis)) -- Pgsql major rewrite with features [#245](https://github.com/puppetlabs/puppetlabs-postgresql/pull/245) ([kbarber](https://github.com/kbarber)) -- Remove trailing comma which breaks 2.6 compat [#239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/239) ([GregSutcliffe](https://github.com/GregSutcliffe)) -- Remove 3.0, 3.1, and 2.6 to shrink the test matrix. [#237](https://github.com/puppetlabs/puppetlabs-postgresql/pull/237) ([apenney](https://github.com/apenney)) +Previously we used the `file_line` resource to modify `postgresql.conf`. This +new revision now adds a new resource named `postgresql::server::config_entry` +for managing this file. For example: -## [2.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.5.0) - 2013-09-09 +```puppet + postgresql::server::config_entry { 'check_function_bodies': + value => 'off', + } +``` -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.1...2.5.0) +If you were using `file_line` for this purpose, you should change to this new +methodology. -### Other +* `postgresql_puppet_extras.conf` has been removed: -- 2.5.0 release. [#243](https://github.com/puppetlabs/puppetlabs-postgresql/pull/243) ([apenney](https://github.com/apenney)) -- Remove 3.0, 3.1, and 2.6 to shrink the test matrix. [#237](https://github.com/puppetlabs/puppetlabs-postgresql/pull/237) ([apenney](https://github.com/apenney)) -- Style fixes (and a bugfix) [#236](https://github.com/puppetlabs/puppetlabs-postgresql/pull/236) ([apenney](https://github.com/apenney)) -- Add missing documentation for istemplate parameter [#235](https://github.com/puppetlabs/puppetlabs-postgresql/pull/235) ([kamilszymanski](https://github.com/kamilszymanski)) -- Add README entry for postgresql::plperl [#229](https://github.com/puppetlabs/puppetlabs-postgresql/pull/229) ([mcanevet](https://github.com/mcanevet)) -- Alter escaping in postgresql::config::afterservice [#218](https://github.com/puppetlabs/puppetlabs-postgresql/pull/218) ([fiddyspence](https://github.com/fiddyspence)) -- Handle refreshonly correctly [#212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/212) ([hunner](https://github.com/hunner)) -- Tag the postgresql-contrib package as postgresql [#209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/209) ([mnencia](https://github.com/mnencia)) +Now that we have a methodology for managing `postgresql.conf`, and due to +concerns over the file management methodology using an `exec { 'touch ...': }` +as a way to create an empty file the existing postgresql\_puppet\_extras.conf +file is no longer managed by this module. -## [2.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.1) - 2013-08-01 +If you wish to recreate this methodology yourself, use this pattern: -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.0...2.4.1) +```puppet + class { 'postgresql::server': } -### Fixed + $extras = "/tmp/include.conf" + + file { $extras: + content => 'max_connections = 123', + notify => Class['postgresql::server::service'], + }-> + postgresql::server::config_entry { 'include': + value => $extras, + } +``` + +* All uses of the parameter `charset` changed to `encoding`: + +Since PostgreSQL uses the terminology `encoding` not `charset` the parameter +has been made consisent across all classes and resources. + +* The `postgresql` base class is no longer how you set globals: + +The old global override pattern was less then optimal so it has been fixed, +however we decided to demark this properly by specifying these overrides in +the class `postgresql::global`. Consult the documentation for this class now +to see what options are available. + +Also, some parameter elements have been moved between this and the +`postgresql::server` class where it made sense. + +* `config_hash` parameter collapsed for the `postgresql::server` class: + +Because the `config_hash` was really passing data through to what was in +effect an internal class (`postgresql::config`). And since we don't want this +kind of internal exposure the parameters were collapsed up into the +`postgresql::server` class directly. + +* Lots of changes to 'private' or 'undocumented' classes: + +If you were using these before, these have changed names. You should only use +what is documented in this README.md, and if you don't have what you need you +should raise a patch to add that feature to a public API. All internal classes +now have a comment at the top indicating them as private to make sure the +message is clear that they are not supported as Public API. + +* `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: + +The defaults should be good enough for most cases (if not raise a bug) but if +you simply need an escape hatch, this setting will turn off the defaults. If +you want to do this, it may affect the rest of the module so make sure you +replace the rules with something that continues operation. + +* `postgresql::database_user` has now been removed: + +Use `postgresql::server::role` instead. + +* `postgresql::psql` resource has now been removed: + +Use `postgresql_psql` instead. In the future we may recreate this as a wrapper +to add extra capability, but it will not match the old behaviour. + +* `postgresql_default_version` fact has now been removed: + +It didn't make sense to have this logic in a fact any more, the logic has been +moved into `postgresql::params`. + +* `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: + +The older concat module is now deprecated and moved into the +`puppetlabs/concat` namespace. Functionality is more or less identical, but +you may need to intervene during the installing of this package - as both use +the same `concat` namespace. + +--- +##2013-09-09 Release 2.5.0 + +###Summary + +The focus of this release is primarily to capture the fixes done to the +types and providers to make sure refreshonly works properly and to set +the stage for the large scale refactoring work of 3.0.0. + +####Features + + +####Bugfixes +- Use boolean for refreshonly. +- Fix postgresql::plperl documentation. +- Add two missing parameters to config::beforeservice +- Style fixes + + +##2013-08-01 Release 2.4.1 + +###Summary + +This minor bugfix release solves an idempotency issue when using plain text +passwords for the password_hash parameter for the postgresql::role defined +type. Without this, users would continually see resource changes everytime +your run Puppet. + +####Bugfixes +- Alter role call not idempotent with cleartext passwords (Ken Barber) + + +##2013-07-19 Release 2.4.0 + +###Summary + +This updates adds the ability to change permissions on tables, create template +databases from normal databases, manage PL-Perl's postgres package, and +disable the management of `pg_hba.conf`. + +####Features +- Add `postgresql::table_grant` defined resource +- Add `postgresql::plperl` class +- Add `manage_pg_hba_conf` parameter to the `postgresql::config` class +- Add `istemplate` parameter to the `postgresql::database` define + +####Bugfixes +- Update `postgresql::role` class to be able to update roles when modified +instead of only on creation. +- Update tests +- Fix documentation of `postgresql::database_grant` + + +##2.3.0 + +This feature release includes the following changes: + +* Add a new parameter `owner` to the `database` type. This can be used to + grant ownership of a new database to a specific user. (Bruno Harbulot) +* Add support for operating systems other than Debian/RedHat, as long as the + user supplies custom values for all of the required paths, package names, etc. + (Chris Price) +* Improved integration testing (Ken Barber) + + +##2.2.1 + +This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. + +Users of previous versions might have seen this error: + + Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" + +This patch should correct that. + +#### Detail Changes + +* Set /tmp as default CWD for postgresql_psql + + +##2.2.0 + +This feature release introduces a number of new features and bug fixes. + +First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. + + class { 'postgresql::python': + } + +You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). + +We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. + +This release in particular has largely been contributed by the community members below, a big thanks to one and all. + +#### Detailed Changes + +* Add support for psycopg installation (Flaper Fesp and Dan Prince) +* Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) +* Add ability to create users without a password (Bruno Harbulot) +* Three Puppet 2.6 fixes (Dominic Cleal) +* Add explicit call to concat::setup when creating concat file (Dominic Cleal) +* Fix readme typo (Jordi Boggiano) +* Update postgres_default_version for Ubuntu (Kamil Szymanski) +* Allow to set connection for noew role (Kamil Szymanski) +* Fix pg_hba_rule for postgres local access (Kamil Szymanski) +* Fix versions for travis-ci (Ken Barber) +* Add replication support (Jordi Boggiano) +* Cleaned up and added unit tests (Ken Barber) +* Generalization to provide more flexability in postgresql configuration (Karel Brezina) +* Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) +* Allow SQL commands to be run against a specific DB (Carlos Villela) +* Drop trailing comma to support Puppet 2.6 (Michael Arnold) + + +##2.1.1 + + +This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: + + Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: + +And the postgresql log entry: + + FATAL: unrecognized configuration parameter "include" + +This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. + +#### Detailed Changes + +2013-01-21 - Ken Barber +* Only install `include` directive and included file on PostgreSQL >= 8.2 +* Add system tests for Centos 5 + + +##2.1.0 + +This release is primarily a feature release, introducing some new helpful constructs to the module. + +For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. + +We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: + + postgresql::tablespace { 'dbspace': + location => '/srv/dbspace', + } + +We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: + + postgresql::db { 'mydatabase': + user => 'myuser', + password => 'mypassword', + encoding => 'UTF8', + locale => 'en_NG', + } + +There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: + + class { 'postgresql::java': } + +And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: + + postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': + type => 'host', + database => 'app', + user => 'app', + address => '200.1.2.0/24', + auth_method => 'md5', + } + +Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. -- (GH-216) Alter role call not idempotent with cleartext passwords [#225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/225) ([kbarber](https://github.com/kbarber)) +A big thanks to all those listed below who made this feature release possible :-). -### Other +#### Detailed Changes -- Release 2.4.1 [#228](https://github.com/puppetlabs/puppetlabs-postgresql/pull/228) ([kbarber](https://github.com/kbarber)) +2013-01-18 - Simão Fontes & Flaper Fesp +* Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility -## [2.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.0) - 2013-08-01 +2013-01-18 - Lauren Rother +* Updated README.md to conform with best practices template -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.3.0...2.4.0) +2013-01-09 - Adrien Thebo +* Update postgresql_default_version to 9.1 for Debian 7.0 -### Other +2013-01-28 - Karel Brezina +* Add support for tablespaces -- Release 2.4.0 [#213](https://github.com/puppetlabs/puppetlabs-postgresql/pull/213) ([hunner](https://github.com/hunner)) -- Add grant abilities for more that databases [#208](https://github.com/puppetlabs/puppetlabs-postgresql/pull/208) ([hunner](https://github.com/hunner)) -- Add support for installing PL/Perl [#205](https://github.com/puppetlabs/puppetlabs-postgresql/pull/205) ([mcanevet](https://github.com/mcanevet)) -- Add support for istemplate parameter where creating db [#204](https://github.com/puppetlabs/puppetlabs-postgresql/pull/204) ([mcanevet](https://github.com/mcanevet)) -- Fix the non-defaults test failing to use UTF8 [#194](https://github.com/puppetlabs/puppetlabs-postgresql/pull/194) ([kbarber](https://github.com/kbarber)) -- Rename wrongly named test-files [#192](https://github.com/puppetlabs/puppetlabs-postgresql/pull/192) ([kronn](https://github.com/kronn)) -- Update Modulefile and Changelog for 2.3.0 release [#191](https://github.com/puppetlabs/puppetlabs-postgresql/pull/191) ([cprice404](https://github.com/cprice404)) +2013-01-16 - Chris Price & Karel Brezina +* Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. -## [2.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.3.0) - 2013-06-06 +2013-01-31 - jv +* Fix typo in README.pp for postgresql::db example -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.1...2.3.0) +2013-02-03 - Ken Barber +* Add unit tests and travis-ci support -### Other +2013-02-02 - Ken Barber +* Add locale parameter support to the 'postgresql' class -- Update docs to reflect new `owner` parameter for `::database` type. [#190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/190) ([cprice404](https://github.com/cprice404)) -- Add more distributions [#189](https://github.com/puppetlabs/puppetlabs-postgresql/pull/189) ([kbarber](https://github.com/kbarber)) -- Don't hard-code postgres user's username for pg_hba [#188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/188) ([cprice404](https://github.com/cprice404)) -- Convert system tests to use rspec-system [#186](https://github.com/puppetlabs/puppetlabs-postgresql/pull/186) ([kbarber](https://github.com/kbarber)) -- Correct README [#184](https://github.com/puppetlabs/puppetlabs-postgresql/pull/184) ([MaxMartin](https://github.com/MaxMartin)) -- Fix example command in README for running system tests on a distro [#179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/179) ([cprice404](https://github.com/cprice404)) -- Setting the owner of the database with createdb. [#156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/156) ([harbulot](https://github.com/harbulot)) +2013-01-21 - Michael Arnold +* Add a class for install the packages containing the PostgreSQL JDBC jar -## [2.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.1) - 2013-04-29 +2013-02-06 - fhrbek +* Coding style fixes to reduce warnings in puppet-lint and Geppetto -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.0...2.2.1) +2013-02-10 - Ken Barber +* Provide new defined resource for managing pg_hba.conf -### Other +2013-02-11 - Ken Barber +* Fix bug with reload of Postgresql on Redhat/Centos -- Release 2.2.1 + Changelog [#176](https://github.com/puppetlabs/puppetlabs-postgresql/pull/176) ([kbarber](https://github.com/kbarber)) -- Set /tmp as default CWD for postgresql_psql [#151](https://github.com/puppetlabs/puppetlabs-postgresql/pull/151) ([antaflos](https://github.com/antaflos)) - -## [2.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.0) - 2013-04-26 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.1...2.2.0) - -### Other +2013-02-15 - Erik Dalén +* Fix more style issues to reduce warnings in puppet-lint and Geppetto -- Release 2.2.0 [#175](https://github.com/puppetlabs/puppetlabs-postgresql/pull/175) ([kbarber](https://github.com/kbarber)) -- Increase stdlib dependency to include 5.x [#174](https://github.com/puppetlabs/puppetlabs-postgresql/pull/174) ([kbarber](https://github.com/kbarber)) -- Adds new postgresql::python module. [#172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/172) ([dprince](https://github.com/dprince)) -- Add default PostgreSQL version for Ubuntu 13.04 [#171](https://github.com/puppetlabs/puppetlabs-postgresql/pull/171) ([kamilszymanski](https://github.com/kamilszymanski)) -- Three Puppet 2.6 fixes [#162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/162) ([domcleal](https://github.com/domcleal)) -- Add explicit call to concat::setup when creating concat file [#161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/161) ([domcleal](https://github.com/domcleal)) -- Adding the ability to create users without a password. [#158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/158) ([harbulot](https://github.com/harbulot)) -- Fix readme typo [#145](https://github.com/puppetlabs/puppetlabs-postgresql/pull/145) ([Seldaek](https://github.com/Seldaek)) -- Update postgres_default_version for Ubuntu [#143](https://github.com/puppetlabs/puppetlabs-postgresql/pull/143) ([kamilszymanski](https://github.com/kamilszymanski)) -- Allow to set connection limit for new role [#142](https://github.com/puppetlabs/puppetlabs-postgresql/pull/142) ([kamilszymanski](https://github.com/kamilszymanski)) -- fix pg_hba_rule for postgres local access [#141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/141) ([kamilszymanski](https://github.com/kamilszymanski)) -- Fix versions for travis-ci [#140](https://github.com/puppetlabs/puppetlabs-postgresql/pull/140) ([kbarber](https://github.com/kbarber)) -- Ticket/master/128 provide more custom parameters for custom packaging [#138](https://github.com/puppetlabs/puppetlabs-postgresql/pull/138) ([kbarber](https://github.com/kbarber)) -- Create dependent directory for sudoers so tests work on Centos 5 [#137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/137) ([kbarber](https://github.com/kbarber)) -- Add supprot for contrib package [#135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/135) ([kamilszymanski](https://github.com/kamilszymanski)) -- Allow SQL commands to be run against a specific DB [#134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/134) ([cv](https://github.com/cv)) -- Restore support for Puppet 2.6. [#133](https://github.com/puppetlabs/puppetlabs-postgresql/pull/133) ([razorsedge](https://github.com/razorsedge)) -- Add support for the REPLICATION flag when creating roles [#129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/129) ([Seldaek](https://github.com/Seldaek)) +2013-02-15 - Erik Dalén +* Fix case whereby we were modifying a hash after creation -## [2.1.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.1) - 2013-02-22 -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.0...2.1.1) +##2.0.1 -### Other +Minor bugfix release. -- Change Modulefile and Changelog for Release 2.1.1 [#132](https://github.com/puppetlabs/puppetlabs-postgresql/pull/132) ([kbarber](https://github.com/kbarber)) -- Ticket/master/130 unsupported include directive postgres 81 [#131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/131) ([kbarber](https://github.com/kbarber)) +2013-01-16 - Chris Price + * Fix revoke command in database.pp to support postgres 8.1 (43ded42) -## [2.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.0) - 2013-02-20 +2013-01-15 - Jordi Boggiano + * Add support for ubuntu 12.10 status (3504405) -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.1...2.1.0) +##2.0.0 -### Other +Many thanks to the following people who contributed patches to this +release: -- Increment version, cleanup and changelog for release 2.1.0 [#123](https://github.com/puppetlabs/puppetlabs-postgresql/pull/123) ([kbarber](https://github.com/kbarber)) -- fix lots of style issues [#121](https://github.com/puppetlabs/puppetlabs-postgresql/pull/121) ([dalen](https://github.com/dalen)) -- Provide new defined resources for managing pg_hba.conf [#120](https://github.com/puppetlabs/puppetlabs-postgresql/pull/120) ([kbarber](https://github.com/kbarber)) -- Reverted some of the coding style fixes [#118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/118) ([fhrbek](https://github.com/fhrbek)) -- Coding style fixes [#117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/117) ([fhrbek](https://github.com/fhrbek)) -- Feature/jdbc [#116](https://github.com/puppetlabs/puppetlabs-postgresql/pull/116) ([razorsedge](https://github.com/razorsedge)) -- Add unit tests and travis-ci support [#115](https://github.com/puppetlabs/puppetlabs-postgresql/pull/115) ([kbarber](https://github.com/kbarber)) -- Add locale parameter support [#108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/108) ([kbarber](https://github.com/kbarber)) -- Support for included configuration file [#105](https://github.com/puppetlabs/puppetlabs-postgresql/pull/105) ([kbrezina](https://github.com/kbrezina)) -- Minor typo fix in README [#104](https://github.com/puppetlabs/puppetlabs-postgresql/pull/104) ([boinger](https://github.com/boinger)) -- Support for tablespaces [#100](https://github.com/puppetlabs/puppetlabs-postgresql/pull/100) ([kbrezina](https://github.com/kbrezina)) +* Adrien Thebo +* Albert Koch +* Andreas Ntaflos +* Brett Porter +* Chris Price +* dharwood +* Etienne Pelletier +* Florin Broasca +* Henrik +* Hunter Haugen +* Jari Bakken +* Jordi Boggiano +* Ken Barber +* nzakaria +* Richard Arends +* Spenser Gilliland +* stormcrow +* William Van Hevelingen -## [2.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.1) - 2013-01-30 +Notable features: -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.0...2.0.1) + * Add support for versions of postgres other than the system default version + (which varies depending on OS distro). This includes optional support for + automatically managing the package repo for the "official" postgres yum/apt + repos. (Major thanks to Etienne Pelletier and + Ken Barber for their tireless efforts and patience on this + feature set!) For example usage see `tests/official-postgresql-repos.pp`. -### Other + * Add some support for Debian Wheezy and Ubuntu Quantal -- Update postgres_default_version to 9.1 for debian 7.0 [#94](https://github.com/puppetlabs/puppetlabs-postgresql/pull/94) ([adrienthebo](https://github.com/adrienthebo)) -- Updated content to conform to README best practices template [#89](https://github.com/puppetlabs/puppetlabs-postgresql/pull/89) ([lrnrthr](https://github.com/lrnrthr)) -- Removed trailing comma. Makes puppet fail [#88](https://github.com/puppetlabs/puppetlabs-postgresql/pull/88) ([flaper87](https://github.com/flaper87)) -- Syntax error in params.pp file [#87](https://github.com/puppetlabs/puppetlabs-postgresql/pull/87) ([sfontes](https://github.com/sfontes)) -- Fix revoke command in database.pp to support postgres 8.1 [#83](https://github.com/puppetlabs/puppetlabs-postgresql/pull/83) ([cprice404](https://github.com/cprice404)) -- Update CHANGELOG, README, Modulefile for 2.0.0 release [#81](https://github.com/puppetlabs/puppetlabs-postgresql/pull/81) ([cprice404](https://github.com/cprice404)) -- Add support for ubuntu 12.10 status [#79](https://github.com/puppetlabs/puppetlabs-postgresql/pull/79) ([Seldaek](https://github.com/Seldaek)) + * Add new `postgres_psql` type with a Ruby provider, to replace the old + exec-based `psql` type. This gives us much more flexibility around + executing SQL statements and controlling their logging / reports output. -## [2.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.0) - 2013-01-15 + * Major refactor of the "spec" tests--which are actually more like + acceptance tests. We now support testing against multiple OS distros + via vagrant, and the framework is in place to allow us to very easily add + more distros. Currently testing against Cent6 and Ubuntu 10.04. -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/1.0.0...2.0.0) + * Fixed a bug that was preventing multiple databases from being owned by the + same user + (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) -### Other + * Add support for ACLs for finer-grained control of user/interface access + (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) -- Add a "require" to make sure the service is up before trying to create a... [#80](https://github.com/puppetlabs/puppetlabs-postgresql/pull/80) ([cprice404](https://github.com/cprice404)) -- Fix error message in default version fact [#78](https://github.com/puppetlabs/puppetlabs-postgresql/pull/78) ([cprice404](https://github.com/cprice404)) -- Update stdlib dependency to reflect semantic versioning [#77](https://github.com/puppetlabs/puppetlabs-postgresql/pull/77) ([cprice404](https://github.com/cprice404)) -- Kbarber ticket/master/manage postgres apt repo [#75](https://github.com/puppetlabs/puppetlabs-postgresql/pull/75) ([cprice404](https://github.com/cprice404)) -- Fix merge issue from AMZ linux patch [#70](https://github.com/puppetlabs/puppetlabs-postgresql/pull/70) ([cprice404](https://github.com/cprice404)) -- Provide version for ubuntu 12.10 [#69](https://github.com/puppetlabs/puppetlabs-postgresql/pull/69) ([Seldaek](https://github.com/Seldaek)) -- Change API to expose non-default pg version support via main type [#66](https://github.com/puppetlabs/puppetlabs-postgresql/pull/66) ([cprice404](https://github.com/cprice404)) -- Fix inherits issue with validate_db_connection [#62](https://github.com/puppetlabs/puppetlabs-postgresql/pull/62) ([kbarber](https://github.com/kbarber)) -- Add Debian wheezy support for default version fact [#59](https://github.com/puppetlabs/puppetlabs-postgresql/pull/59) ([adrienthebo](https://github.com/adrienthebo)) -- Turn the exec in validate_db_connection.pp around [#58](https://github.com/puppetlabs/puppetlabs-postgresql/pull/58) ([Mosibi](https://github.com/Mosibi)) -- Syntax Error [#55](https://github.com/puppetlabs/puppetlabs-postgresql/pull/55) ([Spenser309](https://github.com/Spenser309)) -- add optional cwd to the postgres_psql command [#50](https://github.com/puppetlabs/puppetlabs-postgresql/pull/50) ([brettporter](https://github.com/brettporter)) -- Moved remote access for other users to end of IPv4 section [#49](https://github.com/puppetlabs/puppetlabs-postgresql/pull/49) ([nzakaria](https://github.com/nzakaria)) -- Fix default version for Ubuntu and Debian [#48](https://github.com/puppetlabs/puppetlabs-postgresql/pull/48) ([florinbroasca](https://github.com/florinbroasca)) -- Fix GPG key for yum.postgresl.org [#47](https://github.com/puppetlabs/puppetlabs-postgresql/pull/47) ([cprice404](https://github.com/cprice404)) -- Rework `postgres_default_version` fact [#46](https://github.com/puppetlabs/puppetlabs-postgresql/pull/46) ([cprice404](https://github.com/cprice404)) -- Feature/master/support non default versions [#43](https://github.com/puppetlabs/puppetlabs-postgresql/pull/43) ([cprice404](https://github.com/cprice404)) -- Maint/master/support more distros in tests [#42](https://github.com/puppetlabs/puppetlabs-postgresql/pull/42) ([cprice404](https://github.com/cprice404)) -- Updated. This will fix initdb failures. [#40](https://github.com/puppetlabs/puppetlabs-postgresql/pull/40) ([Spenser309](https://github.com/Spenser309)) -- Amz linux [#39](https://github.com/puppetlabs/puppetlabs-postgresql/pull/39) ([haf](https://github.com/haf)) -- Set sensible path in exec to reload postgres [#35](https://github.com/puppetlabs/puppetlabs-postgresql/pull/35) ([antaflos](https://github.com/antaflos)) -- Reload postgresql after changes to pg_hba.conf [#33](https://github.com/puppetlabs/puppetlabs-postgresql/pull/33) ([antaflos](https://github.com/antaflos)) -- Properly quote database name when using postgresql::psql [#32](https://github.com/puppetlabs/puppetlabs-postgresql/pull/32) ([antaflos](https://github.com/antaflos)) -- Issue #28 [#29](https://github.com/puppetlabs/puppetlabs-postgresql/pull/29) ([etiennep](https://github.com/etiennep)) -- Initial working implementation of ruby psql type/provider [#25](https://github.com/puppetlabs/puppetlabs-postgresql/pull/25) ([cprice404](https://github.com/cprice404)) -- Puppet lint fixes and test typo [#24](https://github.com/puppetlabs/puppetlabs-postgresql/pull/24) ([blkperl](https://github.com/blkperl)) -- Support special characters in database role name [#23](https://github.com/puppetlabs/puppetlabs-postgresql/pull/23) ([albertkoch](https://github.com/albertkoch)) -- Update README.md [#22](https://github.com/puppetlabs/puppetlabs-postgresql/pull/22) ([cprice404](https://github.com/cprice404)) -- Defining ACLs in pg_hba.conf [#20](https://github.com/puppetlabs/puppetlabs-postgresql/pull/20) ([dharwood](https://github.com/dharwood)) -- Fix path for `/bin/cat` [#19](https://github.com/puppetlabs/puppetlabs-postgresql/pull/19) ([jarib](https://github.com/jarib)) - -## [1.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/1.0.0) - 2012-10-24 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.3.0...1.0.0) - -### Other - -- Adjust ownership to Puppet Labs [#21](https://github.com/puppetlabs/puppetlabs-postgresql/pull/21) ([ryanycoleman](https://github.com/ryanycoleman)) -- Add postgresql::devel for development dependencies [#17](https://github.com/puppetlabs/puppetlabs-postgresql/pull/17) ([adrienthebo](https://github.com/adrienthebo)) -- Add sample usage for postgresql::server class. [#16](https://github.com/puppetlabs/puppetlabs-postgresql/pull/16) ([bjoernalbers](https://github.com/bjoernalbers)) -- Warnings etc [#13](https://github.com/puppetlabs/puppetlabs-postgresql/pull/13) ([haf](https://github.com/haf)) -- Update status for postgres service on Debian [#12](https://github.com/puppetlabs/puppetlabs-postgresql/pull/12) ([haus](https://github.com/haus)) -- Give the persist-firewall Exec a more explicit name [#11](https://github.com/puppetlabs/puppetlabs-postgresql/pull/11) ([cprice404](https://github.com/cprice404)) + * Many other bug fixes and improvements! -## [release-0.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.3.0) - 2012-09-17 +--- +##1.0.0 -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.2.0...release-0.3.0) +2012-09-17 - Version 0.3.0 released -### Other +2012-09-14 - Chris Price + * Add a type for validating a postgres connection (ce4a049) -- Feature/master/connection validator [#9](https://github.com/puppetlabs/puppetlabs-postgresql/pull/9) ([cprice404](https://github.com/cprice404)) -- Remove $service_provider setting for ubuntu [#8](https://github.com/puppetlabs/puppetlabs-postgresql/pull/8) ([haus](https://github.com/haus)) -- Remove trailing commas for Puppet 2.7.1 compatibility [#3](https://github.com/puppetlabs/puppetlabs-postgresql/pull/3) ([jarib](https://github.com/jarib)) -- Update Modulefile to reflect latest dependencies [#2](https://github.com/puppetlabs/puppetlabs-postgresql/pull/2) ([cprice404](https://github.com/cprice404)) +2012-08-25 - Jari Bakken + * Remove trailing commas. (e6af5e5) -## [release-0.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.2.0) - 2012-08-16 +2012-08-16 - Version 0.2.0 released -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.0.1...release-0.2.0) +[5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 +[5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 -### Other -- Feature/master/align with puppetlabs mysql [#1](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1) ([cprice404](https://github.com/cprice404)) - -## [release-0.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.0.1) - 2012-05-02 - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/01c9cbeb7c3bd5c7bd067c5d7438df7d34027fbc...release-0.0.1) +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/REFERENCE.md b/REFERENCE.md index ee140fe370..d8b6f1ce6d 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -8,18 +8,18 @@ #### Public Classes -* [`postgresql::client`](#postgresqlclient): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. -* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. -* [`postgresql::lib::docs`](#postgresqllibdocs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. -* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. -* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. -* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server -* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. -* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. -* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. -* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. +* [`postgresql::client`](#postgresql--client): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::globals`](#postgresql--globals): Class for setting cross-class global overrides. +* [`postgresql::lib::devel`](#postgresql--lib--devel): This class installs postgresql development libraries. +* [`postgresql::lib::docs`](#postgresql--lib--docs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::lib::java`](#postgresql--lib--java): This class installs the postgresql jdbc connector. +* [`postgresql::lib::perl`](#postgresql--lib--perl): This class installs the perl libs for postgresql. +* [`postgresql::lib::python`](#postgresql--lib--python): This class installs the python libs for postgresql. +* [`postgresql::server`](#postgresql--server): This installs a PostgreSQL server +* [`postgresql::server::contrib`](#postgresql--server--contrib): Install the contrib postgresql packaging. +* [`postgresql::server::plperl`](#postgresql--server--plperl): This class installs the PL/Perl procedural language for postgresql. +* [`postgresql::server::plpython`](#postgresql--server--plpython): This class installs the PL/Python procedural language for postgresql. +* [`postgresql::server::postgis`](#postgresql--server--postgis): Install the postgis postgresql packaging. #### Private Classes @@ -39,23 +39,35 @@ ### Defined types -* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. -* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. -* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. -* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correctpermissions. -* [`postgresql::server::default_privileges`](#postgresqlserverdefault_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. -* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. -* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. -* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. -* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. -* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. -* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. -* [`postgresql::server::schema`](#postgresqlserverschema): Create a new schema. -* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. -* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. -* [`postgresql::validate_db_connection`](#postgresqlvalidate_db_connection): This type validates that a successful postgres connection. +#### Public Defined types + +* [`postgresql::server::config_entry`](#postgresql--server--config_entry): Manage a postgresql.conf entry. +* [`postgresql::server::database`](#postgresql--server--database): Define for creating a database. +* [`postgresql::server::database_grant`](#postgresql--server--database_grant): Manage a database grant. +* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correctpermissions. +* [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. +* [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. +* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. +* [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. +* [`postgresql::server::instance::config`](#postgresql--server--instance--config): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::instance::late_initdb`](#postgresql--server--instance--late_initdb): Manage the default encoding when database initialization is managed by the package +* [`postgresql::server::instance::passwd`](#postgresql--server--instance--passwd): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::instance::reload`](#postgresql--server--instance--reload) +* [`postgresql::server::instance::service`](#postgresql--server--instance--service): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::pg_hba_rule`](#postgresql--server--pg_hba_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::pg_ident_rule`](#postgresql--server--pg_ident_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::reassign_owned_by`](#postgresql--server--reassign_owned_by): Define for reassigning the ownership of objects within a database. +* [`postgresql::server::recovery`](#postgresql--server--recovery): This resource manages the parameters that applies to the recovery.conf template. +* [`postgresql::server::role`](#postgresql--server--role): Define for creating a database role. +* [`postgresql::server::schema`](#postgresql--server--schema): Create a new schema. +* [`postgresql::server::table_grant`](#postgresql--server--table_grant): This resource wraps the grant resource to manage table grants specifically. +* [`postgresql::server::tablespace`](#postgresql--server--tablespace): This module creates tablespace. +* [`postgresql::validate_db_connection`](#postgresql--validate_db_connection): This type validates that a successful postgres connection. + +#### Private Defined types + +* `postgresql::server::instance::systemd`: This define handles systemd drop-in files for the postgres main instance (default) or additional instances ### Resource types @@ -68,10 +80,10 @@ #### Public Functions -* [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. -* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. -* [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password -* [`postgresql::prepend_sql_password`](#postgresqlprepend_sql_password): This function exists for usage of a role password that is a deferred function +* [`postgresql::default`](#postgresql--default): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. +* [`postgresql::postgresql_escape`](#postgresql--postgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. +* [`postgresql::postgresql_password`](#postgresql--postgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql::prepend_sql_password`](#postgresql--prepend_sql_password): This function exists for usage of a role password that is a deferred function * [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. @@ -79,13 +91,20 @@ * `postgresql::postgresql_acls_to_resources_hash`: This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. +### Data types + +* [`Postgresql::Pg_hba_rule`](#Postgresql--Pg_hba_rule): type for all parameters in the postgresql::server::hba_rule defined resource +* [`Postgresql::Pg_hba_rule_address`](#Postgresql--Pg_hba_rule_address): Supported address types +* [`Postgresql::Pg_hba_rule_type`](#Postgresql--Pg_hba_rule_type): enum for all different types for the pg_hba_conf +* [`Postgresql::Pg_hba_rules`](#Postgresql--Pg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf + ### Tasks * [`sql`](#sql): Allows you to execute arbitary SQL ## Classes -### `postgresql::client` +### `postgresql::client` Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. @@ -95,12 +114,12 @@ Installs PostgreSQL client software. Set the following parameters if you have a The following parameters are available in the `postgresql::client` class: -* [`file_ensure`](#file_ensure) -* [`validcon_script_path`](#validcon_script_path) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`file_ensure`](#-postgresql--client--file_ensure) +* [`validcon_script_path`](#-postgresql--client--validcon_script_path) +* [`package_name`](#-postgresql--client--package_name) +* [`package_ensure`](#-postgresql--client--package_ensure) -##### `file_ensure` +##### `file_ensure` Data type: `Enum['file', 'absent']` @@ -108,7 +127,7 @@ Ensure the connection validation script is present Default value: `'file'` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Stdlib::Absolutepath` @@ -116,7 +135,7 @@ Optional. Absolute path for the postgresql connection validation script. Default value: `$postgresql::params::validcon_script_path` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -124,15 +143,15 @@ Sets the name of the PostgreSQL client package. Default value: `$postgresql::params::client_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Ensure the client package is installed Default value: `'present'` -### `postgresql::globals` +### `postgresql::globals` Class for setting cross-class global overrides. @@ -143,273 +162,273 @@ This class should be used only if you are using a non-standard OS, or if you are The following parameters are available in the `postgresql::globals` class: -* [`client_package_name`](#client_package_name) -* [`server_package_name`](#server_package_name) -* [`contrib_package_name`](#contrib_package_name) -* [`devel_package_name`](#devel_package_name) -* [`java_package_name`](#java_package_name) -* [`docs_package_name`](#docs_package_name) -* [`perl_package_name`](#perl_package_name) -* [`plperl_package_name`](#plperl_package_name) -* [`plpython_package_name`](#plpython_package_name) -* [`python_package_name`](#python_package_name) -* [`postgis_package_name`](#postgis_package_name) -* [`service_name`](#service_name) -* [`service_provider`](#service_provider) -* [`service_status`](#service_status) -* [`default_database`](#default_database) -* [`validcon_script_path`](#validcon_script_path) -* [`initdb_path`](#initdb_path) -* [`createdb_path`](#createdb_path) -* [`psql_path`](#psql_path) -* [`pg_hba_conf_path`](#pg_hba_conf_path) -* [`pg_ident_conf_path`](#pg_ident_conf_path) -* [`postgresql_conf_path`](#postgresql_conf_path) -* [`postgresql_conf_mode`](#postgresql_conf_mode) -* [`recovery_conf_path`](#recovery_conf_path) -* [`default_connect_settings`](#default_connect_settings) -* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) -* [`datadir`](#datadir) -* [`confdir`](#confdir) -* [`bindir`](#bindir) -* [`xlogdir`](#xlogdir) -* [`logdir`](#logdir) -* [`log_line_prefix`](#log_line_prefix) -* [`user`](#user) -* [`group`](#group) -* [`version`](#version) -* [`postgis_version`](#postgis_version) -* [`repo_proxy`](#repo_proxy) -* [`repo_baseurl`](#repo_baseurl) -* [`yum_repo_commonurl`](#yum_repo_commonurl) -* [`needs_initdb`](#needs_initdb) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`data_checksums`](#data_checksums) -* [`timezone`](#timezone) -* [`manage_pg_hba_conf`](#manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#manage_pg_ident_conf) -* [`manage_recovery_conf`](#manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`manage_datadir`](#manage_datadir) -* [`manage_logdir`](#manage_logdir) -* [`manage_xlogdir`](#manage_xlogdir) -* [`manage_package_repo`](#manage_package_repo) -* [`manage_dnf_module`](#manage_dnf_module) -* [`module_workdir`](#module_workdir) -* [`manage_selinux`](#manage_selinux) - -##### `client_package_name` +* [`client_package_name`](#-postgresql--globals--client_package_name) +* [`server_package_name`](#-postgresql--globals--server_package_name) +* [`contrib_package_name`](#-postgresql--globals--contrib_package_name) +* [`devel_package_name`](#-postgresql--globals--devel_package_name) +* [`java_package_name`](#-postgresql--globals--java_package_name) +* [`docs_package_name`](#-postgresql--globals--docs_package_name) +* [`perl_package_name`](#-postgresql--globals--perl_package_name) +* [`plperl_package_name`](#-postgresql--globals--plperl_package_name) +* [`plpython_package_name`](#-postgresql--globals--plpython_package_name) +* [`python_package_name`](#-postgresql--globals--python_package_name) +* [`postgis_package_name`](#-postgresql--globals--postgis_package_name) +* [`service_name`](#-postgresql--globals--service_name) +* [`service_provider`](#-postgresql--globals--service_provider) +* [`service_status`](#-postgresql--globals--service_status) +* [`default_database`](#-postgresql--globals--default_database) +* [`validcon_script_path`](#-postgresql--globals--validcon_script_path) +* [`initdb_path`](#-postgresql--globals--initdb_path) +* [`createdb_path`](#-postgresql--globals--createdb_path) +* [`psql_path`](#-postgresql--globals--psql_path) +* [`pg_hba_conf_path`](#-postgresql--globals--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--globals--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--globals--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--globals--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--globals--recovery_conf_path) +* [`default_connect_settings`](#-postgresql--globals--default_connect_settings) +* [`pg_hba_conf_defaults`](#-postgresql--globals--pg_hba_conf_defaults) +* [`datadir`](#-postgresql--globals--datadir) +* [`confdir`](#-postgresql--globals--confdir) +* [`bindir`](#-postgresql--globals--bindir) +* [`xlogdir`](#-postgresql--globals--xlogdir) +* [`logdir`](#-postgresql--globals--logdir) +* [`log_line_prefix`](#-postgresql--globals--log_line_prefix) +* [`user`](#-postgresql--globals--user) +* [`group`](#-postgresql--globals--group) +* [`version`](#-postgresql--globals--version) +* [`postgis_version`](#-postgresql--globals--postgis_version) +* [`repo_proxy`](#-postgresql--globals--repo_proxy) +* [`repo_baseurl`](#-postgresql--globals--repo_baseurl) +* [`yum_repo_commonurl`](#-postgresql--globals--yum_repo_commonurl) +* [`needs_initdb`](#-postgresql--globals--needs_initdb) +* [`encoding`](#-postgresql--globals--encoding) +* [`locale`](#-postgresql--globals--locale) +* [`data_checksums`](#-postgresql--globals--data_checksums) +* [`timezone`](#-postgresql--globals--timezone) +* [`manage_pg_hba_conf`](#-postgresql--globals--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--globals--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--globals--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--globals--manage_postgresql_conf_perms) +* [`manage_selinux`](#-postgresql--globals--manage_selinux) +* [`manage_datadir`](#-postgresql--globals--manage_datadir) +* [`manage_logdir`](#-postgresql--globals--manage_logdir) +* [`manage_xlogdir`](#-postgresql--globals--manage_xlogdir) +* [`manage_package_repo`](#-postgresql--globals--manage_package_repo) +* [`manage_dnf_module`](#-postgresql--globals--manage_dnf_module) +* [`module_workdir`](#-postgresql--globals--module_workdir) + +##### `client_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL client package name. -Default value: ``undef`` +Default value: `undef` -##### `server_package_name` +##### `server_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL server package name. -Default value: ``undef`` +Default value: `undef` -##### `contrib_package_name` +##### `contrib_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL contrib package name. -Default value: ``undef`` +Default value: `undef` -##### `devel_package_name` +##### `devel_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL devel package name. -Default value: ``undef`` +Default value: `undef` -##### `java_package_name` +##### `java_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL java package name. -Default value: ``undef`` +Default value: `undef` -##### `docs_package_name` +##### `docs_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL docs package name. -Default value: ``undef`` +Default value: `undef` -##### `perl_package_name` +##### `perl_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL Perl package name. -Default value: ``undef`` +Default value: `undef` -##### `plperl_package_name` +##### `plperl_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Perl package name. -Default value: ``undef`` +Default value: `undef` -##### `plpython_package_name` +##### `plpython_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Python package name. -Default value: ``undef`` +Default value: `undef` -##### `python_package_name` +##### `python_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL Python package name. -Default value: ``undef`` +Default value: `undef` -##### `postgis_package_name` +##### `postgis_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL PostGIS package name. -Default value: ``undef`` +Default value: `undef` -##### `service_name` +##### `service_name` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL service name. -Default value: ``undef`` +Default value: `undef` -##### `service_provider` +##### `service_provider` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL service provider. -Default value: ``undef`` +Default value: `undef` -##### `service_status` +##### `service_status` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default status check command for your PostgreSQL service. -Default value: ``undef`` +Default value: `undef` -##### `default_database` +##### `default_database` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the name of the default database to connect with. -Default value: ``undef`` +Default value: `undef` -##### `validcon_script_path` +##### `validcon_script_path` -Data type: `Any` +Data type: `Optional[String[1]]` Scipt path for the connection validation check. -Default value: ``undef`` +Default value: `undef` -##### `initdb_path` +##### `initdb_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Path to the initdb command. -Default value: ``undef`` +Default value: `undef` -##### `createdb_path` +##### `createdb_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Deprecated. Path to the createdb command. -Default value: ``undef`` +Default value: `undef` -##### `psql_path` +##### `psql_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Sets the path to the psql command. -Default value: ``undef`` +Default value: `undef` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Specifies the path to your pg_hba.conf file. -Default value: ``undef`` +Default value: `undef` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Specifies the path to your pg_ident.conf file. -Default value: ``undef`` +Default value: `undef` -##### `postgresql_conf_path` +##### `postgresql_conf_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Sets the path to your postgresql.conf file. -Default value: ``undef`` +Default value: `undef` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. -Default value: ``undef`` +Default value: `undef` -##### `recovery_conf_path` +##### `recovery_conf_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Path to your recovery.conf file. -Default value: ``undef`` +Default value: `undef` -##### `default_connect_settings` +##### `default_connect_settings` -Data type: `Any` +Data type: `Hash` Default connection settings. Default value: `{}` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` -Data type: `Any` +Data type: `Optional[Boolean]` Disables the defaults supplied with the module for pg_hba.conf if set to false. -Default value: ``undef`` +Default value: `undef` -##### `datadir` +##### `datadir` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL data directory for the target platform. Changing the datadir after installation causes the server to come to a full stop before making the change. @@ -417,215 +436,223 @@ For Red Hat systems, the data directory must be labeled appropriately for SELinu On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original -Default value: ``undef`` +Default value: `undef` -##### `confdir` +##### `confdir` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL configuration directory for the target platform. -Default value: ``undef`` +Default value: `undef` -##### `bindir` +##### `bindir` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL binaries directory for the target platform. -Default value: ``undef`` +Default value: `undef` -##### `xlogdir` +##### `xlogdir` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL xlog directory. -Default value: ``undef`` +Default value: `undef` -##### `logdir` +##### `logdir` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL log directory. -Default value: ``undef`` +Default value: `undef` -##### `log_line_prefix` +##### `log_line_prefix` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL log prefix. -Default value: ``undef`` +Default value: `undef` -##### `user` +##### `user` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: ``undef`` +Default value: `undef` -##### `group` +##### `group` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default postgres user group to be used for related files in the file system. -Default value: ``undef`` +Default value: `undef` -##### `version` +##### `version` -Data type: `Any` +Data type: `Optional[String[1]]` The version of PostgreSQL to install and manage. -Default value: ``undef`` +Default value: `undef` -##### `postgis_version` +##### `postgis_version` -Data type: `Any` +Data type: `Optional[String[1]]` Defines the version of PostGIS to install, if you install PostGIS. -Default value: ``undef`` +Default value: `undef` -##### `repo_proxy` +##### `repo_proxy` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the proxy option for the official PostgreSQL yum-repositories only. -Default value: ``undef`` +Default value: `undef` -##### `repo_baseurl` +##### `repo_baseurl` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: ``undef`` +Default value: `undef` -##### `yum_repo_commonurl` +##### `yum_repo_commonurl` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. -Default value: ``undef`` +Default value: `undef` -##### `needs_initdb` +##### `needs_initdb` -Data type: `Any` +Data type: `Optional[Boolean]` Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. -Default value: ``undef`` +Default value: `undef` -##### `encoding` +##### `encoding` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -Default value: ``undef`` +Default value: `undef` -##### `locale` +##### `locale` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. -Default value: ``undef`` +Default value: `undef` -##### `data_checksums` +##### `data_checksums` -Data type: `Any` +Data type: `Optional[String[1]]` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. -Default value: ``undef`` +Default value: `undef` -##### `timezone` +##### `timezone` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. -Default value: ``undef`` +Default value: `undef` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` -Data type: `Any` +Data type: `Optional[Boolean]` Allow Puppet to manage the pg_hba.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` -Data type: `Any` +Data type: `Optional[Boolean]` Allow Puppet to manage the pg_ident.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_recovery_conf` +##### `manage_recovery_conf` -Data type: `Any` +Data type: `Optional[Boolean]` Allow Puppet to manage the recovery.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` -Data type: `Any` +Data type: `Optional[Boolean]` Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry. -Default value: ``undef`` +Default value: `undef` -##### `manage_datadir` +##### `manage_selinux` -Data type: `Any` +Data type: `Optional[Boolean]` + +Allows Puppet to manage the appropriate configuration file for selinux. + +Default value: `undef` + +##### `manage_datadir` + +Data type: `Optional[Boolean]` Set to false if you have file{ $datadir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_logdir` +##### `manage_logdir` -Data type: `Any` +Data type: `Optional[Boolean]` Set to false if you have file{ $logdir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_xlogdir` +##### `manage_xlogdir` -Data type: `Any` +Data type: `Optional[Boolean]` Set to false if you have file{ $xlogdir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_package_repo` +##### `manage_package_repo` -Data type: `Any` +Data type: `Optional[Boolean]` Sets up official PostgreSQL repositories on your host if set to true. -Default value: ``undef`` +Default value: `undef` -##### `manage_dnf_module` +##### `manage_dnf_module` Data type: `Boolean` @@ -633,25 +660,17 @@ Manage the DNF module. This only makes sense on distributions that use DNF package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or Puppet 6.15.0+ since they ship the dnfmodule provider. -Default value: ``false`` +Default value: `false` -##### `module_workdir` +##### `module_workdir` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: ``undef`` - -##### `manage_selinux` - -Data type: `Any` - - +Default value: `undef` -Default value: ``undef`` - -### `postgresql::lib::devel` +### `postgresql::lib::devel` This class installs postgresql development libraries. @@ -659,11 +678,11 @@ This class installs postgresql development libraries. The following parameters are available in the `postgresql::lib::devel` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`link_pg_config`](#link_pg_config) +* [`package_name`](#-postgresql--lib--devel--package_name) +* [`package_ensure`](#-postgresql--lib--devel--package_ensure) +* [`link_pg_config`](#-postgresql--lib--devel--link_pg_config) -##### `package_name` +##### `package_name` Data type: `String` @@ -671,15 +690,15 @@ Override devel package name Default value: `$postgresql::params::devel_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Ensure the development libraries are installed Default value: `'present'` -##### `link_pg_config` +##### `link_pg_config` Data type: `Boolean` @@ -687,7 +706,7 @@ If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/b Default value: `$postgresql::params::link_pg_config` -### `postgresql::lib::docs` +### `postgresql::lib::docs` Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -697,10 +716,10 @@ Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if The following parameters are available in the `postgresql::lib::docs` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--docs--package_name) +* [`package_ensure`](#-postgresql--lib--docs--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -708,15 +727,15 @@ Specifies the name of the PostgreSQL docs package. Default value: `$postgresql::params::docs_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Whether the PostgreSQL docs package resource should be present. Default value: `'present'` -### `postgresql::lib::java` +### `postgresql::lib::java` This class installs the postgresql jdbc connector. @@ -726,10 +745,10 @@ This class installs the postgresql jdbc connector. The following parameters are available in the `postgresql::lib::java` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--java--package_name) +* [`package_ensure`](#-postgresql--lib--java--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -737,15 +756,15 @@ Specifies the name of the PostgreSQL java package. Default value: `$postgresql::params::java_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Specifies whether the package is present. Default value: `'present'` -### `postgresql::lib::perl` +### `postgresql::lib::perl` This class installs the perl libs for postgresql. @@ -753,10 +772,10 @@ This class installs the perl libs for postgresql. The following parameters are available in the `postgresql::lib::perl` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--perl--package_name) +* [`package_ensure`](#-postgresql--lib--perl--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -764,15 +783,15 @@ Specifies the name of the PostgreSQL perl package to install. Default value: `$postgresql::params::perl_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Ensure the perl libs for postgresql are installed. Default value: `'present'` -### `postgresql::lib::python` +### `postgresql::lib::python` This class installs the python libs for postgresql. @@ -780,10 +799,10 @@ This class installs the python libs for postgresql. The following parameters are available in the `postgresql::lib::python` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--python--package_name) +* [`package_ensure`](#-postgresql--lib--python--package_ensure) -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -791,15 +810,15 @@ The name of the PostgreSQL Python package. Default value: `$postgresql::params::python_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Ensure the python libs for postgresql are installed. Default value: `'present'` -### `postgresql::server` +### `postgresql::server` This installs a PostgreSQL server @@ -807,215 +826,215 @@ This installs a PostgreSQL server The following parameters are available in the `postgresql::server` class: -* [`postgres_password`](#postgres_password) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`plperl_package_name`](#plperl_package_name) -* [`plpython_package_name`](#plpython_package_name) -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`service_manage`](#service_manage) -* [`service_name`](#service_name) -* [`service_restart_on_change`](#service_restart_on_change) -* [`service_provider`](#service_provider) -* [`service_reload`](#service_reload) -* [`service_status`](#service_status) -* [`default_database`](#default_database) -* [`default_connect_settings`](#default_connect_settings) -* [`listen_addresses`](#listen_addresses) -* [`port`](#port) -* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) -* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) -* [`ipv4acls`](#ipv4acls) -* [`ipv6acls`](#ipv6acls) -* [`initdb_path`](#initdb_path) -* [`createdb_path`](#createdb_path) -* [`psql_path`](#psql_path) -* [`pg_hba_conf_path`](#pg_hba_conf_path) -* [`pg_ident_conf_path`](#pg_ident_conf_path) -* [`postgresql_conf_path`](#postgresql_conf_path) -* [`postgresql_conf_mode`](#postgresql_conf_mode) -* [`recovery_conf_path`](#recovery_conf_path) -* [`datadir`](#datadir) -* [`xlogdir`](#xlogdir) -* [`logdir`](#logdir) -* [`log_line_prefix`](#log_line_prefix) -* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) -* [`user`](#user) -* [`group`](#group) -* [`needs_initdb`](#needs_initdb) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`data_checksums`](#data_checksums) -* [`timezone`](#timezone) -* [`manage_pg_hba_conf`](#manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#manage_pg_ident_conf) -* [`manage_recovery_conf`](#manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`module_workdir`](#module_workdir) -* [`manage_datadir`](#manage_datadir) -* [`manage_logdir`](#manage_logdir) -* [`manage_xlogdir`](#manage_xlogdir) -* [`roles`](#roles) -* [`config_entries`](#config_entries) -* [`pg_hba_rules`](#pg_hba_rules) -* [`backup_enable`](#backup_enable) -* [`backup_options`](#backup_options) -* [`backup_provider`](#backup_provider) -* [`version`](#version) -* [`extra_systemd_config`](#extra_systemd_config) -* [`manage_selinux`](#manage_selinux) -* [`password_encryption`](#password_encryption) - -##### `postgres_password` +* [`postgres_password`](#-postgresql--server--postgres_password) +* [`package_name`](#-postgresql--server--package_name) +* [`package_ensure`](#-postgresql--server--package_ensure) +* [`plperl_package_name`](#-postgresql--server--plperl_package_name) +* [`plpython_package_name`](#-postgresql--server--plpython_package_name) +* [`service_ensure`](#-postgresql--server--service_ensure) +* [`service_enable`](#-postgresql--server--service_enable) +* [`service_manage`](#-postgresql--server--service_manage) +* [`service_name`](#-postgresql--server--service_name) +* [`service_restart_on_change`](#-postgresql--server--service_restart_on_change) +* [`service_provider`](#-postgresql--server--service_provider) +* [`service_reload`](#-postgresql--server--service_reload) +* [`service_status`](#-postgresql--server--service_status) +* [`default_database`](#-postgresql--server--default_database) +* [`default_connect_settings`](#-postgresql--server--default_connect_settings) +* [`listen_addresses`](#-postgresql--server--listen_addresses) +* [`port`](#-postgresql--server--port) +* [`ip_mask_deny_postgres_user`](#-postgresql--server--ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#-postgresql--server--ip_mask_allow_all_users) +* [`ipv4acls`](#-postgresql--server--ipv4acls) +* [`ipv6acls`](#-postgresql--server--ipv6acls) +* [`initdb_path`](#-postgresql--server--initdb_path) +* [`createdb_path`](#-postgresql--server--createdb_path) +* [`psql_path`](#-postgresql--server--psql_path) +* [`pg_hba_conf_path`](#-postgresql--server--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--server--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--server--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--server--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--server--recovery_conf_path) +* [`datadir`](#-postgresql--server--datadir) +* [`xlogdir`](#-postgresql--server--xlogdir) +* [`logdir`](#-postgresql--server--logdir) +* [`log_line_prefix`](#-postgresql--server--log_line_prefix) +* [`pg_hba_conf_defaults`](#-postgresql--server--pg_hba_conf_defaults) +* [`user`](#-postgresql--server--user) +* [`group`](#-postgresql--server--group) +* [`needs_initdb`](#-postgresql--server--needs_initdb) +* [`encoding`](#-postgresql--server--encoding) +* [`locale`](#-postgresql--server--locale) +* [`data_checksums`](#-postgresql--server--data_checksums) +* [`timezone`](#-postgresql--server--timezone) +* [`manage_pg_hba_conf`](#-postgresql--server--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--server--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--server--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--server--manage_postgresql_conf_perms) +* [`manage_selinux`](#-postgresql--server--manage_selinux) +* [`module_workdir`](#-postgresql--server--module_workdir) +* [`manage_datadir`](#-postgresql--server--manage_datadir) +* [`manage_logdir`](#-postgresql--server--manage_logdir) +* [`manage_xlogdir`](#-postgresql--server--manage_xlogdir) +* [`password_encryption`](#-postgresql--server--password_encryption) +* [`roles`](#-postgresql--server--roles) +* [`config_entries`](#-postgresql--server--config_entries) +* [`pg_hba_rules`](#-postgresql--server--pg_hba_rules) +* [`backup_enable`](#-postgresql--server--backup_enable) +* [`backup_options`](#-postgresql--server--backup_options) +* [`backup_provider`](#-postgresql--server--backup_provider) +* [`version`](#-postgresql--server--version) +* [`extra_systemd_config`](#-postgresql--server--extra_systemd_config) + +##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -Default value: ``undef`` +Default value: `undef` -##### `package_name` +##### `package_name` -Data type: `Any` +Data type: `String[1]` Specifies the name of the package to use for installing the server software. Default value: `$postgresql::params::server_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `Any` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Passes a value through to the package resource when creating the server instance. Default value: `$postgresql::params::package_ensure` -##### `plperl_package_name` +##### `plperl_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default package name for the PL/Perl extension. Default value: `$postgresql::params::plperl_package_name` -##### `plpython_package_name` +##### `plpython_package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default package name for the PL/Python extension. Default value: `$postgresql::params::plpython_package_name` -##### `service_ensure` +##### `service_ensure` -Data type: `Any` +Data type: `Variant[Enum['running', 'stopped'], Boolean]` Ensure service is installed Default value: `$postgresql::params::service_ensure` -##### `service_enable` +##### `service_enable` -Data type: `Any` +Data type: `Boolean` Enable the PostgreSQL service Default value: `$postgresql::params::service_enable` -##### `service_manage` +##### `service_manage` -Data type: `Any` +Data type: `Boolean` Defines whether or not Puppet should manage the service. Default value: `$postgresql::params::service_manage` -##### `service_name` +##### `service_name` -Data type: `Any` +Data type: `String[1]` Overrides the default PostgreSQL service name. Default value: `$postgresql::params::service_name` -##### `service_restart_on_change` +##### `service_restart_on_change` -Data type: `Any` +Data type: `Boolean` Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. Default value: `$postgresql::params::service_restart_on_change` -##### `service_provider` +##### `service_provider` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default PostgreSQL service provider. Default value: `$postgresql::params::service_provider` -##### `service_reload` +##### `service_reload` -Data type: `Any` +Data type: `String[1]` Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::params::service_reload` -##### `service_status` +##### `service_status` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::params::service_status` -##### `default_database` +##### `default_database` -Data type: `Any` +Data type: `String[1]` Specifies the name of the default database to connect with. On most systems this is 'postgres'. Default value: `$postgresql::params::default_database` -##### `default_connect_settings` +##### `default_connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. Default value: `$postgresql::globals::default_connect_settings` -##### `listen_addresses` +##### `listen_addresses` -Data type: `Any` +Data type: `Optional[String[1]]` Address list on which the PostgreSQL service will listen Default value: `$postgresql::params::listen_addresses` -##### `port` +##### `port` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Port, Integer]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` -##### `ip_mask_deny_postgres_user` +##### `ip_mask_deny_postgres_user` -Data type: `Any` +Data type: `String[1]` Specifies the IP mask from which remote connections should be denied for the postgres superuser. Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::params::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` -Data type: `Any` +Data type: `String[1]` Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. @@ -1023,7 +1042,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -1031,7 +1050,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::params::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -1039,55 +1058,55 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::params::ipv6acls` -##### `initdb_path` +##### `initdb_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` -##### `createdb_path` +##### `createdb_path` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` Deprecated. Specifies the path to the createdb command. Default value: `$postgresql::params::createdb_path` -##### `psql_path` +##### `psql_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to the psql command. Default value: `$postgresql::params::psql_path` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to your pg_hba.conf file. Default value: `$postgresql::params::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to your pg_ident.conf file. Default value: `$postgresql::params::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to your postgresql.conf file. Default value: `$postgresql::params::postgresql_conf_path` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` @@ -1095,136 +1114,136 @@ Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_c Default value: `$postgresql::params::postgresql_conf_mode` -##### `recovery_conf_path` +##### `recovery_conf_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the path to your recovery.conf file. Default value: `$postgresql::params::recovery_conf_path` -##### `datadir` +##### `datadir` -Data type: `Any` +Data type: `String[1]` PostgreSQL data directory Default value: `$postgresql::params::datadir` -##### `xlogdir` +##### `xlogdir` -Data type: `Any` +Data type: `Optional[String[1]]` PostgreSQL xlog directory Default value: `$postgresql::params::xlogdir` -##### `logdir` +##### `logdir` -Data type: `Any` +Data type: `Optional[String[1]]` PostgreSQL log directory Default value: `$postgresql::params::logdir` -##### `log_line_prefix` +##### `log_line_prefix` -Data type: `Any` +Data type: `Optional[String[1]]` PostgreSQL log line prefix Default value: `$postgresql::params::log_line_prefix` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` -Data type: `Any` +Data type: `Boolean` If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. Default value: `$postgresql::params::pg_hba_conf_defaults` -##### `user` +##### `user` -Data type: `Any` +Data type: `String[1]` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. Default value: `$postgresql::params::user` -##### `group` +##### `group` -Data type: `Any` +Data type: `String[1]` Overrides the default postgres user group to be used for related files in the file system. Default value: `$postgresql::params::group` -##### `needs_initdb` +##### `needs_initdb` -Data type: `Any` +Data type: `Boolean` Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. Default value: `$postgresql::params::needs_initdb` -##### `encoding` +##### `encoding` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::params::encoding` -##### `locale` +##### `locale` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. Default value: `$postgresql::params::locale` -##### `data_checksums` +##### `data_checksums` -Data type: `Any` +Data type: `Optional[String[1]]` Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` -##### `timezone` +##### `timezone` -Data type: `Any` +Data type: `Optional[String[1]]` Set timezone for the PostgreSQL instance Default value: `$postgresql::params::timezone` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` -Data type: `Any` +Data type: `Boolean` Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::params::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` -Data type: `Any` +Data type: `Boolean` Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::params::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` -Data type: `Any` +Data type: `Boolean` Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::params::manage_recovery_conf` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Boolean` @@ -1234,39 +1253,55 @@ postgresql::server::config_entry. Default value: `$postgresql::params::manage_postgresql_conf_perms` -##### `module_workdir` +##### `manage_selinux` -Data type: `Any` +Data type: `Boolean` + +Specifies whether or not manage the conf file for selinux. + +Default value: `$postgresql::params::manage_selinux` + +##### `module_workdir` + +Data type: `String[1]` Working directory for the PostgreSQL module Default value: `$postgresql::params::module_workdir` -##### `manage_datadir` +##### `manage_datadir` -Data type: `Any` +Data type: `Boolean` Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::params::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` -Data type: `Any` +Data type: `Boolean` Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::params::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` -Data type: `Any` +Data type: `Boolean` Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::params::manage_xlogdir` -##### `roles` +##### `password_encryption` + +Data type: `Optional[String]` + +Specify the type of encryption set for the password. + +Default value: `$postgresql::params::password_encryption` + +##### `roles` Data type: `Hash[String, Hash]` @@ -1274,7 +1309,7 @@ Specifies a hash from which to generate postgresql::server::role resources. Default value: `{}` -##### `config_entries` +##### `config_entries` Data type: `Hash[String, Any]` @@ -1282,15 +1317,15 @@ Specifies a hash from which to generate postgresql::server::config_entry resourc Default value: `{}` -##### `pg_hba_rules` +##### `pg_hba_rules` -Data type: `Hash[String, Hash]` +Data type: `Postgresql::Pg_hba_rules` Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. Default value: `{}` -##### `backup_enable` +##### `backup_enable` Data type: `Boolean` @@ -1298,7 +1333,7 @@ Whether a backup job should be enabled. Default value: `$postgresql::params::backup_enable` -##### `backup_options` +##### `backup_options` Data type: `Hash` @@ -1306,7 +1341,7 @@ A hash of options that should be passed through to the backup provider. Default value: `{}` -##### `backup_provider` +##### `backup_provider` Data type: `Enum['pg_dump']` @@ -1314,39 +1349,23 @@ Specifies the backup provider to use. Default value: `$postgresql::params::backup_provider` -##### `version` +##### `version` -Data type: `Any` +Data type: `Optional[String[1]]` Deprecated. Use postgresql::globals instead. Sets PostgreSQL version -Default value: ``undef`` +Default value: `undef` -##### `extra_systemd_config` +##### `extra_systemd_config` -Data type: `Any` +Data type: `Optional[String]` Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string Default value: `$postgresql::params::extra_systemd_config` -##### `manage_selinux` - -Data type: `Boolean` - - - -Default value: `$postgresql::params::manage_selinux` - -##### `password_encryption` - -Data type: `Any` - - - -Default value: `$postgresql::params::password_encryption` - -### `postgresql::server::contrib` +### `postgresql::server::contrib` Install the contrib postgresql packaging. @@ -1354,10 +1373,10 @@ Install the contrib postgresql packaging. The following parameters are available in the `postgresql::server::contrib` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--server--contrib--package_name) +* [`package_ensure`](#-postgresql--server--contrib--package_ensure) -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1365,15 +1384,15 @@ The name of the PostgreSQL contrib package. Default value: `$postgresql::params::contrib_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Ensure the contrib package is installed. Default value: `'present'` -### `postgresql::server::plperl` +### `postgresql::server::plperl` This class installs the PL/Perl procedural language for postgresql. @@ -1381,26 +1400,26 @@ This class installs the PL/Perl procedural language for postgresql. The following parameters are available in the `postgresql::server::plperl` class: -* [`package_ensure`](#package_ensure) -* [`package_name`](#package_name) +* [`package_ensure`](#-postgresql--server--plperl--package_ensure) +* [`package_name`](#-postgresql--server--plperl--package_name) -##### `package_ensure` +##### `package_ensure` -Data type: `Any` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` The ensure parameter passed on to PostgreSQL PL/Perl package resource. Default value: `'present'` -##### `package_name` +##### `package_name` -Data type: `Any` +Data type: `Optional[String[1]]` The name of the PostgreSQL PL/Perl package. Default value: `$postgresql::server::plperl_package_name` -### `postgresql::server::plpython` +### `postgresql::server::plpython` This class installs the PL/Python procedural language for postgresql. @@ -1408,26 +1427,26 @@ This class installs the PL/Python procedural language for postgresql. The following parameters are available in the `postgresql::server::plpython` class: -* [`package_ensure`](#package_ensure) -* [`package_name`](#package_name) +* [`package_ensure`](#-postgresql--server--plpython--package_ensure) +* [`package_name`](#-postgresql--server--plpython--package_name) -##### `package_ensure` +##### `package_ensure` -Data type: `Any` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Specifies whether the package is present. Default value: `'present'` -##### `package_name` +##### `package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the name of the postgresql PL/Python package. Default value: `$postgresql::server::plpython_package_name` -### `postgresql::server::postgis` +### `postgresql::server::postgis` Install the postgis postgresql packaging. @@ -1435,10 +1454,10 @@ Install the postgis postgresql packaging. The following parameters are available in the `postgresql::server::postgis` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--server--postgis--package_name) +* [`package_ensure`](#-postgresql--server--postgis--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -1446,9 +1465,9 @@ Sets the package name. Default value: `$postgresql::params::postgis_package_name` -##### `package_ensure` +##### `package_ensure` -Data type: `String[1]` +Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` Specifies if the package is present or not. @@ -1456,7 +1475,7 @@ Default value: `'present'` ## Defined types -### `postgresql::server::config_entry` +### `postgresql::server::config_entry` Manage a postgresql.conf entry. @@ -1464,11 +1483,11 @@ Manage a postgresql.conf entry. The following parameters are available in the `postgresql::server::config_entry` defined type: -* [`ensure`](#ensure) -* [`value`](#value) -* [`path`](#path) +* [`ensure`](#-postgresql--server--config_entry--ensure) +* [`value`](#-postgresql--server--config_entry--value) +* [`path`](#-postgresql--server--config_entry--path) -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1476,23 +1495,23 @@ Removes an entry if set to 'absent'. Default value: `'present'` -##### `value` +##### `value` -Data type: `Any` +Data type: `Optional[Variant[String[1], Integer]]` Defines the value for the setting. -Default value: ``undef`` +Default value: `undef` -##### `path` +##### `path` -Data type: `Any` +Data type: `Variant[Boolean, String[1]]` Path for postgresql.conf -Default value: ``false`` +Default value: `false` -### `postgresql::server::database` +### `postgresql::server::database` Define for creating a database. @@ -1500,89 +1519,89 @@ Define for creating a database. The following parameters are available in the `postgresql::server::database` defined type: -* [`comment`](#comment) -* [`dbname`](#dbname) -* [`owner`](#owner) -* [`tablespace`](#tablespace) -* [`template`](#template) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`istemplate`](#istemplate) -* [`connect_settings`](#connect_settings) +* [`comment`](#-postgresql--server--database--comment) +* [`dbname`](#-postgresql--server--database--dbname) +* [`owner`](#-postgresql--server--database--owner) +* [`tablespace`](#-postgresql--server--database--tablespace) +* [`template`](#-postgresql--server--database--template) +* [`encoding`](#-postgresql--server--database--encoding) +* [`locale`](#-postgresql--server--database--locale) +* [`istemplate`](#-postgresql--server--database--istemplate) +* [`connect_settings`](#-postgresql--server--database--connect_settings) -##### `comment` +##### `comment` -Data type: `Any` +Data type: `Optional[String[1]]` Sets a comment on the database. -Default value: ``undef`` +Default value: `undef` -##### `dbname` +##### `dbname` -Data type: `Any` +Data type: `String[1]` Sets the name of the database. Default value: `$title` -##### `owner` +##### `owner` -Data type: `Any` +Data type: `Optional[String[1]]` Sets name of the database owner. -Default value: ``undef`` +Default value: `undef` -##### `tablespace` +##### `tablespace` -Data type: `Any` +Data type: `Optional[String[1]]` Sets tablespace for where to create this database. -Default value: ``undef`` +Default value: `undef` -##### `template` +##### `template` -Data type: `Any` +Data type: `String[1]` Specifies the name of the template database from which to build this database. Default value: 'template0'. Default value: `'template0'` -##### `encoding` +##### `encoding` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `istemplate` +##### `istemplate` -Data type: `Any` +Data type: `Boolean` Defines the database as a template if set to true. -Default value: ``false`` +Default value: `false` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::database_grant` +### `postgresql::server::database_grant` Manage a database grant. @@ -1590,65 +1609,65 @@ Manage a database grant. The following parameters are available in the `postgresql::server::database_grant` defined type: -* [`privilege`](#privilege) -* [`db`](#db) -* [`role`](#role) -* [`ensure`](#ensure) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`connect_settings`](#connect_settings) +* [`privilege`](#-postgresql--server--database_grant--privilege) +* [`db`](#-postgresql--server--database_grant--db) +* [`role`](#-postgresql--server--database_grant--role) +* [`ensure`](#-postgresql--server--database_grant--ensure) +* [`psql_db`](#-postgresql--server--database_grant--psql_db) +* [`psql_user`](#-postgresql--server--database_grant--psql_user) +* [`connect_settings`](#-postgresql--server--database_grant--connect_settings) -##### `privilege` +##### `privilege` -Data type: `Any` +Data type: `Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp']` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. -##### `db` +##### `db` -Data type: `Any` +Data type: `String[1]` Specifies the database to which you are granting access. -##### `role` +##### `role` -Data type: `Any` +Data type: `String[1]` Specifies the role or user whom you are granting access to. -##### `ensure` +##### `ensure` -Data type: `Any` +Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. -Default value: ``undef`` +Default value: `undef` -##### `psql_db` +##### `psql_db` -Data type: `Any` +Data type: `Optional[String[1]]` Defines the database to execute the grant against. This should not ordinarily be changed from the default -Default value: ``undef`` +Default value: `undef` -##### `psql_user` +##### `psql_user` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. -Default value: ``undef`` +Default value: `undef` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: ``undef`` +Default value: `undef` -### `postgresql::server::db` +### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correctpermissions. @@ -1656,105 +1675,105 @@ Define for conveniently creating a role, database and assigning the correctpermi The following parameters are available in the `postgresql::server::db` defined type: -* [`user`](#user) -* [`password`](#password) -* [`comment`](#comment) -* [`dbname`](#dbname) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`grant`](#grant) -* [`tablespace`](#tablespace) -* [`template`](#template) -* [`istemplate`](#istemplate) -* [`owner`](#owner) +* [`user`](#-postgresql--server--db--user) +* [`password`](#-postgresql--server--db--password) +* [`comment`](#-postgresql--server--db--comment) +* [`dbname`](#-postgresql--server--db--dbname) +* [`encoding`](#-postgresql--server--db--encoding) +* [`locale`](#-postgresql--server--db--locale) +* [`grant`](#-postgresql--server--db--grant) +* [`tablespace`](#-postgresql--server--db--tablespace) +* [`template`](#-postgresql--server--db--template) +* [`istemplate`](#-postgresql--server--db--istemplate) +* [`owner`](#-postgresql--server--db--owner) -##### `user` +##### `user` -Data type: `Any` +Data type: `String[1]` User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. -##### `password` +##### `password` Data type: `Optional[Variant[String, Sensitive[String]]]` Sets the password for the created user (if a user is created). -Default value: ``undef`` +Default value: `undef` -##### `comment` +##### `comment` -Data type: `Any` +Data type: `Optional[String[1]]` Defines a comment to be stored about the database using the PostgreSQL COMMENT command. -Default value: ``undef`` +Default value: `undef` -##### `dbname` +##### `dbname` -Data type: `Any` +Data type: `String[1]` Sets the name of the database to be created. Default value: `$title` -##### `encoding` +##### `encoding` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` -Data type: `Any` +Data type: `Optional[String[1]]` Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `grant` +##### `grant` -Data type: `Any` +Data type: `Variant[String[1], Array[String[1]]]` Specifies the permissions to grant during creation. Default value: 'ALL'. Default value: `'ALL'` -##### `tablespace` +##### `tablespace` -Data type: `Any` +Data type: `Optional[String[1]]` Defines the name of the tablespace to allocate the created database to. -Default value: ``undef`` +Default value: `undef` -##### `template` +##### `template` -Data type: `Any` +Data type: `String[1]` Specifies the name of the template database from which to build this database. Defaults value: template0. Default value: `'template0'` -##### `istemplate` +##### `istemplate` -Data type: `Any` +Data type: `Boolean` Specifies that the database is a template, if set to true. -Default value: ``false`` +Default value: `false` -##### `owner` +##### `owner` -Data type: `Any` +Data type: `Optional[String[1]]` Sets a user as the owner of the database. -Default value: ``undef`` +Default value: `undef` -### `postgresql::server::default_privileges` +### `postgresql::server::default_privileges` Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. @@ -1762,30 +1781,29 @@ Manage a database defaults privileges. Only works with PostgreSQL version 9.6 an The following parameters are available in the `postgresql::server::default_privileges` defined type: -* [`target_role`](#target_role) -* [`ensure`](#ensure) -* [`role`](#role) -* [`db`](#db) -* [`object_type`](#object_type) -* [`privilege`](#privilege) -* [`schema`](#schema) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`psql_path`](#psql_path) -* [`port`](#port) -* [`connect_settings`](#connect_settings) -* [`psql_path`](#psql_path) -* [`group`](#group) - -##### `target_role` +* [`target_role`](#-postgresql--server--default_privileges--target_role) +* [`ensure`](#-postgresql--server--default_privileges--ensure) +* [`role`](#-postgresql--server--default_privileges--role) +* [`db`](#-postgresql--server--default_privileges--db) +* [`object_type`](#-postgresql--server--default_privileges--object_type) +* [`privilege`](#-postgresql--server--default_privileges--privilege) +* [`schema`](#-postgresql--server--default_privileges--schema) +* [`psql_db`](#-postgresql--server--default_privileges--psql_db) +* [`psql_user`](#-postgresql--server--default_privileges--psql_user) +* [`psql_path`](#-postgresql--server--default_privileges--psql_path) +* [`port`](#-postgresql--server--default_privileges--port) +* [`connect_settings`](#-postgresql--server--default_privileges--connect_settings) +* [`group`](#-postgresql--server--default_privileges--group) + +##### `target_role` Data type: `Optional[String]` Target role whose created objects will receive the default privileges. Defaults to the current user. -Default value: ``undef`` +Default value: `undef` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1793,38 +1811,42 @@ Specifies whether to grant or revoke the privilege. Default value: `'present'` -##### `role` +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `object_type` +##### `object_type` -Data type: `Pattern[ +Data type: + +```puppet +Pattern[ /(?i:^FUNCTIONS$)/, /(?i:^ROUTINES$)/, /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, - /(?i:^SCHEMAS$)/ - ]` + /(?i:^SCHEMAS$)/ # lint:ignore:trailing_comma + ] +``` Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. -##### `privilege` +##### `privilege` Data type: `String` Specifies comma-separated list of privileges to grant. Valid options: depends on object type. -##### `schema` +##### `schema` Data type: `String` @@ -1832,7 +1854,7 @@ Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas. Default value: `'public'` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -1840,7 +1862,7 @@ Defines the database to execute the grant against. This should not ordinarily be Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -1848,23 +1870,23 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::user` -##### `psql_path` +##### `psql_path` -Data type: `String` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` -Data type: `Integer` +Data type: `Variant[String[1], Stdlib::Port, Integer]` Specifies the port to access the server. Default value: The default user for the module, usually '5432'. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -1872,21 +1894,15 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `psql_path` - -Specifies the path to the psql command. - -Default value: `$postgresql::server::psql_path` - -##### `group` +##### `group` Data type: `String` - +Specifies the user group to which the privileges will be granted. Default value: `$postgresql::server::group` -### `postgresql::server::extension` +### `postgresql::server::extension` Activate an extension on a postgresql database. @@ -1894,40 +1910,40 @@ Activate an extension on a postgresql database. The following parameters are available in the `postgresql::server::extension` defined type: -* [`database`](#database) -* [`extension`](#extension) -* [`schema`](#schema) -* [`version`](#version) -* [`ensure`](#ensure) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`port`](#port) -* [`connect_settings`](#connect_settings) -* [`database_resource_name`](#database_resource_name) +* [`database`](#-postgresql--server--extension--database) +* [`extension`](#-postgresql--server--extension--extension) +* [`schema`](#-postgresql--server--extension--schema) +* [`version`](#-postgresql--server--extension--version) +* [`ensure`](#-postgresql--server--extension--ensure) +* [`package_name`](#-postgresql--server--extension--package_name) +* [`package_ensure`](#-postgresql--server--extension--package_ensure) +* [`port`](#-postgresql--server--extension--port) +* [`connect_settings`](#-postgresql--server--extension--connect_settings) +* [`database_resource_name`](#-postgresql--server--extension--database_resource_name) -##### `database` +##### `database` -Data type: `Any` +Data type: `String[1]` Specifies the database on which to activate the extension. -##### `extension` +##### `extension` -Data type: `Any` +Data type: `String[1]` Specifies the extension to activate. If left blank, uses the name of the resource. Default value: `$name` -##### `schema` +##### `schema` Data type: `Optional[String[1]]` Specifies the schema on which to activate the extension. -Default value: ``undef`` +Default value: `undef` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -1938,57 +1954,57 @@ version may be set to a specific version, in which case the extension is updated eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. -Default value: ``undef`` +Default value: `undef` -##### `ensure` +##### `ensure` -Data type: `String[1]` +Data type: `Enum['present', 'absent']` Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. Default value: `'present'` -##### `package_name` +##### `package_name` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies a package to install prior to activating the extension. -Default value: ``undef`` +Default value: `undef` -##### `package_ensure` +##### `package_ensure` -Data type: `Any` +Data type: `Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]]` Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. -Default value: ``undef`` +Default value: `undef` -##### `port` +##### `port` -Data type: `Optional[Integer]` +Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` Port to use when connecting. -Default value: ``undef`` +Default value: `undef` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Default value: `postgresql::default('default_connect_settings')` -##### `database_resource_name` +##### `database_resource_name` -Data type: `Any` +Data type: `String[1]` Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. Default value: `$database` -### `postgresql::server::grant` +### `postgresql::server::grant` Define for granting permissions to roles. @@ -1996,282 +2012,960 @@ Define for granting permissions to roles. The following parameters are available in the `postgresql::server::grant` defined type: -* [`role`](#role) -* [`db`](#db) -* [`privilege`](#privilege) -* [`object_type`](#object_type) -* [`object_name`](#object_name) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`onlyif_exists`](#onlyif_exists) -* [`connect_settings`](#connect_settings) -* [`ensure`](#ensure) -* [`group`](#group) -* [`psql_path`](#psql_path) -* [`object_arguments`](#object_arguments) - -##### `role` +* [`role`](#-postgresql--server--grant--role) +* [`db`](#-postgresql--server--grant--db) +* [`privilege`](#-postgresql--server--grant--privilege) +* [`object_type`](#-postgresql--server--grant--object_type) +* [`object_name`](#-postgresql--server--grant--object_name) +* [`object_arguments`](#-postgresql--server--grant--object_arguments) +* [`psql_db`](#-postgresql--server--grant--psql_db) +* [`psql_user`](#-postgresql--server--grant--psql_user) +* [`port`](#-postgresql--server--grant--port) +* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists) +* [`connect_settings`](#-postgresql--server--grant--connect_settings) +* [`ensure`](#-postgresql--server--grant--ensure) +* [`group`](#-postgresql--server--grant--group) +* [`psql_path`](#-postgresql--server--grant--psql_path) + +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `privilege` +##### `privilege` Data type: `String` Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. -Default value: `''` +Default value: `''` + +##### `object_type` + +Data type: + +```puppet +Pattern[#/(?i:^COLUMN$)/, + /(?i:^ALL SEQUENCES IN SCHEMA$)/, + /(?i:^ALL TABLES IN SCHEMA$)/, + /(?i:^DATABASE$)/, + #/(?i:^FOREIGN DATA WRAPPER$)/, + #/(?i:^FOREIGN SERVER$)/, + /(?i:^FUNCTION$)/, + /(?i:^LANGUAGE$)/, + #/(?i:^PROCEDURAL LANGUAGE$)/, + /(?i:^TABLE$)/, + #/(?i:^TABLESPACE$)/, + /(?i:^SCHEMA$)/, + /(?i:^SEQUENCE$)/ # lint:ignore:trailing_comma + #/(?i:^VIEW$)/ + ] +``` + +Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. + +Default value: `'database'` + +##### `object_name` + +Data type: `Optional[Variant[Array[String,2,2],String[1]]]` + +Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] + +Default value: `undef` + +##### `object_arguments` + +Data type: `Array[String[1],0]` + +Specifies any arguments to be passed alongisde the access grant. + +Default value: `[]` + +##### `psql_db` + +Data type: `String` + +Specifies the database to execute the grant against. This should not ordinarily be changed from the default + +Default value: `$postgresql::server::default_database` + +##### `psql_user` + +Data type: `String` + +Sets the OS user to run psql. + +Default value: `$postgresql::server::user` + +##### `port` + +Data type: `Variant[String[1], Stdlib::Port, Integer]` + +Port to use when connecting. + +Default value: `$postgresql::server::port` + +##### `onlyif_exists` + +Data type: `Boolean` + +Create grant only if doesn't exist + +Default value: `false` + +##### `connect_settings` + +Data type: `Hash` + +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: `$postgresql::server::default_connect_settings` + +##### `ensure` + +Data type: `Enum['present', 'absent']` + +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. + +Default value: `'present'` + +##### `group` + +Data type: `String` + +Sets the OS group to run psql + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Sets the path to psql command + +Default value: `$postgresql::server::psql_path` + +### `postgresql::server::grant_role` + +Define for granting membership to a role. + +#### Parameters + +The following parameters are available in the `postgresql::server::grant_role` defined type: + +* [`group`](#-postgresql--server--grant_role--group) +* [`role`](#-postgresql--server--grant_role--role) +* [`ensure`](#-postgresql--server--grant_role--ensure) +* [`psql_db`](#-postgresql--server--grant_role--psql_db) +* [`psql_user`](#-postgresql--server--grant_role--psql_user) +* [`port`](#-postgresql--server--grant_role--port) +* [`connect_settings`](#-postgresql--server--grant_role--connect_settings) + +##### `group` + +Data type: `String[1]` + +Specifies the group role to which you are assigning a role. + +##### `role` + +Data type: `String[1]` + +Specifies the role you want to assign to a group. If left blank, uses the name of the resource. + +Default value: `$name` + +##### `ensure` + +Data type: `Enum['present', 'absent']` + +Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'. + +Default value: `'present'` + +##### `psql_db` + +Data type: `String[1]` + +Specifies the database to execute the grant against. This should not ordinarily be changed from the default + +Default value: `$postgresql::server::default_database` + +##### `psql_user` + +Data type: `String[1]` + +Sets the OS user to run psql. + +Default value: `$postgresql::server::user` + +##### `port` + +Data type: `Variant[String[1], Stdlib::Port, Integer]` + +Port to use when connecting. + +Default value: `$postgresql::server::port` + +##### `connect_settings` + +Data type: `Hash` + +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: `$postgresql::server::default_connect_settings` + +### `postgresql::server::instance::config` + +lint:ignore:140chars +lint:endignore:140chars + +#### Parameters + +The following parameters are available in the `postgresql::server::instance::config` defined type: + +* [`ip_mask_deny_postgres_user`](#-postgresql--server--instance--config--ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#-postgresql--server--instance--config--ip_mask_allow_all_users) +* [`listen_addresses`](#-postgresql--server--instance--config--listen_addresses) +* [`port`](#-postgresql--server--instance--config--port) +* [`ipv4acls`](#-postgresql--server--instance--config--ipv4acls) +* [`ipv6acls`](#-postgresql--server--instance--config--ipv6acls) +* [`pg_hba_conf_path`](#-postgresql--server--instance--config--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--server--instance--config--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--server--instance--config--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--server--instance--config--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--server--instance--config--recovery_conf_path) +* [`pg_hba_conf_defaults`](#-postgresql--server--instance--config--pg_hba_conf_defaults) +* [`user`](#-postgresql--server--instance--config--user) +* [`group`](#-postgresql--server--instance--config--group) +* [`version`](#-postgresql--server--instance--config--version) +* [`manage_pg_hba_conf`](#-postgresql--server--instance--config--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--server--instance--config--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--server--instance--config--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--server--instance--config--manage_postgresql_conf_perms) +* [`datadir`](#-postgresql--server--instance--config--datadir) +* [`logdir`](#-postgresql--server--instance--config--logdir) +* [`service_name`](#-postgresql--server--instance--config--service_name) +* [`service_enable`](#-postgresql--server--instance--config--service_enable) +* [`log_line_prefix`](#-postgresql--server--instance--config--log_line_prefix) +* [`timezone`](#-postgresql--server--instance--config--timezone) +* [`password_encryption`](#-postgresql--server--instance--config--password_encryption) +* [`extra_systemd_config`](#-postgresql--server--instance--config--extra_systemd_config) + +##### `ip_mask_deny_postgres_user` + +Data type: `String[1]` + +Specifies the IP mask from which remote connections should be denied for the postgres superuser. +Default value: '0.0.0.0/0', which denies any remote connection. + +Default value: `$postgresql::server::ip_mask_deny_postgres_user` + +##### `ip_mask_allow_all_users` + +Data type: `String[1]` + +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Default value: '127.0.0.1/32'. + +Default value: `$postgresql::server::ip_mask_allow_all_users` + +##### `listen_addresses` + +Data type: `Optional[String[1]]` + +Address list on which the PostgreSQL service will listen + +Default value: `$postgresql::server::listen_addresses` + +##### `port` + +Data type: `Variant[String[1], Stdlib::Port, Integer]` + +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. + +Default value: `$postgresql::server::port` + +##### `ipv4acls` + +Data type: `Array[String[1]]` + +Lists strings for access control for connection method, users, databases, IPv4 addresses. + +Default value: `$postgresql::server::ipv4acls` + +##### `ipv6acls` + +Data type: `Array[String[1]]` + +Lists strings for access control for connection method, users, databases, IPv6 addresses. + +Default value: `$postgresql::server::ipv6acls` + +##### `pg_hba_conf_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to your pg_hba.conf file. + +Default value: `$postgresql::server::pg_hba_conf_path` + +##### `pg_ident_conf_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to your pg_ident.conf file. + +Default value: `$postgresql::server::pg_ident_conf_path` + +##### `postgresql_conf_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to your postgresql.conf file. + +Default value: `$postgresql::server::postgresql_conf_path` + +##### `postgresql_conf_mode` + +Data type: `Optional[Stdlib::Filemode]` + +Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. + +Default value: `$postgresql::server::postgresql_conf_mode` + +##### `recovery_conf_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to your recovery.conf file. + +Default value: `$postgresql::server::recovery_conf_path` + +##### `pg_hba_conf_defaults` + +Data type: `Boolean` + +If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. + +Default value: `$postgresql::server::pg_hba_conf_defaults` + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + +##### `version` + +Data type: `Optional[String[1]]` + +Sets PostgreSQL version + +Default value: `$postgresql::server::_version` + +##### `manage_pg_hba_conf` + +Data type: `Boolean` + +Boolean. Whether to manage the pg_hba.conf. + +Default value: `$postgresql::server::manage_pg_hba_conf` + +##### `manage_pg_ident_conf` + +Data type: `Boolean` + +Boolean. Overwrites the pg_ident.conf file. + +Default value: `$postgresql::server::manage_pg_ident_conf` + +##### `manage_recovery_conf` + +Data type: `Boolean` + +Boolean. Specifies whether or not manage the recovery.conf. + +Default value: `$postgresql::server::manage_recovery_conf` + +##### `manage_postgresql_conf_perms` + +Data type: `Boolean` + +Whether to manage the postgresql conf file permissions. This means owner, +group and mode. Contents are not managed but should be managed through +postgresql::server::config_entry. + +Default value: `$postgresql::server::manage_postgresql_conf_perms` + +##### `datadir` + +Data type: `String[1]` + +PostgreSQL data directory + +Default value: `$postgresql::server::datadir` + +##### `logdir` + +Data type: `Optional[String[1]]` + +PostgreSQL log directory + +Default value: `$postgresql::server::logdir` + +##### `service_name` + +Data type: `String[1]` + +Overrides the default PostgreSQL service name. + +Default value: `$postgresql::server::service_name` + +##### `service_enable` + +Data type: `Boolean` + +Enable the PostgreSQL service + +Default value: `$postgresql::server::service_enable` + +##### `log_line_prefix` + +Data type: `Optional[String[1]]` + +PostgreSQL log line prefix + +Default value: `$postgresql::server::log_line_prefix` + +##### `timezone` + +Data type: `Optional[String[1]]` + +Set timezone for the PostgreSQL instance + +Default value: `$postgresql::server::timezone` + +##### `password_encryption` + +Data type: `Optional[String]` + +Specify the type of encryption set for the password. + +Default value: `$postgresql::server::password_encryption` + +##### `extra_systemd_config` + +Data type: `Optional[String]` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: `$postgresql::server::extra_systemd_config` + +### `postgresql::server::instance::initdb` + +lint:ignore:140chars +lint:endignore:140chars + +#### Parameters + +The following parameters are available in the `postgresql::server::instance::initdb` defined type: + +* [`needs_initdb`](#-postgresql--server--instance--initdb--needs_initdb) +* [`initdb_path`](#-postgresql--server--instance--initdb--initdb_path) +* [`datadir`](#-postgresql--server--instance--initdb--datadir) +* [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) +* [`logdir`](#-postgresql--server--instance--initdb--logdir) +* [`manage_datadir`](#-postgresql--server--instance--initdb--manage_datadir) +* [`manage_logdir`](#-postgresql--server--instance--initdb--manage_logdir) +* [`manage_xlogdir`](#-postgresql--server--instance--initdb--manage_xlogdir) +* [`encoding`](#-postgresql--server--instance--initdb--encoding) +* [`locale`](#-postgresql--server--instance--initdb--locale) +* [`data_checksums`](#-postgresql--server--instance--initdb--data_checksums) +* [`user`](#-postgresql--server--instance--initdb--user) +* [`group`](#-postgresql--server--instance--initdb--group) +* [`module_workdir`](#-postgresql--server--instance--initdb--module_workdir) + +##### `needs_initdb` + +Data type: `Boolean` + +Explicitly calls the initdb operation after server package is installed +and before the PostgreSQL service is started. + +Default value: `$postgresql::server::needs_initdb` + +##### `initdb_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to the initdb command. + +Default value: `$postgresql::server::initdb_path` + +##### `datadir` + +Data type: `String[1]` + +PostgreSQL data directory + +Default value: `$postgresql::server::datadir` + +##### `xlogdir` + +Data type: `Optional[String[1]]` + +PostgreSQL xlog directory + +Default value: `$postgresql::server::xlogdir` + +##### `logdir` + +Data type: `Optional[String[1]]` + +PostgreSQL log directory + +Default value: `$postgresql::server::logdir` + +##### `manage_datadir` + +Data type: `Boolean` + +Set to false if you have file{ $datadir: } already defined + +Default value: `$postgresql::server::manage_datadir` + +##### `manage_logdir` + +Data type: `Boolean` + +Set to false if you have file{ $logdir: } already defined + +Default value: `$postgresql::server::manage_logdir` + +##### `manage_xlogdir` + +Data type: `Boolean` + +Set to false if you have file{ $xlogdir: } already defined + +Default value: `$postgresql::server::manage_xlogdir` + +##### `encoding` + +Data type: `Optional[String[1]]` + +Sets the default encoding for all databases created with this module. +On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. + +Default value: `$postgresql::server::encoding` + +##### `locale` + +Data type: `Optional[String[1]]` + +Sets the default database locale for all databases created with this module. +On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. + +Default value: `$postgresql::server::locale` + +##### `data_checksums` + +Data type: `Optional[Boolean]` + +Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. + +Default value: `$postgresql::server::data_checksums` + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + +##### `module_workdir` + +Data type: `String[1]` + +Working directory for the PostgreSQL module + +Default value: `$postgresql::server::module_workdir` + +### `postgresql::server::instance::late_initdb` + +lint:ignore:140chars +lint:endignore:140chars + +#### Parameters + +The following parameters are available in the `postgresql::server::instance::late_initdb` defined type: + +* [`encoding`](#-postgresql--server--instance--late_initdb--encoding) +* [`user`](#-postgresql--server--instance--late_initdb--user) +* [`group`](#-postgresql--server--instance--late_initdb--group) +* [`psql_path`](#-postgresql--server--instance--late_initdb--psql_path) +* [`port`](#-postgresql--server--instance--late_initdb--port) +* [`module_workdir`](#-postgresql--server--instance--late_initdb--module_workdir) + +##### `encoding` + +Data type: `Optional[String[1]]` + +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. + +Default value: `$postgresql::server::encoding` + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to the psql command. + +Default value: `$postgresql::server::psql_path` + +##### `port` + +Data type: `Variant[String[1], Stdlib::Port, Integer]` + +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. + +Default value: `$postgresql::server::port` + +##### `module_workdir` + +Data type: `String[1]` + +Working directory for the PostgreSQL module + +Default value: `$postgresql::server::module_workdir` + +### `postgresql::server::instance::passwd` + +lint:ignore:140chars +lint:endignore:140chars + +#### Parameters + +The following parameters are available in the `postgresql::server::instance::passwd` defined type: + +* [`user`](#-postgresql--server--instance--passwd--user) +* [`group`](#-postgresql--server--instance--passwd--group) +* [`psql_path`](#-postgresql--server--instance--passwd--psql_path) +* [`port`](#-postgresql--server--instance--passwd--port) +* [`database`](#-postgresql--server--instance--passwd--database) +* [`module_workdir`](#-postgresql--server--instance--passwd--module_workdir) +* [`postgres_password`](#-postgresql--server--instance--passwd--postgres_password) + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to the psql command. + +Default value: `$postgresql::server::psql_path` + +##### `port` -##### `object_type` +Data type: `Variant[String[1], Stdlib::Port, Integer]` -Data type: `Pattern[#/(?i:^COLUMN$)/, - /(?i:^ALL SEQUENCES IN SCHEMA$)/, - /(?i:^ALL TABLES IN SCHEMA$)/, - /(?i:^DATABASE$)/, - #/(?i:^FOREIGN DATA WRAPPER$)/, - #/(?i:^FOREIGN SERVER$)/, - /(?i:^FUNCTION$)/, - /(?i:^LANGUAGE$)/, - #/(?i:^PROCEDURAL LANGUAGE$)/, - /(?i:^TABLE$)/, - #/(?i:^TABLESPACE$)/, - /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ - #/(?i:^VIEW$)/ - ]` +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. -Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. +Default value: `$postgresql::server::port` -Default value: `'database'` +##### `database` -##### `object_name` +Data type: `String[1]` -Data type: `Optional[Variant[Array[String,2,2],String[1]]]` +Specifies the name of the database to connect with. On most systems this is 'postgres'. -Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] +Default value: `$postgresql::server::default_database` -Default value: ``undef`` +##### `module_workdir` -##### `psql_db` +Data type: `String[1]` -Data type: `String` +Working directory for the PostgreSQL module -Specifies the database to execute the grant against. This should not ordinarily be changed from the default +Default value: `$postgresql::server::module_workdir` -Default value: `$postgresql::server::default_database` +##### `postgres_password` -##### `psql_user` +Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` -Data type: `String` +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -Sets the OS user to run psql. +Default value: `$postgresql::server::postgres_password` -Default value: `$postgresql::server::user` +### `postgresql::server::instance::reload` -##### `port` +The postgresql::server::instance::reload class. -Data type: `Integer` +#### Parameters -Port to use when connecting. +The following parameters are available in the `postgresql::server::instance::reload` defined type: -Default value: `$postgresql::server::port` +* [`service_reload`](#-postgresql--server--instance--reload--service_reload) +* [`service_status`](#-postgresql--server--instance--reload--service_status) -##### `onlyif_exists` +##### `service_reload` -Data type: `Boolean` +Data type: `String[1]` -Create grant only if doesn't exist +Overrides the default reload command for your PostgreSQL service. -Default value: ``false`` +Default value: `$postgresql::server::service_reload` -##### `connect_settings` +##### `service_status` -Data type: `Hash` +Data type: `String[1]` -Specifies a hash of environment variables used when connecting to a remote server. +Overrides the default status check command for your PostgreSQL service. -Default value: `$postgresql::server::default_connect_settings` +Default value: `$postgresql::server::service_status` -##### `ensure` +### `postgresql::server::instance::service` -Data type: `Enum['present', 'absent']` +lint:ignore:140chars +lint:endignore:140chars -Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. +#### Parameters -Default value: `'present'` +The following parameters are available in the `postgresql::server::instance::service` defined type: -##### `group` +* [`service_ensure`](#-postgresql--server--instance--service--service_ensure) +* [`service_enable`](#-postgresql--server--instance--service--service_enable) +* [`service_manage`](#-postgresql--server--instance--service--service_manage) +* [`service_name`](#-postgresql--server--instance--service--service_name) +* [`service_provider`](#-postgresql--server--instance--service--service_provider) +* [`service_status`](#-postgresql--server--instance--service--service_status) +* [`user`](#-postgresql--server--instance--service--user) +* [`port`](#-postgresql--server--instance--service--port) +* [`default_database`](#-postgresql--server--instance--service--default_database) +* [`psql_path`](#-postgresql--server--instance--service--psql_path) +* [`connect_settings`](#-postgresql--server--instance--service--connect_settings) -Data type: `String` +##### `service_ensure` -Sets the OS group to run psql +Data type: `Variant[Enum['running', 'stopped'], Boolean]` -Default value: `$postgresql::server::group` +Ensure service is installed -##### `psql_path` +Default value: `$postgresql::server::service_ensure` -Data type: `String` +##### `service_enable` -Sets the path to psql command +Data type: `Boolean` -Default value: `$postgresql::server::psql_path` +Enable the PostgreSQL service -##### `object_arguments` +Default value: `$postgresql::server::service_enable` -Data type: `Array[String[1],0]` +##### `service_manage` +Data type: `Boolean` +Defines whether or not Puppet should manage the service. -Default value: `[]` +Default value: `$postgresql::server::service_manage` -### `postgresql::server::grant_role` +##### `service_name` -Define for granting membership to a role. +Data type: `String[1]` -#### Parameters +Overrides the default PostgreSQL service name. -The following parameters are available in the `postgresql::server::grant_role` defined type: +Default value: `$postgresql::server::service_name` -* [`group`](#group) -* [`role`](#role) -* [`ensure`](#ensure) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`connect_settings`](#connect_settings) +##### `service_provider` -##### `group` +Data type: `Optional[String[1]]` -Data type: `String[1]` +Overrides the default PostgreSQL service provider. -Specifies the group role to which you are assigning a role. +Default value: `$postgresql::server::service_provider` -##### `role` +##### `service_status` Data type: `String[1]` -Specifies the role you want to assign to a group. If left blank, uses the name of the resource. +Overrides the default status check command for your PostgreSQL service. -Default value: `$name` +Default value: `$postgresql::server::service_status` -##### `ensure` +##### `user` -Data type: `Enum['present', 'absent']` +Data type: `String[1]` -Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'. +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: `'present'` +Default value: `$postgresql::server::user` -##### `psql_db` +##### `port` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the database to execute the grant against. This should not ordinarily be changed from the default +Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Default value: 5432. Meaning the Postgres server listens on TCP port 5432. -Default value: `$postgresql::server::default_database` +Default value: `$postgresql::server::port` -##### `psql_user` +##### `default_database` -Data type: `Any` +Data type: `String[1]` -Sets the OS user to run psql. +Specifies the name of the default database to connect with. On most systems this is 'postgres'. -Default value: `$postgresql::server::user` +Default value: `$postgresql::server::default_database` -##### `port` +##### `psql_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` -Port to use when connecting. +Specifies the path to the psql command. -Default value: `$postgresql::server::port` +Default value: `$postgresql::server::psql_path` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` -Specifies a hash of environment variables used when connecting to a remote server. +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::pg_hba_rule` +### `postgresql::server::pg_hba_rule` -This resource manages an individual rule that applies to the file defined in target. +lint:ignore:140chars +lint:endignore:140chars #### Parameters The following parameters are available in the `postgresql::server::pg_hba_rule` defined type: -* [`type`](#type) -* [`database`](#database) -* [`user`](#user) -* [`auth_method`](#auth_method) -* [`address`](#address) -* [`description`](#description) -* [`auth_option`](#auth_option) -* [`order`](#order) -* [`target`](#target) -* [`postgresql_version`](#postgresql_version) +* [`type`](#-postgresql--server--pg_hba_rule--type) +* [`database`](#-postgresql--server--pg_hba_rule--database) +* [`user`](#-postgresql--server--pg_hba_rule--user) +* [`auth_method`](#-postgresql--server--pg_hba_rule--auth_method) +* [`address`](#-postgresql--server--pg_hba_rule--address) +* [`description`](#-postgresql--server--pg_hba_rule--description) +* [`auth_option`](#-postgresql--server--pg_hba_rule--auth_option) +* [`order`](#-postgresql--server--pg_hba_rule--order) +* [`target`](#-postgresql--server--pg_hba_rule--target) +* [`postgresql_version`](#-postgresql--server--pg_hba_rule--postgresql_version) -##### `type` +##### `type` -Data type: `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc']` +Data type: `Postgresql::Pg_hba_rule_type` Sets the type of rule. -Enum['local','host','hostssl','hostnossl','hostgssenc']. -##### `database` +##### `database` -Data type: `String` +Data type: `String[1]` Sets a comma-separated list of databases that this rule matches. -##### `user` +##### `user` -Data type: `String` +Data type: `String[1]` Sets a comma-separated list of users that this rule matches. -##### `auth_method` +##### `auth_method` -Data type: `String` +Data type: `String[1]` Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -##### `address` +##### `address` -Data type: `Optional[String]` +Data type: `Optional[Postgresql::Pg_hba_rule_address]` -Sets a CIDR based address for this rule matching when the type is not 'local'. +Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Default value: ``undef`` +Default value: `undef` -##### `description` +##### `description` -Data type: `String` +Data type: `String[1]` Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. Default value: `'none'` -##### `auth_option` +##### `auth_option` Data type: `Optional[String]` For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. -Default value: ``undef`` +Default value: `undef` -##### `order` +##### `order` Data type: `Variant[String, Integer]` @@ -2279,7 +2973,7 @@ Sets an order for placing the rule in pg_hba.conf. This can be either a string o Default value: `150` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -2287,7 +2981,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::pg_hba_conf_path` -##### `postgresql_version` +##### `postgresql_version` Data type: `String` @@ -2295,7 +2989,7 @@ Manages pg_hba.conf without managing the entire PostgreSQL instance. Default value: `$postgresql::server::_version` -### `postgresql::server::pg_ident_rule` +### `postgresql::server::pg_ident_rule` This resource manages an individual rule that applies to the file defined in target. @@ -2303,56 +2997,58 @@ This resource manages an individual rule that applies to the file defined in tar The following parameters are available in the `postgresql::server::pg_ident_rule` defined type: -* [`map_name`](#map_name) -* [`system_username`](#system_username) -* [`database_username`](#database_username) -* [`description`](#description) -* [`order`](#order) -* [`target`](#target) +* [`map_name`](#-postgresql--server--pg_ident_rule--map_name) +* [`system_username`](#-postgresql--server--pg_ident_rule--system_username) +* [`database_username`](#-postgresql--server--pg_ident_rule--database_username) +* [`description`](#-postgresql--server--pg_ident_rule--description) +* [`order`](#-postgresql--server--pg_ident_rule--order) +* [`target`](#-postgresql--server--pg_ident_rule--target) -##### `map_name` +##### `map_name` -Data type: `Any` +Data type: `String[1]` Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. -##### `system_username` +##### `system_username` -Data type: `Any` +Data type: `String[1]` Specifies the operating system user name (the user name used to connect to the database). -##### `database_username` +##### `database_username` -Data type: `Any` +Data type: `String[1]` -Specifies the user name of the database user. The system_username is mapped to this user name. +Specifies the user name of the database user. +The system_username is mapped to this user name. -##### `description` +##### `description` -Data type: `Any` +Data type: `String[1]` -Sets a longer description for this rule if required. This description is placed in the comments above the rule in pg_ident.conf. Default value: 'none'. +Sets a longer description for this rule if required. +This description is placed in the comments above the rule in pg_ident.conf. Default value: `'none'` -##### `order` +##### `order` -Data type: `Any` +Data type: `String[1]` Defines an order for placing the mapping in pg_ident.conf. Default value: 150. Default value: `'150'` -##### `target` +##### `target` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Provides the target for the rule and is generally an internal only property. Use with caution. Default value: `$postgresql::server::pg_ident_conf_path` -### `postgresql::server::reassign_owned_by` +### `postgresql::server::reassign_owned_by` Define for reassigning the ownership of objects within a database. @@ -2362,32 +3058,32 @@ Define for reassigning the ownership of objects within a database. The following parameters are available in the `postgresql::server::reassign_owned_by` defined type: -* [`old_role`](#old_role) -* [`new_role`](#new_role) -* [`db`](#db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`connect_settings`](#connect_settings) +* [`old_role`](#-postgresql--server--reassign_owned_by--old_role) +* [`new_role`](#-postgresql--server--reassign_owned_by--new_role) +* [`db`](#-postgresql--server--reassign_owned_by--db) +* [`psql_user`](#-postgresql--server--reassign_owned_by--psql_user) +* [`port`](#-postgresql--server--reassign_owned_by--port) +* [`connect_settings`](#-postgresql--server--reassign_owned_by--connect_settings) -##### `old_role` +##### `old_role` Data type: `String` Specifies the role or user who is the current owner of the objects in the specified db -##### `new_role` +##### `new_role` Data type: `String` Specifies the role or user who will be the new owner of these objects -##### `db` +##### `db` Data type: `String` Specifies the database to which the 'REASSIGN OWNED' will be applied -##### `psql_user` +##### `psql_user` Data type: `String` @@ -2395,15 +3091,15 @@ Specifies the OS user for running psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` -Data type: `Integer` +Data type: `Variant[String[1], Stdlib::Port, Integer]` Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2411,9 +3107,10 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::recovery` +### `postgresql::server::recovery` -This resource manages the parameters that applies to the recovery.conf template. +lint:ignore:140chars +lint:endignore:140chars * **Note** Allows you to create the content for recovery.conf. For more details see the usage example and the PostgreSQL documentation. Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and recovery_min_apply_delay. @@ -2424,152 +3121,152 @@ Only the specified parameters are recognized in the template. The recovery.conf The following parameters are available in the `postgresql::server::recovery` defined type: -* [`restore_command`](#restore_command) -* [`archive_cleanup_command`](#archive_cleanup_command) -* [`recovery_end_command`](#recovery_end_command) -* [`recovery_target_name`](#recovery_target_name) -* [`recovery_target_time`](#recovery_target_time) -* [`recovery_target_xid`](#recovery_target_xid) -* [`recovery_target_inclusive`](#recovery_target_inclusive) -* [`recovery_target`](#recovery_target) -* [`recovery_target_timeline`](#recovery_target_timeline) -* [`pause_at_recovery_target`](#pause_at_recovery_target) -* [`standby_mode`](#standby_mode) -* [`primary_conninfo`](#primary_conninfo) -* [`primary_slot_name`](#primary_slot_name) -* [`trigger_file`](#trigger_file) -* [`recovery_min_apply_delay`](#recovery_min_apply_delay) -* [`target`](#target) - -##### `restore_command` +* [`restore_command`](#-postgresql--server--recovery--restore_command) +* [`archive_cleanup_command`](#-postgresql--server--recovery--archive_cleanup_command) +* [`recovery_end_command`](#-postgresql--server--recovery--recovery_end_command) +* [`recovery_target_name`](#-postgresql--server--recovery--recovery_target_name) +* [`recovery_target_time`](#-postgresql--server--recovery--recovery_target_time) +* [`recovery_target_xid`](#-postgresql--server--recovery--recovery_target_xid) +* [`recovery_target_inclusive`](#-postgresql--server--recovery--recovery_target_inclusive) +* [`recovery_target`](#-postgresql--server--recovery--recovery_target) +* [`recovery_target_timeline`](#-postgresql--server--recovery--recovery_target_timeline) +* [`pause_at_recovery_target`](#-postgresql--server--recovery--pause_at_recovery_target) +* [`standby_mode`](#-postgresql--server--recovery--standby_mode) +* [`primary_conninfo`](#-postgresql--server--recovery--primary_conninfo) +* [`primary_slot_name`](#-postgresql--server--recovery--primary_slot_name) +* [`trigger_file`](#-postgresql--server--recovery--trigger_file) +* [`recovery_min_apply_delay`](#-postgresql--server--recovery--recovery_min_apply_delay) +* [`target`](#-postgresql--server--recovery--target) + +##### `restore_command` -Data type: `Any` +Data type: `Optional[String]` The shell command to execute to retrieve an archived segment of the WAL file series. -Default value: ``undef`` +Default value: `undef` -##### `archive_cleanup_command` +##### `archive_cleanup_command` -Data type: `Any` +Data type: `Optional[String[1]]` This optional parameter specifies a shell command that will be executed at every restartpoint. -Default value: ``undef`` +Default value: `undef` -##### `recovery_end_command` +##### `recovery_end_command` -Data type: `Any` +Data type: `Optional[String[1]]` This parameter specifies a shell command that will be executed once only at the end of recovery. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_name` +##### `recovery_target_name` -Data type: `Any` +Data type: `Optional[String[1]]` This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_time` +##### `recovery_target_time` -Data type: `Any` +Data type: `Optional[String[1]]` This parameter specifies the time stamp up to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_xid` +##### `recovery_target_xid` -Data type: `Any` +Data type: `Optional[String[1]]` This parameter specifies the transaction ID up to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_inclusive` +##### `recovery_target_inclusive` -Data type: `Any` +Data type: `Optional[Boolean]` Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). -Default value: ``undef`` +Default value: `undef` -##### `recovery_target` +##### `recovery_target` -Data type: `Any` +Data type: `Optional[String[1]]` This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_timeline` +##### `recovery_target_timeline` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies recovering into a particular timeline. -Default value: ``undef`` +Default value: `undef` -##### `pause_at_recovery_target` +##### `pause_at_recovery_target` -Data type: `Any` +Data type: `Optional[Boolean]` Specifies whether recovery should pause when the recovery target is reached. -Default value: ``undef`` +Default value: `undef` -##### `standby_mode` +##### `standby_mode` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies whether to start the PostgreSQL server as a standby. -Default value: ``undef`` +Default value: `undef` -##### `primary_conninfo` +##### `primary_conninfo` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies a connection string to be used for the standby server to connect with the primary. -Default value: ``undef`` +Default value: `undef` -##### `primary_slot_name` +##### `primary_slot_name` -Data type: `Any` +Data type: `Optional[String[1]]` Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. -Default value: ``undef`` +Default value: `undef` -##### `trigger_file` +##### `trigger_file` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies a trigger file whose presence ends recovery in the standby. -Default value: ``undef`` +Default value: `undef` -##### `recovery_min_apply_delay` +##### `recovery_min_apply_delay` -Data type: `Any` +Data type: `Optional[Integer]` This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. -Default value: ``undef`` +Default value: `undef` -##### `target` +##### `target` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Provides the target for the rule, and is generally an internal only property. Use with caution. Default value: `$postgresql::server::recovery_conf_path` -### `postgresql::server::role` +### `postgresql::server::role` Define for creating a database role. @@ -2577,132 +3274,132 @@ Define for creating a database role. The following parameters are available in the `postgresql::server::role` defined type: -* [`update_password`](#update_password) -* [`password_hash`](#password_hash) -* [`createdb`](#createdb) -* [`createrole`](#createrole) -* [`db`](#db) -* [`port`](#port) -* [`login`](#login) -* [`inherit`](#inherit) -* [`superuser`](#superuser) -* [`replication`](#replication) -* [`connection_limit`](#connection_limit) -* [`username`](#username) -* [`connect_settings`](#connect_settings) -* [`ensure`](#ensure) -* [`psql_user`](#psql_user) -* [`psql_group`](#psql_group) -* [`psql_path`](#psql_path) -* [`module_workdir`](#module_workdir) -* [`hash`](#hash) -* [`salt`](#salt) - -##### `update_password` +* [`update_password`](#-postgresql--server--role--update_password) +* [`password_hash`](#-postgresql--server--role--password_hash) +* [`createdb`](#-postgresql--server--role--createdb) +* [`createrole`](#-postgresql--server--role--createrole) +* [`db`](#-postgresql--server--role--db) +* [`port`](#-postgresql--server--role--port) +* [`login`](#-postgresql--server--role--login) +* [`inherit`](#-postgresql--server--role--inherit) +* [`superuser`](#-postgresql--server--role--superuser) +* [`replication`](#-postgresql--server--role--replication) +* [`connection_limit`](#-postgresql--server--role--connection_limit) +* [`username`](#-postgresql--server--role--username) +* [`connect_settings`](#-postgresql--server--role--connect_settings) +* [`ensure`](#-postgresql--server--role--ensure) +* [`psql_user`](#-postgresql--server--role--psql_user) +* [`psql_group`](#-postgresql--server--role--psql_group) +* [`psql_path`](#-postgresql--server--role--psql_path) +* [`module_workdir`](#-postgresql--server--role--module_workdir) +* [`hash`](#-postgresql--server--role--hash) +* [`salt`](#-postgresql--server--role--salt) + +##### `update_password` -Data type: `Any` +Data type: `Boolean` If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. -Default value: ``true`` +Default value: `true` -##### `password_hash` +##### `password_hash` Data type: `Variant[Boolean, String, Sensitive[String]]` Sets the hash to use during password creation. -Default value: ``false`` +Default value: `false` -##### `createdb` +##### `createdb` -Data type: `Any` +Data type: `Boolean` Specifies whether to grant the ability to create new databases with this role. -Default value: ``false`` +Default value: `false` -##### `createrole` +##### `createrole` -Data type: `Any` +Data type: `Boolean` Specifies whether to grant the ability to create new roles with this role. -Default value: ``false`` +Default value: `false` -##### `db` +##### `db` -Data type: `Any` +Data type: `String[1]` Database used to connect to. Default value: `$postgresql::server::default_database` -##### `port` +##### `port` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` Port to use when connecting. -Default value: ``undef`` +Default value: `undef` -##### `login` +##### `login` -Data type: `Any` +Data type: `Boolean` Specifies whether to grant login capability for the new role. -Default value: ``true`` +Default value: `true` -##### `inherit` +##### `inherit` -Data type: `Any` +Data type: `Boolean` Specifies whether to grant inherit capability for the new role. -Default value: ``true`` +Default value: `true` -##### `superuser` +##### `superuser` -Data type: `Any` +Data type: `Boolean` Specifies whether to grant super user capability for the new role. -Default value: ``false`` +Default value: `false` -##### `replication` +##### `replication` -Data type: `Any` +Data type: `Boolean` Provides provides replication capabilities for this role if set to true. -Default value: ``false`` +Default value: `false` -##### `connection_limit` +##### `connection_limit` -Data type: `Any` +Data type: `String[1]` Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. Default value: `'-1'` -##### `username` +##### `username` -Data type: `Any` +Data type: `String[1]` Defines the username of the role to create. Default value: `$title` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2710,39 +3407,39 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: `'present'` -##### `psql_user` +##### `psql_user` -Data type: `Any` +Data type: `String[1]` Sets the OS user to run psql Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` -Data type: `Any` +Data type: `String[1]` Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` -Data type: `Any` +Data type: `Variant[String[1], Stdlib::Absolutepath]` Sets path to psql command Default value: `$postgresql::server::psql_path` -##### `module_workdir` +##### `module_workdir` -Data type: `Any` +Data type: `String[1]` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` -##### `hash` +##### `hash` Data type: `Enum['md5', 'scram-sha-256']` @@ -2750,15 +3447,15 @@ Specify the hash method for pg password Default value: `'md5'` -##### `salt` +##### `salt` Data type: `Optional[Variant[String[1], Integer]]` Specify the salt use for the scram-sha-256 encoding password (default username) -Default value: ``undef`` +Default value: `undef` -### `postgresql::server::schema` +### `postgresql::server::schema` Create a new schema. @@ -2778,44 +3475,44 @@ postgresql::server::schema {'private': The following parameters are available in the `postgresql::server::schema` defined type: -* [`db`](#db) -* [`owner`](#owner) -* [`schema`](#schema) -* [`connect_settings`](#connect_settings) +* [`db`](#-postgresql--server--schema--db) +* [`owner`](#-postgresql--server--schema--owner) +* [`schema`](#-postgresql--server--schema--schema) +* [`connect_settings`](#-postgresql--server--schema--connect_settings) -##### `db` +##### `db` -Data type: `Any` +Data type: `String[1]` Required. Sets the name of the database in which to create this schema. Default value: `$postgresql::server::default_database` -##### `owner` +##### `owner` -Data type: `Any` +Data type: `Optional[String[1]]` Sets the default owner of the schema. -Default value: ``undef`` +Default value: `undef` -##### `schema` +##### `schema` -Data type: `Any` +Data type: `String[1]` Sets the name of the schema. Default value: `$title` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::table_grant` +### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -2823,90 +3520,90 @@ This resource wraps the grant resource to manage table grants specifically. The following parameters are available in the `postgresql::server::table_grant` defined type: -* [`privilege`](#privilege) -* [`table`](#table) -* [`db`](#db) -* [`role`](#role) -* [`ensure`](#ensure) -* [`port`](#port) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`connect_settings`](#connect_settings) -* [`onlyif_exists`](#onlyif_exists) +* [`privilege`](#-postgresql--server--table_grant--privilege) +* [`table`](#-postgresql--server--table_grant--table) +* [`db`](#-postgresql--server--table_grant--db) +* [`role`](#-postgresql--server--table_grant--role) +* [`ensure`](#-postgresql--server--table_grant--ensure) +* [`port`](#-postgresql--server--table_grant--port) +* [`psql_db`](#-postgresql--server--table_grant--psql_db) +* [`psql_user`](#-postgresql--server--table_grant--psql_user) +* [`connect_settings`](#-postgresql--server--table_grant--connect_settings) +* [`onlyif_exists`](#-postgresql--server--table_grant--onlyif_exists) -##### `privilege` +##### `privilege` -Data type: `Any` +Data type: `Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', 'truncate', 'references', 'trigger']` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. -##### `table` +##### `table` -Data type: `Any` +Data type: `String[1]` Specifies the table to which you are granting access. -##### `db` +##### `db` -Data type: `Any` +Data type: `String[1]` Specifies which database the table is in. -##### `role` +##### `role` -Data type: `Any` +Data type: `String[1]` Specifies the role or user to whom you are granting access. -##### `ensure` +##### `ensure` -Data type: `Any` +Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Default is to grant the privilege. -Default value: ``undef`` +Default value: `undef` -##### `port` +##### `port` -Data type: `Any` +Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` Port to use when connecting. -Default value: ``undef`` +Default value: `undef` -##### `psql_db` +##### `psql_db` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the database to execute the grant against. This should not ordinarily be changed from the default. -Default value: ``undef`` +Default value: `undef` -##### `psql_user` +##### `psql_user` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the OS user for running psql. -Default value: ``undef`` +Default value: `undef` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: ``undef`` +Default value: `undef` -##### `onlyif_exists` +##### `onlyif_exists` -Data type: `Any` +Data type: `Boolean` Create grant only if it doesn't exist. -Default value: ``false`` +Default value: `false` -### `postgresql::server::tablespace` +### `postgresql::server::tablespace` This module creates tablespace. @@ -2914,51 +3611,51 @@ This module creates tablespace. The following parameters are available in the `postgresql::server::tablespace` defined type: -* [`location`](#location) -* [`manage_location`](#manage_location) -* [`owner`](#owner) -* [`spcname`](#spcname) -* [`connect_settings`](#connect_settings) +* [`location`](#-postgresql--server--tablespace--location) +* [`manage_location`](#-postgresql--server--tablespace--manage_location) +* [`owner`](#-postgresql--server--tablespace--owner) +* [`spcname`](#-postgresql--server--tablespace--spcname) +* [`connect_settings`](#-postgresql--server--tablespace--connect_settings) -##### `location` +##### `location` -Data type: `Any` +Data type: `String[1]` Specifies the path to locate this tablespace. -##### `manage_location` +##### `manage_location` -Data type: `Any` +Data type: `Boolean` Set to false if you have file{ $location: } already defined -Default value: ``true`` +Default value: `true` -##### `owner` +##### `owner` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the default owner of the tablespace. -Default value: ``undef`` +Default value: `undef` -##### `spcname` +##### `spcname` -Data type: `Any` +Data type: `String[1]` Specifies the name of the tablespace. Default value: `$title` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::validate_db_connection` +### `postgresql::validate_db_connection` This validated if the postgres connection can be established between the node on which this resource is run and a specified postgres @@ -2968,96 +3665,96 @@ instance (host/port/user/password/database name). The following parameters are available in the `postgresql::validate_db_connection` defined type: -* [`database_host`](#database_host) -* [`database_name`](#database_name) -* [`database_password`](#database_password) -* [`database_username`](#database_username) -* [`database_port`](#database_port) -* [`connect_settings`](#connect_settings) -* [`run_as`](#run_as) -* [`sleep`](#sleep) -* [`tries`](#tries) -* [`create_db_first`](#create_db_first) +* [`database_host`](#-postgresql--validate_db_connection--database_host) +* [`database_name`](#-postgresql--validate_db_connection--database_name) +* [`database_password`](#-postgresql--validate_db_connection--database_password) +* [`database_username`](#-postgresql--validate_db_connection--database_username) +* [`database_port`](#-postgresql--validate_db_connection--database_port) +* [`connect_settings`](#-postgresql--validate_db_connection--connect_settings) +* [`run_as`](#-postgresql--validate_db_connection--run_as) +* [`sleep`](#-postgresql--validate_db_connection--sleep) +* [`tries`](#-postgresql--validate_db_connection--tries) +* [`create_db_first`](#-postgresql--validate_db_connection--create_db_first) -##### `database_host` +##### `database_host` -Data type: `Any` +Data type: `Optional[String[1]]` Database host address -Default value: ``undef`` +Default value: `undef` -##### `database_name` +##### `database_name` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the name of the database you wish to test. -Default value: ``undef`` +Default value: `undef` -##### `database_password` +##### `database_password` Data type: `Optional[Variant[String, Sensitive[String]]]` Specifies the password to connect with. -Default value: ``undef`` +Default value: `undef` -##### `database_username` +##### `database_username` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the username to connect with. -Default value: ``undef`` +Default value: `undef` -##### `database_port` +##### `database_port` -Data type: `Any` +Data type: `Optional[Variant[String[1], Integer]]` Defines the port to use when connecting. -Default value: ``undef`` +Default value: `undef` -##### `connect_settings` +##### `connect_settings` -Data type: `Any` +Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: ``undef`` +Default value: `undef` -##### `run_as` +##### `run_as` -Data type: `Any` +Data type: `Optional[String[1]]` Specifies the user to run the psql command as. -Default value: ``undef`` +Default value: `undef` -##### `sleep` +##### `sleep` -Data type: `Any` +Data type: `Integer` Sets the number of seconds to sleep for before trying again after a failure. Default value: `2` -##### `tries` +##### `tries` -Data type: `Any` +Data type: `Integer` Sets the number of attempts after failure before giving up and failing the resource. Default value: `10` -##### `create_db_first` +##### `create_db_first` -Data type: `Any` +Data type: `Boolean` Creates the database when obtaining a successful connection. -Default value: ``true`` +Default value: `true` ## Resource types @@ -3089,18 +3786,18 @@ The value to set for this parameter. The following parameters are available in the `postgresql_conf` type. -* [`name`](#name) -* [`provider`](#provider) +* [`name`](#-postgresql_conf--name) +* [`provider`](#-postgresql_conf--provider) -##### `name` +##### `name` -Valid values: `%r{^[\w\.]+$}` +Valid values: `%r{^[\w.]+$}` namevar The postgresql parameter name to manage. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. @@ -3129,76 +3826,76 @@ Default value: `present` The following parameters are available in the `postgresql_conn_validator` type. -* [`command`](#command) -* [`connect_settings`](#connect_settings) -* [`db_name`](#db_name) -* [`db_password`](#db_password) -* [`db_username`](#db_username) -* [`host`](#host) -* [`name`](#name) -* [`port`](#port) -* [`provider`](#provider) -* [`psql_path`](#psql_path) -* [`run_as`](#run_as) -* [`sleep`](#sleep) -* [`tries`](#tries) - -##### `command` +* [`command`](#-postgresql_conn_validator--command) +* [`connect_settings`](#-postgresql_conn_validator--connect_settings) +* [`db_name`](#-postgresql_conn_validator--db_name) +* [`db_password`](#-postgresql_conn_validator--db_password) +* [`db_username`](#-postgresql_conn_validator--db_username) +* [`host`](#-postgresql_conn_validator--host) +* [`name`](#-postgresql_conn_validator--name) +* [`port`](#-postgresql_conn_validator--port) +* [`provider`](#-postgresql_conn_validator--provider) +* [`psql_path`](#-postgresql_conn_validator--psql_path) +* [`run_as`](#-postgresql_conn_validator--run_as) +* [`sleep`](#-postgresql_conn_validator--sleep) +* [`tries`](#-postgresql_conn_validator--tries) + +##### `command` Command to run against target database. Default value: `SELECT 1` -##### `connect_settings` +##### `connect_settings` Hash of environment variables for connection to a db. -##### `db_name` +##### `db_name` The name of the database you are trying to validate a connection with. -##### `db_password` +##### `db_password` The password required to access the target PostgreSQL database. -##### `db_username` +##### `db_username` A user that has access to the target PostgreSQL database. -##### `host` +##### `host` The DNS name or IP address of the server where PostgreSQL should be running. -##### `name` +##### `name` namevar An arbitrary name used as the identity of the resource. -##### `port` +##### `port` The port that the PostgreSQL server should be listening on. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conn_validator` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_path` +##### `psql_path` Path to the psql command. -##### `run_as` +##### `run_as` System user that will run the psql command. -##### `sleep` +##### `sleep` The length of sleep time between connection tries. Default value: `2` -##### `tries` +##### `tries` The number of tries to validate the connection to the target PostgreSQL database. @@ -3220,104 +3917,104 @@ The SQL command to execute via psql. The following parameters are available in the `postgresql_psql` type. -* [`connect_settings`](#connect_settings) -* [`cwd`](#cwd) -* [`db`](#db) -* [`environment`](#environment) -* [`name`](#name) -* [`onlyif`](#onlyif) -* [`port`](#port) -* [`provider`](#provider) -* [`psql_group`](#psql_group) -* [`psql_path`](#psql_path) -* [`psql_user`](#psql_user) -* [`refreshonly`](#refreshonly) -* [`search_path`](#search_path) -* [`sensitive`](#sensitive) -* [`unless`](#unless) - -##### `connect_settings` +* [`connect_settings`](#-postgresql_psql--connect_settings) +* [`cwd`](#-postgresql_psql--cwd) +* [`db`](#-postgresql_psql--db) +* [`environment`](#-postgresql_psql--environment) +* [`name`](#-postgresql_psql--name) +* [`onlyif`](#-postgresql_psql--onlyif) +* [`port`](#-postgresql_psql--port) +* [`provider`](#-postgresql_psql--provider) +* [`psql_group`](#-postgresql_psql--psql_group) +* [`psql_path`](#-postgresql_psql--psql_path) +* [`psql_user`](#-postgresql_psql--psql_user) +* [`refreshonly`](#-postgresql_psql--refreshonly) +* [`search_path`](#-postgresql_psql--search_path) +* [`sensitive`](#-postgresql_psql--sensitive) +* [`unless`](#-postgresql_psql--unless) + +##### `connect_settings` Connection settings that will be used when connecting to postgres -##### `cwd` +##### `cwd` The working directory under which the psql command should be executed. Default value: `/tmp` -##### `db` +##### `db` The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings -##### `environment` +##### `environment` Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. -##### `name` +##### `name` namevar An arbitrary tag for your own reference; the name of the message. -##### `onlyif` +##### `onlyif` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -##### `port` +##### `port` The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_psql` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_group` +##### `psql_group` The system user group account under which the psql command should be executed. Default value: `postgres` -##### `psql_path` +##### `psql_path` The path to psql executable. Default value: `psql` -##### `psql_user` +##### `psql_user` The system user account under which the psql command should be executed. Default value: `postgres` -##### `refreshonly` +##### `refreshonly` -Valid values: ``true``, ``false`` +Valid values: `true`, `false` If 'true', then the SQL will only be executed via a notify/subscribe event. -Default value: ``false`` +Default value: `false` -##### `search_path` +##### `search_path` The schema search path to use when executing the SQL command -##### `sensitive` +##### `sensitive` -Valid values: ``true``, ``false`` +Valid values: `true`, `false` If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing through. -Default value: ``false`` +Default value: `false` -##### `unless` +##### `unless` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check @@ -3346,10 +4043,10 @@ Default value: `present` The following parameters are available in the `postgresql_replication_slot` type. -* [`name`](#name) -* [`provider`](#provider) +* [`name`](#-postgresql_replication_slot--name) +* [`provider`](#-postgresql_replication_slot--provider) -##### `name` +##### `name` Valid values: `%r{^[a-z0-9_]+$}` @@ -3357,14 +4054,14 @@ namevar The name of the slot to create. Must be a valid replication slot name. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_replication_slot` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. ## Functions -### `postgresql::default` +### `postgresql::default` Type: Puppet Language @@ -3398,7 +4095,7 @@ Data type: `String` -### `postgresql::postgresql_escape` +### `postgresql::postgresql_escape` Type: Ruby 4.x API @@ -3416,7 +4113,7 @@ Data type: `String[1]` The unescaped string you want to escape using `dollar quoting` -### `postgresql::postgresql_password` +### `postgresql::postgresql_password` Type: Ruby 4.x API @@ -3458,7 +4155,7 @@ Data type: `Optional[Optional[Variant[String[1], Integer]]]` Use a specific salt value for scram-sha-256, default is username -### `postgresql::prepend_sql_password` +### `postgresql::prepend_sql_password` Type: Ruby 4.x API @@ -3512,6 +4209,59 @@ Data type: `Any` +## Data types + +### `Postgresql::Pg_hba_rule` + +type for all parameters in the postgresql::server::hba_rule defined resource + +* **See also** + * https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp + +Alias of + +```puppet +Struct[{ + Optional[description] => String, + type => Postgresql::Pg_hba_rule_type, + database => String, + user => String, + Optional[address] => Optional[Postgresql::Pg_hba_rule_address], + auth_method => String, + Optional[auth_option] => Optional[String], + Optional[order] => Variant[String,Integer], + Optional[target] => Stdlib::Absolutepath, + Optional[postgresql_version] => String, +}] +``` + +### `Postgresql::Pg_hba_rule_address` + +Supported address types + +* **See also** + * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html + +Alias of `Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Stdlib::Fqdn, Enum['all', 'samehost', 'samenet'], Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/]]` + +### `Postgresql::Pg_hba_rule_type` + +enum for all different types for the pg_hba_conf + +* **See also** + * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html + +Alias of `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc']` + +### `Postgresql::Pg_hba_rules` + +validates a hash of entries for postgresql::server::pg_hab_conf + +* **See also** + * https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp + +Alias of `Hash[String[1], Postgresql::Pg_hba_rule]` + ## Tasks ### `sql` diff --git a/metadata.json b/metadata.json index 29be12f17c..285c9bb168 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "8.3.0", + "version": "9.0.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From e433ebb402ed279ba873fd1946ba74c91ab9353f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Sat, 22 Apr 2023 16:43:19 -1000 Subject: [PATCH 0818/1000] Fix wrong data type for `data_checksums` parameter When adding data types, this Boolean value has been assigned a String[1] data type in some places, which break existing setup. Consistently use an `Optional[Boolean]` data type. Fixes #1419 --- REFERENCE.md | 6 +++--- manifests/globals.pp | 2 +- manifests/server.pp | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index d8b6f1ce6d..daac43b753 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -563,7 +563,7 @@ Default value: `undef` ##### `data_checksums` -Data type: `Optional[String[1]]` +Data type: `Optional[Boolean]` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. @@ -1204,9 +1204,9 @@ Default value: `$postgresql::params::locale` ##### `data_checksums` -Data type: `Optional[String[1]]` +Data type: `Optional[Boolean]` -Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` diff --git a/manifests/globals.pp b/manifests/globals.pp index c19268f371..52a6372b4a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -150,7 +150,7 @@ Optional[String[1]] $encoding = undef, Optional[String[1]] $locale = undef, - Optional[String[1]] $data_checksums = undef, + Optional[Boolean] $data_checksums = undef, Optional[String[1]] $timezone = undef, Optional[Boolean] $manage_pg_hba_conf = undef, diff --git a/manifests/server.pp b/manifests/server.pp index c2a0f0d06e..b205a1384c 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -56,7 +56,7 @@ # # @param encoding Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. # @param locale Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. -# @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# @param data_checksums Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. # # @param timezone Set timezone for the PostgreSQL instance @@ -138,7 +138,7 @@ Optional[String[1]] $encoding = $postgresql::params::encoding, Optional[String[1]] $locale = $postgresql::params::locale, - Optional[String[1]] $data_checksums = $postgresql::params::data_checksums, + Optional[Boolean] $data_checksums = $postgresql::params::data_checksums, Optional[String[1]] $timezone = $postgresql::params::timezone, Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, From 55e24e441477deb7d24e62142f10db6ff03725f3 Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Sat, 22 Apr 2023 16:45:43 +0200 Subject: [PATCH 0819/1000] added fedora 37 --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index c19268f371..8a3e08320a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -168,7 +168,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { - /^(36)$/ => '14', + /^(36|37)$/ => '14', /^(34|35)$/ => '13', /^(32|33)$/ => '12', /^(31)$/ => '11.6', From 88c96e1bef726fa2180d8960a53ed1e9f328b19a Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Mon, 24 Apr 2023 07:06:49 +0200 Subject: [PATCH 0820/1000] added fedora 38 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index 8a3e08320a..ad58b60c62 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -168,6 +168,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { + /^(38)$/ => '15', /^(36|37)$/ => '14', /^(34|35)$/ => '13', /^(32|33)$/ => '12', From d6d2c91eb891dd599d44fb6e1645e7a4aa7baee8 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Mon, 24 Apr 2023 13:14:21 +0000 Subject: [PATCH 0821/1000] Release prep v9.0.1 --- CHANGELOG.md | 12 ++++++++++-- metadata.json | 2 +- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index db1823d26d..b9f38b1599 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v9.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.1) (2023-04-24) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.0...v9.0.1) + +### Fixed + +- Fix wrong data type for `data\_checksums` parameter [\#1420](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1420) ([smortex](https://github.com/smortex)) + ## [v9.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.0) (2023-04-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.3.0...v9.0.0) @@ -323,6 +331,7 @@ All notable changes to this project will be documented in this file. The format - Fix incorrectly quoted GRANT cmd on functions [\#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) - Correct versioncmp logic in config.pp [\#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) - Treat $version as an integer for comparison, defaults to string [\#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) +- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) - fix missing systemd override config for EL8 \(CentOS and RHEL\) [\#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) ## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-18) @@ -352,7 +361,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed -- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) - \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) - Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) - Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) @@ -392,7 +400,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed - \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) -- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) ## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) @@ -404,6 +411,7 @@ All notable changes to this project will be documented in this file. The format ### Fixed +- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) - \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) - \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) - pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) diff --git a/metadata.json b/metadata.json index 285c9bb168..9fa921279d 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.0.0", + "version": "9.0.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From a319ea04c101a4a13bd12179ad017659e5c50721 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 25 Apr 2023 09:06:05 +0100 Subject: [PATCH 0822/1000] (CONT-677) - Set Rubocop Target Ruby Version to 2.6 --- .rubocop.yml | 2 +- .rubocop_todo.yml | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 83745bcb1c..67a4a804be 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -9,7 +9,7 @@ AllCops: DisplayCopNames: true ExtraDetails: true DisplayStyleGuide: true - TargetRubyVersion: '2.7' + TargetRubyVersion: '2.6' Include: - "**/*.rb" Exclude: diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 0b099601f1..dc0f19577b 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,6 +1,6 @@ # This configuration was generated by # `rubocop --auto-gen-config` -# on 2023-04-19 16:55:21 UTC using RuboCop version 1.48.1. +# on 2023-04-25 08:02:29 UTC using RuboCop version 1.48.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new @@ -21,6 +21,12 @@ Lint/ConstantDefinitionInBlock: Exclude: - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' +# Offense count: 1 +# This cop supports safe autocorrection (--autocorrect). +Lint/RedundantCopEnableDirective: + Exclude: + - 'spec/unit/puppet/type/postgresql_psql_spec.rb' + # Offense count: 6 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. Metrics/AbcSize: From f41ca7363b8e08ec48dcbc40d4a0e9b05d2358d9 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 26 Apr 2023 14:05:49 +0200 Subject: [PATCH 0823/1000] Remove has_key usage In the next puppetlabs-stdlib major version this function will be dropped. Native Puppet is used instead. --- manifests/server/database.pp | 4 ++-- manifests/server/default_privileges.pp | 4 ++-- manifests/server/extension.pp | 2 +- manifests/server/grant.pp | 2 +- manifests/server/reassign_owned_by.pp | 2 +- manifests/server/role.pp | 4 ++-- manifests/server/schema.pp | 2 +- manifests/server/tablespace.pp | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 313d2fa6c8..49de501591 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -28,14 +28,14 @@ # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + if $connect_settings != undef and 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version } # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + if $connect_settings != undef and 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 1caf4f89f4..0f09703978 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -37,7 +37,7 @@ ) { # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + if $connect_settings != undef and 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version @@ -64,7 +64,7 @@ # if $port != undef { $port_override = $port - } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 301749aae9..aa83f708f5 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -74,7 +74,7 @@ # if $port != undef { $port_override = $port - } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 0720645252..aeb265fe51 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -75,7 +75,7 @@ # if $port != undef { $port_override = $port - } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index e561e97aed..4d5eac43d4 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -26,7 +26,7 @@ # if $port != undef { $port_override = $port - } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 9730eae85f..0e3f117795 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -52,7 +52,7 @@ # if $port != undef { $port_override = $port - } elsif $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port @@ -60,7 +60,7 @@ # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and has_key( $connect_settings, 'DBVERSION') { + if $connect_settings != undef and 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 8a061c2b2a..ad160367ca 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -27,7 +27,7 @@ Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + if $connect_settings != undef and 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 2c992b48b0..0be68d97f9 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -18,7 +18,7 @@ $module_workdir = $postgresql::server::module_workdir # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and has_key( $connect_settings, 'PGPORT') { + if $connect_settings != undef and 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port From cbf7c41ca0063bffcc849d3cab9b1ca8113d1021 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 11:08:40 +0100 Subject: [PATCH 0824/1000] (CONT-949) - Bump stdlib dependency Prior to this commit, postgresql module had allowed installations of puppetlabs-stdlib versions < 5.2.0. This was incorrect as this module references a type "Stdlib::IP::Address::V6::CIDR" that was released with stdlib v5.2.0. This commit bumps the dependency of puppetlabs/stdlib in metadata.json to versions >= 5.2.0. --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 9fa921279d..5c80d31ffa 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 9.0.0" + "version_requirement": ">= 5.2.0 < 9.0.0" }, { "name": "puppetlabs/apt", From c7b72068fd2293fc90d3568ddf6cde8f794f6e46 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 14:23:42 +0100 Subject: [PATCH 0825/1000] (CONT-950) - Resolve inadequate datatype for $value Resolves an issue introduced during the syntax update carried out in this module. The parameter $value in config_entry, can be either a String, Integer or Float. However, it was wrongly set to exclude Floating point numbers. --- manifests/server/config_entry.pp | 6 +++--- spec/defines/server/config_entry_spec.rb | 27 ++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 974114359a..73ee8e5fb3 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,9 +5,9 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - Enum['present', 'absent'] $ensure = 'present', - Optional[Variant[String[1], Integer]] $value = undef, - Variant[Boolean, String[1]] $path = false + Enum['present', 'absent'] $ensure = 'present', + Optional[Variant[String[1], Integer, Float]] $value = undef, + Variant[Boolean, String[1]] $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index 2ee8c6db4e..223ac7b070 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -42,6 +42,33 @@ end end + context 'passes values through appropriately' do + let(:params) { { ensure: 'present', name: 'string_value', value: 'entry_test' } } + + it 'as a String' do + expect(subject).to contain_postgresql_conf('string_value').with(name: 'string_value', + value: 'entry_test') + end + end + + context 'passes values through appropriately' do + let(:params) { { ensure: 'present', name: 'integer_value', value: 40 } } + + it 'as an Integer' do + expect(subject).to contain_postgresql_conf('integer_value').with(name: 'integer_value', + value: 40) + end + end + + context 'passes values through appropriately' do + let(:params) { { ensure: 'present', name: 'floating_point_value', value: 4.0 } } + + it 'a Float' do + expect(subject).to contain_postgresql_conf('floating_point_value').with(name: 'floating_point_value', + value: 4.0) + end + end + context 'unix_socket_directories' do let(:params) { { ensure: 'present', name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/' } } From 339ea33307d68b45f223895f3d97692d7cc791cf Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 15:24:07 +0100 Subject: [PATCH 0826/1000] (CONT-950) - Array of $listen_addresses This commit adds functionality to allow an array of $listen_addresses to be specified as a string containing a comma-seperated list of addresses, which was removed unintentioanlly in https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397. Fixes https://github.com/puppetlabs/puppetlabs-postgresql/issues/1426. --- lib/puppet/provider/postgresql_conf/parsed.rb | 3 ++ manifests/server.pp | 2 +- manifests/server/instance/config.pp | 54 +++++++++---------- .../provider/postgresql_conf/parsed_spec.rb | 8 ++- 4 files changed, 38 insertions(+), 29 deletions(-) diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb index f90570ce70..8918769cab 100644 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ b/lib/puppet/provider/postgresql_conf/parsed.rb @@ -21,6 +21,9 @@ # simple string and numeric values don't need to be enclosed in quotes val = if h[:value].is_a?(Numeric) h[:value].to_s + elsif h[:value].is_a?(Array) + # multiple listen_addresses specified as a string containing a comma-speparated list + h[:value].join(', ') else h[:value] end diff --git a/manifests/server.pp b/manifests/server.pp index b205a1384c..582049c720 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -107,7 +107,7 @@ Optional[String[1]] $service_status = $postgresql::params::service_status, String[1] $default_database = $postgresql::params::default_database, Hash $default_connect_settings = $postgresql::globals::default_connect_settings, - Optional[String[1]] $listen_addresses = $postgresql::params::listen_addresses, + Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::params::listen_addresses, Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::params::port, String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 7926dc6529..d9e1cd94b5 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -35,33 +35,33 @@ # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # lint:endignore:140chars define postgresql::server::instance::config ( - String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, - String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, - Optional[String[1]] $listen_addresses = $postgresql::server::listen_addresses, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, - Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, - Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, - Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, - Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, - Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, - Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, - Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::server::recovery_conf_path, - Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, - String[1] $user = $postgresql::server::user, - String[1] $group = $postgresql::server::group, - Optional[String[1]] $version = $postgresql::server::_version, - Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, - Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, - Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, - Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, - String[1] $datadir = $postgresql::server::datadir, - Optional[String[1]] $logdir = $postgresql::server::logdir, - String[1] $service_name = $postgresql::server::service_name, - Boolean $service_enable = $postgresql::server::service_enable, - Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, - Optional[String[1]] $timezone = $postgresql::server::timezone, - Optional[String] $password_encryption = $postgresql::server::password_encryption, - Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, + String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, + String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, + Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::server::listen_addresses, + Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, + Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, + Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, + Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, + Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, + Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, + Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::server::recovery_conf_path, + Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Optional[String[1]] $version = $postgresql::server::_version, + Boolean $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf, + Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, + Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, + Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, + String[1] $datadir = $postgresql::server::datadir, + Optional[String[1]] $logdir = $postgresql::server::logdir, + String[1] $service_name = $postgresql::server::service_name, + Boolean $service_enable = $postgresql::server::service_enable, + Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, + Optional[String[1]] $timezone = $postgresql::server::timezone, + Optional[String] $password_encryption = $postgresql::server::password_encryption, + Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb index 3c3de16ddc..7f6fdaef05 100644 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ b/spec/unit/provider/postgresql_conf/parsed_spec.rb @@ -136,10 +136,16 @@ ) end - it 'quotes addresses' do + it 'quotes single string address' do expect(provider.to_line(name: 'listen_addresses', value: '0.0.0.0', comment: nil, record_type: :parsed)).to eq( "listen_addresses = '0.0.0.0'", ) end + + it 'quotes an array of addresses' do + expect(provider.to_line(name: 'listen_addresses', value: ['0.0.0.0', '127.0.0.1'], comment: nil, record_type: :parsed)).to eq( + "listen_addresses = '0.0.0.0, 127.0.0.1'", + ) + end end end From d0ff0ac1af28376d2b47856a59c78ef3dcc2358b Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 15:41:28 +0100 Subject: [PATCH 0827/1000] (CONT-950) - Address rubocop --- spec/defines/server/config_entry_spec.rb | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index 223ac7b070..8b13e020bd 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -42,28 +42,28 @@ end end - context 'passes values through appropriately' do + context 'passes a string value through appropriately' do let(:params) { { ensure: 'present', name: 'string_value', value: 'entry_test' } } - it 'as a String' do + it 'and adds string value to config' do expect(subject).to contain_postgresql_conf('string_value').with(name: 'string_value', - value: 'entry_test') + value: 'entry_test') end end - context 'passes values through appropriately' do + context 'passes an integer value through appropriately' do let(:params) { { ensure: 'present', name: 'integer_value', value: 40 } } - it 'as an Integer' do + it 'and adds integer value to config' do expect(subject).to contain_postgresql_conf('integer_value').with(name: 'integer_value', - value: 40) + value: 40) end end - context 'passes values through appropriately' do + context 'passes a float value through appropriately' do let(:params) { { ensure: 'present', name: 'floating_point_value', value: 4.0 } } - it 'a Float' do + it 'and adds float value to config' do expect(subject).to contain_postgresql_conf('floating_point_value').with(name: 'floating_point_value', value: 4.0) end From 50df6088331c50bc79f7fd41b3bb26e6768a44ab Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 15:42:20 +0100 Subject: [PATCH 0828/1000] (CONT-950) - Opt for Numeric data type --- manifests/server/config_entry.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 73ee8e5fb3..607ef3ca20 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,9 +5,9 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - Enum['present', 'absent'] $ensure = 'present', - Optional[Variant[String[1], Integer, Float]] $value = undef, - Variant[Boolean, String[1]] $path = false + Enum['present', 'absent'] $ensure = 'present', + Optional[Variant[String[1], Numeric]] $value = undef, + Variant[Boolean, String[1]] $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path From df6f11a8f6ee934a16f2b57c3cb54350a3d629eb Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 16:08:54 +0100 Subject: [PATCH 0829/1000] (CONT-904) - Removal of tech debt Fixes a bug where non-array values passed to 'object_name' did not work and returned unknown variable "$_togrant_object_only". The correcting of this bug means the temporary fix to disable strict checking can now be removed. --- manifests/server/grant.pp | 3 +++ spec/spec_helper_acceptance_local.rb | 8 -------- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index aeb265fe51..a2a747d383 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -432,6 +432,9 @@ default: { $_granted_object = $_object_name $_togrant_object = $_object_name + # if $_togrant_object_only not set, set it to a default value $_togrant_object + # allows an Array or String to be passed as $_object_name i.e. [$schema, $table] or $table + $_togrant_object_only = $_togrant_object } } diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index b70a812737..d6ef2bf3f6 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -16,17 +16,9 @@ def unindent RSpec.configure do |c| c.before :suite do install_dependencies - turn_off_strict_error end end -def turn_off_strict_error - # this is only temporary fix until we finish adding support for puppet 8 - # strict=warning is defaulted on puppet versions below 8, whereas puppet 8 has strict=error by default - # error is caused by 'onlyif_exists' in spec/acceptance/server/grant_spec.rb L78 (works when removed, but not what we want to test) - LitmusHelper.instance.run_shell("echo 'strict=warning\nstrict_variables=false' >> /etc/puppetlabs/puppet/puppet.conf") -end - def export_locales(locale) LitmusHelper.instance.run_shell('echo export PATH="/opt/puppetlabs/bin:$PATH" > ~/.bashrc') LitmusHelper.instance.run_shell('echo export LC_ALL="C" > /etc/profile.d/my-custom.lang.sh') From 224a8c4260d0d782c845c2e4cc89f24d9df092a4 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 2 May 2023 16:10:34 +0100 Subject: [PATCH 0830/1000] (Maint) - Fix incorrect interpolation --- manifests/server/grant.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index a2a747d383..4221d65dea 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -452,9 +452,9 @@ $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object_only}'", - 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object_only}}'", + 'language_exists' => "SELECT true from pg_language WHERE lanname = '${_togrant_object_only}'", 'role_exists' => "SELECT 1 FROM pg_roles WHERE rolname = '${role}' or '${role}' = 'PUBLIC'", - 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object_only}}${arguments}'", + 'function_exists' => "SELECT true FROM pg_proc WHERE (oid::regprocedure)::text = '${_togrant_object_only}${arguments}'", default => undef, } From 16a9709bd701012b9996bb9b34e8f913cff8ea33 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 2 May 2023 15:59:46 +0000 Subject: [PATCH 0831/1000] Release prep v9.0.2 --- CHANGELOG.md | 14 ++++++++++++-- REFERENCE.md | 6 +++--- metadata.json | 2 +- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b9f38b1599..a7dbfe85e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v9.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.2) (2023-05-02) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.1...v9.0.2) + +### Fixed + +- \(CONT-950\) - Fix mismatched data types [\#1430](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1430) ([jordanbreen28](https://github.com/jordanbreen28)) +- \(CONT-904\) - Removal of tech debt [\#1429](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1429) ([jordanbreen28](https://github.com/jordanbreen28)) +- \(CONT-949\) - Bump stdlib dependency [\#1428](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1428) ([jordanbreen28](https://github.com/jordanbreen28)) + ## [v9.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.1) (2023-04-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.0...v9.0.1) @@ -347,6 +357,7 @@ All notable changes to this project will be documented in this file. The format ### Fixed - Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) +- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) ## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) @@ -364,7 +375,6 @@ All notable changes to this project will be documented in this file. The format - \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) - Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) - Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) -- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) ## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) @@ -400,6 +410,7 @@ All notable changes to this project will be documented in this file. The format ### Fixed - \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) +- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) ## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) @@ -411,7 +422,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed -- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) - \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) - \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) - pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) diff --git a/REFERENCE.md b/REFERENCE.md index daac43b753..e277ff3254 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1008,7 +1008,7 @@ Default value: `$postgresql::globals::default_connect_settings` ##### `listen_addresses` -Data type: `Optional[String[1]]` +Data type: `Optional[Variant[String[1], Array[String[1]]]]` Address list on which the PostgreSQL service will listen @@ -1497,7 +1497,7 @@ Default value: `'present'` ##### `value` -Data type: `Optional[Variant[String[1], Integer]]` +Data type: `Optional[Variant[String[1], Numeric]]` Defines the value for the setting. @@ -2281,7 +2281,7 @@ Default value: `$postgresql::server::ip_mask_allow_all_users` ##### `listen_addresses` -Data type: `Optional[String[1]]` +Data type: `Optional[Variant[String[1], Array[String[1]]]]` Address list on which the PostgreSQL service will listen diff --git a/metadata.json b/metadata.json index 5c80d31ffa..c228fe83ea 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.0.1", + "version": "9.0.2", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 87a56f6ec66f7085550e2149ea373a212692938b Mon Sep 17 00:00:00 2001 From: Kilian Engelhardt Date: Thu, 4 May 2023 14:36:10 +0200 Subject: [PATCH 0832/1000] (#1432) - Fix `Unable to mark 'unless' as sensitive` disable 'Naming/AccessorMethodName' for 'set_sensitive_parameters' --- lib/puppet/type/postgresql_psql.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 1fe67862e6..45931091bc 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -148,7 +148,7 @@ def refresh private - def sensitive_parameters=(sensitive_parameters) + def set_sensitive_parameters(sensitive_parameters) # rubocop:disable Style/AccessorMethodName # Respect sensitive commands if sensitive_parameters.include?(:unless) sensitive_parameters.delete(:unless) From 36674b3d4727e430793baa2b87da923cb59b364a Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Tue, 9 May 2023 08:16:46 +0000 Subject: [PATCH 0833/1000] (GH-1426) - Update value to accept array --- manifests/server/config_entry.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 607ef3ca20..b9650afa96 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,9 +5,9 @@ # @param path Path for postgresql.conf # define postgresql::server::config_entry ( - Enum['present', 'absent'] $ensure = 'present', - Optional[Variant[String[1], Numeric]] $value = undef, - Variant[Boolean, String[1]] $path = false + Enum['present', 'absent'] $ensure = 'present', + Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, + Variant[Boolean, String[1]] $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path From b5fd735d2791b0c50e9eeed68d66c392bec9dae5 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 9 May 2023 09:04:28 +0000 Subject: [PATCH 0834/1000] Release prep v9.0.3 --- CHANGELOG.md | 16 ++++++++++++++-- REFERENCE.md | 2 +- metadata.json | 2 +- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a7dbfe85e0..223012f5e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v9.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.3) (2023-05-09) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.2...v9.0.3) + +### Fixed + +- \(GH-1426\) - Update value to accept array [\#1434](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1434) ([jordanbreen28](https://github.com/jordanbreen28)) +- \(\#1432\) - Fix `Unable to mark 'unless' as sensitive` [\#1433](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1433) ([kBite](https://github.com/kBite)) + ## [v9.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.2) (2023-05-02) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.1...v9.0.2) @@ -357,7 +366,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed - Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) -- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) ## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) @@ -375,6 +383,7 @@ All notable changes to this project will be documented in this file. The format - \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) - Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) - Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) +- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) ## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) @@ -436,7 +445,6 @@ All notable changes to this project will be documented in this file. The format ### Fixed -- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) - Ignore .psqlrc so output is clean and doesn't break Puppet [\#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) - Change initdb option '--xlogdir' to '-X' for PG10 compatibility [\#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) @@ -456,6 +464,10 @@ All notable changes to this project will be documented in this file. The format - pdksync - \(MODULES-7705\) - Bumping stdlib dependency from \< 5.0.0 to \< 6.0.0 [\#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) +### Fixed + +- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) + ## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) diff --git a/REFERENCE.md b/REFERENCE.md index e277ff3254..44e13ad9c0 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1497,7 +1497,7 @@ Default value: `'present'` ##### `value` -Data type: `Optional[Variant[String[1], Numeric]]` +Data type: `Optional[Variant[String[1], Numeric, Array[String[1]]]]` Defines the value for the setting. diff --git a/metadata.json b/metadata.json index c228fe83ea..98ed47041d 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.0.2", + "version": "9.0.3", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 1e5aff5a808ea07d872d6f90dfe9b42ac51cd776 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Mon, 15 May 2023 14:17:43 +0100 Subject: [PATCH 0835/1000] (CONT-930) - Roll out new changelog generator --- .github/workflows/auto_release.yml | 9 --------- .github/workflows/release_prep.yml | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 9 deletions(-) delete mode 100644 .github/workflows/auto_release.yml create mode 100644 .github/workflows/release_prep.yml diff --git a/.github/workflows/auto_release.yml b/.github/workflows/auto_release.yml deleted file mode 100644 index d6270c56fe..0000000000 --- a/.github/workflows/auto_release.yml +++ /dev/null @@ -1,9 +0,0 @@ -name: "Auto release" - -on: - workflow_dispatch: - -jobs: - release_prep: - uses: "puppetlabs/cat-github-actions/.github/workflows/module_release_prep.yml@main" - secrets: "inherit" diff --git a/.github/workflows/release_prep.yml b/.github/workflows/release_prep.yml new file mode 100644 index 0000000000..bb0b7acce1 --- /dev/null +++ b/.github/workflows/release_prep.yml @@ -0,0 +1,15 @@ +name: "Release Prep" + +on: + workflow_dispatch: + inputs: + version: + description: "Module version to be released. Must be a valid semver string. (1.2.3)" + required: true + +jobs: + release_prep: + uses: "puppetlabs/cat-github-actions/.github/workflows/module_release_prep.yml@main" + with: + version: "${{ github.event.inputs.version }}" + secrets: "inherit" From 2e8d0419cd675a4119e14cd0ea532ec390a0854b Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Tue, 23 May 2023 16:16:27 +0530 Subject: [PATCH 0836/1000] (CONT-1001) Add litmus ~> 1.0 --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 7fad5040d0..ea113b0c78 100644 --- a/Gemfile +++ b/Gemfile @@ -37,7 +37,7 @@ group :development do gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do - gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby, :x64_mingw] + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] gem "serverspec", '~> 2.41', require: false end From e6551ee4ed4796d1925c0828fc20a1dd9a9ef669 Mon Sep 17 00:00:00 2001 From: Lukas Audzevicius Date: Tue, 30 May 2023 17:13:28 +0100 Subject: [PATCH 0837/1000] (CONT-1028) - Update Stdlib upper limit dependency --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 98ed47041d..9617b8ba2a 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 5.2.0 < 9.0.0" + "version_requirement": ">= 5.2.0 < 10.0.0" }, { "name": "puppetlabs/apt", From c6384cc8a151bd55be895d64882206fbd3751e86 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Mon, 12 Jun 2023 15:51:32 +0530 Subject: [PATCH 0838/1000] Update CODEOWNERS --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index a5d109e998..071e159c4e 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,2 +1,2 @@ # Setting ownership to the modules team -* @puppetlabs/modules +* @puppetlabs/modules @alexjfisher @bastelfreak @deric @ekohl @SimonHoenscheid @smortex From 57ff6939e41d4159f6ff11aa0ed1e242c0632c45 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Mon, 12 Jun 2023 14:06:50 +0000 Subject: [PATCH 0839/1000] Release prep v9.1.0 --- CHANGELOG.md | 1465 ++++++++++++++----------------------------------- metadata.json | 2 +- 2 files changed, 413 insertions(+), 1054 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 223012f5e2..4188f5b3d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,1511 +1,870 @@ -# Change log + +# Changelog -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +All notable changes to this project will be documented in this file. -## [v9.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.3) (2023-05-09) +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). + +## [v9.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.1.0) - 2023-06-12 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.3...v9.1.0) + +### Added + +- pdksync - (MAINT) - Allow Stdlib 9.x [#1440](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1440) ([LukasAud](https://github.com/LukasAud)) + +## [v9.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.3) - 2023-05-09 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.2...v9.0.3) ### Fixed -- \(GH-1426\) - Update value to accept array [\#1434](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1434) ([jordanbreen28](https://github.com/jordanbreen28)) -- \(\#1432\) - Fix `Unable to mark 'unless' as sensitive` [\#1433](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1433) ([kBite](https://github.com/kBite)) +- (GH-1426) - Update value to accept array [#1434](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1434) ([jordanbreen28](https://github.com/jordanbreen28)) +- (#1432) - Fix `Unable to mark 'unless' as sensitive` [#1433](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1433) ([kBite](https://github.com/kBite)) -## [v9.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.2) (2023-05-02) +## [v9.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.2) - 2023-05-02 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.1...v9.0.2) ### Fixed -- \(CONT-950\) - Fix mismatched data types [\#1430](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1430) ([jordanbreen28](https://github.com/jordanbreen28)) -- \(CONT-904\) - Removal of tech debt [\#1429](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1429) ([jordanbreen28](https://github.com/jordanbreen28)) -- \(CONT-949\) - Bump stdlib dependency [\#1428](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1428) ([jordanbreen28](https://github.com/jordanbreen28)) +- (CONT-950) - Fix mismatched data types [#1430](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1430) ([jordanbreen28](https://github.com/jordanbreen28)) +- (CONT-904) - Removal of tech debt [#1429](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1429) ([jordanbreen28](https://github.com/jordanbreen28)) +- (CONT-949) - Bump stdlib dependency [#1428](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1428) ([jordanbreen28](https://github.com/jordanbreen28)) -## [v9.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.1) (2023-04-24) +## [v9.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.1) - 2023-04-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.0...v9.0.1) ### Fixed -- Fix wrong data type for `data\_checksums` parameter [\#1420](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1420) ([smortex](https://github.com/smortex)) +- Fix wrong data type for `data_checksums` parameter [#1420](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1420) ([smortex](https://github.com/smortex)) -## [v9.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.0) (2023-04-21) +## [v9.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.0.0) - 2023-04-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.3.0...v9.0.0) ### Changed +- (CONT-792) - Add Puppet 8/Drop Puppet 6 [#1414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1414) ([jordanbreen28](https://github.com/jordanbreen28)) -- \(CONT-792\) - Add Puppet 8/Drop Puppet 6 [\#1414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1414) ([jordanbreen28](https://github.com/jordanbreen28)) - -## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) (2023-04-21) +## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) - 2023-04-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.1...v8.3.0) ### Added -- convert ERB templates to EPP [\#1399](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1399) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- \(CONT-361\) Syntax update [\#1397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397) ([LukasAud](https://github.com/LukasAud)) -- Add multi instance support, refactoring reload.pp \(6/x\) [\#1392](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1392) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring password.pp \(5/x\) [\#1391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1391) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring late\_initdb.pp \(3/x\) [\#1384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1384) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring initdb.pp \(2/x\) [\#1383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1383) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Add multi instance support, refactoring config.pp \(1/x\) [\#1382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1382) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- pg\_hba\_rule: Validate userinput in postgresql::server [\#1376](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1376) ([bastelfreak](https://github.com/bastelfreak)) -- pg\_hba\_rule: Move `type` datatype to own type [\#1375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1375) ([bastelfreak](https://github.com/bastelfreak)) -- pg\_hba\_rule does not properly verify address parameter [\#1372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1372) ([tuxmea](https://github.com/tuxmea)) +- convert ERB templates to EPP [#1399](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1399) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- (CONT-361) Syntax update [#1397](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1397) ([LukasAud](https://github.com/LukasAud)) +- Add multi instance support, refactoring reload.pp (6/x) [#1392](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1392) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring password.pp (5/x) [#1391](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1391) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring late_initdb.pp (3/x) [#1384](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1384) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring initdb.pp (2/x) [#1383](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1383) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Add multi instance support, refactoring config.pp (1/x) [#1382](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1382) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- pg_hba_rule: Validate userinput in postgresql::server [#1376](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1376) ([bastelfreak](https://github.com/bastelfreak)) +- pg_hba_rule: Move `type` datatype to own type [#1375](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1375) ([bastelfreak](https://github.com/bastelfreak)) +- pg_hba_rule does not properly verify address parameter [#1372](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1372) ([tuxmea](https://github.com/tuxmea)) ### Fixed -- Ubuntu 14/16/17: Drop code leftovers [\#1388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1388) ([bastelfreak](https://github.com/bastelfreak)) -- remove debian 8 and 9 corpses [\#1387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1387) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) -- Archlinux client and server package names were swapped around [\#1381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1381) ([tobixen](https://github.com/tobixen)) -- apt::source: configure repo only for current architecture [\#1380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1380) ([bastelfreak](https://github.com/bastelfreak)) -- pdksync - \(CONT-189\) Remove support for RedHat6 / OracleLinux6 / Scientific6 [\#1371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1371) ([david22swan](https://github.com/david22swan)) -- pdksync - \(CONT-130\) - Dropping Support for Debian 9 [\#1368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1368) ([jordanbreen28](https://github.com/jordanbreen28)) -- \(maint\) Codebase Hardening [\#1366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1366) ([david22swan](https://github.com/david22swan)) -- Fix table grant with schema [\#1315](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1315) ([vaol](https://github.com/vaol)) +- Ubuntu 14/16/17: Drop code leftovers [#1388](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1388) ([bastelfreak](https://github.com/bastelfreak)) +- remove debian 8 and 9 corpses [#1387](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1387) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Archlinux client and server package names were swapped around [#1381](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1381) ([tobixen](https://github.com/tobixen)) +- apt::source: configure repo only for current architecture [#1380](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1380) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - (CONT-189) Remove support for RedHat6 / OracleLinux6 / Scientific6 [#1371](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1371) ([david22swan](https://github.com/david22swan)) +- pdksync - (CONT-130) - Dropping Support for Debian 9 [#1368](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1368) ([jordanbreen28](https://github.com/jordanbreen28)) +- (maint) Codebase Hardening [#1366](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1366) ([david22swan](https://github.com/david22swan)) +- Fix table grant with schema [#1315](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1315) ([vaol](https://github.com/vaol)) -## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) (2022-08-24) +## [v8.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.1) - 2022-08-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.2.0...v8.2.1) ### Fixed -- Fix puppet-strings documentation [\#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) -- \(GH-1360\) Reverting REFERENCE.md changes [\#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) -- Only require password when used [\#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) +- Fix puppet-strings documentation [#1363](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1363) ([ekohl](https://github.com/ekohl)) +- (GH-1360) Reverting REFERENCE.md changes [#1361](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1361) ([pmcmaw](https://github.com/pmcmaw)) +- Only require password when used [#1356](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1356) ([arjenz](https://github.com/arjenz)) -## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) (2022-08-23) +## [v8.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.2.0) - 2022-08-23 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.1.0...v8.2.0) ### Added -- pdksync - \(GH-cat-11\) Certify Support for Ubuntu 22.04 [\#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) -- \(MODULES-11251\) Add support for backup provider "pg\_dump" [\#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) +- pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04 [#1355](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1355) ([david22swan](https://github.com/david22swan)) +- (MODULES-11251) Add support for backup provider "pg_dump" [#1319](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1319) ([fraenki](https://github.com/fraenki)) ### Fixed -- Ensure multiple postgresql::server::recovery resources can be defined [\#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) +- Ensure multiple postgresql::server::recovery resources can be defined [#1348](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1348) ([Deroin](https://github.com/Deroin)) -## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) (2022-07-21) +## [v8.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.1.0) - 2022-07-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.0.0...v8.1.0) ### Added -- Fix service status detection on Debian-based OSes [\#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) -- \(FM-8971\) allow deferred function for role pwd [\#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) -- Set version for Fedora 36 [\#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) -- Add Red Hat Enterprise Linux 9 support [\#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) +- Fix service status detection on Debian-based OSes [#1349](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1349) ([arjenz](https://github.com/arjenz)) +- (FM-8971) allow deferred function for role pwd [#1347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1347) ([tvpartytonight](https://github.com/tvpartytonight)) +- Set version for Fedora 36 [#1345](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1345) ([lweller](https://github.com/lweller)) +- Add Red Hat Enterprise Linux 9 support [#1303](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1303) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(GH-1352\) - Updating postgresql service version on SLES [\#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) -- Respect $service\_status on Red Hat-based distros [\#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) -- Add version for Ubuntu 22.04 [\#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) -- README.md: correct postgresql\_conn\_validator example [\#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) -- pdksync - \(GH-iac-334\) Remove Support for Ubuntu 14.04/16.04 [\#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) -- Remove unused variable in reload.pp [\#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) -- Use systemctl reload on EL 7 and higher [\#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) +- (GH-1352) - Updating postgresql service version on SLES [#1353](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1353) ([pmcmaw](https://github.com/pmcmaw)) +- Respect $service_status on Red Hat-based distros [#1351](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1351) ([ekohl](https://github.com/ekohl)) +- Add version for Ubuntu 22.04 [#1350](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1350) ([arjenz](https://github.com/arjenz)) +- README.md: correct postgresql_conn_validator example [#1332](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1332) ([bastelfreak](https://github.com/bastelfreak)) +- pdksync - (GH-iac-334) Remove Support for Ubuntu 14.04/16.04 [#1331](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1331) ([david22swan](https://github.com/david22swan)) +- Remove unused variable in reload.pp [#1327](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1327) ([ekohl](https://github.com/ekohl)) +- Use systemctl reload on EL 7 and higher [#1326](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1326) ([ekohl](https://github.com/ekohl)) -## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) (2022-03-03) +## [v8.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.0.0) - 2022-03-03 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) -### Changed - -- Support setting default\_privileges on all schemas [\#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) - ### Added -- add default version for Fedora 35 [\#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) -- add scram-sha-256 support [\#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) -- add support for Ubuntu Hirsute and Impish [\#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) -- Allow systemd to mask postgresql service file [\#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) -- Make ::contrib a noop on OSes without a contrib package [\#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) -- pdksync - \(IAC-1753\) - Add Support for AlmaLinux 8 [\#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) -- MODULES-11201: add service\_name for Ubuntu 18.04 and later [\#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) -- pdksync - \(IAC-1751\) - Add Support for Rocky 8 [\#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) -- Default privileges support schemas [\#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) -- Support target\_role in default\_privileges [\#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) +- add default version for Fedora 35 [#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) +- add scram-sha-256 support [#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) +- add support for Ubuntu Hirsute and Impish [#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) +- Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) +- Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) +- pdksync - (IAC-1753) - Add Support for AlmaLinux 8 [#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) +- MODULES-11201: add service_name for Ubuntu 18.04 and later [#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) +- pdksync - (IAC-1751) - Add Support for Rocky 8 [#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) +- Default privileges support schemas [#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) +- Support target_role in default_privileges [#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) + +### Changed +- Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) ### Fixed -- pdksync - \(IAC-1787\) Remove Support for CentOS 6 [\#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) -- Fix python package name in RHEL/CentOS 8 [\#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) -- Drop further code for Debian 6 and Ubuntu 10 [\#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) +- pdksync - (IAC-1787) Remove Support for CentOS 6 [#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) +- Fix python package name in RHEL/CentOS 8 [#1316](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1316) ([kajinamit](https://github.com/kajinamit)) +- Drop further code for Debian 6 and Ubuntu 10 [#1307](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1307) ([ekohl](https://github.com/ekohl)) -## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) (2021-09-28) +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.5.0) - 2021-09-28 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.1...v7.5.0) ### Added -- Use Puppet-Datatype Sensitive for Passwords [\#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) +- Use Puppet-Datatype Sensitive for Passwords [#1279](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1279) ([cocker-cc](https://github.com/cocker-cc)) ### Fixed -- \(IAC-1598\) - Remove Support for Debian 8 [\#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) -- Inline file contents in the catalog [\#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) -- Fix changing default encoding [\#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) +- (IAC-1598) - Remove Support for Debian 8 [#1302](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1302) ([david22swan](https://github.com/david22swan)) +- Inline file contents in the catalog [#1299](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1299) ([ekohl](https://github.com/ekohl)) +- Fix changing default encoding [#1296](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1296) ([smortex](https://github.com/smortex)) -## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) (2021-08-25) +## [v7.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.1) - 2021-08-25 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.4.0...v7.4.1) ### Fixed -- \(maint\) Allow stdlib 8.0.0 [\#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) +- (maint) Allow stdlib 8.0.0 [#1293](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1293) ([smortex](https://github.com/smortex)) -## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) (2021-08-24) +## [v7.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.4.0) - 2021-08-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.3.0...v7.4.0) ### Added -- pdksync - \(IAC-1709\) - Add Support for Debian 11 [\#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) +- pdksync - (IAC-1709) - Add Support for Debian 11 [#1288](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1288) ([david22swan](https://github.com/david22swan)) ### Fixed -- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [\#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) +- drop code for Debian 6/7 and Ubuntu 10.04/12.04 [#1290](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1290) ([evgeni](https://github.com/evgeni)) -## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) (2021-08-03) +## [v7.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.3.0) - 2021-08-03 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.2.0...v7.3.0) ### Added -- MODULES-11049 - Implement default privileges changes [\#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) +- MODULES-11049 - Implement default privileges changes [#1267](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1267) ([mtancoigne](https://github.com/mtancoigne)) ### Fixed -- Do not add version component to repo definition [\#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) -- \(MODULES-8700\) Autorequire the service in postgresql\_psql [\#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) +- Do not add version component to repo definition [#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) +- (MODULES-8700) Autorequire the service in postgresql_psql [#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) -## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) (2021-05-24) +## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) - 2021-05-24 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.1.0...v7.2.0) ### Added -- \(MODULES-11069\) add default version for fedora 34 [\#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) -- MODULES-11047 - Allow managing rights for PUBLIC role [\#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) +- (MODULES-11069) add default version for fedora 34 [#1272](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1272) ([lweller](https://github.com/lweller)) +- MODULES-11047 - Allow managing rights for PUBLIC role [#1266](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1266) ([mtancoigne](https://github.com/mtancoigne)) -## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) (2021-04-12) +## [v7.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.1.0) - 2021-04-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.3...v7.1.0) ### Added -- Add new common repo which contains add-ons [\#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) +- Add new common repo which contains add-ons [#1190](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1190) ([jorhett](https://github.com/jorhett)) -## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) (2021-04-12) +## [v7.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.3) - 2021-04-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.2...v7.0.3) -## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) (2021-03-15) +## [v7.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.2) - 2021-03-15 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.1...v7.0.2) ### Fixed -- \(MODULES-10957\) Override the set\_sensitive\_parameters method [\#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) +- (MODULES-10957) Override the set_sensitive_parameters method [#1258](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1258) ([sheenaajay](https://github.com/sheenaajay)) -## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) (2021-03-08) +## [v7.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.1) - 2021-03-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.0.0...v7.0.1) ### Fixed -- Ensure port is a string in psql command [\#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) +- Ensure port is a string in psql command [#1253](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1253) ([ekohl](https://github.com/ekohl)) -## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) (2021-03-04) +## [v7.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.0.0) - 2021-03-04 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) -### Changed - -- pdksync - \(MAINT\) Remove SLES 11 support [\#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) -- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) - ### Added -- Add DNF module management [\#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) +- Add DNF module management [#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) + +### Changed +- pdksync - (MAINT) Remove SLES 11 support [#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - (MAINT) Remove RHEL 5 family support [#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) -## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) (2021-02-22) +## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) - 2021-02-22 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) ### Fixed -- Fix command shell escaping [\#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) +- Fix command shell escaping [#1240](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1240) ([DavidS](https://github.com/DavidS)) -## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) (2021-02-09) +## [v6.10.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.1) - 2021-02-09 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.0...v6.10.1) -### Fixed - -- Also perform systemd daemon-reload on Puppet 6.1+ [\#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) - -## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) (2021-02-08) +## [v6.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.0) - 2021-02-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.9.0...v6.10.0) ### Added -- Set default PostgreSQL version for FreeBSD [\#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) -- Clean up globals logic to support CentOS 8 stream [\#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) +- Set default PostgreSQL version for FreeBSD [#1227](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1227) ([olevole](https://github.com/olevole)) +- Clean up globals logic to support CentOS 8 stream [#1225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1225) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(bug\) fix systemd daemon-reload order when updating service files [\#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) -- Fix postgresql::sql task when password is not set [\#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) +- Also perform systemd daemon-reload on Puppet 6.1+ [#1233](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1233) ([ekohl](https://github.com/ekohl)) +- (bug) fix systemd daemon-reload order when updating service files [#1230](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1230) ([sheenaajay](https://github.com/sheenaajay)) +- Fix postgresql::sql task when password is not set [#1226](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1226) ([smortex](https://github.com/smortex)) -## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) (2021-01-18) +## [v6.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.9.0) - 2021-01-18 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.8.0...v6.9.0) ### Added -- pdksync - \(feat\) - Add support for puppet 7 [\#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) -- Manage postgresql\_conf\_path file permissions [\#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) +- pdksync - (feat) - Add support for puppet 7 [#1215](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1215) ([daianamezdrea](https://github.com/daianamezdrea)) +- Manage postgresql_conf_path file permissions [#1199](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1199) ([ekohl](https://github.com/ekohl)) ### Fixed -- \(maint\) updated defaults for rhel7 policycoreutils [\#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) -- \(IAC-1189\) - Fix for SLES 15 SP 1 and later [\#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) -- Change - Use systemd drop-in directory for unit overrides [\#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) +- (maint) updated defaults for rhel7 policycoreutils [#1212](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1212) ([sheenaajay](https://github.com/sheenaajay)) +- (IAC-1189) - Fix for SLES 15 SP 1 and later [#1209](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1209) ([david22swan](https://github.com/david22swan)) +- Change - Use systemd drop-in directory for unit overrides [#1201](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1201) ([blackknight36](https://github.com/blackknight36)) -## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) (2020-09-28) +## [v6.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.8.0) - 2020-09-29 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.7.0...v6.8.0) ### Added -- add hostgssenc type to pg\_hba rules [\#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) -- Allow removal of config\_entries via main class [\#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) +- add hostgssenc type to pg_hba rules [#1195](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1195) ([osijan](https://github.com/osijan)) +- Allow removal of config_entries via main class [#1187](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1187) ([ekohl](https://github.com/ekohl)) ### Fixed -- Fix contrib package name under debian 10 [\#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) +- Fix contrib package name under debian 10 [#1188](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1188) ([neomilium](https://github.com/neomilium)) -## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) (2020-08-28) +## [v6.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.7.0) - 2020-08-28 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.6.0...v6.7.0) ### Added -- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) +- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch `main` [#1182](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1182) ([david22swan](https://github.com/david22swan)) -### Fixed - -- Invert psql/package dependency logic [\#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) - -## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) (2020-06-02) +## [v6.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.6.0) - 2020-06-22 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.5.0...v6.6.0) ### Added -- \(IAC-746\) - Add ubuntu 20.04 support [\#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) +- (IAC-746) - Add ubuntu 20.04 support [#1172](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1172) ([david22swan](https://github.com/david22swan)) ### Fixed -- Fix custom port in extension [\#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) +- Invert psql/package dependency logic [#1179](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1179) ([raphink](https://github.com/raphink)) +- Fix custom port in extension [#1165](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1165) ([Vampouille](https://github.com/Vampouille)) -## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) (2020-05-13) +## [v6.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.5.0) - 2020-05-13 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.4.0...v6.5.0) ### Added -- service\_ensure =\> true is now an allowed value \(aliased to running\) [\#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) -- Finish conversion of `postgresql\_acls\_to\_resources\_hash` function [\#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql\_escape` function [\#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) -- Finish conversion of `postgresql\_password` function [\#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) -- Allow usage of grant and role when not managing postgresql::server [\#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) -- Add version configs for SLES 12 SP 3 to 5 [\#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) -- Add extra parameter "extra\_systemd\_config" [\#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) +- service_ensure => true is now an allowed value (aliased to running) [#1167](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1167) ([binford2k](https://github.com/binford2k)) +- Finish conversion of `postgresql_acls_to_resources_hash` function [#1163](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1163) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_escape` function [#1162](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1162) ([alexjfisher](https://github.com/alexjfisher)) +- Finish conversion of `postgresql_password` function [#1161](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1161) ([alexjfisher](https://github.com/alexjfisher)) +- Allow usage of grant and role when not managing postgresql::server [#1159](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1159) ([tuxmea](https://github.com/tuxmea)) +- Add version configs for SLES 12 SP 3 to 5 [#1158](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1158) ([XnS](https://github.com/XnS)) +- Add extra parameter "extra_systemd_config" [#1156](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1156) ([veninga](https://github.com/veninga)) ### Fixed -- \(MODULES-10610\) Use correct lower bound for concat version [\#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) +- (MODULES-10610) Use correct lower bound for concat version [#1160](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1160) ([ghoneycutt](https://github.com/ghoneycutt)) -## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) (2020-03-17) +## [v6.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.4.0) - 2020-03-17 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.3.0...v6.4.0) ### Added -- Add Fedora 31 compatibility [\#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) -- feat: enable different database resource name in extension [\#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) -- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) -- Puppet 4 functions [\#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) +- Add Fedora 31 compatibility [#1141](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1141) ([blackknight36](https://github.com/blackknight36)) +- feat: enable different database resource name in extension [#1136](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1136) ([jfroche](https://github.com/jfroche)) +- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored [#1130](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1130) ([david22swan](https://github.com/david22swan)) +- Puppet 4 functions [#1129](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129) ([binford2k](https://github.com/binford2k)) ### Fixed -- Fix incorrectly quoted GRANT cmd on functions [\#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) -- Correct versioncmp logic in config.pp [\#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) -- Treat $version as an integer for comparison, defaults to string [\#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) -- Allow usage of PUBLIC role [\#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) -- fix missing systemd override config for EL8 \(CentOS and RHEL\) [\#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) +- Fix incorrectly quoted GRANT cmd on functions [#1150](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1150) ([olifre](https://github.com/olifre)) +- Correct versioncmp logic in config.pp [#1137](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1137) ([boydtom](https://github.com/boydtom)) +- Treat $version as an integer for comparison, defaults to string [#1135](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1135) ([boydtom](https://github.com/boydtom)) +- Allow usage of PUBLIC role [#1134](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1134) ([Vampouille](https://github.com/Vampouille)) +- fix missing systemd override config for EL8 (CentOS and RHEL) [#1131](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1131) ([david-barbion](https://github.com/david-barbion)) -## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) (2019-12-18) +## [v6.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.3.0) - 2019-12-18 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.2.0...v6.3.0) ### Added -- Add support for granting privileges on functions [\#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) -- \(FM-8679\) - Support added for CentOS 8 [\#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) -- MODULES-10041 - allow define password\_encryption for version above 10 [\#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) +- Add support for granting privileges on functions [#1118](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1118) ([crispygoth](https://github.com/crispygoth)) +- (FM-8679) - Support added for CentOS 8 [#1117](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1117) ([david22swan](https://github.com/david22swan)) +- MODULES-10041 - allow define password_encryption for version above 10 [#1111](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1111) ([k2patel](https://github.com/k2patel)) ### Fixed -- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [\#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) +- Remove duplicate REFERENCE.md file with strange unicode character at end of filename [#1108](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1108) ([nudgegoonies](https://github.com/nudgegoonies)) -## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) (2019-09-12) +## [v6.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.2.0) - 2019-09-13 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.1.0...v6.2.0) ### Added -- FM-8408 - add support on Debian10 [\#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) -- Fix/directory defined twice [\#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) -- Adding SLES 15 [\#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) -- \(FM-7500\) conversion to use litmus [\#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) +- FM-8408 - add support on Debian10 [#1103](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1103) ([lionce](https://github.com/lionce)) +- Fix/directory defined twice [#1089](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1089) ([arcenik](https://github.com/arcenik)) +- Adding SLES 15 [#1087](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1087) ([msurato](https://github.com/msurato)) +- (FM-7500) conversion to use litmus [#1081](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1081) ([tphoney](https://github.com/tphoney)) ### Fixed -- \(MODULES-9658\) - custom ports are not labeled correctly [\#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) -- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [\#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) -- Grant all tables in schema fixup [\#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) -- \(MODULES-9219\) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [\#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) +- (MODULES-9658) - custom ports are not labeled correctly [#1099](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1099) ([blackknight36](https://github.com/blackknight36)) +- Fix: When assigning a tablespace to a database, no equal sign is needed in the query [#1098](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1098) ([biertie](https://github.com/biertie)) +- Grant all tables in schema fixup [#1096](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1096) ([georgehansper](https://github.com/georgehansper)) +- (MODULES-9219) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed [#1093](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1093) ([blackknight36](https://github.com/blackknight36)) -## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) (2019-06-04) +## [v6.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.1.0) - 2019-06-04 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.0.0...v6.1.0) ### Added -- \(FM-8031\) Add RedHat 8 support [\#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) +- (FM-8031) Add RedHat 8 support [#1083](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1083) ([eimlav](https://github.com/eimlav)) -## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) (2019-05-14) +## [v6.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.0.0) - 2019-05-14 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) -### Changed - -- pdksync - \(MODULES-8444\) - Raise lower Puppet bound [\#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) -- \(maint\) remove inconsistent extra variable [\#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) - ### Added -- Add Fedora 30 compatibility [\#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) -- Include EL8 version for config checks [\#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) +- Add Fedora 30 compatibility [#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) +- Include EL8 version for config checks [#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) + +### Changed +- pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) +- (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) ### Fixed -- Support current version of puppetlabs/apt. [\#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) -- change username/group/datadir defaults for FreeBSD [\#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) +- Support current version of puppetlabs/apt. [#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) +- change username/group/datadir defaults for FreeBSD [#1063](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1063) ([olevole](https://github.com/olevole)) -## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) (2019-02-14) +## [5.12.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.1) - 2019-02-14 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.0...5.12.1) ### Fixed -- \(FM-7811\) - Use postgresql 9.4 for SLES 11 sp4 [\#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) -- \(MODULES-8553\) Further cleanup for package tag issues [\#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) +- (FM-7811) - Use postgresql 9.4 for SLES 11 sp4 [#1057](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1057) ([david22swan](https://github.com/david22swan)) +- (MODULES-8553) Further cleanup for package tag issues [#1055](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1055) ([HelenCampbell](https://github.com/HelenCampbell)) -## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) (2019-02-01) +## [5.12.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.12.0) - 2019-02-01 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.11.0...5.12.0) ### Added -- \(MODULES-3804\) Fix sort order of pg\_hba\_rule entries [\#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) +- (MODULES-3804) Fix sort order of pg_hba_rule entries [#1040](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1040) ([olavmrk](https://github.com/olavmrk)) ### Fixed -- \(MODULES-8553\) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [\#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) -- \(MODULES-8352\) Don't use empty encoding string on initdb [\#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) -- pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) +- (MODULES-8553) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag [#1052](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1052) ([HelenCampbell](https://github.com/HelenCampbell)) +- (MODULES-8352) Don't use empty encoding string on initdb [#1043](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1043) ([binford2k](https://github.com/binford2k)) +- pdksync - (FM-7655) Fix rubygems-update for ruby < 2.3 [#1042](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1042) ([tphoney](https://github.com/tphoney)) -## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) (2018-11-21) +## [5.11.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.11.0) - 2018-11-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.10.0...5.11.0) ### Added -- Add postgis support for postgres 10 [\#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) +- Add postgis support for postgres 10 [#1032](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1032) ([smussie](https://github.com/smussie)) ### Fixed -- Ignore .psqlrc so output is clean and doesn't break Puppet [\#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) -- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [\#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) +- Strip quotes from role names [#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) +- Ignore .psqlrc so output is clean and doesn't break Puppet [#1021](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1021) ([flaviogurgel](https://github.com/flaviogurgel)) +- Change initdb option '--xlogdir' to '-X' for PG10 compatibility [#976](https://github.com/puppetlabs/puppetlabs-postgresql/pull/976) ([fcanovai](https://github.com/fcanovai)) -## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) (2018-09-27) +## [5.10.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.10.0) - 2018-09-27 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.9.0...5.10.0) ### Added -- pdksync - \(MODULES-6805\) metadata.json shows support for puppet 6 [\#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) +- pdksync - (MODULES-6805) metadata.json shows support for puppet 6 [#1026](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1026) ([tphoney](https://github.com/tphoney)) -## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) (2018-09-06) +## [5.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.9.0) - 2018-09-07 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.8.0...5.9.0) ### Added -- pdksync - \(MODULES-7705\) - Bumping stdlib dependency from \< 5.0.0 to \< 6.0.0 [\#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) - -### Fixed +- pdksync - (MODULES-7705) - Bumping stdlib dependency from < 5.0.0 to < 6.0.0 [#1018](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1018) ([pmcmaw](https://github.com/pmcmaw)) -- Strip quotes from role names [\#1034](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1034) ([jstuart](https://github.com/jstuart)) - -## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) (2018-08-06) +## [5.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.8.0) - 2018-08-07 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.7.0...5.8.0) ### Added -- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [\#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) +- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 [#1012](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1012) ([mateusz-gozdek-sociomantic](https://github.com/mateusz-gozdek-sociomantic)) -## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) (2018-07-19) +## [5.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.7.0) - 2018-07-20 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.6.0...5.7.0) ### Added -- \(MODULES-7479\) Update postgresql to support Ubuntu 18.04 [\#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) -- \(MODULES-6542\) - Adding SLES 11 & 12 to metadata [\#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-7479) Update postgresql to support Ubuntu 18.04 [#1005](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1005) ([david22swan](https://github.com/david22swan)) +- (MODULES-6542) - Adding SLES 11 & 12 to metadata [#1001](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1001) ([pmcmaw](https://github.com/pmcmaw)) ### Fixed -- \(MODULES-7479\) Ensure net-tools is installed when testing on Ubuntu 18.04 [\#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) -- \(MODULES-7460\) - Updating grant table to include INSERT privileges [\#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) -- Fix packages choice for ubuntu 17.10 [\#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) +- (MODULES-7479) Ensure net-tools is installed when testing on Ubuntu 18.04 [#1006](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1006) ([david22swan](https://github.com/david22swan)) +- (MODULES-7460) - Updating grant table to include INSERT privileges [#1004](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1004) ([pmcmaw](https://github.com/pmcmaw)) +- Fix packages choice for ubuntu 17.10 [#1000](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1000) ([fflorens](https://github.com/fflorens)) -## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) (2018-06-20) +## [5.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.6.0) - 2018-06-21 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.5.0...5.6.0) -### Changed +## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) - 2018-06-19 -- Fix creation of recovery.conf file when recovery configuration is not specified [\#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) ### Added -- Add compatibility for Fedora 28 [\#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) -- \(MODULES-5994\) Add debian 9 [\#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) -- Adding default Postgresql version for Ubuntu 18.04 [\#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) +- Add compatibility for Fedora 28 [#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) +- (MODULES-5994) Add debian 9 [#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) +- Adding default Postgresql version for Ubuntu 18.04 [#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) -### Fixed - -- Fix quoting on schema owners [\#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) - -## [5.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.5.0) (2018-04-06) - -[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) +### Changed +- Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) -### Added +### Fixed -- Parameters `roles`, `config\_entires`, and `pg\_hba\_rules` to `postgresql::server` for hiera [\#950](https://github.com/puppetlabs/puppetlabs-postgresql/pull/950) ([ekohl](https://github.com/ekohl)) +- Fix quoting on schema owners [#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) -## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) (2018-03-22) +## [5.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.4.0) - 2018-03-27 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.3.0...5.4.0) ### Added -- \(MODULES-6330\) PDK convert 1.4.1 [\#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) -- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database\_grant` [\#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) +- (MODULES-6330) PDK convert 1.4.1 [#961](https://github.com/puppetlabs/puppetlabs-postgresql/pull/961) ([pmcmaw](https://github.com/pmcmaw)) +- Parameter `ensure` on `postgresql::server::grant` and `postgresql::server::database_grant` [#891](https://github.com/puppetlabs/puppetlabs-postgresql/pull/891) ([georgehansper](https://github.com/georgehansper)) ### Fixed -- Documentation error, `reassign\_owned\_by` uses `\*\_role` not `\*\_owner`. [\#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) - -## 5.3.0 -### Summary -Implements rubocop changes within the module, alongside other smaller changes. - -#### Added -- ensure=>absent added to postgresql::server:role. -- Support added for Fedora 27. -- scram-sha-256 added as a valid ph_hba_rule auth method. -- 9.6 settings inherited for later PgSQL versions on FreeBSD. -- A require has been added for puppet. - -#### Changed -- Changes made to avoid the useless loading of files by augeas. -- Modulesync changes. -- psql_path defaulted to postgresql::server::psql_path. -- Rubocop changes have been made. - -#### Removed -- Debian 9 support deprecated. - -## Supported Release 5.2.1 -### Summary -Bug fix for issue introduced in 5.2.0 - -#### Fixed -- issue where the module was attempting to install extensions before a database was available. ([SERVER-2003](https://tickets.puppetlabs.com/browse/SERVER-2003)) - -## Supported Release 5.2.0 -### Summary -Adds several new features including some work around OS support. Also includes a couple of fixes to tests and the removal of unsupported Ubuntu versions. - -#### Added -- Added default postgresql version of Ubuntu 17.4 version to the globals.pp file. -- Fedora 26 provides postgresql-server version 9.6 by default - Added support to manifests/globals.pp to avoid puppet failures on Fedora 26 nodes. -- Use postgresql 9.6 for the newest SLES and openSUSE releases. -- Enhanced --data-checksums on initdb. -- Added support for Debian version 9. -- Added a `version` parameter. - -#### Changed -- Replaced validate_re calls with puppet datatype `Pattern` and is_array calls with puppet datatype `Array`. -- Installation method for apt in the spec_helper_acceptance, this is a temporary workaround due to issues with module installation. - -#### Fixed -- Updated spec tests to remove deprecation warnings. -- Docs formatting. -- Pass default_connect_settings to validate service ([MODULES-4682](https://tickets.puppetlabs.com/browse/MODULES-4682)) -- Rocket Alignment for Lint. -- Fixed changes in error messages in tests ([MODULES-5378](https://tickets.puppetlabs.com/browse/MODULES-5378)) - -#### Removed -- Removed unsupported Ubuntu versions 10.04 and 12.04 ([MODULES-5501](https://tickets.puppetlabs.com/browse/MODULES-5501)) -- Removed unsupported Debian version 6. -- Removed numeric order override. - -## Supported Release 5.1.0 -### Summary -This release includes Japanese translations for internationalization, Puppet 5 support, implementation of defined type postgresql::server::reassign_owned_by. - -#### Features -- Updating translations for readmes/README_ja_JP.md -- add defined type postgresql::server::reassign_owned_by -- Allow order parameter to be string value -- prep for puppet 5 ([MODULES-5144](https://tickets.puppetlabs.com/browse/MODULES-5144)) -- add data_checksums option to initdb -- parameter ensure of custom resource postgresql_replication_slot is not documented ([MODULES-2989](https://tickets.puppetlabs.com/browse/MODULES-2989)) - -#### Bug Fixes -- Adding a space for header formatting -- use https for apt.postgresql.org repo -- msync puppet 5 and ruby 2.4 ([MODULES-5197](https://tickets.puppetlabs.com/browse/MODULES-5187)) -- Only run test on postgresql >= 9.0 ([FM-6240](https://tickets.puppetlabs.com/browse/FM-6240)) -- Fix Ruby 2.4 deprecation in postgresql_acls_to_resources_hash - -## Supported Release 5.0.0 -### Summary -This **major** release dropped support for Puppet 3 and PostgreSQL 8.x, added Puppet 4 data types, and deprecated the validate_db_connection type. - -#### Added -- `locales/` directory, .pot file, and i18n `config.yaml`. ([FM-6116](https://tickets.puppet.com/browse/FM-6116)) -- `update_password` parameter to toggle password management per role. -- **Puppet 4** type validation. -- new `postgresql_conn_validator` custom type and deprecated `validate_db_connection`. ([MODULES-1394](https://tickets.puppet.com/browse/MODULES-1394)) - -#### Changed -- default postgis versions in postgresql::globals to use newer versions. -- puppetlabs-concat and puppetlabs-apt dependencies to use latest versions. ([MODULES-4906](https://tickets.puppet.com/browse/MODULES-4906), [MODULES-4947](https://tickets.puppet.com/browse/MODULES-4947)) -- default value for `log_line_prefix` to `undef`. -- `listen_addresses` default value to 'localhost'. Allows for it to be set independently of a class declaration. -- use of stdlib validate_* functions. They have been removed in favor of Puppet 4 type validation. -- lower Puppet dependency in metadata to 4.7.0. ([MODULES-4826](https://tickets.puppet.com/browse/MODULES-4826)) - -#### Fixed -- deprecated apt::source parameters(`key`,`key_source`, & `include_src`). -- default SUSE parameters. ([MODULES-4598](https://tickets.puppet.com/browse/MODULES-4598)) -- use of force parameter on concat resources. - -## Supported Release 4.9.0 -### Summary -This release adds several types and, among other bugs, fixes an issue with the yum URL. - -#### Features -- Modifying ownership of databases and schemas now available (MODULES-3247) -- Use `module_workdir` to specify a custom directory in which to execute psql commands -- `grant_role` and `grant` types added! -- Support for parallel unit testing (parallel_tests) -- Override download/installation repo URL with `repo_baseurl` -- Set your timezone with `timezone` -- Grant privileges on LANGUAGEs -- Added support for Debian Stretch and Ubuntu Yakkety Yak - -#### Bugfixes -- Usernames and passwords are now converted to strings before password hash is created -- Specify default database name if it is not the username -- Update to yum repo -- Schema name conflicts fix - -## Supported Release 4.8.0 -### Summary -This release primarily fixes an issue with `postgresql_conf` values of ipaddresses being considered floats and not getting quoted. - -#### Features -- Add `default_connect_settings` parameter to `postgresql::server` -- Running under strict variables is now supported -- Add timestamps into logs by default - -#### Bugfixes -- Obscure password in postgresql\_psql type -- Fix ip address quoting in postgresql\_conf type -- Fix handling of systemd service on Ubuntu -- Mark log_min_duration_statement setting as requiring a service restart -- Add fixes for Fedora 23, Fedora 24, FreeBSD, OpenBSD -- Fix environment handling to avoid "Overriding environment setting" message -- Work around PUP-6385, using empty arrays instead of undef when specifying resource relationships -- README editorial pass -- Reduce whitespace in templates -- Update build/test infrastructure - -## Supported Release 4.7.1 -### Summary -This release contains some bugfixes and documentation updates. - -#### Bugfixes -- (MODULES-3024) Quote database objects when creating databases. -- Properly escape case where password ends with '$'. -- Fixes password change when postgres is configure to non-standard port. -- Unpins concat dependency to be able to use concat 2.x. -- Workaround to fix installing on Amazon Linux. -- Fixes proper defaulting of `$service_provider` parameter. -- Fixes postgres server init script naming on Amazon Linux. -- Fixes service reload parameter on Arch Linux. -- Adds missing onlyif_function to sequence grant code. -- Fixes to the markdown of the README. - -## Supported Release 4.7.0 -### Summary -A release with a considerable amount of new features, including remote db support and several platform support updates. Various bugfixes including several to address warnings and a sizable README update. - -#### Features -- Remote DB support - Connection-settings allows a hash of options that can be used when connecting to a remote DB. -- Debian 8 support. -- Updated systemd-override to support fedora and CentOS paths. -- Adds the ability to define the extension name separately from the title of the resource, which allows you to add the extension to more than one database. -- Added parameter to disable automatic service restarts on config changes. -- Ubuntu 15.10 compatibility. -- OpenBSD version is now 9.4. -- Added .gitattributes to maintain line endings for .sh and .rb files. -- Adds default postgis version for 9.5. -- Allows float postgresql_conf values. -- Schedule apt update after install of repo. - -#### Bugfixes -- Fixed systemd-override for RedHat systems with unmanaged Yum repos. -- Removed inherits postgresql::params. -- Multi-node tests are now not ran by default. -- Change apt::pin to apt_postgresql_org to prevent error message. -- Removed syntax error near UTF8. -- Removal of extra blanks and backslashes in README. -- Double quotes now used around database name to prevent syntax error. -- Removes ruby 1.8.7 and puppet 2.7 from travis-ci jobs. -- Fixed paths to work on Amazon Linux. -- Fixed quotes around locale options. -- Huge README update. -- Update to use current msync configs. -- Fixes postgresql::server acceptance test descriptions. - -## Supported Release 4.6.1 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-09-01 - Supported Release 4.6.0 -### Summary -This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. - -#### Features -- Support setting a proxy for yum operations -- Allow for undefined PostGIS version -- Decouple pg_hba_rule from postgresql::server - -#### Bugfixes -- Fix postgis default package name on RedHat - -## 2015-07-27 - Supported Release 4.5.0 -### Summary -This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to -the psql resource. - -### Features -- Add `onlyif` parameter to `postgresql_psql` -- Add unsupported compatibility with Ubuntu 15.04 -- Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 -- Add `postgresql::server::grant::onlyif_exists` attribute -- Add `postgresql::server::table_grant::onlyif_exists` attribute -- Add granting permissions on sequences - -### Bugfixes -- Added docs for `postgresql::server::grant` -- Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls -- Fix 9.4 for `postgresql::server::pg_hba_rule` - -## 2015-07-07 - Supported Release 4.4.2 -### Summary -This release fixes a bug introduced in 4.4.0. - -#### Bugfixes -- Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) - -## 2015-07-01 - Supported Release 4.4.1 -### Summary -This release fixes RHEL 7 & Fedora with manage_package_repo switched on. - -#### Bugfixes -- Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 - -## 2015-06-30 - Supported Release 4.4.0 -### Summary -This release has several new features, bugfixes, and test improvements. - -#### Features -- Adds a resource to manage recovery.conf. -- Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. -- Adds support for plpython package management. -- Adds support for postgresql-docs management. -- Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) -- Updates puppetlabs-apt module dependency to support version 2.1.0. - -#### Bugfixes -- Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser -- Fix setting postgres role password (MODULES-1869) -- Fix execution command with puppet <3.4 (MODULES-1923) -- Fix Puppet.newtype deprecation warning (MODULES-2007) -- Fix systemd override for manage_repo package versions -- Fix Copy snakeoil certificate and key instead of symlinking - -#### Test Improvements -- Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. -- Enables Unit testing on Travis CI with Puppet 4. -- Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. - -## 2015-03-24 - Supported Release 4.3.0 -### Summary -This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. - -#### Features -- Add `postgresql::server::logdir` parameter to manage the logdir -- Add `environment` parameter to `postgresql_psql` -- Add `postgresql_replication_slot` custom resource - -#### Bugfixes -- Fix for Puppet 4 -- Don't print postgresql\_psql password in command -- Allow `postgresql::validate_db_connection` for more than one host+port+database combo -- Fix service command on Debian 8 and up -- Fix `postgresql::server::extension` to work with custom user/group/port -- Fix `postgresql::server::initdb` to work with custom user/group/port -- Fix changing template1 encoding -- Fix default `postgresql::server::grant::object_name` value -- Fix idempotency of granting all tables in schema with `puppet::server::grant` -- Fix lint warnings -- Fix apt key to use 40 character key and bump puppetlabs-apt to >= 1.8.0 < 2.0.0 - - -##2015-03-10 - Supported Release 4.2.0 -###Summary - -This release has several new features including support for server extensions, improved grant support, and a number of bugfixes. - -####Features -- Changes to support OpenBSD -- Add `service_reload` parameter to `postgresql::server` -- Add `comment` parameter to `postgresql::server::database` (MODULES-1153) -- Add `postgresql::server::extension` defined type -- Add postgresql versions for utopic and jessie -- Update `postgresql::server::grant` to support 'GRANT SCHEMA' and 'ALL TABLES IN SCHEMA' - -####Bugfixes -- Lint cleanup -- Remove outdated upgrade info from README -- Use correct TCP port when checking password -- Create role before database -- Fix template1 encoding on Debian -- Require server package before user permissions -- Fix `service_status` default for FreeBSD to allow PostgreSQL to start the first run -- Fix invalid US-ASCII byte sequence in `postgresql::server::grant` comments -- Reverted to default behavior for Debian systems as `pg_config` should not be overwritten (MODULES-1485) - -##2014-11-04 - Supported Release 4.1.0 -###Summary - -This release adds the ability to change the PGDATA directory, and also includes documentation and test updates, future parser support, and a few other new features. - -####Features -- Future parser support -- Documentation updates -- Test updates -- Add a link from `/etc/sysconfig/pgsql/postgresql-${version}` to `/etc/sysconfig/pgsql/postgresql` to support init scripts from the postgresql.org repo -- Add support for changing the PGDATA directory -- Set default versions for Fedora 21 and FreeBSD - -##2014-09-03 - Supported Release 4.0.0 -###Summary - -This release removes the uninstall ability from the module, removes the firewall -management, overhauls all of the acceptance testing, as well as adds better -support for SuSE and Fedora. - -###Backwards Incompatible changes. - -- Uninstall code removal. -- Firewall management for Postgres. -- Set manage_pg_ident_conf to true. - -####Uninstallation removal - -We rely heavily on the ability to uninstall and reinstall postgres throughout -our testing code, testing features like "can I move from the distribution -packages to the upstream packages through the module" and over time we've -learnt that the uninstall code simply doesn't work a lot of the time. It -leaves traces of postgres behind or fails to remove certain packages on Ubuntu, -and generally causes bits to be left on your system that you didn't expect. - -When we then reinstall things fail because it's not a true clean slate, and -this causes us enormous problems during test. We've spent weeks and months -working on these tests and they simply don't hold up well across the full range -of PE platforms. - -Due to all these problems we've decided to take a stance on uninstalling in -general. We feel that in 2014 it's completely reasonable and normal to have a -good provisioning pipeline combined with your configuration management and the -"correct" way to uninstall a fully installed service like postgresql is to -simply reprovision the server without it in the first place. As a general rule -this is how I personally like to work and I think is a good practice. - -####I'm not OK with this! - -We understand that there are environments and situations in which it's not easy -to do that. What if you accidently deployed Postgres on 100,000 nodes? In the -future we're going to take a look at building some example 'profiles' to be -found under examples/ within this module that can uninstall postgres on popular -platforms. These can be modified and used in your specific case to uninstall -postgresql. They will be much more brute force and reliant on deleting entire -directories and require you to do more work up front in specifying where things -are installed but we think it'll prove to be a much cleaner mechanism for this -kind of thing rather than trying to weave it into the main module logic itself. - -####Features -- Removal of uninstall. -- Removal of firewall management. -- Tests ported to rspec3. -- Acceptance tests rewritten. -- Add a defined type for creating database schemas. -- Add a pg_ident_rule defined type. -- Set manage_pg_ident_conf to true. -- Manage pg_ident.conf by default. -- Improve selinux support for tablespace. -- Remove deprecation warnings. -- Support changing PGDATA on RedHat. -- Add SLES 11 support. - -####Bugfixes -- Link pg_config binary into /usr/bin. -- Fix fedora support by using systemd. -- Initdb should create xlogdir if set. -- Use a regular expression to match the major OS version on Ubuntu. - -##2014-07-31 - Supported Release 3.4.2 -###Summary - -This release fixes recent Fedora versions. - -####Features -####Bugfixes -- Fix Fedora. - -##2014-07-15 - Supported Release 3.4.1 -###Summary - -This release merely updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. - -##2014-04-14 - Supported Release 3.4.0 -###Summary - -This feature rolls up several important features, the biggest being PostGIS -handling and allowing `port` to be set on postgresql::server in order to -change the port that Postgres listens on. We've added support for RHEL7 -and Ubuntu 14.04, as well as allowing you to manage the service via -`service_ensure` finally. - -####Features -- Added `perl_package_name` for installing bindings. -- Added `service_ensure` for allowing control of services. -- Added `postgis_version` and postgis class for installing postgis. -- Added `port` for selecting the port Postgres runs on. -- Add support for RHEL7 and Ubuntu 14.04. -- Add `default_db` to postgresql::server::database. -- Widen the selection of unquoted parameters in postgresql_conf{} -- Require the service within postgresql::server::reload for RHEL7. -- Add `inherit` to postgresql::server::role. - -####Bugfixes - -##2014-03-04 - Supported Release 3.3.3 -###Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -####Features -####Bugfixes -####Known Bugs -* SLES is not supported. - -##2014-03-04 - Supported Release 3.3.2 -###Summary -This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. - -####Bugfixes -- Correct psql path when setting password on custom versions. -- Documentation updates -- Test updates - -####Known Bugs -* SLES is not supported. - - -##2014-02-12 - Version 3.3.1 -####Bugfix: -- Allow dynamic rubygems host - +- Documentation error, `reassign_owned_by` uses `*_role` not `*_owner`. [#958](https://github.com/puppetlabs/puppetlabs-postgresql/pull/958) ([computermouth](https://github.com/computermouth)) -##2014-01-28 - Version 3.3.0 +## [5.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.3.0) - 2018-02-26 -###Summary +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.1...5.3.0) -This release rolls up a bunch of bugfixes our users have found and fixed for -us over the last few months. This improves things for 9.1 users, and makes -this module usable on FreeBSD. - -This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues -thanks to Puppet::Util::SUIDManager.run_and_capture. - -####Features - - Add lc_ config entry settings - - Can pass template at database creation. - - Add FreeBSD support. - - Add support for customer `xlogdir` parameter. - - Switch tests from rspec-system to beaker. (This isn't really a feature) - -####Bugfixes - - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. - - Fix NOREPLICATION option for Postgres 9.1 - - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf - - Add $postgresql::server::client_package_name, referred to by install.pp - - Add missing service_provider/service_name descriptions in ::globals. - - Fix several smaller typos/issues throughout. - - Exec['postgresql_initdb'] needs to be done after $datadir exists - - Prevent defined resources from floating in the catalog. - - Fix granting all privileges on a table. - - Add some missing privileges. - - Remove deprecated and unused concat::fragment parameters. - - -##2013-11-05 - Version 3.2.0 - -###Summary - -Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. - -####Features -- Add versions for Ubuntu 13.10 and 14.04. -- Use default_database in validate_db_connection instead of a hardcoded -'postgres' -- Add globals/params layering for default_database. -- Allow specification of default database name. - -####Bugs -- Fixes to the README. - - -##2013-10-25 - Version 3.1.0 - -###Summary - -This is a minor feature and bug fix release. - -Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. - -The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. - -And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. - -####Features -- Defined $default_version for Fedora 17 (Bret Comnes) -- add search_path attribute to postgresql_psql resource (Jeremy Kitchen) -- (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) - -####Bugs -- enabling defined postgres user password without resetting on every puppet run (jonoterc) -- periods are valid in configuration variables also (Jeremy Kitchen) -- Add zero length string to join() function (Jarl Stefansson) -- add require of install to reload class (cdenneen) -- (GH-198) Fix race condition on postgresql startup (Ken Barber) -- Remove concat::setup for include in preparation for the next concat release (Ken Barber) - - -##2013-10-14 - Version 3.0.0 +### Added -Final release of 3.0, enjoy! +- Support extension schemas [#948](https://github.com/puppetlabs/puppetlabs-postgresql/pull/948) ([hasegeli](https://github.com/hasegeli)) +- Inherit 9.6 settings for later PgSQL version on FreeBSD [#945](https://github.com/puppetlabs/puppetlabs-postgresql/pull/945) ([olevole](https://github.com/olevole)) +- MODULES-6194 - Add scram-sha-256 as a valid pg_hba_rule auth method [#941](https://github.com/puppetlabs/puppetlabs-postgresql/pull/941) ([f3nry](https://github.com/f3nry)) +- FM-6445 add a task [#930](https://github.com/puppetlabs/puppetlabs-postgresql/pull/930) ([tphoney](https://github.com/tphoney)) +- add ensure=>absent to postgresql::server::role [#897](https://github.com/puppetlabs/puppetlabs-postgresql/pull/897) ([georgehansper](https://github.com/georgehansper)) +### Fixed -##2013-10-14 - Version 3.0.0-rc3 +- (maint) - Skip run_puppet_access_login on LTS [#956](https://github.com/puppetlabs/puppetlabs-postgresql/pull/956) ([pmcmaw](https://github.com/pmcmaw)) +- (MODULES-6608) - Adding puppet requirement for tasks versioncmp in beaker-task_helper [#952](https://github.com/puppetlabs/puppetlabs-postgresql/pull/952) ([pmcmaw](https://github.com/pmcmaw)) +- defaulted psql_path to postgresql::server::psql_path [#947](https://github.com/puppetlabs/puppetlabs-postgresql/pull/947) ([crayfishx](https://github.com/crayfishx)) +- According to the puppet doc, Pattern should be a list of regex. [#942](https://github.com/puppetlabs/puppetlabs-postgresql/pull/942) ([PierreR](https://github.com/PierreR)) +- This pull request fixes an augeas warning [#935](https://github.com/puppetlabs/puppetlabs-postgresql/pull/935) ([iakovgan](https://github.com/iakovgan)) -###Summary +## [5.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.1) - 2017-11-14 -Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well -as allowing owner to be passed into x. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.2.0...5.2.1) -####Features -- `manage_pg_hba_conf` parameter added to control pg_hba.conf management. -- `owner` parameter added to server::db. +### Fixed +- (MODULES-5956) fixes for postgresql release [#934](https://github.com/puppetlabs/puppetlabs-postgresql/pull/934) ([jbondpdx](https://github.com/jbondpdx)) +- add parameter "version" to postgresql::server::extension - fix dependency on database [#932](https://github.com/puppetlabs/puppetlabs-postgresql/pull/932) ([georgehansper](https://github.com/georgehansper)) -##2013-10-09 - Version 3.0.0-rc2 +## [5.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.2.0) - 2017-10-09 -###Summary +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.1.0...5.2.0) -A few bugfixes have been found since -rc1. +### Added -####Fixes -- Special case for $datadir on Amazon -- Fix documentation about username/password for the postgresql_hash function +- add parameter "version" to postgresql::server::extension to update the extension version [#896](https://github.com/puppetlabs/puppetlabs-postgresql/pull/896) ([georgehansper](https://github.com/georgehansper)) +### Fixed -##2013-10-01 - Version 3.0.0-rc1 +- (PUP-8008) monkey patch spec_helper_acceptance [#925](https://github.com/puppetlabs/puppetlabs-postgresql/pull/925) ([eputnam](https://github.com/eputnam)) +- (PUP-8008) monkey patch spec_helper_acceptance [#924](https://github.com/puppetlabs/puppetlabs-postgresql/pull/924) ([eputnam](https://github.com/eputnam)) +- enhance --data-checksums on initdb [#915](https://github.com/puppetlabs/puppetlabs-postgresql/pull/915) ([mmoll](https://github.com/mmoll)) +- MODULES-5378 fix the change in error message [#909](https://github.com/puppetlabs/puppetlabs-postgresql/pull/909) ([tphoney](https://github.com/tphoney)) +- MODULES-5378 fix error message checking in test [#908](https://github.com/puppetlabs/puppetlabs-postgresql/pull/908) ([tphoney](https://github.com/tphoney)) +- Default contcat order [#900](https://github.com/puppetlabs/puppetlabs-postgresql/pull/900) ([matonb](https://github.com/matonb)) -###Summary +## [5.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.1.0) - 2017-07-17 -Version 3 was a major rewrite to fix some internal dependency issues, and to -make the new Public API more clear. As a consequence a lot of things have -changed for version 3 and older revisions that we will try to outline here. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.0.0...5.1.0) -(NOTE: The format of this CHANGELOG differs to normal in an attempt to -explain the scope of changes) +### Added -* Server specific objects now moved under `postgresql::server::` namespace: +- add defined type postgresql::server::reassign_owned_by [#894](https://github.com/puppetlabs/puppetlabs-postgresql/pull/894) ([georgehansper](https://github.com/georgehansper)) +- add data_checksums option to initdb [#878](https://github.com/puppetlabs/puppetlabs-postgresql/pull/878) ([tjikkun](https://github.com/tjikkun)) -To restructure server specific elements under the `postgresql::server::` -namespaces the following objects were renamed as such: +## [5.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/5.0.0) - 2017-06-21 -`postgresql::database` -> `postgresql::server::database` -`postgresql::database_grant` -> `postgresql::server::database_grant` -`postgresql::db` -> `postgresql::server::db` -`postgresql::grant` -> `postgresql::server::grant` -`postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` -`postgresql::plperl` -> `postgresql::server::plperl` -`postgresql::contrib` -> `postgresql::server::contrib` -`postgresql::role` -> `postgresql::server::role` -`postgresql::table_grant` -> `postgresql::server::table_grant` -`postgresql::tablespace` -> `postgresql::server::tablespace` +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.9.0...5.0.0) -* New `postgresql::server::config_entry` resource for managing configuration: +### Added -Previously we used the `file_line` resource to modify `postgresql.conf`. This -new revision now adds a new resource named `postgresql::server::config_entry` -for managing this file. For example: +- (MODULES-1394) replace validate_db_connection type with custom type [#879](https://github.com/puppetlabs/puppetlabs-postgresql/pull/879) ([eputnam](https://github.com/eputnam)) +- [msync] 786266 Implement puppet-module-gems, a45803 Remove metadata.json from locales config [#860](https://github.com/puppetlabs/puppetlabs-postgresql/pull/860) ([wilson208](https://github.com/wilson208)) +- (FM-6116) - Adding POT file for metadata.json [#857](https://github.com/puppetlabs/puppetlabs-postgresql/pull/857) ([pmcmaw](https://github.com/pmcmaw)) +- Allowo to disable managing passwords for users [#846](https://github.com/puppetlabs/puppetlabs-postgresql/pull/846) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) -```puppet - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } -``` +### Changed +- Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) +- Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) -If you were using `file_line` for this purpose, you should change to this new -methodology. +### Fixed -* `postgresql_puppet_extras.conf` has been removed: +- (maint) fix for connection validator [#882](https://github.com/puppetlabs/puppetlabs-postgresql/pull/882) ([eputnam](https://github.com/eputnam)) +- (MODULES-5050) Fix for grant_schema_spec [#881](https://github.com/puppetlabs/puppetlabs-postgresql/pull/881) ([eputnam](https://github.com/eputnam)) +- [MODULES-4598] Revert "Revert "fix default params for SUSE family OSes"" [#863](https://github.com/puppetlabs/puppetlabs-postgresql/pull/863) ([mmoll](https://github.com/mmoll)) +- [MODULES-4598] Revert "fix default params for SUSE family OSes" [#858](https://github.com/puppetlabs/puppetlabs-postgresql/pull/858) ([wilson208](https://github.com/wilson208)) -Now that we have a methodology for managing `postgresql.conf`, and due to -concerns over the file management methodology using an `exec { 'touch ...': }` -as a way to create an empty file the existing postgresql\_puppet\_extras.conf -file is no longer managed by this module. +## [4.9.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.9.0) - 2017-03-09 -If you wish to recreate this methodology yourself, use this pattern: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.8.0...4.9.0) -```puppet - class { 'postgresql::server': } +### Added - $extras = "/tmp/include.conf" +- (MODULES-1508) add support for unix_socket_directories [#845](https://github.com/puppetlabs/puppetlabs-postgresql/pull/845) ([eputnam](https://github.com/eputnam)) +- (MODULES-1127) allow LANGUAGE as valid object_type [#838](https://github.com/puppetlabs/puppetlabs-postgresql/pull/838) ([eputnam](https://github.com/eputnam)) +- Support granting SELECT and UPDATE permission on sequences (MODULES-4158) [#823](https://github.com/puppetlabs/puppetlabs-postgresql/pull/823) ([chris-reeves](https://github.com/chris-reeves)) - file { $extras: - content => 'max_connections = 123', - notify => Class['postgresql::server::service'], - }-> - postgresql::server::config_entry { 'include': - value => $extras, - } -``` +### Fixed -* All uses of the parameter `charset` changed to `encoding`: +- (MODULES-1707) add logic to params.pp for jdbc driver package on Debian [#847](https://github.com/puppetlabs/puppetlabs-postgresql/pull/847) ([eputnam](https://github.com/eputnam)) +- (maint) Schemas for a db should come after db [#840](https://github.com/puppetlabs/puppetlabs-postgresql/pull/840) ([hunner](https://github.com/hunner)) +- Fix typo: hostnosssl [#837](https://github.com/puppetlabs/puppetlabs-postgresql/pull/837) ([df7cb](https://github.com/df7cb)) +- Fix SQL style on role.pp [#794](https://github.com/puppetlabs/puppetlabs-postgresql/pull/794) ([hasegeli](https://github.com/hasegeli)) +- (#3858) Fix unless check in grant_role to work with roles as well as users [#788](https://github.com/puppetlabs/puppetlabs-postgresql/pull/788) ([thunderkeys](https://github.com/thunderkeys)) -Since PostgreSQL uses the terminology `encoding` not `charset` the parameter -has been made consisent across all classes and resources. +## [4.8.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.8.0) - 2016-07-26 -* The `postgresql` base class is no longer how you set globals: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.1...4.8.0) -The old global override pattern was less then optimal so it has been fixed, -however we decided to demark this properly by specifying these overrides in -the class `postgresql::global`. Consult the documentation for this class now -to see what options are available. +## [4.7.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.1) - 2016-02-18 -Also, some parameter elements have been moved between this and the -`postgresql::server` class where it made sense. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.7.0...4.7.1) -* `config_hash` parameter collapsed for the `postgresql::server` class: +### Fixed -Because the `config_hash` was really passing data through to what was in -effect an internal class (`postgresql::config`). And since we don't want this -kind of internal exposure the parameters were collapsed up into the -`postgresql::server` class directly. +- Add missing onlyif_function to sequence grant code [#738](https://github.com/puppetlabs/puppetlabs-postgresql/pull/738) ([cfrantsen](https://github.com/cfrantsen)) +- Correctly set $service_provider [#735](https://github.com/puppetlabs/puppetlabs-postgresql/pull/735) ([antaflos](https://github.com/antaflos)) -* Lots of changes to 'private' or 'undocumented' classes: +## [4.7.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.7.0) - 2016-02-02 -If you were using these before, these have changed names. You should only use -what is documented in this README.md, and if you don't have what you need you -should raise a patch to add that feature to a public API. All internal classes -now have a comment at the top indicating them as private to make sure the -message is clear that they are not supported as Public API. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.1...4.7.0) -* `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: +### Added -The defaults should be good enough for most cases (if not raise a bug) but if -you simply need an escape hatch, this setting will turn off the defaults. If -you want to do this, it may affect the rest of the module so make sure you -replace the rules with something that continues operation. +- (MODULES-2960) Allow float postgresql_conf values [#721](https://github.com/puppetlabs/puppetlabs-postgresql/pull/721) ([hunner](https://github.com/hunner)) -* `postgresql::database_user` has now been removed: +## [4.6.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.1) - 2015-12-04 -Use `postgresql::server::role` instead. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.6.0...4.6.1) -* `postgresql::psql` resource has now been removed: +## [4.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.6.0) - 2015-09-01 -Use `postgresql_psql` instead. In the future we may recreate this as a wrapper -to add extra capability, but it will not match the old behaviour. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.5.0...4.6.0) -* `postgresql_default_version` fact has now been removed: +### Fixed -It didn't make sense to have this logic in a fact any more, the logic has been -moved into `postgresql::params`. +- Fix postgis default package name on RedHat [#674](https://github.com/puppetlabs/puppetlabs-postgresql/pull/674) ([ckaenzig](https://github.com/ckaenzig)) -* `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: +## [4.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.5.0) - 2015-07-28 -The older concat module is now deprecated and moved into the -`puppetlabs/concat` namespace. Functionality is more or less identical, but -you may need to intervene during the installing of this package - as both use -the same `concat` namespace. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.2...4.5.0) ---- -##2013-09-09 Release 2.5.0 +## [4.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.2) - 2015-07-08 -###Summary +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.1...4.4.2) -The focus of this release is primarily to capture the fixes done to the -types and providers to make sure refreshonly works properly and to set -the stage for the large scale refactoring work of 3.0.0. +### Added -####Features +- (#2056) Added 9.4, corrected past versions based on docs [#625](https://github.com/puppetlabs/puppetlabs-postgresql/pull/625) ([cjestel](https://github.com/cjestel)) +### Fixed -####Bugfixes -- Use boolean for refreshonly. -- Fix postgresql::plperl documentation. -- Add two missing parameters to config::beforeservice -- Style fixes +- (MODULES-2185) Fix `withenv` execution under Puppet 2.7 [#664](https://github.com/puppetlabs/puppetlabs-postgresql/pull/664) ([domcleal](https://github.com/domcleal)) +## [4.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.1) - 2015-07-01 -##2013-08-01 Release 2.4.1 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.4.0...4.4.1) -###Summary +### Fixed -This minor bugfix release solves an idempotency issue when using plain text -passwords for the password_hash parameter for the postgresql::role defined -type. Without this, users would continually see resource changes everytime -your run Puppet. +- (MODULES-2181) Fix variable scope for systemd-override [#659](https://github.com/puppetlabs/puppetlabs-postgresql/pull/659) ([kbarber](https://github.com/kbarber)) -####Bugfixes -- Alter role call not idempotent with cleartext passwords (Ken Barber) +## [4.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.4.0) - 2015-06-30 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.3.0...4.4.0) -##2013-07-19 Release 2.4.0 +### Added -###Summary +- (MODULES-1761) Provide defined resource for managing recovery.conf [#603](https://github.com/puppetlabs/puppetlabs-postgresql/pull/603) ([dacrome](https://github.com/dacrome)) -This updates adds the ability to change permissions on tables, create template -databases from normal databases, manage PL-Perl's postgres package, and -disable the management of `pg_hba.conf`. +### Fixed -####Features -- Add `postgresql::table_grant` defined resource -- Add `postgresql::plperl` class -- Add `manage_pg_hba_conf` parameter to the `postgresql::config` class -- Add `istemplate` parameter to the `postgresql::database` define +- (FM-2931) fixes logic problem with onlyif type param validation. [#654](https://github.com/puppetlabs/puppetlabs-postgresql/pull/654) ([bmjen](https://github.com/bmjen)) +- Fixed systemd override for manage_repo package versions [#639](https://github.com/puppetlabs/puppetlabs-postgresql/pull/639) ([cdenneen](https://github.com/cdenneen)) +- Apt fix [#618](https://github.com/puppetlabs/puppetlabs-postgresql/pull/618) ([tphoney](https://github.com/tphoney)) +- Fix URLs in metadata.json [#599](https://github.com/puppetlabs/puppetlabs-postgresql/pull/599) ([raphink](https://github.com/raphink)) -####Bugfixes -- Update `postgresql::role` class to be able to update roles when modified -instead of only on creation. -- Update tests -- Fix documentation of `postgresql::database_grant` +## [4.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.3.0) - 2015-03-25 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.2.0...4.3.0) -##2.3.0 +## [4.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.2.0) - 2015-03-10 -This feature release includes the following changes: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.1.0...4.2.0) -* Add a new parameter `owner` to the `database` type. This can be used to - grant ownership of a new database to a specific user. (Bruno Harbulot) -* Add support for operating systems other than Debian/RedHat, as long as the - user supplies custom values for all of the required paths, package names, etc. - (Chris Price) -* Improved integration testing (Ken Barber) +### Fixed +- Fix comment detection [#559](https://github.com/puppetlabs/puppetlabs-postgresql/pull/559) ([hunner](https://github.com/hunner)) +- Fix comment detection [#558](https://github.com/puppetlabs/puppetlabs-postgresql/pull/558) ([hunner](https://github.com/hunner)) -##2.2.1 +## [4.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.1.0) - 2014-11-04 -This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.0.0...4.1.0) -Users of previous versions might have seen this error: +### Fixed - Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" +- fix future parser error [#504](https://github.com/puppetlabs/puppetlabs-postgresql/pull/504) ([steeef](https://github.com/steeef)) -This patch should correct that. +## [4.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/4.0.0) - 2014-09-10 -#### Detail Changes +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.2...4.0.0) -* Set /tmp as default CWD for postgresql_psql +### Fixed +- Fixes the accidental erasing of pg_ident.conf [#464](https://github.com/puppetlabs/puppetlabs-postgresql/pull/464) ([txaj](https://github.com/txaj)) -##2.2.0 +## [3.4.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.2) - 2014-08-06 -This feature release introduces a number of new features and bug fixes. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.1...3.4.2) -First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. +## [3.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.1) - 2014-07-21 - class { 'postgresql::python': - } +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.4.0...3.4.1) -You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). +## [3.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.4.0) - 2014-07-09 -We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.3...3.4.0) -This release in particular has largely been contributed by the community members below, a big thanks to one and all. +### Added -#### Detailed Changes +- postgis support [#280](https://github.com/puppetlabs/puppetlabs-postgresql/pull/280) ([kitchen](https://github.com/kitchen)) -* Add support for psycopg installation (Flaper Fesp and Dan Prince) -* Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) -* Add ability to create users without a password (Bruno Harbulot) -* Three Puppet 2.6 fixes (Dominic Cleal) -* Add explicit call to concat::setup when creating concat file (Dominic Cleal) -* Fix readme typo (Jordi Boggiano) -* Update postgres_default_version for Ubuntu (Kamil Szymanski) -* Allow to set connection for noew role (Kamil Szymanski) -* Fix pg_hba_rule for postgres local access (Kamil Szymanski) -* Fix versions for travis-ci (Ken Barber) -* Add replication support (Jordi Boggiano) -* Cleaned up and added unit tests (Ken Barber) -* Generalization to provide more flexability in postgresql configuration (Karel Brezina) -* Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) -* Allow SQL commands to be run against a specific DB (Carlos Villela) -* Drop trailing comma to support Puppet 2.6 (Michael Arnold) +### Fixed +- This corrects the location of the pg_hba config file on debian oses in tests [#440](https://github.com/puppetlabs/puppetlabs-postgresql/pull/440) ([justinstoller](https://github.com/justinstoller)) +- Fix trailing }. [#436](https://github.com/puppetlabs/puppetlabs-postgresql/pull/436) ([apenney](https://github.com/apenney)) +- Fix postgresql_conf quote logic [#297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/297) ([reidmv](https://github.com/reidmv)) -##2.1.1 +## [3.3.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.3) - 2014-03-06 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.2...3.3.3) -This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: +## [3.3.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.2) - 2014-03-03 - Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.1...3.3.2) -And the postgresql log entry: +## [3.3.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.1) - 2014-02-12 - FATAL: unrecognized configuration parameter "include" +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.3.0...3.3.1) -This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. +## [3.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.3.0) - 2014-01-28 -#### Detailed Changes +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.2.0...3.3.0) -2013-01-21 - Ken Barber -* Only install `include` directive and included file on PostgreSQL >= 8.2 -* Add system tests for Centos 5 +### Added +- Add support to custom xlogdir parameter [#256](https://github.com/puppetlabs/puppetlabs-postgresql/pull/256) ([mnencia](https://github.com/mnencia)) -##2.1.0 +### Fixed -This release is primarily a feature release, introducing some new helpful constructs to the module. +- Fix typo, clearly from a copy/paste mistake [#347](https://github.com/puppetlabs/puppetlabs-postgresql/pull/347) ([mhagander](https://github.com/mhagander)) +- fix for concat error [#343](https://github.com/puppetlabs/puppetlabs-postgresql/pull/343) ([flypenguin](https://github.com/flypenguin)) +- Fix NOREPLICATION option for Postgres 9.1 [#333](https://github.com/puppetlabs/puppetlabs-postgresql/pull/333) ([brandonwamboldt](https://github.com/brandonwamboldt)) +- Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf [#324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/324) ([aadamovich](https://github.com/aadamovich)) +- Fix table_grant_spec to show a bug [#310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/310) ([mcanevet](https://github.com/mcanevet)) -For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. +## [3.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.2.0) - 2013-11-05 -We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.1.0...3.2.0) - postgresql::tablespace { 'dbspace': - location => '/srv/dbspace', - } +## [3.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.1.0) - 2013-10-25 -We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0...3.1.0) - postgresql::db { 'mydatabase': - user => 'myuser', - password => 'mypassword', - encoding => 'UTF8', - locale => 'en_NG', - } +### Fixed -There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: +- (GH-198) Fix race condition on startup [#292](https://github.com/puppetlabs/puppetlabs-postgresql/pull/292) ([kbarber](https://github.com/kbarber)) - class { 'postgresql::java': } +## [3.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0) - 2013-10-16 -And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc3...3.0.0) - postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - } +## [3.0.0-rc3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc3) - 2013-10-16 -Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc2...3.0.0-rc3) -A big thanks to all those listed below who made this feature release possible :-). +## [3.0.0-rc2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc2) - 2013-10-09 -#### Detailed Changes +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/3.0.0-rc1...3.0.0-rc2) -2013-01-18 - Simão Fontes & Flaper Fesp -* Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility +## [3.0.0-rc1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/3.0.0-rc1) - 2013-10-02 -2013-01-18 - Lauren Rother -* Updated README.md to conform with best practices template +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.5.0...3.0.0-rc1) -2013-01-09 - Adrien Thebo -* Update postgresql_default_version to 9.1 for Debian 7.0 +### Fixed -2013-01-28 - Karel Brezina -* Add support for tablespaces +- Fixing small typos [#248](https://github.com/puppetlabs/puppetlabs-postgresql/pull/248) ([ggeldenhuis](https://github.com/ggeldenhuis)) -2013-01-16 - Chris Price & Karel Brezina -* Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. +## [2.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.5.0) - 2013-09-09 -2013-01-31 - jv -* Fix typo in README.pp for postgresql::db example +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.1...2.5.0) -2013-02-03 - Ken Barber -* Add unit tests and travis-ci support +## [2.4.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.1) - 2013-08-01 -2013-02-02 - Ken Barber -* Add locale parameter support to the 'postgresql' class +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.4.0...2.4.1) -2013-01-21 - Michael Arnold -* Add a class for install the packages containing the PostgreSQL JDBC jar +### Fixed -2013-02-06 - fhrbek -* Coding style fixes to reduce warnings in puppet-lint and Geppetto +- (GH-216) Alter role call not idempotent with cleartext passwords [#225](https://github.com/puppetlabs/puppetlabs-postgresql/pull/225) ([kbarber](https://github.com/kbarber)) -2013-02-10 - Ken Barber -* Provide new defined resource for managing pg_hba.conf +## [2.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.4.0) - 2013-08-01 -2013-02-11 - Ken Barber -* Fix bug with reload of Postgresql on Redhat/Centos +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.3.0...2.4.0) -2013-02-15 - Erik Dalén -* Fix more style issues to reduce warnings in puppet-lint and Geppetto +## [2.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.3.0) - 2013-06-06 -2013-02-15 - Erik Dalén -* Fix case whereby we were modifying a hash after creation +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.1...2.3.0) +## [2.2.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.1) - 2013-04-29 -##2.0.1 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.2.0...2.2.1) -Minor bugfix release. +## [2.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.2.0) - 2013-04-26 -2013-01-16 - Chris Price - * Fix revoke command in database.pp to support postgres 8.1 (43ded42) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.1...2.2.0) -2013-01-15 - Jordi Boggiano - * Add support for ubuntu 12.10 status (3504405) +## [2.1.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.1) - 2013-02-22 -##2.0.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.1.0...2.1.1) -Many thanks to the following people who contributed patches to this -release: +## [2.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.1.0) - 2013-02-20 -* Adrien Thebo -* Albert Koch -* Andreas Ntaflos -* Brett Porter -* Chris Price -* dharwood -* Etienne Pelletier -* Florin Broasca -* Henrik -* Hunter Haugen -* Jari Bakken -* Jordi Boggiano -* Ken Barber -* nzakaria -* Richard Arends -* Spenser Gilliland -* stormcrow -* William Van Hevelingen +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.1...2.1.0) -Notable features: +## [2.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.1) - 2013-01-30 - * Add support for versions of postgres other than the system default version - (which varies depending on OS distro). This includes optional support for - automatically managing the package repo for the "official" postgres yum/apt - repos. (Major thanks to Etienne Pelletier and - Ken Barber for their tireless efforts and patience on this - feature set!) For example usage see `tests/official-postgresql-repos.pp`. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/2.0.0...2.0.1) - * Add some support for Debian Wheezy and Ubuntu Quantal +## [2.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/2.0.0) - 2013-01-15 - * Add new `postgres_psql` type with a Ruby provider, to replace the old - exec-based `psql` type. This gives us much more flexibility around - executing SQL statements and controlling their logging / reports output. +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/1.0.0...2.0.0) - * Major refactor of the "spec" tests--which are actually more like - acceptance tests. We now support testing against multiple OS distros - via vagrant, and the framework is in place to allow us to very easily add - more distros. Currently testing against Cent6 and Ubuntu 10.04. +### Added - * Fixed a bug that was preventing multiple databases from being owned by the - same user - (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) +- Defining ACLs in pg_hba.conf [#20](https://github.com/puppetlabs/puppetlabs-postgresql/pull/20) ([dharwood](https://github.com/dharwood)) - * Add support for ACLs for finer-grained control of user/interface access - (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) +### Fixed - * Many other bug fixes and improvements! +- Syntax Error [#55](https://github.com/puppetlabs/puppetlabs-postgresql/pull/55) ([Spenser309](https://github.com/Spenser309)) ---- -##1.0.0 +## [1.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/1.0.0) - 2012-10-24 -2012-09-17 - Version 0.3.0 released +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.3.0...1.0.0) -2012-09-14 - Chris Price - * Add a type for validating a postgres connection (ce4a049) +## [release-0.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.3.0) - 2012-09-17 -2012-08-25 - Jari Bakken - * Remove trailing commas. (e6af5e5) +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.2.0...release-0.3.0) -2012-08-16 - Version 0.2.0 released +## [release-0.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.2.0) - 2012-08-16 -[5.4.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.3.0...5.4.0 -[5.3.0]:https://github.com/puppetlabs/puppetlabs-apache/compare/5.2.1...5.3.0 +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/release-0.0.1...release-0.2.0) +## [release-0.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/release-0.0.1) - 2012-05-02 -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/01c9cbeb7c3bd5c7bd067c5d7438df7d34027fbc...release-0.0.1) diff --git a/metadata.json b/metadata.json index 9617b8ba2a..e8ed15ea09 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.0.3", + "version": "9.1.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 82aa753430129f8aa2212fb04114b6656e6a48c0 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Thu, 15 Jun 2023 17:13:34 +0530 Subject: [PATCH 0840/1000] (CONT-990) - Community Pull Requests template --- .github/pull_request_template.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000000..e3a97007e3 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,15 @@ +## Summary +Provide a detailed description of all the changes present in this pull request. + +## Additional Context +Add any additional context about the problem here. +- [ ] Root cause and the steps to reproduce. (If applicable) +- [ ] Thought process behind the implementation. + +## Related Issues (if any) +Mention any related issues or pull requests. + +## Checklist +- [ ] 🟢 Spec tests. +- [ ] 🟢 Acceptance tests. +- [ ] Manually verified. (For example `puppet apply`) \ No newline at end of file From 2e294c7f4806166e35ed08dd4f47b5b479030407 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Thu, 15 Jun 2023 17:19:37 +0100 Subject: [PATCH 0841/1000] (CONT-347) - address CI failures --- spec/acceptance/db_spec.rb | 4 ++++ spec/acceptance/default_parameters_spec.rb | 4 ++++ spec/acceptance/overridden_settings_spec.rb | 4 ++++ spec/acceptance/server/config_entry_spec.rb | 4 ++++ 4 files changed, 16 insertions(+) diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index e3d5549b28..51fe5825af 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -3,6 +3,10 @@ require 'spec_helper_acceptance' describe 'postgresql::server::db' do + before(:all) do + LitmusHelper.instance.run_shell("cd /tmp; su 'postgres' -c 'pg_ctl stop -D /var/lib/pgsql/data/ -m fast'", acceptable_exit_codes: [0, 1]) unless os[:family].match?(%r{debian|ubuntu}) + end + it 'creates a database' do tmpdir = run_shell('mktemp').stdout pp = <<-MANIFEST diff --git a/spec/acceptance/default_parameters_spec.rb b/spec/acceptance/default_parameters_spec.rb index c69a3c6dd2..41eb6c9774 100644 --- a/spec/acceptance/default_parameters_spec.rb +++ b/spec/acceptance/default_parameters_spec.rb @@ -5,6 +5,10 @@ # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server' do + before(:all) do + LitmusHelper.instance.run_shell("cd /tmp; su 'postgres' -c 'pg_ctl stop -D /var/lib/pgsql/data/ -m fast'", acceptable_exit_codes: [0, 1]) unless os[:family].match?(%r{debian|ubuntu}) + end + it 'with defaults' do pp = <<-MANIFEST class { 'postgresql::server': } diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index bec2f6908d..74695a49e2 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -5,6 +5,10 @@ # These tests are designed to ensure that the module, when ran overrides, # sets up everything correctly and allows us to connect to Postgres. describe 'postgresql::server' do + before(:all) do + LitmusHelper.instance.run_shell("cd /tmp; su 'postgres' -c 'pg_ctl stop -D /var/lib/pgsql/data/ -m fast'", acceptable_exit_codes: [0, 1]) unless os[:family].match?(%r{debian|ubuntu}) + end + let(:pp) do <<-MANIFEST class { 'postgresql::server': diff --git a/spec/acceptance/server/config_entry_spec.rb b/spec/acceptance/server/config_entry_spec.rb index 20c14ef627..de034c01a2 100644 --- a/spec/acceptance/server/config_entry_spec.rb +++ b/spec/acceptance/server/config_entry_spec.rb @@ -3,6 +3,10 @@ require 'spec_helper_acceptance' describe 'postgresql::server::config_entry' do + before(:all) do + LitmusHelper.instance.run_shell("cd /tmp; su 'postgres' -c 'pg_ctl stop -D /var/lib/pgsql/data/ -m fast'", acceptable_exit_codes: [0, 1]) unless os[:family].match?(%r{debian|ubuntu}) + end + context 'unix_socket_directories' do let(:pp_test) do <<-MANIFEST From a6a79a8bbc6325bf910336de70e2d836d98c20fa Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 21 Jun 2023 11:08:23 +0200 Subject: [PATCH 0842/1000] puppet/systemd: Allow 5.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e8ed15ea09..e8e94aeeea 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 5.0.0" + "version_requirement": ">= 4.0.1 < 6.0.0" }, { "name": "puppetlabs/concat", From 8a64280d87794ea75960ee0d39ce1d5f67af4110 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 21 Jun 2023 11:08:42 +0200 Subject: [PATCH 0843/1000] puppetlabs/concat: Allow 9.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e8e94aeeea..aae032a220 100644 --- a/metadata.json +++ b/metadata.json @@ -22,7 +22,7 @@ }, { "name": "puppetlabs/concat", - "version_requirement": ">= 4.1.0 < 9.0.0" + "version_requirement": ">= 4.1.0 < 10.0.0" } ], "operatingsystem_support": [ From e142268e9aa9f802a861d42bed2f7039bb8d6295 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 21 Jun 2023 13:08:39 +0200 Subject: [PATCH 0844/1000] puppetlabs/stdlib: Require 9.x --- manifests/backup/pg_dump.pp | 6 +++--- manifests/server/extension.pp | 2 +- manifests/server/instance/config.pp | 2 +- manifests/server/instance/passwd.pp | 4 ++-- metadata.json | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index eb4e3b4975..ff99779fb5 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -68,13 +68,13 @@ ) { # Install required packages if $package_name { - ensure_packages($package_name) + stdlib::ensure_packages($package_name) } if $install_cron { if $facts['os']['family'] == 'RedHat' { - ensure_packages('cronie') + stdlib::ensure_packages('cronie') } elsif $facts['os']['family'] != 'FreeBSD' { - ensure_packages('cron') + stdlib::ensure_packages('cron') } } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index aa83f708f5..c8b62985f6 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -129,7 +129,7 @@ default => $package_ensure, } - ensure_packages($package_name, { + stdlib::ensure_packages($package_name, { ensure => $_package_ensure, tag => 'puppetlabs-postgresql', }) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index d9e1cd94b5..f2f8639e54 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -175,7 +175,7 @@ } } - ensure_packages([$package_name]) + stdlib::ensure_packages([$package_name]) $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 89c9a53250..a397beda54 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -27,7 +27,7 @@ # psql will default to connecting as $user if you don't specify name $_datbase_user_same = $database == $user $_dboption = $_datbase_user_same ? { - false => " --dbname ${shell_escape($database)}", + false => " --dbname ${stdlib::shell_escape($database)}", default => '' } @@ -37,7 +37,7 @@ # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. $escaped = postgresql::postgresql_escape($real_postgres_password) - $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars + $exec_command = "${stdlib::shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${stdlib::shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user diff --git a/metadata.json b/metadata.json index aae032a220..2443217f39 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 5.2.0 < 10.0.0" + "version_requirement": ">= 9.0.0 < 10.0.0" }, { "name": "puppetlabs/apt", From 1854bf51e8946f81438ca6093f7b49f8b10572b0 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Fri, 30 Jun 2023 10:19:43 +0530 Subject: [PATCH 0845/1000] (CONT-1180) - Fixing build failures caused by SUSE 15 SP4 --- spec/spec_helper_acceptance_local.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index d6ef2bf3f6..d679c71ecd 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -46,6 +46,12 @@ def install_dependencies # needed for netstat, for serverspec checks if $facts['os']['family'] in ['SLES', 'SUSE'] { + exec { 'Enable legacy repos': + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + command => 'SUSEConnect --product sle-module-legacy/15.4/x86_64', + unless => 'SUSEConnect --status-text | grep sle-module-legacy/15.4/x86_64', + } + package { 'net-tools-deprecated': ensure => 'latest', } From fa9a21c4d41f728ba48a73ea6cb3a8218ef47d58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Mon, 27 Mar 2023 07:01:06 -1000 Subject: [PATCH 0846/1000] Fix default value for $service_status on ArchLinux The value can be overriden from `postgresql::globals`, but if no override is provided by the user, the module should use a valid default. ArchLinux use systemd, so use the relevant `systemctl` command. Fixes #1408 --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index ebbfd035de..fede3f0ce3 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -135,7 +135,7 @@ $confdir = pick($confdir, $datadir) $psql_path = pick($psql_path, "${bindir}/psql") - $service_status = $service_status + $service_status = pick($service_status, "systemctl status ${service_name}") $service_reload = "systemctl reload ${service_name}" $python_package_name = pick($python_package_name, 'python-psycopg2') # Archlinux does not have a perl::DBD::Pg package From 28db91cd9adbef90dac39aa3a5dd0d7b431c0dd2 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Tue, 27 Jun 2023 14:30:19 +0200 Subject: [PATCH 0847/1000] added parameters to initdb postgresql::server::instance::initdb define: * auth_host * auth_local * lc_messages * username postgresql::server::initdb class: * auth_host * auth_local * lc_messages * username postgresql::server class: * auth_host * auth_local * lc_messages * username refactoring postgresql::server::instance::initdb define: * unnecessary conditions * remove brackets from if conditions * parameter checking and initdb command concatination --- manifests/server.pp | 8 +++ manifests/server/initdb.pp | 4 ++ manifests/server/instance/initdb.pp | 85 +++++++++++++++++++---------- 3 files changed, 68 insertions(+), 29 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 582049c720..915a001883 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -87,6 +87,10 @@ # @param version Deprecated. Use postgresql::globals instead. Sets PostgreSQL version # # @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string +# @param auth_host auth method used by default for host authorization +# @param auth_local auth method used by default for local authorization +# @param lc_messages locale used for logging and system messages +# @param username username of user running the postgres instance # class postgresql::server ( Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = undef, @@ -136,9 +140,13 @@ Boolean $needs_initdb = $postgresql::params::needs_initdb, + Optional[String[1]] $auth_host = undef, + Optional[String[1]] $auth_local = undef, Optional[String[1]] $encoding = $postgresql::params::encoding, Optional[String[1]] $locale = $postgresql::params::locale, + Optional[String[1]] $lc_messages = undef, Optional[Boolean] $data_checksums = $postgresql::params::data_checksums, + Optional[String[1]] $username = undef, Optional[String[1]] $timezone = $postgresql::params::timezone, Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 937406d47a..0dea6f8733 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,6 +1,8 @@ # @api private class postgresql::server::initdb { postgresql::server::instance::initdb { 'main': + auth_host => $postgresql::server::auth_host, + auth_local => $postgresql::server::auth_local, needs_initdb => $postgresql::server::needs_initdb, initdb_path => $postgresql::server::initdb_path, datadir => $postgresql::server::datadir, @@ -10,10 +12,12 @@ manage_logdir => $postgresql::server::manage_logdir, manage_xlogdir => $postgresql::server::manage_xlogdir, encoding => $postgresql::server::encoding, + lc_messages => $postgresql::server::lc_messages, locale => $postgresql::server::locale, data_checksums => $postgresql::server::data_checksums, group => $postgresql::server::group, user => $postgresql::server::user, + username => $postgresql::server::username, module_workdir => $postgresql::server::module_workdir, } } diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index a67e2be1c1..6724e70154 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -17,8 +17,14 @@ # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # @param module_workdir Working directory for the PostgreSQL module +# @param auth_host auth method used by default for host authorization +# @param auth_local auth method used by default for local authorization +# @param lc_messages locale used for logging and system messages +# @param username username of user running the postgres instance # lint:endignore:140chars define postgresql::server::instance::initdb ( + Optional[String[1]] $auth_host = $postgresql::server::auth_host, + Optional[String[1]] $auth_local = $postgresql::server::auth_local, Boolean $needs_initdb = $postgresql::server::needs_initdb, Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::server::initdb_path, String[1] $datadir = $postgresql::server::datadir, @@ -28,23 +34,23 @@ Boolean $manage_logdir = $postgresql::server::manage_logdir, Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, Optional[String[1]] $locale = $postgresql::server::locale, Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, String[1] $group = $postgresql::server::group, String[1] $user = $postgresql::server::user, + Optional[String[1]] $username = $postgresql::server::username, String[1] $module_workdir = $postgresql::server::module_workdir, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' $logdir_type = 'postgresql_log_t' - } - - else { + } else { $seltype = undef $logdir_type = undef } - if($manage_datadir) { + if $manage_datadir { # Make sure the data directory exists, and has the correct permissions. file { $datadir: ensure => directory, @@ -64,8 +70,11 @@ } } - if($xlogdir) { - if($manage_xlogdir) { + if $xlogdir { + # The xlogdir need to be present before initdb runs. + # If xlogdir is default it's created by package installer + $require_before_initdb = [$datadir, $xlogdir] + if$manage_xlogdir { # Make sure the xlog directory exists, and has the correct permissions. file { $xlogdir: ensure => directory, @@ -84,10 +93,12 @@ seltype => $seltype, } } + } else { + $require_before_initdb = [$datadir] } - if($logdir) { - if($manage_logdir) { + if $logdir { + if $manage_logdir { # Make sure the log directory exists, and has the correct permissions. file { $logdir: ensure => directory, @@ -106,43 +117,59 @@ } } - if($needs_initdb) { + if $needs_initdb { # Build up the initdb command. # # We optionally add the locale switch if specified. Older versions of the # initdb command don't accept this switch. So if the user didn't pass the # parameter, lets not pass the switch at all. - $ic_base = "${initdb_path} --pgdata '${datadir}'" - $ic_xlog = $xlogdir ? { - undef => $ic_base, - default => "${ic_base} -X '${xlogdir}'" + + $auth_host_parameter = $auth_host ? { + undef => undef, + default => "--auth-host '${auth_host}'" } - # The xlogdir need to be present before initdb runs. - # If xlogdir is default it's created by package installer - if($xlogdir) { - $require_before_initdb = [$datadir, $xlogdir] - } else { - $require_before_initdb = [$datadir] + $auth_local_parameter = $auth_local ? { + undef => undef, + default => "--auth-local '${auth_local}'" + } + + $data_checksums_parameter = $data_checksums ? { + undef => undef, + false => undef, + default => '--data-checksums' } + $datadir_parameter = "--pgdata '${datadir}'" + # PostgreSQL 11 no longer allows empty encoding - $ic_encoding = $encoding ? { - undef => $ic_xlog, - default => "${ic_xlog} --encoding '${encoding}'" + $encoding_parameter = $encoding ? { + undef => undef, + default => "--encoding '${encoding}'" } - $ic_locale = $locale ? { - undef => $ic_encoding, - default => "${ic_encoding} --locale '${locale}'" + $lc_messages_parameter = $locale ? { + undef => undef, + default => "--lc-messages '${lc_messages}'" } - $initdb_command = $data_checksums ? { - undef => $ic_locale, - false => $ic_locale, - default => "${ic_locale} --data-checksums" + $locale_parameter = $locale ? { + undef => undef, + default => "--locale '${locale}'" } + $username_parameter = $username ? { + undef => undef, + default => "--username '${username}'" + } + + $xlogdir_parameter = $xlogdir ? { + undef => undef, + default => "-X '${xlogdir}'" + } + + $initdb_command = "${initdb_path} ${auth_host_parameter} ${auth_local_parameter } ${data_checksums_parameter} ${datadir_parameter} ${encoding_parameter} ${lc_messages_parameter} ${locale_parameter} ${username_parameter} ${xlogdir_parameter}" # lint:ignore:140chars + # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. exec { 'postgresql_initdb': From 557f6a308827c45d8f60c348ad738d847642e0d9 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Tue, 27 Jun 2023 15:44:06 +0200 Subject: [PATCH 0848/1000] reorder parameters --- manifests/server/initdb.pp | 18 +++++------ manifests/server/instance/initdb.pp | 46 ++++++++++++++--------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 0dea6f8733..605e9ea79e 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -3,21 +3,21 @@ postgresql::server::instance::initdb { 'main': auth_host => $postgresql::server::auth_host, auth_local => $postgresql::server::auth_local, - needs_initdb => $postgresql::server::needs_initdb, - initdb_path => $postgresql::server::initdb_path, + data_checksums => $postgresql::server::data_checksums, datadir => $postgresql::server::datadir, - xlogdir => $postgresql::server::xlogdir, + encoding => $postgresql::server::encoding, + group => $postgresql::server::group, + initdb_path => $postgresql::server::initdb_path, + lc_messages => $postgresql::server::lc_messages, + locale => $postgresql::server::locale, logdir => $postgresql::server::logdir, manage_datadir => $postgresql::server::manage_datadir, manage_logdir => $postgresql::server::manage_logdir, manage_xlogdir => $postgresql::server::manage_xlogdir, - encoding => $postgresql::server::encoding, - lc_messages => $postgresql::server::lc_messages, - locale => $postgresql::server::locale, - data_checksums => $postgresql::server::data_checksums, - group => $postgresql::server::group, + module_workdir => $postgresql::server::module_workdir, + needs_initdb => $postgresql::server::needs_initdb, user => $postgresql::server::user, username => $postgresql::server::username, - module_workdir => $postgresql::server::module_workdir, + xlogdir => $postgresql::server::xlogdir, } } diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 6724e70154..59c07067ed 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -1,46 +1,46 @@ # lint:ignore:140chars -# @param needs_initdb Explicitly calls the initdb operation after server package is installed -# and before the PostgreSQL service is started. -# @param initdb_path Specifies the path to the initdb command. +# @param auth_host auth method used by default for host authorization +# @param auth_local auth method used by default for local authorization +# @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # @param datadir PostgreSQL data directory -# @param xlogdir PostgreSQL xlog directory -# @param logdir PostgreSQL log directory -# @param manage_datadir Set to false if you have file{ $datadir: } already defined -# @param manage_logdir Set to false if you have file{ $logdir: } already defined -# @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined # @param encoding Sets the default encoding for all databases created with this module. # On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param initdb_path Specifies the path to the initdb command. +# @param lc_messages locale used for logging and system messages # @param locale Sets the default database locale for all databases created with this module. # On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. -# @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. -# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param logdir PostgreSQL log directory +# @param manage_datadir Set to false if you have file{ $datadir: } already defined +# @param manage_logdir Set to false if you have file{ $logdir: } already defined +# @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined # @param module_workdir Working directory for the PostgreSQL module -# @param auth_host auth method used by default for host authorization -# @param auth_local auth method used by default for local authorization -# @param lc_messages locale used for logging and system messages +# @param needs_initdb Explicitly calls the initdb operation after server package is installed +# and before the PostgreSQL service is started. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param username username of user running the postgres instance +# @param xlogdir PostgreSQL xlog/WAL directory # lint:endignore:140chars define postgresql::server::instance::initdb ( Optional[String[1]] $auth_host = $postgresql::server::auth_host, Optional[String[1]] $auth_local = $postgresql::server::auth_local, - Boolean $needs_initdb = $postgresql::server::needs_initdb, - Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::server::initdb_path, + Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, String[1] $datadir = $postgresql::server::datadir, - Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + String[1] $group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::server::initdb_path, + Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, + Optional[String[1]] $locale = $postgresql::server::locale, Optional[String[1]] $logdir = $postgresql::server::logdir, Boolean $manage_datadir = $postgresql::server::manage_datadir, Boolean $manage_logdir = $postgresql::server::manage_logdir, Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, - Optional[String[1]] $encoding = $postgresql::server::encoding, - Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, - Optional[String[1]] $locale = $postgresql::server::locale, - Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, - String[1] $group = $postgresql::server::group, + String[1] $module_workdir = $postgresql::server::module_workdir, + Boolean $needs_initdb = $postgresql::server::needs_initdb, String[1] $user = $postgresql::server::user, Optional[String[1]] $username = $postgresql::server::username, - String[1] $module_workdir = $postgresql::server::module_workdir, + Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' From 7d5b118df7a647f8bfa1fbd46dd9350fc6dda14e Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 28 Jun 2023 10:49:04 +0200 Subject: [PATCH 0849/1000] add squeeze to initdb command --- manifests/server/instance/initdb.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 59c07067ed..b6b0631f9c 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -168,7 +168,7 @@ default => "-X '${xlogdir}'" } - $initdb_command = "${initdb_path} ${auth_host_parameter} ${auth_local_parameter } ${data_checksums_parameter} ${datadir_parameter} ${encoding_parameter} ${lc_messages_parameter} ${locale_parameter} ${username_parameter} ${xlogdir_parameter}" # lint:ignore:140chars + $initdb_command = squeeze("${initdb_path} ${auth_host_parameter} ${auth_local_parameter} ${data_checksums_parameter} ${datadir_parameter} ${encoding_parameter} ${lc_messages_parameter} ${locale_parameter} ${username_parameter} ${xlogdir_parameter}", ' ') # lint:ignore:140chars # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. From ad3731a7954f2b8d1a87ec877f1c0ae1e1a35c1e Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 29 Jun 2023 17:27:59 +0200 Subject: [PATCH 0850/1000] implement key parameter for config_entry defined resource * postgres instances require unique resource titles --- manifests/server/config_entry.pp | 9 ++++++--- manifests/server/instance/config.pp | 22 ++++++++++++++-------- spec/classes/server/config_spec.rb | 8 ++++---- spec/classes/server_spec.rb | 6 ++++-- 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index b9650afa96..1849695621 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -1,11 +1,13 @@ # @summary Manage a postgresql.conf entry. # # @param ensure Removes an entry if set to 'absent'. +# @param key Defines the key/name for the setting. Defaults to $name # @param value Defines the value for the setting. # @param path Path for postgresql.conf # define postgresql::server::config_entry ( Enum['present', 'absent'] $ensure = 'present', + String[1] $key = $name, Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, Variant[Boolean, String[1]] $path = false ) { @@ -70,9 +72,9 @@ 'max_pred_locks_per_transaction' => undef, } - if ! ($name in $requires_restart_until and ( - ! $requires_restart_until[$name] or - versioncmp($postgresql::server::_version, $requires_restart_until[$name]) < 0 + if ! ($key in $requires_restart_until and ( + ! $requires_restart_until[$key] or + versioncmp($postgresql::server::_version, $requires_restart_until[$key]) < 0 )) { Postgresql_conf { notify => Class['postgresql::server::reload'], @@ -90,6 +92,7 @@ postgresql_conf { $name: ensure => $ensure, target => $target, + name => $key, value => $value, require => Class['postgresql::server::initdb'], } diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index f2f8639e54..c8b17c356e 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -149,7 +149,8 @@ } if $listen_addresses { - postgresql::server::config_entry { 'listen_addresses': + postgresql::server::config_entry { "listen_addresses_for_instance_${name}": + key => 'listen_addresses', value => $listen_addresses, } } @@ -182,37 +183,42 @@ exec { "/usr/sbin/semanage port -a -t postgresql_port_t -p tcp ${port}": command => $exec_command, unless => $exec_unless, - before => Postgresql::Server::Config_entry['port'], + before => Postgresql::Server::Config_entry["port_for_instance_${name}"], require => Package[$package_name], } } - postgresql::server::config_entry { 'port': + postgresql::server::config_entry { "port_for_instance_${name}": + key => 'port', value => $port, } if ($password_encryption) and (versioncmp($version, '10') >= 0) { - postgresql::server::config_entry { 'password_encryption': + postgresql::server::config_entry { "password_encryption_for_instance_${name}": + key => 'password_encryption', value => $password_encryption, } } - postgresql::server::config_entry { 'data_directory': + postgresql::server::config_entry { "data_directory_for_instance_${name}": + key => 'data_directory', value => $datadir, } if $timezone { - postgresql::server::config_entry { 'timezone': + postgresql::server::config_entry { "timezone_for_instance_${name}": + key => 'timezone', value => $timezone, } } if $logdir { - postgresql::server::config_entry { 'log_directory': + postgresql::server::config_entry { "log_directory for instance ${name}": value => $logdir, } } # Allow timestamps in log by default if $log_line_prefix { - postgresql::server::config_entry { 'log_line_prefix': + postgresql::server::config_entry { "log_line_prefix_for_instance_${name}": + key => 'log_line_prefix', value => $log_line_prefix, } } diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 6b591f123e..8242e76e07 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -15,7 +15,7 @@ expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') - .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_comes_before('Postgresql::Server::Config_entry[port_for_instance_main]') .that_requires('Package[policycoreutils-python]') end @@ -60,7 +60,7 @@ class { 'postgresql::server': } expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') - .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_comes_before('Postgresql::Server::Config_entry[port_for_instance_main]') .that_requires('Package[policycoreutils-python-utils]') end @@ -105,7 +105,7 @@ class { 'postgresql::server': } expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') - .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_comes_before('Postgresql::Server::Config_entry[port_for_instance_main]') .that_requires('Package[policycoreutils-python-utils]') end @@ -150,7 +150,7 @@ class { 'postgresql::server': } expect(subject).to contain_exec('/usr/sbin/semanage port -a -t postgresql_port_t -p tcp 5432') .with(unless: '/usr/sbin/semanage port -l | grep -qw 5432') - .that_comes_before('Postgresql::Server::Config_entry[port]') + .that_comes_before('Postgresql::Server::Config_entry[port_for_instance_main]') .that_requires('Package[policycoreutils]') end end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 865c967fc4..338fb2ad24 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -114,7 +114,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - expect(subject).not_to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + expect(subject).not_to contain_Postgresql_conf('data_directory_for_instance_main').that_notifies('Class[postgresql::server::service]') } it 'validates connection' do @@ -129,9 +129,11 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - expect(subject).to contain_Postgresql_conf('data_directory').that_notifies('Class[postgresql::server::service]') + expect(subject).to contain_Postgresql_conf('data_directory_for_instance_main').that_notifies('Class[postgresql::server::service]') } + it { is_expected.to contain_postgresql__server__config_entry('data_directory_for_instance_main') } + it 'validates connection' do expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') end From 6ec0f1dfeee76bc71094a96bed78485bd97b1e1b Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 3 Jul 2023 15:32:21 +0200 Subject: [PATCH 0851/1000] unique anchors for postgres_instances --- manifests/server/instance/late_initdb.pp | 2 +- manifests/server/instance/service.pp | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 61c3f38520..71652fe293 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -38,6 +38,6 @@ WHERE datname = 'template1'", unless => "SELECT datname FROM pg_database WHERE datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", - before => Anchor['postgresql::server::service::end'], + before => Anchor["postgresql::server::service::end::${name}"], } } diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 2f19d2e392..27cff330e0 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -25,7 +25,7 @@ Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - anchor { 'postgresql::server::service::begin': } + anchor { "postgresql::server::service::begin::${name}": } if $service_manage { service { 'postgresqld': @@ -52,11 +52,11 @@ tries => 60, psql_path => $psql_path, require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'], + before => Anchor["postgresql::server::service::end::${name}"], } Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] } } - anchor { 'postgresql::server::service::end': } + anchor { "postgresql::server::service::end::${name}": } } From 2c1dc3f8adffea3de0879c9b23e73e0f56f74447 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 3 Jul 2023 16:27:21 +0200 Subject: [PATCH 0852/1000] unique pg_hba roles for postgres instances --- manifests/server/instance/config.pp | 12 ++++++------ spec/classes/server/config_spec.rb | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index c8b17c356e..e05c55e14d 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -86,40 +86,40 @@ } postgresql::server::pg_hba_rule { - 'local access as postgres user': + "local access as postgres user for instance ${name}": type => 'local', user => $user, auth_method => 'ident', auth_option => $local_auth_option, order => 1; - 'local access to database with same name': + "local access to database with same name for instance ${name}": type => 'local', auth_method => 'ident', auth_option => $local_auth_option, order => 2; - 'allow localhost TCP access to postgresql user': + "allow localhost TCP access to postgresql user for instance ${name}": type => 'host', user => $user, address => '127.0.0.1/32', auth_method => 'md5', order => 3; - 'deny access to postgresql user': + "deny access to postgresql user for instance ${name}": type => 'host', user => $user, address => $ip_mask_deny_postgres_user, auth_method => 'reject', order => 4; - 'allow access to all users': + "allow access to all users for instance ${name}": type => 'host', address => $ip_mask_allow_all_users, auth_method => 'md5', order => 100; - 'allow access to ipv6 localhost': + "allow access to ipv6 localhost for instance ${name}": type => 'host', address => '::1/128', auth_method => 'md5', diff --git a/spec/classes/server/config_spec.rb b/spec/classes/server/config_spec.rb index 8242e76e07..a44e4f107e 100644 --- a/spec/classes/server/config_spec.rb +++ b/spec/classes/server/config_spec.rb @@ -173,7 +173,7 @@ class { 'postgresql::server': end it 'has hba rule default' do - expect(subject).to contain_postgresql__server__pg_hba_rule('local access as postgres user') + expect(subject).to contain_postgresql__server__pg_hba_rule('local access as postgres user for instance main') end it 'has hba rule ipv4acls' do From 1565144bd7a1e277acc3df62534c118c19ad6f3f Mon Sep 17 00:00:00 2001 From: Johannes Schillinger Date: Wed, 5 Jul 2023 09:48:38 +0200 Subject: [PATCH 0853/1000] Fix log directory config entry name it does not satisfy the name regex and thus breaks the puppet run, if the log dir is set --- manifests/server/instance/config.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index e05c55e14d..a565bbb46a 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -211,7 +211,7 @@ } } if $logdir { - postgresql::server::config_entry { "log_directory for instance ${name}": + postgresql::server::config_entry { "log_directory_for_instance_${name}": value => $logdir, } } From eb2773e2c15b82fda11a254ad284376d5e925f9f Mon Sep 17 00:00:00 2001 From: Johannes Schillinger Date: Wed, 5 Jul 2023 10:27:02 +0200 Subject: [PATCH 0854/1000] add key to log_directory config entry --- manifests/server/instance/config.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index a565bbb46a..6a2aa8e49d 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -212,6 +212,7 @@ } if $logdir { postgresql::server::config_entry { "log_directory_for_instance_${name}": + key => 'log_directory', value => $logdir, } } From df215b2c5600be029cc9ee98fe99c6e56d7fe049 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Fri, 24 Feb 2023 13:25:14 -1000 Subject: [PATCH 0855/1000] Unwrap sensitive values for testing When testing, sensitive values can be compared to the String `Sensitive [value redacted]`, but if we want to check that the redacted content is the one we expect, we should compare with another Sensitive wrapper. --- spec/defines/server/role_spec.rb | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index d1d61e7ff4..7ad459f4d2 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -24,7 +24,7 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432') @@ -32,9 +32,9 @@ it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'port' => '5432') end end @@ -50,7 +50,7 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'port' => '5432') @@ -58,9 +58,11 @@ it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'Sensitive [value redacted]')), + # FIXME: This is obviously wrong ^^^^^^^^^^^^^^^^^^^^^^^^^^ 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'Sensitive [value redacted]')), + # FIXME: This is obviously wrong ^^^^^^^^^^^^^^^^^^^^^^^^^^ 'port' => '5432') end end @@ -84,7 +86,7 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with_command('Sensitive [value redacted]') + .with_command(sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1))) .with_sensitive('true') .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") .with_port(5432) @@ -94,8 +96,8 @@ it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', 'port' => '5432', + .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'port' => '5432', 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end @@ -121,7 +123,7 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) @@ -129,8 +131,8 @@ it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => 'Sensitive [value redacted]', 'sensitive' => 'true', - 'unless' => 'Sensitive [value redacted]', + .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) end From 5e3744ecfc8960ac86402ec3254e338856b65395 Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Fri, 24 Feb 2023 19:44:31 +0100 Subject: [PATCH 0856/1000] Fix wrong Sensitive handling for updating password --- manifests/server/role.pp | 2 +- spec/defines/server/role_spec.rb | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 0e3f117795..8656141356 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -166,7 +166,7 @@ $pwd_hash_sql = postgresql::postgresql_password( $username, $password_hash, - $password_hash =~ Sensitive[String], + false, $hash, $salt, ) diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index 7ad459f4d2..fc5fe501eb 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -58,11 +58,9 @@ it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'Sensitive [value redacted]')), - # FIXME: This is obviously wrong ^^^^^^^^^^^^^^^^^^^^^^^^^^ + .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', - 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'Sensitive [value redacted]')), - # FIXME: This is obviously wrong ^^^^^^^^^^^^^^^^^^^^^^^^^^ + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'port' => '5432') end end From e029ed13193af3f360c2028a88897b6bc6afedf5 Mon Sep 17 00:00:00 2001 From: jordanbreen28 Date: Mon, 17 Jul 2023 11:56:47 +0100 Subject: [PATCH 0857/1000] (maint) - Replace legacy facts in spec/default_facts.yml --- spec/default_facts.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f777abfc99..f3946607e0 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,8 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -ipaddress: "172.16.254.254" -ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" +networking: + ip: "172.16.254.254" + ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" + mac: "AA:AA:AA:AA:AA:AA" is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA" From 847a908d248859a5ef4b65f2c01f61301c6ac635 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Mon, 17 Jul 2023 21:36:27 +0530 Subject: [PATCH 0858/1000] CONT-1219 : fail ci for puppetlabs members if no label --- .github/workflows/labeller.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml index 5434d3fff3..aa34247aff 100644 --- a/.github/workflows/labeller.yml +++ b/.github/workflows/labeller.yml @@ -1,22 +1,27 @@ -name: community-labeller +name: Labeller on: issues: types: - opened + - labeled + - unlabeled pull_request_target: types: - opened + - labeled + - unlabeled jobs: label: runs-on: ubuntu-latest steps: - - uses: puppetlabs/community-labeller@v0 + - uses: puppetlabs/community-labeller@v1.0.1 name: Label issues or pull requests with: label_name: community label_color: '5319e7' org_membership: puppetlabs - token: ${{ secrets.IAC_COMMUNITY_LABELER }} + fail_if_member: 'true' + token: ${{ secrets.IAC_COMMUNITY_LABELER }} \ No newline at end of file From ed9cf38b86986609f2c5dbde55eec16f62112f08 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Mon, 17 Jul 2023 21:46:15 +0530 Subject: [PATCH 0859/1000] CONT-1219 : fail ci for puppetlabs members if no label --- .github/workflows/labeller.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml index aa34247aff..ee149bf525 100644 --- a/.github/workflows/labeller.yml +++ b/.github/workflows/labeller.yml @@ -24,4 +24,4 @@ jobs: label_color: '5319e7' org_membership: puppetlabs fail_if_member: 'true' - token: ${{ secrets.IAC_COMMUNITY_LABELER }} \ No newline at end of file + token: ${{ secrets.IAC_COMMUNITY_LABELER }} From f10ee71a28b7b727d9bffb869ecc1a76d7e98b57 Mon Sep 17 00:00:00 2001 From: Tim 'bastelfreak' Meusel Date: Tue, 25 Jul 2023 10:41:24 +0200 Subject: [PATCH 0860/1000] Add Debian 12 compatibility --- manifests/globals.pp | 1 + metadata.json | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index dc820c6f79..53cf5529cc 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -198,6 +198,7 @@ 'Debian' => $facts['os']['release']['major'] ? { '10' => '11', '11' => '13', + '12' => '15', default => undef, }, 'Ubuntu' => $facts['os']['release']['major'] ? { diff --git a/metadata.json b/metadata.json index 2443217f39..fc8a51fde9 100644 --- a/metadata.json +++ b/metadata.json @@ -57,7 +57,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "10", - "11" + "11", + "12" ] }, { From 99870b6072a3eccfb6fa39c10eab93731d71b630 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Tue, 25 Jul 2023 16:23:41 +0530 Subject: [PATCH 0861/1000] maint: removing debian 12 from metadata --- metadata.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/metadata.json b/metadata.json index fc8a51fde9..2443217f39 100644 --- a/metadata.json +++ b/metadata.json @@ -57,8 +57,7 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "10", - "11", - "12" + "11" ] }, { From 0fda657e1703ef75dcc3d8e6f7dde67816094356 Mon Sep 17 00:00:00 2001 From: praj1001 <134480625+praj1001@users.noreply.github.com> Date: Mon, 31 Jul 2023 09:59:12 +0530 Subject: [PATCH 0862/1000] (CAT-1262)-updated legacy repo for SUSE --- spec/spec_helper_acceptance_local.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index d679c71ecd..4af007d09c 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -48,8 +48,8 @@ def install_dependencies if $facts['os']['family'] in ['SLES', 'SUSE'] { exec { 'Enable legacy repos': path => '/bin:/usr/bin/:/sbin:/usr/sbin', - command => 'SUSEConnect --product sle-module-legacy/15.4/x86_64', - unless => 'SUSEConnect --status-text | grep sle-module-legacy/15.4/x86_64', + command => 'SUSEConnect --product sle-module-legacy/15.5/x86_64', + unless => 'SUSEConnect --status-text | grep sle-module-legacy/15.5/x86_64', } package { 'net-tools-deprecated': From 985309e2df83aa16b1b5430ef1607eca56981de7 Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Sun, 26 Feb 2023 02:14:14 +0100 Subject: [PATCH 0863/1000] Defaulting password_encryption to scram-sha-256 with version >= 14 * Fix missing handling of allowed undef value of parameter hash of postgresql::postgresql_password * Fix edgecase where passwords starting with md5 but are not followed by 32 base64 chars will not be hashed by postgresql::postgresql_password * Fix case of postgresql::postgresql_password where sensitive hashes are wrongly handled * Extend spec tests for 'postgresql_password function' to cover this * Add respecting password_encryption for all internal postgresql::postgresql_password calls * Add respecting password_encryption for postgresql::backup::pg_dump * Add spec tests for new hash type handling of postgresql::server::role See https://www.postgresql.org/docs/14/runtime-config-connection.html#GUC-PASSWORD-ENCRYPTION --- .../postgresql/postgresql_password.rb | 16 +- manifests/backup/pg_dump.pp | 4 +- manifests/params.pp | 4 +- manifests/server.pp | 4 +- manifests/server/instance/config.pp | 2 +- manifests/server/role.pp | 63 ++-- spec/defines/server/role_spec.rb | 297 +++++++++++++++--- spec/spec_helper_local.rb | 48 +++ types/pg_password_encryption.pp | 2 + 9 files changed, 352 insertions(+), 88 deletions(-) create mode 100644 types/pg_password_encryption.pp diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 8d1013374a..68be8b7374 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -22,19 +22,25 @@ required_param 'Variant[String[1], Integer]', :username required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password optional_param 'Boolean', :sensitive - optional_param "Optional[Enum['md5', 'scram-sha-256']]", :hash + optional_param 'Optional[Postgresql::Pg_password_encryption]', :hash optional_param 'Optional[Variant[String[1], Integer]]', :salt return_type 'Variant[String, Sensitive[String]]' end def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil) - return password if password.is_a?(String) && password.match?(%r{^(md5|SCRAM-SHA-256).+}) - password = password.unwrap if password.respond_to?(:unwrap) - pass = if hash == 'md5' + if password.is_a?(String) && password.match?(%r{^(md5[0-9a-f]{32}$|SCRAM-SHA-256\$)}) + return Puppet::Pops::Types::PSensitiveType::Sensitive.new(password) if sensitive + + return password + end + pass = case hash + when 'md5', nil # ensure default value when definded with nil "md5#{Digest::MD5.hexdigest(password.to_s + username.to_s)}" - else + when 'scram-sha-256' pg_sha256(password, (salt || username)) + else + raise(Puppet::ParseError, "postgresql::postgresql_password(): got unkown hash type '#{hash}'") end if sensitive Puppet::Pops::Types::PSensitiveType::Sensitive.new(pass) diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index ff99779fb5..4fc05d179b 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -83,7 +83,7 @@ # Create user with superuser privileges postgresql::server::role { $db_user: ensure => $ensure, - password_hash => postgresql::postgresql_password($db_user, $db_password), + password_hash => postgresql::postgresql_password($db_user, $db_password, true, pick($postgresql::server::password_encryption, 'md5')), superuser => true, } @@ -92,7 +92,7 @@ type => 'local', database => 'all', user => $db_user, - auth_method => 'md5', + auth_method => pick($postgresql::server::password_encryption, 'md5'), order => 1, } } diff --git a/manifests/params.pp b/manifests/params.pp index fede3f0ce3..a6d3d6f370 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -25,7 +25,7 @@ $manage_selinux = pick($manage_selinux, false) $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') - $password_encryption = undef + $password_encryption = if versioncmp($version, '14') >= 0 { 'scram-sha-256' } else { undef } $extra_systemd_config = undef $manage_datadir = true $manage_logdir = true @@ -298,7 +298,7 @@ # Since we can't determine defaults on our own, we rely on users setting # parameters with the postgresql::globals class. Here we are checking # that the mandatory minimum is set for the module to operate. - $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${facts['os']['family']} operatingsystem: ${facts['os']['name']}; please specify a value for ${module_name}::globals::" + $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${facts['os']['family']} operatingsystem: ${facts['os']['name']}; please specify a value for ${module_name}::globals::" # lint:ignore:140chars if ($needs_initdb == undef) { fail("${err_prefix}needs_initdb") } if ($service_name == undef) { fail("${err_prefix}service_name") } if ($client_package_name == undef) { fail("${err_prefix}client_package_name") } diff --git a/manifests/server.pp b/manifests/server.pp index 915a001883..35b0717275 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -95,7 +95,7 @@ class postgresql::server ( Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = undef, - Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = $postgresql::params::package_ensure, + Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $package_ensure = $postgresql::params::package_ensure, # lint:ignore:140chars String[1] $package_name = $postgresql::params::server_package_name, Optional[String[1]] $plperl_package_name = $postgresql::params::plperl_package_name, @@ -159,7 +159,7 @@ Boolean $manage_datadir = $postgresql::params::manage_datadir, Boolean $manage_logdir = $postgresql::params::manage_logdir, Boolean $manage_xlogdir = $postgresql::params::manage_xlogdir, - Optional[String] $password_encryption = $postgresql::params::password_encryption, + Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::params::password_encryption, Optional[String] $extra_systemd_config = $postgresql::params::extra_systemd_config, Hash[String, Hash] $roles = {}, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 6a2aa8e49d..e792dcb067 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -60,7 +60,7 @@ Boolean $service_enable = $postgresql::server::service_enable, Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, Optional[String[1]] $timezone = $postgresql::server::timezone, - Optional[String] $password_encryption = $postgresql::server::password_encryption, + Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::server::password_encryption, Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { if ($manage_pg_hba_conf == true) { diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 8656141356..7e1ff26a88 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -21,26 +21,26 @@ # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( - Boolean $update_password = true, - Variant[Boolean, String, Sensitive[String]] $password_hash = false, - Boolean $createdb = false, - Boolean $createrole = false, - String[1] $db = $postgresql::server::default_database, - Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, - Boolean $login = true, - Boolean $inherit = true, - Boolean $superuser = false, - Boolean $replication = false, - String[1] $connection_limit = '-1', - String[1] $username = $title, - Hash $connect_settings = $postgresql::server::default_connect_settings, - String[1] $psql_user = $postgresql::server::user, - String[1] $psql_group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - String[1] $module_workdir = $postgresql::server::module_workdir, - Enum['present', 'absent'] $ensure = 'present', - Enum['md5', 'scram-sha-256'] $hash = 'md5', - Optional[Variant[String[1], Integer]] $salt = undef, + Boolean $update_password = true, + Variant[Boolean, String, Sensitive[String]] $password_hash = false, + Boolean $createdb = false, + Boolean $createrole = false, + String[1] $db = $postgresql::server::default_database, + Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Boolean $login = true, + Boolean $inherit = true, + Boolean $superuser = false, + Boolean $replication = false, + String[1] $connection_limit = '-1', + String[1] $username = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $psql_user = $postgresql::server::user, + String[1] $psql_group = $postgresql::server::group, + Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + String[1] $module_workdir = $postgresql::server::module_workdir, + Enum['present', 'absent'] $ensure = 'present', + Optional[Enum['md5', 'scram-sha-256']] $hash = undef, + Optional[Variant[String[1], Integer]] $salt = undef, ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap @@ -106,7 +106,7 @@ ] ) } else { - $create_role_command = "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}" + $create_role_command = "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}" # lint:ignore:140chars } postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": @@ -152,22 +152,29 @@ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}", } + $_hash = if $hash { + $hash + } elsif $connect_settings != undef and 'DBVERSION' in $connect_settings { + if (versioncmp($version, '14') >= 0) { 'scram-sha-256' } else { undef } + } else { + $postgresql::server::password_encryption + } if $password_hash_unsensitive and $update_password { if $password_hash_unsensitive =~ Deferred { - $pwd_hash_sql = Deferred ( 'postgresql::postgresql_password', [$username, - $password_hash, + $pwd_hash_sql = Deferred ( 'postgresql::postgresql_password', [ + $username, + $password_hash_unsensitive, false, - $hash, + $_hash, $salt, ] ) - } - else { + } else { $pwd_hash_sql = postgresql::postgresql_password( $username, - $password_hash, + $password_hash_unsensitive, false, - $hash, + $_hash, $salt, ) } diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index fc5fe501eb..c04080d5cf 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -24,18 +24,22 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), - 'sensitive' => 'true', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => '5432') + .with( + 'command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432', + ) end it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), - 'sensitive' => 'true', - 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), - 'port' => '5432') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'port' => '5432', + ) end end @@ -50,18 +54,22 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), - 'sensitive' => 'true', - 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'port' => '5432') + .with( + 'command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => '5432', + ) end it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), - 'sensitive' => 'true', - 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), - 'port' => '5432') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'port' => '5432', + ) end end @@ -69,10 +77,12 @@ let :params do { password_hash: 'new-pa$s', - connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' } + connect_settings: { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + } } end @@ -84,20 +94,34 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with_command(sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1))) - .with_sensitive('true') - .with_unless("SELECT 1 FROM pg_roles WHERE rolname = 'test'") - .with_port(5432) - .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass') - .that_requires('Service[postgresqld]') + .with( + 'command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'port' => 5432, + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ).that_requires('Service[postgresqld]') end it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', - 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'port' => '5432', - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'port' => '5432', + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ) end end @@ -105,11 +129,13 @@ let :params do { password_hash: 'new-pa$s', - connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' } + connect_settings: { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + } } end @@ -121,18 +147,34 @@ it 'has create role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), - 'sensitive' => 'true', 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) + .with( + 'command' => sensitive(%(CREATE ROLE "test" ENCRYPTED PASSWORD 'new-pa$s' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1)), + 'sensitive' => 'true', + 'unless' => "SELECT 1 FROM pg_roles WHERE rolname = 'test'", + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ) end it 'has alter role for "test" user with password as ****' do expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') - .with('command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), 'sensitive' => 'true', - 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), - 'connect_settings' => { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234', 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }) + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ) end end @@ -153,6 +195,163 @@ end end + context 'with version >= 14' do + let :pre_condition do + <<-CONDITION + class { 'postgresql::globals': + version => '14', + } + -> class { 'postgresql::server': } + CONDITION + end + + let :params do + { + password_hash: 'new-pa$s' + } + end + + it 'use "scram-sha-256" passwords' do + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'SCRAM-SHA-256$4096:dGVzdA==$ouY1SZtT3yAonoIzvLCooZPtHkO7WigotDMNWL/xSms=:wEl4ewQJMRO2W5lHfiDvtlbmPcHnF0J1iBe6l82YnrQ=')), + 'sensitive' => 'true', + 'unless' => sensitive( + %(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'SCRAM-SHA-256$4096:dGVzdA==$ouY1SZtT3yAonoIzvLCooZPtHkO7WigotDMNWL/xSms=:wEl4ewQJMRO2W5lHfiDvtlbmPcHnF0J1iBe6l82YnrQ='), + ), + ) + end + end + + context 'with password_encryption "scram-sha-256"' do + let :pre_condition do + <<-CONDITION + class { 'postgresql::server': + password_encryption => 'scram-sha-256', + } + CONDITION + end + + let :params do + { + password_hash: 'new-pa$s', + connect_settings: { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + } + } + end + + it 'is expect to use "scram-sha-256" hashed password' do + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ) + end + end + + context 'with password_encryption "scram-sha-256" and older DBVERSION in connect_settings' do + let :pre_condition do + <<-CONDITION + class { 'postgresql::server': + password_encryption => 'scram-sha-256', + } + CONDITION + end + + let :params do + { + password_hash: 'new-pa$s', + connect_settings: { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + } + } + end + + it 'is expect to use "md5" hashed password' do + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'connect_settings' => { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, + ) + end + end + + context 'with password_encryption "scram-sha-256" and set hash type "md5"' do + let :pre_condition do + <<-CONDITION + class { 'postgresql::server': + password_encryption => 'scram-sha-256', + } + CONDITION + end + + let :params do + { + password_hash: 'new-pa$s', + hash: 'md5' + } + end + + it 'is expect to use "md5" hashed password' do + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + ) + end + end + + context 'with password_encryption "scram-sha-256" and "md5" hashed password' do + let :pre_condition do + <<-CONDITION + class { 'postgresql::server': + password_encryption => 'scram-sha-256', + } + CONDITION + end + + let :params do + { + password_hash: 'md5b6f7fcbbabb4befde4588a26c1cfd2fa' + } + end + + it 'is expect to use definded "md5" password_hash' do + expect(subject).to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****') + .with( + 'command' => sensitive(%(ALTER ROLE "test" ENCRYPTED PASSWORD 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + 'sensitive' => 'true', + 'unless' => sensitive(%(SELECT 1 FROM pg_shadow WHERE usename = 'test' AND passwd = 'md5b6f7fcbbabb4befde4588a26c1cfd2fa')), + ) + end + end + context 'with ensure set to absent' do let :params do { @@ -178,11 +377,13 @@ let :params do { password_hash: 'new-pa$s', - connect_settings: { 'PGHOST' => 'postgres-db-server', - 'DBVERSION' => '9.1', - 'PGPORT' => '1234', - 'PGUSER' => 'login-user', - 'PGPASSWORD' => 'login-pass' }, + connect_settings: { + 'PGHOST' => 'postgres-db-server', + 'DBVERSION' => '9.1', + 'PGPORT' => '1234', + 'PGUSER' => 'login-user', + 'PGPASSWORD' => 'login-pass' + }, psql_user: 'postgresql', psql_group: 'postgresql', psql_path: '/usr/bin', diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index b54d1556cd..c957f9ee1b 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -59,18 +59,66 @@ def param(type, title, param) ) } + it { + expect(subject).to run.with_params('foo', 'bar', true).and_return( + sensitive(%(md596948aad3fcae80c08a35c9b5958cd89)), + ) + } + it { expect(subject).to run.with_params('foo', 'bar', false, 'scram-sha-256').and_return( 'SCRAM-SHA-256$4096:Zm9v$ea66ynZ8cS9Ty4ZkEYicwC72StsKLSwjcXIXKMgepTk=:dJYmOU6BMCaWkQOB3lrXH9OAF3lW2n3NJ26NO7Srq7U=', ) } + it { + expect(subject).to run.with_params('foo', 'bar', true, 'scram-sha-256').and_return( + sensitive(%(SCRAM-SHA-256$4096:Zm9v$ea66ynZ8cS9Ty4ZkEYicwC72StsKLSwjcXIXKMgepTk=:dJYmOU6BMCaWkQOB3lrXH9OAF3lW2n3NJ26NO7Srq7U=)), + ) + } + it { expect(subject).to run.with_params('foo', 'bar', false, 'scram-sha-256', 'salt').and_return( 'SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=', ) } + it { + expect(subject).to run.with_params('foo', 'bar', true, 'scram-sha-256', 'salt').and_return( + sensitive(%(SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=)), + ) + } + + it { + expect(subject).to run.with_params('foo', 'bar', false, nil, 'salt').and_return( + 'md596948aad3fcae80c08a35c9b5958cd89', + ) + } + + it { + expect(subject).to run.with_params('foo', 'bar', true, nil, 'salt').and_return( + sensitive(%(md596948aad3fcae80c08a35c9b5958cd89)), + ) + } + + it { + expect(subject).to run.with_params('foo', 'md596948aad3fcae80c08a35c9b5958cd89', false).and_return( + 'md596948aad3fcae80c08a35c9b5958cd89', + ) + } + + it { + expect(subject).to run.with_params('foo', sensitive(%(SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=)), true).and_return( + sensitive(%(SCRAM-SHA-256$4096:c2FsdA==$hl63wu9L6vKIjd/UGPfpRl/hIQRBnlkoCiJ9KgxzbX0=:3Q39uiwDZ51m3iPpV8rSgISgRiYqkbnpc+wScL2lSAU=)), + ) + } + + it { + expect(subject).to run.with_params('foo', sensitive('md596948aad3fcae80c08a35c9b5958cd89'), false).and_return( + 'md596948aad3fcae80c08a35c9b5958cd89', + ) + } + it 'raises an error if there is only 1 argument' do expect(subject).to run.with_params('foo').and_raise_error(StandardError) end diff --git a/types/pg_password_encryption.pp b/types/pg_password_encryption.pp new file mode 100644 index 0000000000..b2b5be66e5 --- /dev/null +++ b/types/pg_password_encryption.pp @@ -0,0 +1,2 @@ +# @summary the supported password_encryption +type Postgresql::Pg_password_encryption = Enum['md5', 'scram-sha-256'] From 6dee3b894a3a2b8e793a3e232b9e44b78a1deeeb Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Sun, 26 Feb 2023 02:20:05 +0100 Subject: [PATCH 0864/1000] Update REFERENCE.md * Fixing lint 140chars inside REFERENCE.md --- REFERENCE.md | 377 ++++++++++++++++------- manifests/backup/pg_dump.pp | 4 +- manifests/globals.pp | 26 +- manifests/lib/devel.pp | 5 +- manifests/lib/docs.pp | 5 +- manifests/repo.pp | 2 +- manifests/server.pp | 48 ++- manifests/server/database.pp | 4 +- manifests/server/default_privileges.pp | 6 +- manifests/server/extension.pp | 11 +- manifests/server/grant.pp | 16 +- manifests/server/grant_role.pp | 2 +- manifests/server/instance/config.pp | 24 +- manifests/server/instance/initdb.pp | 13 +- manifests/server/instance/late_initdb.pp | 12 +- manifests/server/instance/passwd.pp | 14 +- manifests/server/instance/reload.pp | 2 + manifests/server/instance/service.pp | 13 +- manifests/server/pg_hba_rule.pp | 25 +- manifests/server/recovery.pp | 24 +- manifests/server/role.pp | 7 +- manifests/server/table_grant.pp | 7 +- manifests/server/tablespace.pp | 2 +- 23 files changed, 443 insertions(+), 206 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 44e13ad9c0..fe3afd0e86 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -49,12 +49,12 @@ * [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. * [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. * [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. -* [`postgresql::server::instance::config`](#postgresql--server--instance--config): lint:ignore:140chars lint:endignore:140chars -* [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance +* [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance * [`postgresql::server::instance::late_initdb`](#postgresql--server--instance--late_initdb): Manage the default encoding when database initialization is managed by the package -* [`postgresql::server::instance::passwd`](#postgresql--server--instance--passwd): lint:ignore:140chars lint:endignore:140chars -* [`postgresql::server::instance::reload`](#postgresql--server--instance--reload) -* [`postgresql::server::instance::service`](#postgresql--server--instance--service): lint:ignore:140chars lint:endignore:140chars +* [`postgresql::server::instance::passwd`](#postgresql--server--instance--passwd): Overrides the default PostgreSQL superuser +* [`postgresql::server::instance::reload`](#postgresql--server--instance--reload): Overrides the default reload or status command for your PostgreSQL service +* [`postgresql::server::instance::service`](#postgresql--server--instance--service): Manages the service for the postgres main instance (default) or additional instances * [`postgresql::server::pg_hba_rule`](#postgresql--server--pg_hba_rule): This resource manages an individual rule that applies to the file defined in target. * [`postgresql::server::pg_ident_rule`](#postgresql--server--pg_ident_rule): This resource manages an individual rule that applies to the file defined in target. * [`postgresql::server::reassign_owned_by`](#postgresql--server--reassign_owned_by): Define for reassigning the ownership of objects within a database. @@ -97,6 +97,7 @@ * [`Postgresql::Pg_hba_rule_address`](#Postgresql--Pg_hba_rule_address): Supported address types * [`Postgresql::Pg_hba_rule_type`](#Postgresql--Pg_hba_rule_type): enum for all different types for the pg_hba_conf * [`Postgresql::Pg_hba_rules`](#Postgresql--Pg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf +* [`Postgresql::Pg_password_encryption`](#Postgresql--Pg_password_encryption): the supported password_encryption ### Tasks @@ -156,7 +157,8 @@ Default value: `'present'` Class for setting cross-class global overrides. * **Note** Most server-specific defaults should be overridden in the postgresql::server class. -This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. +This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such +as version or manage_package_repo. #### Parameters @@ -433,8 +435,10 @@ Data type: `Optional[String[1]]` Overrides the default PostgreSQL data directory for the target platform. Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. -On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). -Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original +On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb +defaults to true on other systems). +Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail +if the data directory is changed back to the original Default value: `undef` @@ -547,7 +551,8 @@ Default value: `undef` Data type: `Optional[String[1]]` Sets the default encoding for all databases created with this module. -On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +On certain operating systems, this is also used during the template1 initialization, +so it becomes a default outside of the module as well. Default value: `undef` @@ -556,7 +561,8 @@ Default value: `undef` Data type: `Optional[String[1]]` Sets the default database locale for all databases created with this module. -On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +On certain operating systems, this is also used during the template1 initialization, +so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. Default value: `undef` @@ -666,7 +672,8 @@ Default value: `false` Data type: `Optional[String[1]]` -Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +Specifies working directory under which the psql command should be executed. +May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `undef` @@ -702,7 +709,8 @@ Default value: `'present'` Data type: `Boolean` -If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. +If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir +into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. Default value: `$postgresql::params::link_pg_config` @@ -885,12 +893,17 @@ The following parameters are available in the `postgresql::server` class: * [`backup_provider`](#-postgresql--server--backup_provider) * [`version`](#-postgresql--server--version) * [`extra_systemd_config`](#-postgresql--server--extra_systemd_config) +* [`auth_host`](#-postgresql--server--auth_host) +* [`auth_local`](#-postgresql--server--auth_local) +* [`lc_messages`](#-postgresql--server--lc_messages) +* [`username`](#-postgresql--server--username) ##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` -Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres +database, with a user called postgres and no password. Default value: `undef` @@ -962,7 +975,8 @@ Default value: `$postgresql::params::service_name` Data type: `Boolean` -Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. +Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart +to become active. Default value: `$postgresql::params::service_restart_on_change` @@ -1002,7 +1016,8 @@ Default value: `$postgresql::params::default_database` Data type: `Hash` -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as +postgresql::server::role. Default value: `$postgresql::globals::default_connect_settings` @@ -1018,7 +1033,10 @@ Default value: `$postgresql::params::listen_addresses` Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. +Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make +the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` @@ -1036,8 +1054,10 @@ Default value: `$postgresql::params::ip_mask_deny_postgres_user` Data type: `String[1]` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP +from remote machines. If you'd like to allow this, you can override this setting. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine +on your local '192.168' subnet. Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` @@ -1158,7 +1178,9 @@ Default value: `$postgresql::params::log_line_prefix` Data type: `Boolean` -If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to +override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform +basic psql operations for example. Default value: `$postgresql::params::pg_hba_conf_defaults` @@ -1190,7 +1212,8 @@ Default value: `$postgresql::params::needs_initdb` Data type: `Optional[String[1]]` -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the +template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::params::encoding` @@ -1198,7 +1221,8 @@ Default value: `$postgresql::params::encoding` Data type: `Optional[String[1]]` -Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. +Sets the default database locale for all databases created with this module. On certain operating systems this is used during the +template1 initialization as well, so it becomes a default outside of the module. Default value: `$postgresql::params::locale` @@ -1207,7 +1231,8 @@ Default value: `$postgresql::params::locale` Data type: `Optional[Boolean]` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +Warning: This option is used during initialization by initdb, and cannot be changed later. +If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` @@ -1295,7 +1320,7 @@ Default value: `$postgresql::params::manage_xlogdir` ##### `password_encryption` -Data type: `Optional[String]` +Data type: `Optional[Postgresql::Pg_password_encryption]` Specify the type of encryption set for the password. @@ -1365,6 +1390,38 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::params::extra_systemd_config` +##### `auth_host` + +Data type: `Optional[String[1]]` + +auth method used by default for host authorization + +Default value: `undef` + +##### `auth_local` + +Data type: `Optional[String[1]]` + +auth method used by default for local authorization + +Default value: `undef` + +##### `lc_messages` + +Data type: `Optional[String[1]]` + +locale used for logging and system messages + +Default value: `undef` + +##### `username` + +Data type: `Optional[String[1]]` + +username of user running the postgres instance + +Default value: `undef` + ### `postgresql::server::contrib` Install the contrib postgresql packaging. @@ -1484,6 +1541,7 @@ Manage a postgresql.conf entry. The following parameters are available in the `postgresql::server::config_entry` defined type: * [`ensure`](#-postgresql--server--config_entry--ensure) +* [`key`](#-postgresql--server--config_entry--key) * [`value`](#-postgresql--server--config_entry--value) * [`path`](#-postgresql--server--config_entry--path) @@ -1495,6 +1553,14 @@ Removes an entry if set to 'absent'. Default value: `'present'` +##### `key` + +Data type: `String[1]` + +Defines the key/name for the setting. Defaults to $name + +Default value: `$name` + ##### `value` Data type: `Optional[Variant[String[1], Numeric, Array[String[1]]]]` @@ -1834,7 +1900,7 @@ Pattern[ /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, - /(?i:^SCHEMAS$)/ # lint:ignore:trailing_comma + /(?i:^SCHEMAS$)/ ] ``` @@ -1947,11 +2013,13 @@ Default value: `undef` Data type: `Optional[String[1]]` -Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change the effective version in each database. +Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically +change the effective version in each database. This needs be updated using the PostgreSQL-specific SQL ALTER EXTENSION... version may be set to latest, in which case the SQL ALTER EXTENSION "extension" UPDATE is applied to this database (only). version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' -eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. +eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to +this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. Default value: `undef` @@ -1976,7 +2044,8 @@ Default value: `undef` Data type: `Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]]` -Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. +Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is +activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. Default value: `undef` @@ -2064,12 +2133,13 @@ Pattern[#/(?i:^COLUMN$)/, /(?i:^TABLE$)/, #/(?i:^TABLESPACE$)/, /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ # lint:ignore:trailing_comma + /(?i:^SEQUENCE$)/ #/(?i:^VIEW$)/ ] ``` -Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. +Specifies the type of object to which you are granting privileges. +Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. Default value: `'database'` @@ -2077,7 +2147,8 @@ Default value: `'database'` Data type: `Optional[Variant[Array[String,2,2],String[1]]]` -Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] +Specifies name of object_type to which to grant access, can be either a string or a two element array. +String: 'object_name' Array: ['schema_name', 'object_name'] Default value: `undef` @@ -2225,8 +2296,7 @@ Default value: `$postgresql::server::default_connect_settings` ### `postgresql::server::instance::config` -lint:ignore:140chars -lint:endignore:140chars +Manages the config for a postgresql::server instance #### Parameters @@ -2273,8 +2343,10 @@ Default value: `$postgresql::server::ip_mask_deny_postgres_user` Data type: `String[1]` -Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP +from remote machines. If you'd like to allow this, you can override this setting. +Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine +on your local '192.168' subnet. Default value: '127.0.0.1/32'. Default value: `$postgresql::server::ip_mask_allow_all_users` @@ -2291,7 +2363,9 @@ Default value: `$postgresql::server::listen_addresses` Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` @@ -2356,7 +2430,9 @@ Default value: `$postgresql::server::recovery_conf_path` Data type: `Boolean` -If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to +override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform +basic psql operations for example. Default value: `$postgresql::server::pg_hba_conf_defaults` @@ -2468,7 +2544,7 @@ Default value: `$postgresql::server::timezone` ##### `password_encryption` -Data type: `Optional[String]` +Data type: `Optional[Postgresql::Pg_password_encryption]` Specify the type of encryption set for the password. @@ -2484,44 +2560,54 @@ Default value: `$postgresql::server::extra_systemd_config` ### `postgresql::server::instance::initdb` -lint:ignore:140chars -lint:endignore:140chars +Manages initdb feature for a postgresql::server instance #### Parameters The following parameters are available in the `postgresql::server::instance::initdb` defined type: -* [`needs_initdb`](#-postgresql--server--instance--initdb--needs_initdb) -* [`initdb_path`](#-postgresql--server--instance--initdb--initdb_path) +* [`auth_host`](#-postgresql--server--instance--initdb--auth_host) +* [`auth_local`](#-postgresql--server--instance--initdb--auth_local) +* [`data_checksums`](#-postgresql--server--instance--initdb--data_checksums) * [`datadir`](#-postgresql--server--instance--initdb--datadir) -* [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) +* [`encoding`](#-postgresql--server--instance--initdb--encoding) +* [`group`](#-postgresql--server--instance--initdb--group) +* [`initdb_path`](#-postgresql--server--instance--initdb--initdb_path) +* [`lc_messages`](#-postgresql--server--instance--initdb--lc_messages) +* [`locale`](#-postgresql--server--instance--initdb--locale) * [`logdir`](#-postgresql--server--instance--initdb--logdir) * [`manage_datadir`](#-postgresql--server--instance--initdb--manage_datadir) * [`manage_logdir`](#-postgresql--server--instance--initdb--manage_logdir) * [`manage_xlogdir`](#-postgresql--server--instance--initdb--manage_xlogdir) -* [`encoding`](#-postgresql--server--instance--initdb--encoding) -* [`locale`](#-postgresql--server--instance--initdb--locale) -* [`data_checksums`](#-postgresql--server--instance--initdb--data_checksums) -* [`user`](#-postgresql--server--instance--initdb--user) -* [`group`](#-postgresql--server--instance--initdb--group) * [`module_workdir`](#-postgresql--server--instance--initdb--module_workdir) +* [`needs_initdb`](#-postgresql--server--instance--initdb--needs_initdb) +* [`user`](#-postgresql--server--instance--initdb--user) +* [`username`](#-postgresql--server--instance--initdb--username) +* [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) -##### `needs_initdb` +##### `auth_host` -Data type: `Boolean` +Data type: `Optional[String[1]]` -Explicitly calls the initdb operation after server package is installed -and before the PostgreSQL service is started. +auth method used by default for host authorization -Default value: `$postgresql::server::needs_initdb` +Default value: `$postgresql::server::auth_host` -##### `initdb_path` +##### `auth_local` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Optional[String[1]]` -Specifies the path to the initdb command. +auth method used by default for local authorization -Default value: `$postgresql::server::initdb_path` +Default value: `$postgresql::server::auth_local` + +##### `data_checksums` + +Data type: `Optional[Boolean]` + +Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. + +Default value: `$postgresql::server::data_checksums` ##### `datadir` @@ -2531,13 +2617,50 @@ PostgreSQL data directory Default value: `$postgresql::server::datadir` -##### `xlogdir` +##### `encoding` Data type: `Optional[String[1]]` -PostgreSQL xlog directory +Sets the default encoding for all databases created with this module. +On certain operating systems this is also used during the template1 initialization, +so it becomes a default outside of the module as well. -Default value: `$postgresql::server::xlogdir` +Default value: `$postgresql::server::encoding` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + +##### `initdb_path` + +Data type: `Variant[String[1], Stdlib::Absolutepath]` + +Specifies the path to the initdb command. + +Default value: `$postgresql::server::initdb_path` + +##### `lc_messages` + +Data type: `Optional[String[1]]` + +locale used for logging and system messages + +Default value: `$postgresql::server::lc_messages` + +##### `locale` + +Data type: `Optional[String[1]]` + +Sets the default database locale for all databases created with this module. +On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. +Warning: This option is used during initialization by initdb, and cannot be changed later. +If set, checksums are calculated for all objects, in all databases. + +Default value: `$postgresql::server::locale` ##### `logdir` @@ -2571,32 +2694,22 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::server::manage_xlogdir` -##### `encoding` - -Data type: `Optional[String[1]]` - -Sets the default encoding for all databases created with this module. -On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. - -Default value: `$postgresql::server::encoding` - -##### `locale` +##### `module_workdir` -Data type: `Optional[String[1]]` +Data type: `String[1]` -Sets the default database locale for all databases created with this module. -On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. +Working directory for the PostgreSQL module -Default value: `$postgresql::server::locale` +Default value: `$postgresql::server::module_workdir` -##### `data_checksums` +##### `needs_initdb` -Data type: `Optional[Boolean]` +Data type: `Boolean` -Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +Explicitly calls the initdb operation after server package is installed +and before the PostgreSQL service is started. -Default value: `$postgresql::server::data_checksums` +Default value: `$postgresql::server::needs_initdb` ##### `user` @@ -2606,26 +2719,25 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `username` -Data type: `String[1]` +Data type: `Optional[String[1]]` -Overrides the default postgres user group to be used for related files in the file system. +username of user running the postgres instance -Default value: `$postgresql::server::group` +Default value: `$postgresql::server::username` -##### `module_workdir` +##### `xlogdir` -Data type: `String[1]` +Data type: `Optional[String[1]]` -Working directory for the PostgreSQL module +PostgreSQL xlog/WAL directory -Default value: `$postgresql::server::module_workdir` +Default value: `$postgresql::server::xlogdir` ### `postgresql::server::instance::late_initdb` -lint:ignore:140chars -lint:endignore:140chars +Manage the default encoding when database initialization is managed by the package #### Parameters @@ -2642,7 +2754,8 @@ The following parameters are available in the `postgresql::server::instance::lat Data type: `Optional[String[1]]` -Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the +template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::server::encoding` @@ -2674,7 +2787,9 @@ Default value: `$postgresql::server::psql_path` Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +changing the port causes the server to come to a full stop before being able to make the change. Default value: `$postgresql::server::port` @@ -2688,8 +2803,7 @@ Default value: `$postgresql::server::module_workdir` ### `postgresql::server::instance::passwd` -lint:ignore:140chars -lint:endignore:140chars +Overrides the default PostgreSQL superuser #### Parameters @@ -2732,7 +2846,9 @@ Default value: `$postgresql::server::psql_path` Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +changing the port causes the server to come to a full stop before being able to make the change. Default value: `$postgresql::server::port` @@ -2756,13 +2872,14 @@ Default value: `$postgresql::server::module_workdir` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` -Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. +Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres +database, with a user called postgres and no password. Default value: `$postgresql::server::postgres_password` ### `postgresql::server::instance::reload` -The postgresql::server::instance::reload class. +Overrides the default reload or status command for your PostgreSQL service #### Parameters @@ -2789,8 +2906,7 @@ Default value: `$postgresql::server::service_status` ### `postgresql::server::instance::service` -lint:ignore:140chars -lint:endignore:140chars +Manages the service for the postgres main instance (default) or additional instances #### Parameters @@ -2868,7 +2984,9 @@ Default value: `$postgresql::server::user` Data type: `Variant[String[1], Stdlib::Port, Integer]` -Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` @@ -2893,14 +3011,14 @@ Default value: `$postgresql::server::psql_path` Data type: `Hash` -Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, +such as postgresql::server::role. Default value: `$postgresql::server::default_connect_settings` ### `postgresql::server::pg_hba_rule` -lint:ignore:140chars -lint:endignore:140chars +This resource manages an individual rule that applies to the file defined in target. #### Parameters @@ -2939,13 +3057,16 @@ Sets a comma-separated list of users that this rule matches. Data type: `String[1]` -Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. +Provides the method that is used for authentication for the connection that this rule matches. +Described further in the PostgreSQL pg_hba.conf documentation. ##### `address` Data type: `Optional[Postgresql::Pg_hba_rule_address]` -Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html +Sets a address for this rule matching when the type is not 'local'. +Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting +dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html Default value: `undef` @@ -2953,7 +3074,8 @@ Default value: `undef` Data type: `String[1]` -Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. +Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. +Default value: 'none'. Default value: `'none'` @@ -2961,7 +3083,8 @@ Default value: `'none'` Data type: `Optional[String]` -For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. +For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for +further details. Default value: `undef` @@ -2969,7 +3092,10 @@ Default value: `undef` Data type: `Variant[String, Integer]` -Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. +Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted +to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted +using the alpha sorting order. +Default value: 150. Default value: `150` @@ -3109,13 +3235,14 @@ Default value: `$postgresql::server::default_connect_settings` ### `postgresql::server::recovery` -lint:ignore:140chars -lint:endignore:140chars +This resource manages the parameters that applies to the recovery.conf template. * **Note** Allows you to create the content for recovery.conf. For more details see the usage example and the PostgreSQL documentation. -Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and recovery_min_apply_delay. +Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and +recovery_min_apply_delay. A detailed description of all listed parameters can be found in the PostgreSQL documentation. -Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true. +Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and +manage_recovery_conf is set to true. #### Parameters @@ -3238,7 +3365,8 @@ Default value: `undef` Data type: `Optional[String[1]]` -Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. +Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control +resource removal on the upstream node. Default value: `undef` @@ -3435,17 +3563,18 @@ Default value: `$postgresql::server::psql_path` Data type: `String[1]` -Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +Specifies working directory under which the psql command should be executed. +May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` ##### `hash` -Data type: `Enum['md5', 'scram-sha-256']` +Data type: `Optional[Enum['md5', 'scram-sha-256']]` Specify the hash method for pg password -Default value: `'md5'` +Default value: `undef` ##### `salt` @@ -3533,9 +3662,15 @@ The following parameters are available in the `postgresql::server::table_grant` ##### `privilege` -Data type: `Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', 'truncate', 'references', 'trigger']` +Data type: -Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. +```puppet +Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', + 'truncate', 'references', 'trigger'] +``` + +Specifies comma-separated list of privileges to grant. +Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. ##### `table` @@ -4119,7 +4254,7 @@ Type: Ruby 4.x API This function returns the postgresql password hash from the clear text username / password -#### `postgresql::postgresql_password(Variant[String[1], Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password, Optional[Boolean] $sensitive, Optional[Optional[Enum['md5', 'scram-sha-256']]] $hash, Optional[Optional[Variant[String[1], Integer]]] $salt)` +#### `postgresql::postgresql_password(Variant[String[1], Integer] $username, Variant[String[1], Sensitive[String[1]], Integer] $password, Optional[Boolean] $sensitive, Optional[Optional[Postgresql::Pg_password_encryption]] $hash, Optional[Optional[Variant[String[1], Integer]]] $salt)` The postgresql::postgresql_password function. @@ -4145,7 +4280,7 @@ If the Postgresql-Passwordhash should be of Datatype Sensitive[String] ##### `hash` -Data type: `Optional[Optional[Enum['md5', 'scram-sha-256']]]` +Data type: `Optional[Optional[Postgresql::Pg_password_encryption]]` Set type for password hash @@ -4262,6 +4397,12 @@ validates a hash of entries for postgresql::server::pg_hab_conf Alias of `Hash[String[1], Postgresql::Pg_hba_rule]` +### `Postgresql::Pg_password_encryption` + +the supported password_encryption + +Alias of `Enum['md5', 'scram-sha-256']` + ## Tasks ### `sql` diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index 4fc05d179b..64ac5cfb4f 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -26,7 +26,8 @@ # @param manage_user # Manage creation of the backup user. # @param optional_args -# Specifies an array of optional arguments which should be passed through to the backup tool. These options are not validated, unsupported options may break the backup. +# Specifies an array of optional arguments which should be passed through to the backup tool. These options are not validated, +# unsupported options may break the backup. # @param post_script # One or more scripts that are executed when the backup is finished. This could be used to sync the backup to a central store. # @param pre_script @@ -39,7 +40,6 @@ # An array of two elements to set the backup time. Allows `['23', '5']` (i.e., 23:05) or `['3', '45']` (i.e., 03:45) for HH:MM times. # @param weekday # Weekdays on which the backup job should run. Defaults to `*`. This parameter is passed directly to the cron resource. -# class postgresql::backup::pg_dump ( String[1] $dir, Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $ensure = 'present', diff --git a/manifests/globals.pp b/manifests/globals.pp index 53cf5529cc..c9243cd41c 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -2,7 +2,8 @@ # # @note # Most server-specific defaults should be overridden in the postgresql::server class. -# This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo. +# This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such +# as version or manage_package_repo. # # # @param client_package_name Overrides the default PostgreSQL client package name. @@ -40,8 +41,10 @@ # Overrides the default PostgreSQL data directory for the target platform. # Changing the datadir after installation causes the server to come to a full stop before making the change. # For Red Hat systems, the data directory must be labeled appropriately for SELinux. -# On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). -# Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original +# On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb +# defaults to true on other systems). +# Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail +# if the data directory is changed back to the original # # @param confdir Overrides the default PostgreSQL configuration directory for the target platform. # @param bindir Overrides the default PostgreSQL binaries directory for the target platform. @@ -59,20 +62,24 @@ # @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. # @param yum_repo_commonurl Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. # -# @param needs_initdb Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. +# @param needs_initdb +# Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. # # @param encoding # Sets the default encoding for all databases created with this module. -# On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# On certain operating systems, this is also used during the template1 initialization, +# so it becomes a default outside of the module as well. # @param locale # Sets the default database locale for all databases created with this module. -# On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# On certain operating systems, this is also used during the template1 initialization, +# so it becomes a default outside of the module as well. # On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. # @param data_checksums # Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # Warning: This option is used during initialization by initdb, and cannot be changed later. # -# @param timezone Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. +# @param timezone +# Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # # @param manage_pg_hba_conf Allow Puppet to manage the pg_hba.conf file. # @param manage_pg_ident_conf Allow Puppet to manage the pg_ident.conf file. @@ -92,8 +99,9 @@ # Manage the DNF module. This only makes sense on distributions that use DNF # package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or # Puppet 6.15.0+ since they ship the dnfmodule provider. -# @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -# +# @param module_workdir +# Specifies working directory under which the psql command should be executed. +# May need to specify if '/tmp' is on volume mounted with noexec option. # class postgresql::globals ( Optional[String[1]] $client_package_name = undef, diff --git a/manifests/lib/devel.pp b/manifests/lib/devel.pp index 70ab31da97..8b215b8b0f 100644 --- a/manifests/lib/devel.pp +++ b/manifests/lib/devel.pp @@ -1,11 +1,12 @@ -# @summary This class installs postgresql development libraries. +# @summary This class installs postgresql development libraries. # # @param package_name # Override devel package name # @param package_ensure # Ensure the development libraries are installed # @param link_pg_config -# If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. +# If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir +# into usr/bin (not applicable to Debian systems). Set to false to disable this behavior. # # class postgresql::lib::devel ( diff --git a/manifests/lib/docs.pp b/manifests/lib/docs.pp index 0f132cd98a..354c7c1b0d 100644 --- a/manifests/lib/docs.pp +++ b/manifests/lib/docs.pp @@ -1,4 +1,5 @@ -# @summary Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +# @summary +# Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. # # @note # Make sure to add any necessary yum or apt repositories if specifying a custom version. @@ -7,7 +8,7 @@ # Specifies the name of the PostgreSQL docs package. # @param package_ensure # Whether the PostgreSQL docs package resource should be present. -# +# # class postgresql::lib::docs ( String $package_name = $postgresql::params::docs_package_name, diff --git a/manifests/repo.pp b/manifests/repo.pp index e67236b1bb..88c27b5e6f 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -18,7 +18,7 @@ } default: { - fail("Unsupported managed repository for osfamily: ${facts['os']['family']}, operatingsystem: ${facts['os']['name']}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") + fail("Unsupported managed repository for osfamily: ${facts['os']['family']}, operatingsystem: ${facts['os']['name']}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") # lint:ignore:140chars } } } diff --git a/manifests/server.pp b/manifests/server.pp index 35b0717275..9239231379 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,6 +1,8 @@ # @summary This installs a PostgreSQL server # -# @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. +# @param postgres_password +# Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres +# database, with a user called postgres and no password. # @param package_name Specifies the name of the package to use for installing the server software. # @param package_ensure Passes a value through to the package resource when creating the server instance. # @@ -11,22 +13,33 @@ # @param service_enable Enable the PostgreSQL service # @param service_manage Defines whether or not Puppet should manage the service. # @param service_name Overrides the default PostgreSQL service name. -# @param service_restart_on_change Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active. +# @param service_restart_on_change +# Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart +# to become active. # @param service_provider Overrides the default PostgreSQL service provider. # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. -# @param default_connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. +# @param default_connect_settings +# Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as +# postgresql::server::role. # # @param listen_addresses Address list on which the PostgreSQL service will listen -# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. +# Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make +# the change. # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # # @param ip_mask_deny_postgres_user Specifies the IP mask from which remote connections should be denied for the postgres superuser. # Default value: '0.0.0.0/0', which denies any remote connection. # -# @param ip_mask_allow_all_users Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +# @param ip_mask_allow_all_users +# Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP +# from remote machines. If you'd like to allow this, you can override this setting. +# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine +# on your local '192.168' subnet. # Default value: '127.0.0.1/32'. # # @param ipv4acls Lists strings for access control for connection method, users, databases, IPv4 addresses; @@ -47,17 +60,26 @@ # # @param log_line_prefix PostgreSQL log line prefix # -# @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +# @param pg_hba_conf_defaults +# If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to +# override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform +# basic psql operations for example. # # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # # @param needs_initdb Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started. # -# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. -# @param locale Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. -# @param data_checksums Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. -# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +# @param encoding +# Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the +# template1 initialization, so it becomes a default outside of the module as well. +# @param locale +# Sets the default database locale for all databases created with this module. On certain operating systems this is used during the +# template1 initialization as well, so it becomes a default outside of the module. +# @param data_checksums +# Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. +# Warning: This option is used during initialization by initdb, and cannot be changed later. +# If set, checksums are calculated for all objects, in all databases. # # @param timezone Set timezone for the PostgreSQL instance # @@ -86,7 +108,8 @@ # # @param version Deprecated. Use postgresql::globals instead. Sets PostgreSQL version # -# @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string +# @param extra_systemd_config +# Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # @param auth_host auth method used by default for host authorization # @param auth_local auth method used by default for local authorization # @param lc_messages locale used for logging and system messages @@ -172,7 +195,6 @@ #Deprecated Optional[String[1]] $version = undef, - ) inherits postgresql::params { if $version != undef { warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 49de501591..bfc7d53247 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -108,7 +108,7 @@ } Postgresql_psql["CREATE DATABASE \"${dbname}\""] -> postgresql_psql { "COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": - unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", + unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", # lint:ignore:140chars db => $dbname, } } @@ -126,7 +126,7 @@ if $tablespace { postgresql_psql { "ALTER DATABASE \"${dbname}\" SET ${tablespace_option}": - unless => "SELECT 1 FROM pg_database JOIN pg_tablespace spc ON dattablespace = spc.oid WHERE datname = '${dbname}' AND spcname = '${tablespace}'", + unless => "SELECT 1 FROM pg_database JOIN pg_tablespace spc ON dattablespace = spc.oid WHERE datname = '${dbname}' AND spcname = '${tablespace}'", # lint:ignore:140chars require => Postgresql_psql["CREATE DATABASE \"${dbname}\""], } diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 0f09703978..34c4475f66 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -23,7 +23,7 @@ /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, - /(?i:^SCHEMAS$)/ # lint:ignore:trailing_comma + /(?i:^SCHEMAS$)/ ] $object_type, String $schema = 'public', String $psql_db = $postgresql::server::default_database, @@ -159,8 +159,8 @@ } $_unless = $ensure ? { - 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')", - default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')" + 'absent' => "SELECT 1 WHERE NOT EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')", # lint:ignore:140chars + default => "SELECT 1 WHERE EXISTS (SELECT * FROM pg_default_acl AS da LEFT JOIN pg_namespace AS n ON da.defaclnamespace = n.oid WHERE '%s=%s%s' = ANY (defaclacl)%s and defaclobjtype = '%s')", # lint:ignore:140chars } $unless_cmd = sprintf($_unless, $role, $_check_privilege, $_check_target_role, $_check_schema, $_check_type) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index c8b62985f6..9f28e3e85c 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -3,16 +3,21 @@ # @param database Specifies the database on which to activate the extension. # @param extension Specifies the extension to activate. If left blank, uses the name of the resource. # @param schema Specifies the schema on which to activate the extension. -# @param version Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change the effective version in each database. +# @param version +# Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically +# change the effective version in each database. # This needs be updated using the PostgreSQL-specific SQL ALTER EXTENSION... # version may be set to latest, in which case the SQL ALTER EXTENSION "extension" UPDATE is applied to this database (only). # version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' -# eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. +# eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to +# this database only. # version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. # # @param ensure Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'. # @param package_name Specifies a package to install prior to activating the extension. -# @param package_ensure Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. +# @param package_ensure +# Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is +# activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 4221d65dea..c6bd7fe24b 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -3,8 +3,12 @@ # @param role Specifies the role or user whom you are granting access to. # @param db Specifies the database to which you are granting access. # @param privilege Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. -# @param object_type Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. -# @param object_name Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] +# @param object_type +# Specifies the type of object to which you are granting privileges. +# Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. +# @param object_name +# Specifies name of object_type to which to grant access, can be either a string or a two element array. +# String: 'object_name' Array: ['schema_name', 'object_name'] # @param object_arguments Specifies any arguments to be passed alongisde the access grant. # @param psql_db Specifies the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Sets the OS user to run psql. @@ -17,7 +21,7 @@ define postgresql::server::grant ( String $role, String $db, - String $privilege = '', + String $privilege = '', # lint:ignore:params_empty_string_assignment Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, /(?i:^ALL TABLES IN SCHEMA$)/, @@ -30,7 +34,7 @@ /(?i:^TABLE$)/, #/(?i:^TABLESPACE$)/, /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ # lint:ignore:trailing_comma + /(?i:^SEQUENCE$)/ #/(?i:^VIEW$)/ ] $object_type = 'database', Optional[Variant[Array[String,2,2],String[1]]] $object_name = undef, @@ -330,6 +334,7 @@ if $ensure == 'present' { if $_privilege == 'ALL' or $_privilege == 'ALL PRIVILEGES' { # GRANT ALL + # lint:ignore:140chars $custom_unless = "SELECT 1 WHERE NOT EXISTS ( SELECT 1 FROM ( SELECT t.tablename,count(privilege_type) AS priv_count FROM pg_catalog.pg_tables AS t @@ -339,13 +344,16 @@ GROUP BY t.tablename ) AS j WHERE j.priv_count < 7 )" + # lint:endignore:140chars } else { # GRANT $_privilege + # lint:ignore:140chars $custom_unless = "SELECT 1 WHERE NOT EXISTS ( SELECT 1 FROM pg_catalog.pg_tables AS t LEFT JOIN information_schema.role_table_grants AS g ON t.tablename = g.table_name AND g.grantee = '${role}' AND g.table_schema = '${schema}' AND g.privilege_type = '${_privilege}' WHERE t.schemaname = '${schema}' AND g.table_name IS NULL )" + # lint:endignore:140chars } } else { if $_privilege == 'ALL' or $_privilege == 'ALL PRIVILEGES' { diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index f66f803e3f..92a82a5f0f 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -32,7 +32,7 @@ postgresql_psql { "grant_role:${name}": command => $command, - unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '${group}' AND r_role.rolname = '${role}') ${unless_comp} true", + unless => "SELECT 1 WHERE EXISTS (SELECT 1 FROM pg_roles AS r_role JOIN pg_auth_members AS am ON r_role.oid = am.member JOIN pg_roles AS r_group ON r_group.oid = am.roleid WHERE r_group.rolname = '${group}' AND r_role.rolname = '${role}') ${unless_comp} true", # lint:ignore:140chars db => $psql_db, psql_user => $psql_user, port => $port, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index e792dcb067..84a51b5ae9 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -1,11 +1,18 @@ -# lint:ignore:140chars +# @summary Manages the config for a postgresql::server instance +# # @param ip_mask_deny_postgres_user Specifies the IP mask from which remote connections should be denied for the postgres superuser. # Default value: '0.0.0.0/0', which denies any remote connection. -# @param ip_mask_allow_all_users Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. -# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. +# @param ip_mask_allow_all_users +# Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP +# from remote machines. If you'd like to allow this, you can override this setting. +# Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine +# on your local '192.168' subnet. # Default value: '127.0.0.1/32'. # @param listen_addresses Address list on which the PostgreSQL service will listen -# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +# changing the port causes the server to come to a full stop before being able to make the change. # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # @param ipv4acls Lists strings for access control for connection method, users, databases, IPv4 addresses. # @param ipv6acls Lists strings for access control for connection method, users, databases, IPv6 addresses. @@ -14,7 +21,10 @@ # @param postgresql_conf_path Specifies the path to your postgresql.conf file. # @param postgresql_conf_mode Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. # @param recovery_conf_path Specifies the path to your recovery.conf file. -# @param pg_hba_conf_defaults If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example. +# @param pg_hba_conf_defaults +# If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to +# override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform +# basic psql operations for example. # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # @param version Sets PostgreSQL version @@ -32,8 +42,8 @@ # @param log_line_prefix PostgreSQL log line prefix # @param timezone Set timezone for the PostgreSQL instance # @param password_encryption Specify the type of encryption set for the password. -# @param extra_systemd_config Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string -# lint:endignore:140chars +# @param extra_systemd_config +# Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string define postgresql::server::instance::config ( String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index b6b0631f9c..74a5882465 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -1,16 +1,20 @@ -# lint:ignore:140chars +# @summary Manages initdb feature for a postgresql::server instance +# # @param auth_host auth method used by default for host authorization # @param auth_local auth method used by default for local authorization # @param data_checksums Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. # @param datadir PostgreSQL data directory -# @param encoding Sets the default encoding for all databases created with this module. -# On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# @param encoding +# Sets the default encoding for all databases created with this module. +# On certain operating systems this is also used during the template1 initialization, +# so it becomes a default outside of the module as well. # @param group Overrides the default postgres user group to be used for related files in the file system. # @param initdb_path Specifies the path to the initdb command. # @param lc_messages locale used for logging and system messages # @param locale Sets the default database locale for all databases created with this module. # On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. -# Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases. +# Warning: This option is used during initialization by initdb, and cannot be changed later. +# If set, checksums are calculated for all objects, in all databases. # @param logdir PostgreSQL log directory # @param manage_datadir Set to false if you have file{ $datadir: } already defined # @param manage_logdir Set to false if you have file{ $logdir: } already defined @@ -21,7 +25,6 @@ # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param username username of user running the postgres instance # @param xlogdir PostgreSQL xlog/WAL directory -# lint:endignore:140chars define postgresql::server::instance::initdb ( Optional[String[1]] $auth_host = $postgresql::server::auth_host, Optional[String[1]] $auth_local = $postgresql::server::auth_local, diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 71652fe293..09b5b42121 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -1,12 +1,16 @@ -# lint:ignore:140chars # @summary Manage the default encoding when database initialization is managed by the package -# @param encoding Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well. +# +# @param encoding +# Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the +# template1 initialization, so it becomes a default outside of the module as well. # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # @param psql_path Specifies the path to the psql command. -# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +# changing the port causes the server to come to a full stop before being able to make the change. # @param module_workdir Working directory for the PostgreSQL module -# lint:endignore:140chars define postgresql::server::instance::late_initdb ( Optional[String[1]] $encoding = $postgresql::server::encoding, String[1] $user = $postgresql::server::user, diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index a397beda54..b4fdfb5384 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -1,13 +1,18 @@ -# lint:ignore:140chars +# @summary Overrides the default PostgreSQL superuser +# # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # @param psql_path Specifies the path to the psql command. -# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +# changing the port causes the server to come to a full stop before being able to make the change. # @param database Specifies the name of the database to connect with. On most systems this is 'postgres'. # @param module_workdir Working directory for the PostgreSQL module -# @param postgres_password Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -# lint:endignore:140chars +# @param postgres_password +# Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres +# database, with a user called postgres and no password. define postgresql::server::instance::passwd ( String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, @@ -16,7 +21,6 @@ String[1] $database = $postgresql::server::default_database, String[1] $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, - ) { $real_postgres_password = if $postgres_password =~ Sensitive { $postgres_password.unwrap diff --git a/manifests/server/instance/reload.pp b/manifests/server/instance/reload.pp index 7bcc7130ca..d663b840a9 100644 --- a/manifests/server/instance/reload.pp +++ b/manifests/server/instance/reload.pp @@ -1,3 +1,5 @@ +# @summary Overrides the default reload or status command for your PostgreSQL service +# # @param service_reload Overrides the default reload command for your PostgreSQL service. # @param service_status Overrides the default status check command for your PostgreSQL service. define postgresql::server::instance::reload ( diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 27cff330e0..00e7010a90 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -1,4 +1,5 @@ -# lint:ignore:140chars +# @summary Manages the service for the postgres main instance (default) or additional instances +# # @param service_ensure Ensure service is installed # @param service_enable Enable the PostgreSQL service # @param service_manage Defines whether or not Puppet should manage the service. @@ -6,12 +7,16 @@ # @param service_provider Overrides the default PostgreSQL service provider. # @param service_status Overrides the default status check command for your PostgreSQL service. # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -# @param port Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +# changing the port causes the server to come to a full stop before being able to make the change. # Default value: 5432. Meaning the Postgres server listens on TCP port 5432. # @param default_database Specifies the name of the default database to connect with. On most systems this is 'postgres'. # @param psql_path Specifies the path to the psql command. -# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role. -# lint:endignore:140chars +# @param connect_settings +# Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, +# such as postgresql::server::role. define postgresql::server::instance::service ( Variant[Enum['running', 'stopped'], Boolean] $service_ensure = $postgresql::server::service_ensure, Boolean $service_enable = $postgresql::server::service_enable, diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 20e2235cc9..ffcb9b03da 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -1,17 +1,28 @@ -# lint:ignore:140chars # @summary This resource manages an individual rule that applies to the file defined in target. # # @param type Sets the type of rule. # @param database Sets a comma-separated list of databases that this rule matches. # @param user Sets a comma-separated list of users that this rule matches. -# @param auth_method Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -# @param address Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -# @param description Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. Default value: 'none'. -# @param auth_option For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. -# @param order Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted using the alpha sorting order. Default value: 150. +# @param auth_method +# Provides the method that is used for authentication for the connection that this rule matches. +# Described further in the PostgreSQL pg_hba.conf documentation. +# @param address +# Sets a address for this rule matching when the type is not 'local'. +# Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting +# dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html +# @param description +# Defines a longer description for this rule, if required. This description is placed in the comments above the rule in pg_hba.conf. +# Default value: 'none'. +# @param auth_option +# For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for +# further details. +# @param order +# Sets an order for placing the rule in pg_hba.conf. This can be either a string or an integer. If it is an integer, it will be converted +# to a string by zero-padding it to three digits. E.g. 42 will be zero-padded to the string '042'. The pg_hba_rule fragments are sorted +# using the alpha sorting order. +# Default value: 150. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. # @param postgresql_version Manages pg_hba.conf without managing the entire PostgreSQL instance. -# lint:endignore:140chars define postgresql::server::pg_hba_rule ( Postgresql::Pg_hba_rule_type $type, String[1] $database, diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index bcb8db9349..b8ad9c3513 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -1,29 +1,35 @@ -# lint:ignore:140chars # @summary This resource manages the parameters that applies to the recovery.conf template. # # @note # Allows you to create the content for recovery.conf. For more details see the usage example and the PostgreSQL documentation. -# Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and recovery_min_apply_delay. +# Every parameter value is a string set in the template except recovery_target_inclusive, pause_at_recovery_target, standby_mode and +# recovery_min_apply_delay. # A detailed description of all listed parameters can be found in the PostgreSQL documentation. -# Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true. +# Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and +# manage_recovery_conf is set to true. # # @param restore_command The shell command to execute to retrieve an archived segment of the WAL file series. # @param archive_cleanup_command This optional parameter specifies a shell command that will be executed at every restartpoint. # @param recovery_end_command This parameter specifies a shell command that will be executed once only at the end of recovery. -# @param recovery_target_name This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. +# @param recovery_target_name +# This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. # @param recovery_target_time This parameter specifies the time stamp up to which recovery will proceed. # @param recovery_target_xid This parameter specifies the transaction ID up to which recovery will proceed. -# @param recovery_target_inclusive Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). -# @param recovery_target This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. +# @param recovery_target_inclusive +# Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). +# @param recovery_target +# This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. # @param recovery_target_timeline Specifies recovering into a particular timeline. # @param pause_at_recovery_target Specifies whether recovery should pause when the recovery target is reached. # @param standby_mode Specifies whether to start the PostgreSQL server as a standby. # @param primary_conninfo Specifies a connection string to be used for the standby server to connect with the primary. -# @param primary_slot_name Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. +# @param primary_slot_name +# Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control +# resource removal on the upstream node. # @param trigger_file Specifies a trigger file whose presence ends recovery in the standby. -# @param recovery_min_apply_delay This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. +# @param recovery_min_apply_delay +# This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. # @param target Provides the target for the rule, and is generally an internal only property. Use with caution. -# lint:endignore:140chars define postgresql::server::recovery ( Optional[String] $restore_command = undef, Optional[String[1]] $archive_cleanup_command = undef, diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 7e1ff26a88..dad17be125 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -1,6 +1,7 @@ # @summary Define for creating a database role. # -# @param update_password If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. +# @param update_password +# If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. # @param password_hash Sets the hash to use during password creation. # @param createdb Specifies whether to grant the ability to create new databases with this role. # @param createrole Specifies whether to grant the ability to create new roles with this role. @@ -17,7 +18,9 @@ # @param psql_user Sets the OS user to run psql # @param psql_group Sets the OS group to run psql # @param psql_path Sets path to psql command -# @param module_workdir Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. +# @param module_workdir +# Specifies working directory under which the psql command should be executed. +# May need to specify if '/tmp' is on volume mounted with noexec option. # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index d2310ce9fe..4ff0bd1ce8 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -1,6 +1,8 @@ # @summary This resource wraps the grant resource to manage table grants specifically. # -# @param privilege Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. +# @param privilege +# Specifies comma-separated list of privileges to grant. +# Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. # @param table Specifies the table to which you are granting access. # @param db Specifies which database the table is in. # @param role Specifies the role or user to whom you are granting access. @@ -11,7 +13,8 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists Create grant only if it doesn't exist. define postgresql::server::table_grant ( - Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', 'truncate', 'references', 'trigger'] $privilege, + Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', + 'truncate', 'references', 'trigger'] $privilege, String[1] $table, String[1] $db, String[1] $role, diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 0be68d97f9..aa96f926e7 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -65,7 +65,7 @@ if $owner { postgresql_psql { "ALTER TABLESPACE \"${spcname}\" OWNER TO \"${owner}\"": - unless => "SELECT 1 FROM pg_tablespace JOIN pg_roles rol ON spcowner = rol.oid WHERE spcname = '${spcname}' AND rolname = '${owner}'", + unless => "SELECT 1 FROM pg_tablespace JOIN pg_roles rol ON spcowner = rol.oid WHERE spcname = '${spcname}' AND rolname = '${owner}'", # lint:ignore:140chars require => Postgresql_psql["CREATE TABLESPACE \"${spcname}\""], } From 7c230ab29d56b5641e0429a234851d28bea12911 Mon Sep 17 00:00:00 2001 From: Gavin Patton Date: Thu, 10 Aug 2023 12:20:07 +0100 Subject: [PATCH 0865/1000] (CAT-343) Audit modules and tools for references to travis. Removed all needless references to travis. --- README.md | 2 -- provision.yaml | 8 ++++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e82e79824a..2b9fdcb8c2 100644 --- a/README.md +++ b/README.md @@ -401,8 +401,6 @@ And then run the unit tests: bundle exec rake spec ``` -The unit tests are run in Travis-CI as well. If you want to see the results of your own tests, register the service hook through Travis-CI via the accounts section for your GitHub clone of this project. - To run the system tests, make sure you also have: * Vagrant > 1.2.x diff --git a/provision.yaml b/provision.yaml index 73ddc048cc..51e4abc91d 100644 --- a/provision.yaml +++ b/provision.yaml @@ -8,26 +8,26 @@ vagrant: images: - centos/7 - generic/ubuntu1804 -travis_deb: +docker_deb: provisioner: docker images: - litmusimage/debian:8 - litmusimage/debian:9 - litmusimage/debian:10 -travis_ub_6: +docker_ub_6: provisioner: docker images: - litmusimage/ubuntu:14.04 - litmusimage/ubuntu:16.04 - litmusimage/ubuntu:18.04 - litmusimage/ubuntu:20.04 -travis_el7: +docker_el7: provisioner: docker images: - litmusimage/centos:7 - litmusimage/oraclelinux:7 - litmusimage/scientificlinux:7 -travis_el8: +docker_el8: provisioner: docker images: - litmusimage/centos:8 From 3a75aafdc27a8eca59e7ac5366d4bbe87b62d76c Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 28 Aug 2023 12:53:08 +0200 Subject: [PATCH 0866/1000] port parameter: Cleanup datatype It doesn't make Sense to Allow Integer when we already allow Stdlib::Port. --- REFERENCE.md | 24 ++++++++++++------------ manifests/server.pp | 2 +- manifests/server/default_privileges.pp | 2 +- manifests/server/extension.pp | 2 +- manifests/server/grant.pp | 2 +- manifests/server/grant_role.pp | 2 +- manifests/server/instance/config.pp | 2 +- manifests/server/instance/late_initdb.pp | 2 +- manifests/server/instance/passwd.pp | 2 +- manifests/server/instance/service.pp | 2 +- manifests/server/reassign_owned_by.pp | 6 +++--- manifests/server/role.pp | 2 +- manifests/server/table_grant.pp | 2 +- 13 files changed, 26 insertions(+), 26 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index fe3afd0e86..a19903bff8 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1031,7 +1031,7 @@ Default value: `$postgresql::params::listen_addresses` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. @@ -1946,7 +1946,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port to access the server. Default value: The default user for the module, usually '5432'. @@ -2051,7 +2051,7 @@ Default value: `undef` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` +Data type: `Optional[Variant[String[1], Stdlib::Port]]` Port to use when connecting. @@ -2178,7 +2178,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Port to use when connecting. @@ -2280,7 +2280,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Port to use when connecting. @@ -2361,7 +2361,7 @@ Default value: `$postgresql::server::listen_addresses` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2785,7 +2785,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2844,7 +2844,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2982,7 +2982,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -3219,7 +3219,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port, Integer]` +Data type: `Variant[String[1], Stdlib::Port]` Port to use when connecting. @@ -3465,7 +3465,7 @@ Default value: `$postgresql::server::default_database` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` +Data type: `Optional[Variant[String[1], Stdlib::Port]]` Port to use when connecting. @@ -3700,7 +3700,7 @@ Default value: `undef` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port, Integer]]` +Data type: `Optional[Variant[String[1], Stdlib::Port]]` Port to use when connecting. diff --git a/manifests/server.pp b/manifests/server.pp index 9239231379..71936b790f 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -135,7 +135,7 @@ String[1] $default_database = $postgresql::params::default_database, Hash $default_connect_settings = $postgresql::globals::default_connect_settings, Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::params::listen_addresses, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::params::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::params::port, String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 34c4475f66..cef1d541d9 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -28,7 +28,7 @@ String $schema = 'public', String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', String $group = $postgresql::server::group, diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 9f28e3e85c..9594d9c388 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -29,7 +29,7 @@ Optional[String[1]] $version = undef, Enum['present', 'absent'] $ensure = 'present', Optional[String[1]] $package_name = undef, - Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Optional[Variant[String[1], Stdlib::Port]] $port = undef, Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, ) { diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index c6bd7fe24b..56ee563330 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -41,7 +41,7 @@ Array[String[1],0] $object_arguments = [], String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Boolean $onlyif_exists = false, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 92a82a5f0f..6f507a9b34 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -13,7 +13,7 @@ Enum['present', 'absent'] $ensure = 'present', String[1] $psql_db = $postgresql::server::default_database, String[1] $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { case $ensure { diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 84a51b5ae9..f34f896aaa 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -48,7 +48,7 @@ String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::server::listen_addresses, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 09b5b42121..dcec18b63a 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -16,7 +16,7 @@ String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, String[1] $module_workdir = $postgresql::server::module_workdir, ) { # Set the defaults for the postgresql_psql resource diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index b4fdfb5384..526d55a9e4 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -17,7 +17,7 @@ String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, String[1] $database = $postgresql::server::default_database, String[1] $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 00e7010a90..48f5c603e7 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -25,7 +25,7 @@ Optional[String[1]] $service_provider = $postgresql::server::service_provider, String[1] $service_status = $postgresql::server::service_status, String[1] $user = $postgresql::server::user, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, String[1] $default_database = $postgresql::server::default_database, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 4d5eac43d4..314381336f 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -12,9 +12,9 @@ String $old_role, String $new_role, String $db, - String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port, Integer] $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, + String $psql_user = $postgresql::server::user, + Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, ) { $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" diff --git a/manifests/server/role.pp b/manifests/server/role.pp index dad17be125..968e806d5b 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -29,7 +29,7 @@ Boolean $createdb = false, Boolean $createrole = false, String[1] $db = $postgresql::server::default_database, - Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Optional[Variant[String[1], Stdlib::Port]] $port = undef, Boolean $login = true, Boolean $inherit = true, Boolean $superuser = false, diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 4ff0bd1ce8..69a1afa91d 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -19,7 +19,7 @@ String[1] $db, String[1] $role, Optional[Enum['present', 'absent']] $ensure = undef, - Optional[Variant[String[1], Stdlib::Port, Integer]] $port = undef, + Optional[Variant[String[1], Stdlib::Port]] $port = undef, Optional[String[1]] $psql_db = undef, Optional[String[1]] $psql_user = undef, Optional[Hash] $connect_settings = undef, From 584d9081ccc3171503ce72d4770f1efff0b89f4c Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 28 Aug 2023 14:10:04 +0200 Subject: [PATCH 0867/1000] pg_hba.conf: Introduce a newline after each rule This makes the whole file more readable. --- templates/pg_hba_rule.conf.epp | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/pg_hba_rule.conf.epp b/templates/pg_hba_rule.conf.epp index 8d92ac4c37..9d54265624 100644 --- a/templates/pg_hba_rule.conf.epp +++ b/templates/pg_hba_rule.conf.epp @@ -13,3 +13,4 @@ # Description: <%= $description %> # Order: <%= $order %> <%= $type %> <%= $database %> <%= $user %> <%= $address %> <%= $auth_method %> <%= $auth_option %> + From 5b2edeb723cddb7f9a85f1a3068092830d1a5afc Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 28 Aug 2023 15:35:47 +0200 Subject: [PATCH 0868/1000] port parameter: log warning when its a string --- manifests/server.pp | 3 +++ manifests/server/default_privileges.pp | 3 +++ manifests/server/extension.pp | 3 +++ manifests/server/grant.pp | 3 +++ manifests/server/grant_role.pp | 3 +++ manifests/server/instance/config.pp | 3 +++ manifests/server/instance/late_initdb.pp | 3 +++ manifests/server/instance/passwd.pp | 3 +++ manifests/server/instance/service.pp | 3 +++ manifests/server/instance/systemd.pp | 3 +++ manifests/server/reassign_owned_by.pp | 3 +++ manifests/server/role.pp | 3 +++ manifests/server/table_grant.pp | 3 +++ spec/acceptance/alternative_port_spec.rb | 2 +- spec/defines/server/extension_spec.rb | 4 ++-- spec/defines/server/grant_role_spec.rb | 2 +- 16 files changed, 43 insertions(+), 4 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 71936b790f..1971adfa24 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -196,6 +196,9 @@ #Deprecated Optional[String[1]] $version = undef, ) inherits postgresql::params { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } if $version != undef { warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') $_version = $version diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index cef1d541d9..5dad6bbab0 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -35,6 +35,9 @@ Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Optional[String] $target_role = undef, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } # If possible use the version of the remote database, otherwise # fallback to our local DB version if $connect_settings != undef and 'DBVERSION' in $connect_settings { diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 9594d9c388..c64eb11da7 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -33,6 +33,9 @@ Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } $user = postgresql::default('user') $group = postgresql::default('group') $psql_path = postgresql::default('psql_path') diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 56ee563330..5b72b33bbd 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -48,6 +48,9 @@ String $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } case $ensure { default: { # default is 'present' diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 6f507a9b34..9256f06995 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -16,6 +16,9 @@ Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } case $ensure { 'present': { $command = "GRANT \"${group}\" TO \"${role}\"" diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index f34f896aaa..55e55d85ef 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -73,6 +73,9 @@ Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::server::password_encryption, Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file concat { $pg_hba_conf_path: diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index dcec18b63a..43a1d404ce 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -19,6 +19,9 @@ Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, String[1] $module_workdir = $postgresql::server::module_workdir, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 526d55a9e4..97d4a2b01c 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -22,6 +22,9 @@ String[1] $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } $real_postgres_password = if $postgres_password =~ Sensitive { $postgres_password.unwrap } else { diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 48f5c603e7..f690245e9b 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -30,6 +30,9 @@ Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } anchor { "postgresql::server::service::begin::${name}": } if $service_manage { diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp index 9d7302882f..ddda18cdf7 100644 --- a/manifests/server/instance/systemd.pp +++ b/manifests/server/instance/systemd.pp @@ -10,6 +10,9 @@ Enum[present, absent] $drop_in_ensure = 'present', ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } # Template uses: # - $port # - $datadir diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 314381336f..3e07e52686 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -16,6 +16,9 @@ Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" $group = $postgresql::server::group diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 968e806d5b..cec244af6c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -45,6 +45,9 @@ Optional[Enum['md5', 'scram-sha-256']] $hash = undef, Optional[Variant[String[1], Integer]] $salt = undef, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap } else { diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 69a1afa91d..cc623fe428 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -25,6 +25,9 @@ Optional[Hash] $connect_settings = undef, Boolean $onlyif_exists = false, ) { + if $port =~ String { + deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') + } postgresql::server::grant { "table:${name}": ensure => $ensure, role => $role, diff --git a/spec/acceptance/alternative_port_spec.rb b/spec/acceptance/alternative_port_spec.rb index 125fbd3f3a..57ac64cf70 100644 --- a/spec/acceptance/alternative_port_spec.rb +++ b/spec/acceptance/alternative_port_spec.rb @@ -7,7 +7,7 @@ describe 'postgresql::server' do it 'on an alternative port' do pp = <<-MANIFEST - class { 'postgresql::server': port => '55433', manage_selinux => true } + class { 'postgresql::server': port => 55433, manage_selinux => true } MANIFEST if os[:family] == 'redhat' && os[:release].start_with?('8') apply_manifest(pp, expect_failures: false) diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index 251f45a990..68a161584b 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -198,7 +198,7 @@ extension: 'pg_repack', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' } + 'PGPORT' => 1234 } } end @@ -222,7 +222,7 @@ extension: 'pg_repack', connect_settings: { 'PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', - 'PGPORT' => '1234' }, + 'PGPORT' => 1234 }, port: 5678 } end diff --git a/spec/defines/server/grant_role_spec.rb b/spec/defines/server/grant_role_spec.rb index 31d45f7c8c..016255aa70 100644 --- a/spec/defines/server/grant_role_spec.rb +++ b/spec/defines/server/grant_role_spec.rb @@ -31,7 +31,7 @@ let(:params) do super().merge(psql_db: 'postgres', psql_user: 'postgres', - port: '5432') + port: 5432) end it { From f37197b8a9a201a0b0f1e7bd7ba8fe2c2d126fc2 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 28 Aug 2023 16:01:48 +0200 Subject: [PATCH 0869/1000] reassign_owned_by: Cleanup puppet-strings documentation --- manifests/server/reassign_owned_by.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 314381336f..7df25f9a1a 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -1,7 +1,7 @@ # @summary Define for reassigning the ownership of objects within a database. -# @note -# This enables us to force the a particular ownership for objects within a database -# +# +# @note This enables us to force the a particular ownership for objects within a database +# # @param old_role Specifies the role or user who is the current owner of the objects in the specified db # @param new_role Specifies the role or user who will be the new owner of these objects # @param db Specifies the database to which the 'REASSIGN OWNED' will be applied From 2bec262a338d19119a9a919d0b10ee9bcad80173 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 29 Aug 2023 12:06:43 +0200 Subject: [PATCH 0870/1000] Revert "puppetlabs/stdlib: Require 9.x" This reverts e142268e9aa9f802a861d42bed2f7039bb8d6295 --- manifests/backup/pg_dump.pp | 6 +++--- manifests/server/extension.pp | 2 +- manifests/server/instance/config.pp | 2 +- manifests/server/instance/passwd.pp | 4 ++-- metadata.json | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index 64ac5cfb4f..e46b45c2e4 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -68,13 +68,13 @@ ) { # Install required packages if $package_name { - stdlib::ensure_packages($package_name) + ensure_packages($package_name) } if $install_cron { if $facts['os']['family'] == 'RedHat' { - stdlib::ensure_packages('cronie') + ensure_packages('cronie') } elsif $facts['os']['family'] != 'FreeBSD' { - stdlib::ensure_packages('cron') + ensure_packages('cron') } } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index c64eb11da7..6063329003 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -137,7 +137,7 @@ default => $package_ensure, } - stdlib::ensure_packages($package_name, { + ensure_packages($package_name, { ensure => $_package_ensure, tag => 'puppetlabs-postgresql', }) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 55e55d85ef..7b8e08b2a9 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -189,7 +189,7 @@ } } - stdlib::ensure_packages([$package_name]) + ensure_packages([$package_name]) $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 97d4a2b01c..85ee0ce754 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -34,7 +34,7 @@ # psql will default to connecting as $user if you don't specify name $_datbase_user_same = $database == $user $_dboption = $_datbase_user_same ? { - false => " --dbname ${stdlib::shell_escape($database)}", + false => " --dbname ${shell_escape($database)}", default => '' } @@ -44,7 +44,7 @@ # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. $escaped = postgresql::postgresql_escape($real_postgres_password) - $exec_command = "${stdlib::shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${stdlib::shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars + $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user diff --git a/metadata.json b/metadata.json index 2443217f39..aae032a220 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 9.0.0 < 10.0.0" + "version_requirement": ">= 5.2.0 < 10.0.0" }, { "name": "puppetlabs/apt", From 6d221b3c131c09230a0cd097e33fb5e0685dfc73 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Wed, 30 Aug 2023 12:24:40 +0000 Subject: [PATCH 0871/1000] Release prep v9.2.0 --- CHANGELOG.md | 23 +++++++++++++++++++++++ metadata.json | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4188f5b3d4..8ebe04b397 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,29 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v9.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.2.0) - 2023-08-30 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.1.0...v9.2.0) + +### Added + +- port parameter: Cleanup datatype [#1471](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1471) ([bastelfreak](https://github.com/bastelfreak)) +- puppet/systemd: Allow 5.x & puppetlabs/concat: Allow 9.x [#1448](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1448) ([bastelfreak](https://github.com/bastelfreak)) +- Add default version for Fedora 37, 38 [#1421](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1421) ([lweller](https://github.com/lweller)) +- Defaulting password encryption for version above 14 [#1406](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1406) ([cruelsmith](https://github.com/cruelsmith)) + +### Fixed + +- port parameter: log warning when its a string [#1474](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1474) ([bastelfreak](https://github.com/bastelfreak)) +- pg_hba.conf: Introduce a newline after each rule [#1472](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1472) ([bastelfreak](https://github.com/bastelfreak)) +- (CAT-1262)-updated legacy repo for SUSE [#1462](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1462) ([praj1001](https://github.com/praj1001)) +- Fix log directory config entry name [#1457](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1457) ([chillinger](https://github.com/chillinger)) +- Make anchors in defined resources unique [#1455](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1455) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- implement key parameter for config_entry defined resource [#1454](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1454) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- add missing parameters to initdb [#1451](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1451) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Fix default value for $service_status on ArchLinux [#1410](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1410) ([smortex](https://github.com/smortex)) +- Fix wrong Sensitive handling for updating role passwords [#1404](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1404) ([cruelsmith](https://github.com/cruelsmith)) + ## [v9.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.1.0) - 2023-06-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.0.3...v9.1.0) diff --git a/metadata.json b/metadata.json index aae032a220..f565c49a3c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.1.0", + "version": "9.2.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 59f2d9a009c2394e5338bd2d7ef5ccb87c94fdfe Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 16:51:59 +0200 Subject: [PATCH 0872/1000] postgresql::server: Remove deprecated version parameter --- REFERENCE.md | 9 --------- manifests/server.pp | 12 +----------- 2 files changed, 1 insertion(+), 20 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index a19903bff8..03e2f0f36d 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -891,7 +891,6 @@ The following parameters are available in the `postgresql::server` class: * [`backup_enable`](#-postgresql--server--backup_enable) * [`backup_options`](#-postgresql--server--backup_options) * [`backup_provider`](#-postgresql--server--backup_provider) -* [`version`](#-postgresql--server--version) * [`extra_systemd_config`](#-postgresql--server--extra_systemd_config) * [`auth_host`](#-postgresql--server--auth_host) * [`auth_local`](#-postgresql--server--auth_local) @@ -1374,14 +1373,6 @@ Specifies the backup provider to use. Default value: `$postgresql::params::backup_provider` -##### `version` - -Data type: `Optional[String[1]]` - -Deprecated. Use postgresql::globals instead. Sets PostgreSQL version - -Default value: `undef` - ##### `extra_systemd_config` Data type: `Optional[String]` diff --git a/manifests/server.pp b/manifests/server.pp index 1971adfa24..c226217310 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -106,8 +106,6 @@ # @param backup_options A hash of options that should be passed through to the backup provider. # @param backup_provider Specifies the backup provider to use. # -# @param version Deprecated. Use postgresql::globals instead. Sets PostgreSQL version -# # @param extra_systemd_config # Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string # @param auth_host auth method used by default for host authorization @@ -192,19 +190,11 @@ Boolean $backup_enable = $postgresql::params::backup_enable, Hash $backup_options = {}, Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, - - #Deprecated - Optional[String[1]] $version = undef, ) inherits postgresql::params { if $port =~ String { deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') } - if $version != undef { - warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') - $_version = $version - } else { - $_version = $postgresql::params::version - } + $_version = $postgresql::params::version if $createdb_path != undef { warning('Passing "createdb_path" to postgresql::server is deprecated, it can be removed safely for the same behaviour') From c572647e6f737868b1c955990b78838ba959d495 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 28 Aug 2023 14:25:15 +0200 Subject: [PATCH 0873/1000] port: Enforce Stdlib::Port datatype --- REFERENCE.md | 24 ++++++++++++------------ manifests/server.pp | 6 +----- manifests/server/default_privileges.pp | 5 +---- manifests/server/extension.pp | 5 +---- manifests/server/grant.pp | 5 +---- manifests/server/grant_role.pp | 5 +---- manifests/server/instance/config.pp | 5 +---- manifests/server/instance/late_initdb.pp | 5 +---- manifests/server/instance/passwd.pp | 5 +---- manifests/server/instance/service.pp | 5 +---- manifests/server/instance/systemd.pp | 6 +----- manifests/server/reassign_owned_by.pp | 7 ++----- manifests/server/role.pp | 5 +---- manifests/server/table_grant.pp | 5 +---- templates/systemd-override.conf.epp | 2 +- 15 files changed, 27 insertions(+), 68 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 03e2f0f36d..bb51deb071 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1030,7 +1030,7 @@ Default value: `$postgresql::params::listen_addresses` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. @@ -1937,7 +1937,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port to access the server. Default value: The default user for the module, usually '5432'. @@ -2042,7 +2042,7 @@ Default value: `undef` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port]]` +Data type: `Optional[Stdlib::Port]` Port to use when connecting. @@ -2169,7 +2169,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. @@ -2271,7 +2271,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. @@ -2352,7 +2352,7 @@ Default value: `$postgresql::server::listen_addresses` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2776,7 +2776,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2835,7 +2835,7 @@ Default value: `$postgresql::server::psql_path` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -2973,7 +2973,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, @@ -3210,7 +3210,7 @@ Default value: `$postgresql::server::user` ##### `port` -Data type: `Variant[String[1], Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. @@ -3456,7 +3456,7 @@ Default value: `$postgresql::server::default_database` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port]]` +Data type: `Optional[Stdlib::Port]` Port to use when connecting. @@ -3691,7 +3691,7 @@ Default value: `undef` ##### `port` -Data type: `Optional[Variant[String[1], Stdlib::Port]]` +Data type: `Optional[Stdlib::Port]` Port to use when connecting. diff --git a/manifests/server.pp b/manifests/server.pp index c226217310..25c607bb48 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -133,7 +133,7 @@ String[1] $default_database = $postgresql::params::default_database, Hash $default_connect_settings = $postgresql::globals::default_connect_settings, Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::params::listen_addresses, - Variant[String[1], Stdlib::Port] $port = $postgresql::params::port, + Stdlib::Port $port = $postgresql::params::port, String[1] $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, @@ -191,11 +191,7 @@ Hash $backup_options = {}, Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, ) inherits postgresql::params { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } $_version = $postgresql::params::version - if $createdb_path != undef { warning('Passing "createdb_path" to postgresql::server is deprecated, it can be removed safely for the same behaviour') } diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 5dad6bbab0..6a9541864e 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -28,16 +28,13 @@ String $schema = 'public', String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', String $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Optional[String] $target_role = undef, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } # If possible use the version of the remote database, otherwise # fallback to our local DB version if $connect_settings != undef and 'DBVERSION' in $connect_settings { diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 6063329003..308ae788e1 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -29,13 +29,10 @@ Optional[String[1]] $version = undef, Enum['present', 'absent'] $ensure = 'present', Optional[String[1]] $package_name = undef, - Optional[Variant[String[1], Stdlib::Port]] $port = undef, + Optional[Stdlib::Port] $port = undef, Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } $user = postgresql::default('user') $group = postgresql::default('group') $psql_path = postgresql::default('psql_path') diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 5b72b33bbd..ec4d5d2c98 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -41,16 +41,13 @@ Array[String[1],0] $object_arguments = [], String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, Boolean $onlyif_exists = false, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', String $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } case $ensure { default: { # default is 'present' diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 9256f06995..a061a8341f 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -13,12 +13,9 @@ Enum['present', 'absent'] $ensure = 'present', String[1] $psql_db = $postgresql::server::default_database, String[1] $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } case $ensure { 'present': { $command = "GRANT \"${group}\" TO \"${role}\"" diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 7b8e08b2a9..ba34a0276e 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -48,7 +48,7 @@ String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, Optional[Variant[String[1], Array[String[1]]]] $listen_addresses = $postgresql::server::listen_addresses, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, @@ -73,9 +73,6 @@ Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::server::password_encryption, Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file concat { $pg_hba_conf_path: diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 43a1d404ce..ef7971cd0a 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -16,12 +16,9 @@ String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, String[1] $module_workdir = $postgresql::server::module_workdir, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 85ee0ce754..e832fb1978 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -17,14 +17,11 @@ String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, String[1] $database = $postgresql::server::default_database, String[1] $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } $real_postgres_password = if $postgres_password =~ Sensitive { $postgres_password.unwrap } else { diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index f690245e9b..af917308e8 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -25,14 +25,11 @@ Optional[String[1]] $service_provider = $postgresql::server::service_provider, String[1] $service_status = $postgresql::server::service_status, String[1] $user = $postgresql::server::user, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, String[1] $default_database = $postgresql::server::default_database, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } anchor { "postgresql::server::service::begin::${name}": } if $service_manage { diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp index ddda18cdf7..d3f217e09e 100644 --- a/manifests/server/instance/systemd.pp +++ b/manifests/server/instance/systemd.pp @@ -3,16 +3,12 @@ # @param drop_in_ensure sets the Systemd drop-in file to present or absent # @api private define postgresql::server::instance::systemd ( - Variant[String[1], Stdlib::Port] $port, + Stdlib::Port $port, Stdlib::Absolutepath $datadir, Optional[String[1]] $extra_systemd_config = undef, String[1] $service_name = $name, Enum[present, absent] $drop_in_ensure = 'present', - ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } # Template uses: # - $port # - $datadir diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 4c1aea6bf9..c0b15461fc 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -13,12 +13,9 @@ String $new_role, String $db, String $psql_user = $postgresql::server::user, - Variant[String[1], Stdlib::Port] $port = $postgresql::server::port, + Stdlib::Port $port = $postgresql::server::port, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" $group = $postgresql::server::group @@ -27,7 +24,7 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # - if $port != undef { + if $port { $port_override = $port } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef diff --git a/manifests/server/role.pp b/manifests/server/role.pp index cec244af6c..576a71abd9 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -29,7 +29,7 @@ Boolean $createdb = false, Boolean $createrole = false, String[1] $db = $postgresql::server::default_database, - Optional[Variant[String[1], Stdlib::Port]] $port = undef, + Optional[Stdlib::Port] $port = undef, Boolean $login = true, Boolean $inherit = true, Boolean $superuser = false, @@ -45,9 +45,6 @@ Optional[Enum['md5', 'scram-sha-256']] $hash = undef, Optional[Variant[String[1], Integer]] $salt = undef, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap } else { diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index cc623fe428..9168dd9ce0 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -19,15 +19,12 @@ String[1] $db, String[1] $role, Optional[Enum['present', 'absent']] $ensure = undef, - Optional[Variant[String[1], Stdlib::Port]] $port = undef, + Optional[Stdlib::Port] $port = undef, Optional[String[1]] $psql_db = undef, Optional[String[1]] $psql_user = undef, Optional[Hash] $connect_settings = undef, Boolean $onlyif_exists = false, ) { - if $port =~ String { - deprecation('postgres_port', 'Passing a string to the port parameter is deprecated. Stdlib::Port will be the enforced datatype in the next major release') - } postgresql::server::grant { "table:${name}": ensure => $ensure, role => $role, diff --git a/templates/systemd-override.conf.epp b/templates/systemd-override.conf.epp index 830c3007d5..48b02c72f4 100644 --- a/templates/systemd-override.conf.epp +++ b/templates/systemd-override.conf.epp @@ -1,5 +1,5 @@ <%- | - Variant[String[1], Stdlib::Port] $port, + Stdlib::Port $port, Stdlib::Absolutepath $datadir, Optional[String[1]] $extra_systemd_config, | -%> From 37a957cda64bd7eb85bb4bfb884258c3461a2942 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 16:37:39 +0200 Subject: [PATCH 0874/1000] puppetlabs/stdlib: Require 9.x --- manifests/backup/pg_dump.pp | 6 +++--- manifests/server/extension.pp | 2 +- manifests/server/instance/config.pp | 2 +- manifests/server/instance/passwd.pp | 4 ++-- metadata.json | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/backup/pg_dump.pp b/manifests/backup/pg_dump.pp index e46b45c2e4..64ac5cfb4f 100644 --- a/manifests/backup/pg_dump.pp +++ b/manifests/backup/pg_dump.pp @@ -68,13 +68,13 @@ ) { # Install required packages if $package_name { - ensure_packages($package_name) + stdlib::ensure_packages($package_name) } if $install_cron { if $facts['os']['family'] == 'RedHat' { - ensure_packages('cronie') + stdlib::ensure_packages('cronie') } elsif $facts['os']['family'] != 'FreeBSD' { - ensure_packages('cron') + stdlib::ensure_packages('cron') } } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 308ae788e1..227e451d1a 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -134,7 +134,7 @@ default => $package_ensure, } - ensure_packages($package_name, { + stdlib::ensure_packages($package_name, { ensure => $_package_ensure, tag => 'puppetlabs-postgresql', }) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index ba34a0276e..3eeb855a6a 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -186,7 +186,7 @@ } } - ensure_packages([$package_name]) + stdlib::ensure_packages([$package_name]) $exec_command = ['/usr/sbin/semanage', 'port', '-a', '-t', 'postgresql_port_t', '-p', 'tcp', $port] $exec_unless = "/usr/sbin/semanage port -l | grep -qw ${port}" diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index e832fb1978..4221f94f5d 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -31,7 +31,7 @@ # psql will default to connecting as $user if you don't specify name $_datbase_user_same = $database == $user $_dboption = $_datbase_user_same ? { - false => " --dbname ${shell_escape($database)}", + false => " --dbname ${stdlib::shell_escape($database)}", default => '' } @@ -41,7 +41,7 @@ # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. $escaped = postgresql::postgresql_escape($real_postgres_password) - $exec_command = "${shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars + $exec_command = "${stdlib::shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${stdlib::shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user diff --git a/metadata.json b/metadata.json index f565c49a3c..1c8b7d8611 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 5.2.0 < 10.0.0" + "version_requirement": ">= 9.0.0 < 10.0.0" }, { "name": "puppetlabs/apt", From 1627e74ad85dd9861a243875a45e77325c454689 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 21:35:39 +0200 Subject: [PATCH 0875/1000] postgresql::server: Remove deprecated createdb_path parameter It looks like `$postgresql::params::createdb_path` doesn't even exist? That's quite odd. A) my grep failed or b) the rspec-puppet tests don't use strict_variables=true. --- REFERENCE.md | 18 ------------------ manifests/globals.pp | 2 -- manifests/server.pp | 5 ----- manifests/server/database.pp | 5 ----- 4 files changed, 30 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index bb51deb071..3b5f194fe9 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -181,7 +181,6 @@ The following parameters are available in the `postgresql::globals` class: * [`default_database`](#-postgresql--globals--default_database) * [`validcon_script_path`](#-postgresql--globals--validcon_script_path) * [`initdb_path`](#-postgresql--globals--initdb_path) -* [`createdb_path`](#-postgresql--globals--createdb_path) * [`psql_path`](#-postgresql--globals--psql_path) * [`pg_hba_conf_path`](#-postgresql--globals--pg_hba_conf_path) * [`pg_ident_conf_path`](#-postgresql--globals--pg_ident_conf_path) @@ -356,14 +355,6 @@ Path to the initdb command. Default value: `undef` -##### `createdb_path` - -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` - -Deprecated. Path to the createdb command. - -Default value: `undef` - ##### `psql_path` Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` @@ -856,7 +847,6 @@ The following parameters are available in the `postgresql::server` class: * [`ipv4acls`](#-postgresql--server--ipv4acls) * [`ipv6acls`](#-postgresql--server--ipv6acls) * [`initdb_path`](#-postgresql--server--initdb_path) -* [`createdb_path`](#-postgresql--server--createdb_path) * [`psql_path`](#-postgresql--server--psql_path) * [`pg_hba_conf_path`](#-postgresql--server--pg_hba_conf_path) * [`pg_ident_conf_path`](#-postgresql--server--pg_ident_conf_path) @@ -1085,14 +1075,6 @@ Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` -##### `createdb_path` - -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` - -Deprecated. Specifies the path to the createdb command. - -Default value: `$postgresql::params::createdb_path` - ##### `psql_path` Data type: `Variant[String[1], Stdlib::Absolutepath]` diff --git a/manifests/globals.pp b/manifests/globals.pp index c9243cd41c..d04dda7e47 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -26,7 +26,6 @@ # @param validcon_script_path Scipt path for the connection validation check. # # @param initdb_path Path to the initdb command. -# @param createdb_path Deprecated. Path to the createdb command. # @param psql_path Sets the path to the psql command. # @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. @@ -124,7 +123,6 @@ Optional[String[1]] $validcon_script_path = undef, Optional[Variant[String[1], Stdlib::Absolutepath]] $initdb_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $createdb_path = undef, Optional[Variant[String[1], Stdlib::Absolutepath]] $psql_path = undef, Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_hba_conf_path = undef, Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_ident_conf_path = undef, diff --git a/manifests/server.pp b/manifests/server.pp index 25c607bb48..99285b458c 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -46,7 +46,6 @@ # @param ipv6acls Lists strings for access control for connection method, users, databases, IPv6 addresses. # # @param initdb_path Specifies the path to the initdb command. -# @param createdb_path Deprecated. Specifies the path to the createdb command. # @param psql_path Specifies the path to the psql command. # @param pg_hba_conf_path Specifies the path to your pg_hba.conf file. # @param pg_ident_conf_path Specifies the path to your pg_ident.conf file. @@ -140,7 +139,6 @@ Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::params::initdb_path, - Optional[Variant[String[1], Stdlib::Absolutepath]] $createdb_path = $postgresql::params::createdb_path, Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::params::psql_path, Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, @@ -192,9 +190,6 @@ Enum['pg_dump'] $backup_provider = $postgresql::params::backup_provider, ) inherits postgresql::params { $_version = $postgresql::params::version - if $createdb_path != undef { - warning('Passing "createdb_path" to postgresql::server is deprecated, it can be removed safely for the same behaviour') - } # Reload has its own ordering, specified by other defines class { 'postgresql::server::reload': diff --git a/manifests/server/database.pp b/manifests/server/database.pp index bfc7d53247..27e49e2eab 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -20,7 +20,6 @@ Boolean $istemplate = false, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { - $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path @@ -79,10 +78,6 @@ default => "TABLESPACE \"${tablespace}\"", } - if $createdb_path != undef { - warning('Passing "createdb_path" to postgresql::database is deprecated, it can be removed safely for the same behaviour') - } - postgresql_psql { "CREATE DATABASE \"${dbname}\"": command => "CREATE DATABASE \"${dbname}\" WITH ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", From 9b47b3411e1ae46a33c7016f7c80ed40a93b7d35 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 22:18:37 +0200 Subject: [PATCH 0876/1000] Delete deprecated validate_db_connection() defined resource --- REFERENCE.md | 102 ----------------- manifests/validate_db_connection.pp | 115 -------------------- spec/defines/validate_db_connection_spec.rb | 68 ------------ 3 files changed, 285 deletions(-) delete mode 100644 manifests/validate_db_connection.pp delete mode 100644 spec/defines/validate_db_connection_spec.rb diff --git a/REFERENCE.md b/REFERENCE.md index 3b5f194fe9..ab1b6fea54 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -63,7 +63,6 @@ * [`postgresql::server::schema`](#postgresql--server--schema): Create a new schema. * [`postgresql::server::table_grant`](#postgresql--server--table_grant): This resource wraps the grant resource to manage table grants specifically. * [`postgresql::server::tablespace`](#postgresql--server--tablespace): This module creates tablespace. -* [`postgresql::validate_db_connection`](#postgresql--validate_db_connection): This type validates that a successful postgres connection. #### Private Defined types @@ -3763,107 +3762,6 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::validate_db_connection` - -This validated if the postgres connection can be established -between the node on which this resource is run and a specified postgres -instance (host/port/user/password/database name). - -#### Parameters - -The following parameters are available in the `postgresql::validate_db_connection` defined type: - -* [`database_host`](#-postgresql--validate_db_connection--database_host) -* [`database_name`](#-postgresql--validate_db_connection--database_name) -* [`database_password`](#-postgresql--validate_db_connection--database_password) -* [`database_username`](#-postgresql--validate_db_connection--database_username) -* [`database_port`](#-postgresql--validate_db_connection--database_port) -* [`connect_settings`](#-postgresql--validate_db_connection--connect_settings) -* [`run_as`](#-postgresql--validate_db_connection--run_as) -* [`sleep`](#-postgresql--validate_db_connection--sleep) -* [`tries`](#-postgresql--validate_db_connection--tries) -* [`create_db_first`](#-postgresql--validate_db_connection--create_db_first) - -##### `database_host` - -Data type: `Optional[String[1]]` - -Database host address - -Default value: `undef` - -##### `database_name` - -Data type: `Optional[String[1]]` - -Specifies the name of the database you wish to test. - -Default value: `undef` - -##### `database_password` - -Data type: `Optional[Variant[String, Sensitive[String]]]` - -Specifies the password to connect with. - -Default value: `undef` - -##### `database_username` - -Data type: `Optional[String[1]]` - -Specifies the username to connect with. - -Default value: `undef` - -##### `database_port` - -Data type: `Optional[Variant[String[1], Integer]]` - -Defines the port to use when connecting. - -Default value: `undef` - -##### `connect_settings` - -Data type: `Optional[Hash]` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: `undef` - -##### `run_as` - -Data type: `Optional[String[1]]` - -Specifies the user to run the psql command as. - -Default value: `undef` - -##### `sleep` - -Data type: `Integer` - -Sets the number of seconds to sleep for before trying again after a failure. - -Default value: `2` - -##### `tries` - -Data type: `Integer` - -Sets the number of attempts after failure before giving up and failing the resource. - -Default value: `10` - -##### `create_db_first` - -Data type: `Boolean` - -Creates the database when obtaining a successful connection. - -Default value: `true` - ## Resource types ### `postgresql_conf` diff --git a/manifests/validate_db_connection.pp b/manifests/validate_db_connection.pp deleted file mode 100644 index 726264a263..0000000000 --- a/manifests/validate_db_connection.pp +++ /dev/null @@ -1,115 +0,0 @@ -# @summary This type validates that a successful postgres connection. -# -# @note -# This validated if the postgres connection can be established -# between the node on which this resource is run and a specified postgres -# instance (host/port/user/password/database name). -# -# -# @param database_host Database host address -# @param database_name Specifies the name of the database you wish to test. -# @param database_password Specifies the password to connect with. -# @param database_username Specifies the username to connect with. -# @param database_port Defines the port to use when connecting. -# @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. -# @param run_as Specifies the user to run the psql command as. -# @param sleep Sets the number of seconds to sleep for before trying again after a failure. -# @param tries Sets the number of attempts after failure before giving up and failing the resource. -# @param create_db_first Creates the database when obtaining a successful connection. -# -define postgresql::validate_db_connection ( - Optional[String[1]] $database_host = undef, - Optional[String[1]] $database_name = undef, - Optional[Variant[String, Sensitive[String]]] $database_password = undef, - Optional[String[1]] $database_username = undef, - Optional[Variant[String[1], Integer]] $database_port = undef, - Optional[Hash] $connect_settings = undef, - Optional[String[1]] $run_as = undef, - Integer $sleep = 2, - Integer $tries = 10, - Boolean $create_db_first = true -) { - include postgresql::client - include postgresql::params - - warning('postgresql::validate_db_connection is deprecated, please use postgresql_conn_validator.') - - $database_password_unsensitive = if $database_password =~ Sensitive[String] { - $database_password.unwrap - } else { - $database_password - } - - $psql_path = $postgresql::params::psql_path - $module_workdir = $postgresql::params::module_workdir - $validcon_script_path = $postgresql::client::validcon_script_path - - $cmd_init = "${psql_path} --tuples-only --quiet" - $cmd_host = $database_host ? { - undef => '', - default => "-h ${database_host}", - } - $cmd_user = $database_username ? { - undef => '', - default => "-U ${database_username}", - } - $cmd_port = $database_port ? { - undef => '', - default => "-p ${database_port}", - } - $cmd_dbname = $database_name ? { - undef => "--dbname ${postgresql::params::default_database}", - default => "--dbname ${database_name}", - } - $pass_env = $database_password_unsensitive ? { - undef => undef, - default => "PGPASSWORD=${database_password_unsensitive}", - } - $cmd = join([$cmd_init, $cmd_host, $cmd_user, $cmd_port, $cmd_dbname], ' ') - $validate_cmd = [$validcon_script_path, $sleep, $tries, $cmd] - - # This is more of a safety valve, we add a little extra to compensate for the - # time it takes to run each psql command. - $timeout = (($sleep + 2) * $tries) - - # Combine $database_password_unsensitive and $connect_settings into an array of environment - # variables, ensure $database_password_unsensitive is last, allowing it to override a password - # from the $connect_settings hash - if $connect_settings != undef { - if $pass_env != undef { - $env = concat(join_keys_to_values( $connect_settings, '='), $pass_env) - } else { - $env = join_keys_to_values( $connect_settings, '=') - } - } else { - $env = $pass_env - } - - $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" - $exec_command = "echo 'Unable to connect to defined database using: ${shell_escape($cmd)}' && false" - - exec { $exec_name: - command => $exec_command, - unless => $validate_cmd, - cwd => $module_workdir, - environment => $env, - logoutput => 'on_failure', - user => $run_as, - path => '/bin:/usr/bin:/usr/local/bin', - timeout => $timeout, - require => Class['postgresql::client'], - } - - # This is a little bit of puppet magic. What we want to do here is make - # sure that if the validation and the database instance creation are being - # applied on the same machine, then the database resource is applied *before* - # the validation resource. Otherwise, the validation is guaranteed to fail - # on the first run. - # - # We accomplish this by using Puppet's resource collection syntax to search - # for the Database resource in our current catalog; if it exists, the - # appropriate relationship is created here. - if($create_db_first) { - Postgresql::Server::Database<|title == $database_name|> -> Exec[$exec_name] - } -} diff --git a/spec/defines/validate_db_connection_spec.rb b/spec/defines/validate_db_connection_spec.rb deleted file mode 100644 index c428be4323..0000000000 --- a/spec/defines/validate_db_connection_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -describe 'postgresql::validate_db_connection' do - include_examples 'Debian 11' - - let :title do - 'test' - end - - describe 'should work with only default parameters' do - it { is_expected.to contain_postgresql__validate_db_connection('test') } - end - - describe 'should work with all parameters' do - let :params do - { - database_host: 'test', - database_name: 'test', - database_password: 'test', - database_username: 'test', - database_port: 5432, - run_as: 'postgresq', - sleep: 4, - tries: 30 - } - end - - it { is_expected.to contain_postgresql__validate_db_connection('test') } - - it 'has proper path for validate command' do - expect(subject).to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/usr/local/bin/validate_postgresql_connection.sh', - 4, - 30, - '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test']) - end - end - - describe 'should work while specifying validate_connection in postgresql::client' do - let :params do - { - database_host: 'test', - database_name: 'test', - database_password: 'test', - database_username: 'test', - database_port: 5432 - } - end - - let :pre_condition do - <<-MANIFEST - class { 'postgresql::globals': - module_workdir => '/var/tmp', - } -> - class { 'postgresql::client': validcon_script_path => '/opt/something/validate.sh' } - MANIFEST - end - - it 'has proper path for validate command and correct cwd' do - expect(subject).to contain_exec('validate postgres connection for test@test:5432/test').with(unless: ['/opt/something/validate.sh', - 2, - 10, - '/usr/bin/psql --tuples-only --quiet -h test -U test -p 5432 --dbname test'], - cwd: '/var/tmp') - end - end -end From cadac6ece01e9bc7b8eff8be38628f4b41658382 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 22:25:43 +0200 Subject: [PATCH 0877/1000] Delete legacy readmes/README_ja_JP.md --- readmes/README_ja_JP.md | 1978 --------------------------------------- 1 file changed, 1978 deletions(-) delete mode 100644 readmes/README_ja_JP.md diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md deleted file mode 100644 index 242ba1f38a..0000000000 --- a/readmes/README_ja_JP.md +++ /dev/null @@ -1,1978 +0,0 @@ -# postgresql - -#### 目次 - -1. [モジュールの概要 - モジュールの機能](#module-description) -2. [セットアップ - postgresqlモジュール導入の基本](#setup) - * [postgresqlの影響](#what-postgresql-affects) - * [postgresqlの導入](#getting-started-with-postgresql) -3. [使用方法 - 設定オプションと追加機能](#usage) - * [サーバーの設定](#configure-a-server) - * [データベースの作成](#create-a-database) - * [ユーザ、ロール、パーミッションの管理](#manage-users-roles-and-permissions) - * [DBオブジェクトの所有権の管理](#manage-ownership-of-db-objects) - * [デフォルトのオーバーライド](#override-defaults) - * [pg_hba.confのアクセスルールの作成](#create-an-access-rule-for-pg_hbaconf) - * [pg_ident.confのユーザ名マップの作成](#create-user-name-maps-for-pg_identconf) - * [接続の検証](#validate-connectivity) -4. [参考 - モジュールの機能と動作について](#reference) - * [クラス](#classes) - * [定義できるタイプ](#defined-types) - * [タイプ](#types) - * [関数](#functions) - * [タスク](#tasks) -5. [制約事項 - OSの互換性など](#limitations) -6. [開発 - モジュール貢献についてのガイド](#development) - * [コントリビュータ - モジュール貢献者の一覧](#contributors) -7. [テスト](#tests) -8. [コントリビュータ - モジュール貢献者の一覧](#contributors) - -## モジュールの概要 - -postgresqlモジュールを使用すると、PuppetでPostgreSQLを管理できます。 - -PostgreSQLは、高性能な無償のオープンソースリレーショナルデータベースサーバーです。postgresqlモジュールを使用すると、PostgreSQLのパッケージ、サービス、データベース、ユーザ、一般的なセキュリティ設定を管理できるようになります。 - -## セットアップ - -### postgresqlの影響 - -* PostgreSQLのパッケージ、サービス、設定ファイル -* リッスンするポート -* IPおよびマスク(オプション) - -### postgresqlの導入 - -基本的なデフォルトのPostgreSQLサーバーを設定するには、`postgresql::server`クラスを宣言します。 - -```puppet -class { 'postgresql::server': -} -``` - -## 使用方法 - -### サーバーの設定 - -デフォルト設定を使用する場合は、上記のように`postgresql::server`クラスを宣言します。PostgreSQLサーバーの設定をカスタマイズするには、次のように、変更する[パラメータ](#postgresqlserver)を指定します。 - -```puppet -class { 'postgresql::server': - ip_mask_deny_postgres_user => '0.0.0.0/32', - ip_mask_allow_all_users => '0.0.0.0/0', - ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], - postgres_password => 'TPSrep0rt!', -} -``` - -設定後、コマンドラインで設定をテストします。 - -```shell -psql -h localhost -U postgres -psql -h my.postgres.server -U -``` - -上記のコマンドでエラーメッセージが返ってくる場合は、パーミッションの設定によって現在の接続元からのアクセスが制限されています。その場所からの接続を許可するかどうかに応じて、パーミッション設定の変更が必要な場合があります。 - -サーバー設定パラメータの詳細については、[PostgreSQLランタイム設定マニュアル](http://www.postgresql.org/docs/current/static/runtime-config.html)を参照してください。 - -### データベースの作成 - -さまざまなPostgreSQLデータベースを定義タイプ`postgresql::server::db`を使用してセットアップできます。例えば、PuppetDBのデータベースをセットアップするには、次のように記述します。 - -```puppet -class { 'postgresql::server': -} - -postgresql::server::db { 'mydatabasename': - user => 'mydatabaseuser', - password => postgresql_password('mydatabaseuser', 'mypassword'), -} -``` - -### ユーザ、ロール、パーミッションの管理 - -ユーザ、ロール、パーミッションを管理するには、次のようにします。 - -```puppet -class { 'postgresql::server': -} - -postgresql::server::role { 'marmot': - password_hash => postgresql_password('marmot', 'mypasswd'), -} - -postgresql::server::database_grant { 'test1': - privilege => 'ALL', - db => 'test1', - role => 'marmot', -} - -postgresql::server::table_grant { 'my_table of test2': - privilege => 'ALL', - table => 'my_table', - db => 'test2', - role => 'marmot', -} -``` - -この例では、test1データベース上とtest2データベースの`my_table`テーブル上の**すべての**権限を、指定したユーザまたはグループに付与します。値がPuppetDB設定ファイルに追加されると、このデータベースは使用可能になります。 - -### DBオブジェクトの所有権の管理 - -REASSIGN OWNEDを使用して、データベース内にあるすべてのオブジェクトの所有権を変更するには、次のようにします。 - -```puppet -postgresql::server::reassign_owned_by { 'new owner is meerkat': - db => 'test_db', - old_role => 'marmot', - new_role => 'meerkat', -} -``` - -この例では、PostgreSQLの'REASSIGN OWNED'ステートメントを実行して所有権を更新し、現在、ロール'marmot'が所有しているすべてのテーブル、シーケンス、関数、ビューが、ロール'meerkat'に所有されるようにします。 - -これは、指定された'test_db'内のオブジェクトに対してのみ適用されます。 - -バージョン9.3以上のPostgresqlでは、データベースの所有権も更新されます。 - -### デフォルトのオーバーライド - -`postgresql::globals`クラスを使用すると、このモジュールの主な設定をグローバルに構成できます。この設定は、他のクラスや定義済みリソースから使用できます。単独では機能しません。 - -例えば、すべてのクラスのデフォルトの`locale`と`encoding`をオーバーライドするには、次のように記述します。 - -```puppet -class { 'postgresql::globals': - encoding => 'UTF-8', - locale => 'en_US.UTF-8', -} - -class { 'postgresql::server': -} -``` - -特定のバージョンのPostgreSQLパッケージを使用するには、次のように記述します。 - -```puppet -class { 'postgresql::globals': - manage_package_repo => true, - version => '9.2', -} - -class { 'postgresql::server': -} -``` - -### リモートのユーザ、ロール、パーミッションの管理 - -リモートのSQLオブジェクトは、ローカルのSQLオブジェクトと同じPuppetリソースと、[`connect_settings`](#connect_settings)ハッシュを使用して管理します。これは、PuppetがリモートのPostgresインスタンスに接続する方法と、SQLコマンドの生成に使用されるバージョンを制御します。 - -`connect_settings`ハッシュには、'PGHOST'、'PGPORT'、'PGPASSWORD'、'PGSSLKEY'など、Postgresクライアント接続を制御する環境変数を含めることができます。変数の全リストについては、[PostgreSQL環境変数](http://www.postgresql.org/docs/9.4/static/libpq-envars.html)マニュアルを参照してください。 - -さらに、特殊値の'DBVERSION'により、ターゲットデータベースのバージョンを指定できます。`connect_settings`ハッシュが省略されているか空の場合、PuppetはローカルのPostgreSQLインスタンスに接続します。 - -Puppetリソースごとに`connect_settings`ハッシュを設定するか、`postgresql::globals`にデフォルトの`connect_settings`ハッシュを設定できます。リソースごとに`connect_settings`を設定すると、SQLオブジェクトが複数のユーザによって複数のデータベース上に作成できるようになります。 - -```puppet -$connection_settings_super2 = { - 'PGUSER' => 'super2', - 'PGPASSWORD' => 'foobar2', - 'PGHOST' => '127.0.0.1', - 'PGPORT' => '5432', - 'PGDATABASE' => 'postgres', -} - -include postgresql::server - -# Connect with no special settings, i.e domain sockets, user postgres -postgresql::server::role { 'super2': - password_hash => 'foobar2', - superuser => true, - - connect_settings => {}, -} - -# Now using this new user connect via TCP -postgresql::server::database { 'db1': - connect_settings => $connection_settings_super2, - require => Postgresql::Server::Role['super2'], -} -``` - -### pg_hba.confのアクセスルールの作成 - -`pg_hba.conf`のアクセスルールを作成するには、次のように記述します。 - -```puppet -postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => 'Open up PostgreSQL for access from 200.1.2.0/24', - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', -} -``` - -これにより、以下のようなルールセットが`pg_hba.conf`内に作成されます。 - -``` -# Rule Name: allow application network to access app database -# Description: Open up PostgreSQL for access from 200.1.2.0/24 -# Order: 150 -host app app 200.1.2.0/24 md5 -``` - -デフォルトでは、`pg_hba_rule`に`postgresql::server`を含める必要がありますが、ルールを宣言する際にtargetおよびpostgresql_versionを設定することで、その動作をオーバーライドできます。例えば次のようになります。 - -```puppet -postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => 'Open up postgresql for access from 200.1.2.0/24', - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - target => '/path/to/pg_hba.conf', - postgresql_version => '9.4', -} -``` - -### pg_ident.confのユーザ名マップの作成 - -pg_ident.confのユーザ名マップを作成するには、次のように記述します。 - -```puppet -postgresql::server::pg_ident_rule { 'Map the SSL certificate of the backup server as a replication user': - map_name => 'sslrepli', - system_username => 'repli1.example.com', - database_username => 'replication', -} -``` - -これにより、次のようなユーザ名マップが`pg_ident.conf`に作成されます。 - -``` -#Rule Name: Map the SSL certificate of the backup server as a replication user -#Description: none -#Order: 150 -sslrepli repli1.example.com replication -``` - -### リカバリ設定の作成 - -リカバリ設定ファイル(`recovery.conf`)を作成するには、次のように記述します。 - -```puppet -postgresql::server::recovery { 'Create a recovery.conf file with the following defined parameters': - restore_command => 'cp /mnt/server/archivedir/%f %p', - archive_cleanup_command => undef, - recovery_end_command => undef, - recovery_target_name => 'daily backup 2015-01-26', - recovery_target_time => '2015-02-08 22:39:00 EST', - recovery_target_xid => undef, - recovery_target_inclusive => true, - recovery_target => 'immediate', - recovery_target_timeline => 'latest', - pause_at_recovery_target => true, - standby_mode => 'on', - primary_conninfo => 'host=localhost port=5432', - primary_slot_name => undef, - trigger_file => undef, - recovery_min_apply_delay => 0, -} -``` - -これにより、次の`recovery.conf`設定ファイルが作成されます。 - -``` -restore_command = 'cp /mnt/server/archivedir/%f %p' -recovery_target_name = 'daily backup 2015-01-26' -recovery_target_time = '2015-02-08 22:39:00 EST' -recovery_target_inclusive = true -recovery_target = 'immediate' -recovery_target_timeline = 'latest' -pause_at_recovery_target = true -standby_mode = 'on' -primary_conninfo = 'host=localhost port=5432' -recovery_min_apply_delay = 0 -``` - -テンプレートでは、指定されたパラメータのみが認識されます。`recovery.conf`は、少なくとも1つのパラメータが設定済みで、**かつ**、[manage_recovery_conf](#manage_recovery_conf)がtrueの場合のみ作成されます。 - -### 接続の検証 - -従属タスクを開始する前に、リモートのPostgreSQLデータベースへのクライアント接続を検証するには、`postgresql_conn_validator`リソースを使用します。このリソースは、PostgreSQLクライアントソフトウェアがインストールされている任意のノード上で使用できます。アプリケーションサーバーの起動や、データベース移行の実行など、他のタスクと結合されることがよくあります。 - -使用例: - -```puppet -postgresql_conn_validator { 'validate my postgres connection': - host => 'my.postgres.host', - db_username => 'mydbuser', - db_password => 'mydbpassword', - db_name => 'mydbname', -}-> -exec { 'rake db:migrate': - cwd => '/opt/myrubyapp', -} -``` - -## リファレンス - -postgresqlモジュールには、サーバー設定用に多数のオプションがあります。以下の設定をすべて使うことはないかもしれませんが、これらを使用することで、セキュリティ設定をかなり制御することができます。 - -**クラス:** - -* [postgresql::client](#postgresqlclient) -* [postgresql::globals](#postgresqlglobals) -* [postgresql::lib::devel](#postgresqllibdevel) -* [postgresql::lib::java](#postgresqllibjava) -* [postgresql::lib::perl](#postgresqllibperl) -* [postgresql::lib::python](#postgresqllibpython) -* [postgresql::server](#postgresqlserver) -* [postgresql::server::plperl](#postgresqlserverplperl) -* [postgresql::server::contrib](#postgresqlservercontrib) -* [postgresql::server::postgis](#postgresqlserverpostgis) - -**定義できるタイプ:** - -* [postgresql::server::config_entry](#postgresqlserverconfig_entry) -* [postgresql::server::database](#postgresqlserverdatabase) -* [postgresql::server::database_grant](#postgresqlserverdatabase_grant) -* [postgresql::server::db](#postgresqlserverdb) -* [postgresql::server::extension](#postgresqlserverextension) -* [postgresql::server::grant](#postgresqlservergrant) -* [postgresql::server::grant_role](#postgresqlservergrant_role) -* [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule) -* [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule) -* [postgresql::server::reassign_owned_by](#postgresqlserverreassign_owned_by) -* [postgresql::server::recovery](#postgresqlserverrecovery) -* [postgresql::server::role](#postgresqlserverrole) -* [postgresql::server::schema](#postgresqlserverschema) -* [postgresql::server::table_grant](#postgresqlservertable_grant) -* [postgresql::server::tablespace](#postgresqlservertablespace) - -**タイプ:** - -* [postgresql_psql](#custom-resource-postgresql_psql) -* [postgresql_replication_slot](#custom-resource-postgresql_replication_slot) -* [postgresql_conf](#custom-resource-postgresql_conf) -* [postgresql_conn_validator](#custom-resource-postgresql_conn_validator) - -**関数:** - -* [postgresql_password](#function-postgresql_password) -* [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) - -**タスク:** - -* [`sql`](#tasks) - -### クラス - -#### postgresql::client - -PostgreSQLクライアントソフトウェアをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 - ->**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 - -##### `package_ensure` - -PostgreSQLクライアントパッケージリソースが存在する必要があるかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -##### `package_name` - -PostgreSQLクライアントパッケージの名前を設定します。 - -デフォルト値: 'file'。 - -#### postgresql::lib::docs - -Postgres-Docs向けのPostgreSQLバインディングをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 - -**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 - -##### `package_name` - -PostgreSQL docsパッケージの名前を指定します。 - -##### `package_ensure` - -PostgreSQL docsパッケージリソースが存在する必要があるかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -#### postgresql::globals - -**注意:** ほとんどのサーバー固有のデフォルト値は、`postgresql::server`クラスでオーバーライドする必要があります。このクラスは、標準以外のOSを使用している場合か、ここでしか変更できない要素(`version`や`manage_package_repo`)を変更する場合のみ使用します。 - -##### `bindir` - -ターゲットプラットフォームのデフォルトのPostgreSQLバイナリディレクトリをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `client_package_name` - -デフォルトのPostgreSQLクライアントパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `confdir`  - -ターゲットプラットフォームのデフォルトのPostgreSQL設定ディレクトリをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `contrib_package_name` - -デフォルトのPostgreSQL contribパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `createdb_path` - -**非推奨** `createdb`コマンドへのパス。 - -デフォルト値: '${bindir}/createdb'。 - -##### `datadir` - -ターゲットプラットフォームのデフォルトのPostgreSQLデータディレクトリをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -**注意:** インストール後にdatadirを変更すると、変更が実行される前にサーバーが完全に停止します。Red Hatシステムでは、データディレクトリはSELinuxに適切にラベル付けする必要があります。Ubuntuでは、明示的に`needs_initdb = true`に設定して、Puppetが新しいdatadir内のデータベースを初期化できるようにする必要があります(他のシステムでは、`needs_initdb`はデフォルトでtrueになっています)。 - -**警告:** datadirがデフォルトから変更された場合、Puppetは元のデータディレクトリのパージを管理しません。そのため、データディレクトリが元のディレクトリに戻ったときにエラーが発生します。 - -##### `data_checksums` - -オプションです。 - -データタイプ: 真偽値(boolean) - -データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。 - -有効な値: `true`、`false`。 - -デフォルト値: initdbのデフォルト値(`false`)。 - -**警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 - -##### `default_database` - -接続するデフォルトのデータベースの名前を指定します。 - -デフォルト値: (ほとんどのシステムにおいて) 'postgres'。 - -##### `devel_package_name` - -デフォルトのPostgreSQL develパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `docs_package_name` - -オプションです。 - -デフォルトのPostgreSQL docsパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `encoding` - -このモジュールで作成されるすべてのデータベースのデフォルトエンコーディングを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 - -デフォルト値: オペレーティングシステムのデフォルトエンコーディングによって決まります。 - -##### `group` - -ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーザグループをオーバーライドします。 - -デフォルト値: 'postgres'。 - -##### `initdb_path` - -`initdb`コマンドへのパス。 - -##### `java_package_name` - -デフォルトのPostgreSQL javaパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `locale` - -このモジュールで作成されるすべてのデータベースのデフォルトのデータベースロケールを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 - -デフォルト値: `undef`、実質的には'C'。 - -**Debianでは、PostgreSQLのフル機能が使用できるように'locales-all'パッケージがインストールされていることを確認する必要があります。** - -##### `timezone` - -postgresqlサーバーのデフォルトタイムゾーンを設定します。postgresqlのビルトインのデフォルト値は、システムのタイムゾーン情報を取得しています。 - -##### `logdir` - -デフォルトのPostgreSQL logディレクトリをオーバーライドします。 - -デフォルト値: initdbのデフォルトパス。 - -##### `manage_package_repo` - -`true`に設定されている場合、お使いのホスト上に公式なPostgreSQLリポジトリをセットアップします。 - -デフォルト値: `false`。 - -##### `module_workdir` - -psqlコマンドを実行する作業ディレクトリを指定します。'/tmp'がnoexecオプションでマウントされたボリューム上にあるときに、指定が必要になる場合があります。 - -デフォルト値: '/tmp'。 - -##### `needs_initdb` - -サーバーパッケージをインストール後、PostgreSQLサービスを開始する前に、initdb動作を明示的に呼び出します。 - -デフォルト値: OSによって異なります。 - -##### `perl_package_name` - -デフォルトのPostgreSQL Perlパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `pg_hba_conf_defaults` - -`false`に設定すると、`pg_hba.conf`についてモジュールに設定されたデフォルト値を無効にします。デフォルト値をオーバーライドするときに役立ちます。ただし、基本的な`psql`動作など、一定の動作を行うためには一定のアクセスが要求されるので、ここでの変更内容がその他のモジュールと矛盾しないように注意してください。 - -デフォルト値: `postgresql::globals::manage_pg_hba_conf`に設定されたグローバル値。デフォルトは`true`。 - -##### `pg_hba_conf_path` - -`pg_hba.conf`ファイルへのパスを指定します。 - -デフォルト値: '${confdir}/pg_hba.conf'。 - -##### `pg_ident_conf_path` - -`pg_ident.conf`ファイルへのパスを指定します。 - -デフォルト値: '${confdir}/pg_ident.conf'。 - -##### `plperl_package_name` - -デフォルトのPostgreSQL PL/Perlパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `plpython_package_name` - -デフォルトのPostgreSQL PL/Pythonパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `postgis_version` - -PostGISをインストールする場合に、インストールするPostGISのバージョンを定義します。 - -デフォルト値: インストールするPostgreSQLで利用可能な最下位のバージョン。 - -##### `postgresql_conf_path` - -`postgresql.conf`ファイルへのパスを設定します。 - -デフォルト値: '${confdir}/postgresql.conf'。 - -##### `psql_path` - -`psql`コマンドへのパスを設定します。 - -##### `python_package_name` - -デフォルトのPostgreSQL Pythonパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `recovery_conf_path` - -`recovery.conf`ファイルへのパス。 - -##### `repo_proxy` - -公式のPostgreSQL yumリポジトリのみのプロキシオプションを設定します。これは、サーバーが企業のファイアウォール内にあり、外部への接続にプロキシを使用する必要がある場合に役立ちます。 - -Debianは現在サポートされていません。 - -##### `repo_baseurl` - -PostgreSQLリポジトリのbaseurlを設定します。リポジトリのミラーを所有している場合に便利です。 - -デフォルト値: 公式なPostgreSQLリポジトリ。 - -##### `server_package_name` - -デフォルトのPostgreSQLサーバーパッケージ名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `service_name` - -デフォルトのPostgreSQLサービス名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `service_provider` - -デフォルトのPostgreSQLサービスプロバイダをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `service_status` - -PostgreSQLサービスのデフォルトのステータスチェックコマンドをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `user` - -ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよび所有者をオーバーライドします。 - -デフォルト値: 'postgres'。 - -##### `version` - -インストールおよび管理するPostgreSQLのバージョン。 - -デフォルト値: OSシステムのデフォルト値。 - -##### `xlogdir` - -デフォルトのPostgreSQL xlogディレクトリをオーバーライドします。 - -デフォルト値: initdbのデフォルトパス。 - -#### postgresql::lib::devel - -PostgreSQLの開発ライブラリとシンボリックリンク`pg_config`を含むパッケージを`/usr/bin`にインストールします(`/usr/bin`または`/usr/local/bin`に存在しない場合)。 - -##### `link_pg_config` - -PostgreSQLページが使用するbinディレクトリが`/usr/bin`でも`/usr/local/bin`でもない場合、パッケージのbinディレクトリから`usr/bin`に`pg_config`をシンボリックリンクします(Debianシステムには適用されません)。この動作を無効にするには、`false`に設定します。 - -有効な値: `true`、`false`。 - -デフォルト値: `true`。 - -##### `package_ensure` - -パッケージのインストール中に'ensure'パラメータをオーバーライドします。 - -デフォルト値: 'present'。 - -##### `package_name` - -インストール先のディストリビューションのデフォルトパッケージ名をオーバーライドします。 - -デフォルト値: ディストリビューションに応じて、'postgresql-devel'または'postgresql-devel'。 - -#### postgresql::lib::java - -Java (JDBC)向けのPostgreSQLバインディングをインストールします。カスタムのバージョンをインストールするには、次のパラメータを設定します。 - -**注意:** カスタムのバージョンを指定する場合、必要なyumまたはaptリポジトリを忘れずに追加してください。 - -##### `package_ensure` - -パッケージが存在するかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -##### `package_name` - -PostgreSQL javaパッケージの名前を指定します。 - -#### postgresql::lib::perl - -PostgreSQL Perlライブラリをインストールします。 - -##### `package_ensure` - -パッケージが存在するかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -##### `package_name` - -インストールするPostgreSQL perlパッケージの名前を指定します。 - -#### postgresql::server::plpython - -PostgreSQLのPL/Python手続き型言語をインストールします。 - -##### `package_name` - -postgresql PL/Pythonパッケージの名前を指定します。 - -##### `package_ensure` - -パッケージが存在するかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -#### postgresql::lib::python - -PostgreSQL Pythonライブラリをインストールします。 - -##### `package_ensure` - -パッケージが存在するかどうかを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -##### `package_name` - -PostgreSQL Pythonパッケージの名前。 - -#### postgresql::server - -##### `config_entries` - -`postgresql::server::config_entry` のリソースを構築するハッシュを指定します。 - -デフォルト値: `{}` - -##### `createdb_path` - -**非推奨** `createdb`コマンドへのパスを指定します。 - -デフォルト値: '${bindir}/createdb'。 - -##### `data_checksums` - -オプションです。 - -データタイプ: 真偽値(boolean) - -データページに対してチェックサムを使用すると、その他の方法では発見の難しいI/Oシステムによる破損を検出するのに役立ちます。 - -有効な値: `true`、`false`。 - -デフォルト値: initdbのデフォルト値(`false`)。 - -**警告:** このオプションは、initdbによって初期化中に使用され、後から変更することはできません。設定された時点で、すべてのデータベース内のすべてのオブジェクトに対してチェックサムが計算されます。 - -##### `default_database` - -接続するデフォルトのデータベースの名前を指定します。ほとんどのシステムで、'postgres'になります。 - -##### `default_connect_settings` - -リモートサーバーに接続する際に使用される環境変数のハッシュを指定します。他の定義タイプのデフォルトとして使用されます(`postgresql::server::role`など)。 - -##### `encoding` - -このモジュールで作成されるすべてのデータベースのデフォルトエンコーディングを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトにもなります。 - -デフォルト値: `undef`。 - -##### `group` - -ファイルシステムの関連ファイルに使用されるデフォルトのpostgresユーザグループをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `initdb_path` - -`initdb`コマンドへのパスを指定します。 - -デフォルト値: '${bindir}/initdb'。 - -##### `ipv4acls` - -接続方法、ユーザ、データベース、IPv4アドレスのアクセス制御のための文字列を一覧表示します。 - -詳細については、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)の`pg_hba.conf`の項を参照してください。 - -##### `ipv6acls` - -接続方法、ユーザ、データベース、IPv6アドレスのアクセス制御のための文字列を一覧表示します。 - -詳細については、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)の`pg_hba.conf`の項を参照してください。 - -##### `ip_mask_allow_all_users` - -リモート接続に関するPostgreSQLのデフォルト動作をオーバーライドします。デフォルトでは、PostgreSQLは、データベースユーザアカウントがリモートマシンからTCP経由で接続することを許可しません。許可するには、この設定をオーバーライドします。 - -データベースユーザによる任意のリモートマシンからの接続を許可するには、'0.0.0.0/0'に設定します。ローカルの'192.168'サブネット内の任意のマシンからの接続を許可するには、'192.168.0.0/1'に設定します。 - -デフォルト値: '127.0.0.1/32'。 - -##### `ip_mask_deny_postgres_user` - -postgresスーパーユーザについて、リモート接続を拒否するためのIPマスクを指定します。 - -デフォルト値: '0.0.0.0/0'。デフォルト値ではリモート接続はすべて拒否されます。 - -##### `locale` - -このモジュールで作成されるすべてのデータベースのデフォルトのデータベースロケールを設定します。オペレーティングシステムによっては、`template1` の初期化にも使用されます。その場合、モジュール外部のデフォルトになります。 - -デフォルト値: `undef`、実質的には'C'。 - -**Debianでは、PostgreSQLの全機能を使用できるよう、'locales-all'パッケージがインストールされていることを確認してください。** - -##### `manage_pg_hba_conf` - -`pg_hba.conf`を管理するかどうかを指定します。 - -`true`に設定すると、Puppetはこのファイルを上書きします。 - -`false`に設定すると、Puppetはこのファイルに変更を加えません。 - -有効な値: `true`、`false`。 - -デフォルト値: `true` - -##### `manage_pg_ident_conf` - -pg_ident.confファイルを上書きします。 - -`true`に設定すると、Puppetはこのファイルを上書きします。 - -`false`に設定すると、Puppetはこのファイルに変更を加えません。 - -有効な値: `true`、`false`。 - -デフォルト値: `true`。 - -##### `manage_recovery_conf` - -`recovery.conf`を管理するかどうかを指定します。 - -`true`に設定すると、Puppetはこのファイルを上書きします。 - -有効な値: `true`、`false`。 - -デフォルト値: `false`。 - -##### `needs_initdb` - -サーバーパッケージをインストール後、PostgreSQLサービスを開始する前に、`initdb`動作を明示的に呼び出します。 - -デフォルト値: OSによって異なります。 - -##### `package_ensure` - -サーバーインスタンスを作成するときに、`package`リソースに値を受け渡します。 - -デフォルト値: `undef`。 - -##### `package_name` - -サーバーソフトウェアをインストールするときに使用するパッケージの名前を指定します。 - -デフォルト値: OSによって異なります。 - -##### `pg_hba_conf_defaults` - -`false`に設定すると、`pg_hba.conf`についてモジュールに設定されたデフォルト値を無効にします。これは、デフォルト値を使用せずにオーバーライドするときに役立ちます。だし、基本的な`psql`動作などを実行するには一定のアクセスが要求されるので、ここでの変更内容がその他のモジュールと矛盾しないように注意してください。 - -##### `pg_hba_conf_path` - -`pg_hba.conf`ファイルへのパスを指定します。 - -##### `pg_hba_rules` - -`postgresql::server::pg_hba_rule` のリソースを構築するハッシュを指定します。 - -デフォルト値: `{}` - -##### `pg_ident_conf_path` - -`pg_ident.conf`ファイルへのパスを指定します。 - -デフォルト値: '${confdir}/pg_ident.conf'。 - -##### `plperl_package_name` - -PL/Perl拡張のデフォルトパッケージ名を設定します。 - -デフォルト値: OSによって異なります。 - -##### `plpython_package_name` - -PL/Python拡張のデフォルトパッケージ名を設定します。 - -デフォルト値: OSによって異なります。 - -##### `port` - -PostgreSQLサーバーがリッスンするポートを指定します。**注意:** サーバーがリッスンする全IPアドレスで、同一のポート番号が使用されます。また、Red Hatシステムと初期のDebianシステムでは、ポート番号を変更するとき、変更実行前にサーバーが完全停止します。 - -デフォルト値: 5432。これは、PostgresサーバーがTCPポート5432をリッスンすることを意味します。 - -##### `postgres_password` - -postgresユーザのパスワードを特定の値に設定します。デフォルトでは、この設定はPostgresデータベース内のスーパーユーザアカウント(ユーザ名`postgres`、パスワードなし)を使用します。 - -デフォルト値: `undef`。 - -##### `postgresql_conf_path` - -`postgresql.conf`ファイルへのパスを指定します。 - -デフォルト値: '${confdir}/postgresql.conf'。 - -##### `psql_path` - -`psql`コマンドへのパスを指定します。 - -デフォルト値: OSによって異なります。 - -##### `roles` - -`postgresql::server::role` のリソースを構築するハッシュを指定します。 - -デフォルト値: `{}` - -##### `service_manage` - -Puppetがサービスを管理するかどうかを定義します。 - -デフォルト値: `true`。 - -##### `service_name` - -デフォルトのPostgreSQLサービス名をオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `service_provider` - -デフォルトのPostgreSQLサービスプロバイダをオーバーライドします。 - -デフォルト値: `undef`。 - -##### `service_reload` - -PostgreSQLサービスのデフォルトのリロードコマンドをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `service_restart_on_change` - -設定変更をアクティブにするためにサービスの再起動が必要な設定エントリが変更された場合に、PostgreSQLサービスを再起動する際のデフォルト動作をオーバーライドします。 - -デフォルト値: `true`。 - -##### `service_status` - -PostgreSQLサービスのデフォルトのステータスチェックコマンドをオーバーライドします。 - -デフォルト値: OSによって異なります。 - -##### `user` - -ファイルシステム内のPostgreSQL関連ファイルのデフォルトのPostgreSQLスーパーユーザおよび所有者をオーバーライドします。 - -デフォルト値: 'postgres'。 - -#### postgresql::server::contrib - -PostgreSQL contribパッケージをインストールします。 - -##### `package_ensure` - -PostgreSQL contribパッケージリソースに受け渡されたensureパラメータを設定します。 - -##### `package_name` - -PostgreSQL contribパッケージの名前。 - -#### postgresql::server::plperl - -postgresqlのPL/Perl手続き型言語をインストールします。 - -##### `package_ensure` - -PostgreSQL PL/Perlパッケージリソースに受け渡されたensureパラメータ。 - -##### `package_name` - -PostgreSQL PL/Perlパッケージの名前。 - -#### postgresql::server::postgis - -PostgreSQL postgisパッケージをインストールします。 - -### 定義できるタイプ - -#### postgresql::server::config_entry - -`postgresql.conf`設定ファイルを変更します。 - -各リソースは、次の例のようにファイル内の各行にマッピングされています。 - -```puppet -postgresql::server::config_entry { 'check_function_bodies': - value => 'off', -} -``` - -##### `ensure` - -'absent'に設定した場合、エントリを削除します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -##### `value` - -設定の値を定義します。 - -#### postgresql::server::db - -ローカルのデータベース、ユーザを作成し、必要なパーミッションを割り当てます。 - -##### `comment` - -PostgreSQLのCOMMENTコマンドを使用して、データベースについて保存するコメントを定義します。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `dbname` - -作成するデータベースの名前を設定します。 - -デフォルト値: namevar。 - -##### `encoding` - -データベースの作成中の文字セットをオーバーライドします。 - -デフォルト値: インストール時に定義されたデフォルト値。 - -##### `grant` - -作成中に付与するパーミッションを指定します。 - -デフォルト値: 'ALL'。 - -##### `istemplate` - -`true`に設定すると、そのデータベースをテンプレートとして指定します。 - -デフォルト値: `false`。 - -##### `locale` - -データベース作成中にロケールをオーバーライドします。 - -デフォルト値: インストール時に定義されたデフォルト値。 - -##### `owner` - -ユーザをデータベースの所有者として設定します。 - -デフォルト値: `postgresql::server`または`postgresql::globals`で設定された'$user'変数。 - -##### `password` - -**必須** 作成されたユーザのパスワードを設定します。 - -##### `tablespace` - -作成したデータベースを割り当てるテーブル空間の名前を定義します。 - -デフォルト値: PostgreSQLのデフォルト値。 - -##### `template` - -このデータベースを構築する際にテンプレートとして使用するデータベースの名前を指定します。 - -デフォルト値: `template0`。 - -##### `user` - -データベースを作成し、作成後にデータベースへのアクセスを割り当てるユーザ。必須指定です。 - -#### postgresql::server::database - -ユーザなし、パーミッションなしのデータベースを作成します。 - -##### `dbname` - -データベースの名前を設定します。 - -デフォルト値: namevar。 - -##### `encoding` - -データベースの作成中の文字セットをオーバーライドします。 - -デフォルト値: インストール時に定義されたデフォルト値。 - -##### `istemplate` - -`true`に設定すると、そのデータベースをテンプレートとして定義します。 - -デフォルト値: `false`。 - -##### `locale` - -データベース作成中にロケールをオーバーライドします。 - -デフォルト値: インストール時に定義されたデフォルト値。 - -##### `owner` - -データベース所有者の名前を設定します。 - -デフォルト値: `postgresql::server`または`postgresql::globals`で設定された'$user'変数。 - -##### `tablespace` - -このデータベースを作成するテーブル空間を設定します。 - -デフォルト値: インストール時に定義されたデフォルト値。 - -##### `template` - -このデータベースを構築する際にテンプレートとして使用するデータベースの名前を指定します。 - -デフォルト値: 'template0'。 - -#### postgresql::server::database_grant - -データベース固有のパーミッションについて`postgresql::server::database_grant`をラッピングして、grantベースのユーザアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 - -##### `ensure` - -権限を付与するか、無効化するかを指定します。無効化する'absent'はPostgreSQLバージョン9.1.24以降でのみ機能します。 - -有効な値: 'present'、'absent'。 -* 権限を付与するには'present'を指定します。 -* 権限を無効化するには'absent'を指定します。 - -デフォルト値: 'present'。 - -#### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `db` - -アクセス権を付与するデータベースを指定します。 - -##### `privilege` - -付与する権限のコンマ区切りリストを指定します。 - -有効なオプション: 'ALL'、'CREATE'、'CONNECT'、'TEMPORARY'、'TEMP'。 - -##### `psql_db` - -権限付与を実行するデータベースを定義します。 - -**通常、デフォルトを変更しないでください。** - -デフォルト値: 'postgres'。 - -##### `psql_user` - -`psql`を実行するOSユーザを指定します。 - -デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 - -##### `role` - -アクセスを付与するロールまたはユーザを指定します。 - -#### postgresql::server::extension - -PostgreSQL拡張を管理します。 - -##### `database` - -拡張を有効化するデータベースを指定します。 - -##### `schema` - -拡張を有効化するスキーマを指定します。 - -##### `ensure` - -拡張を有効化するか無効化するかを指定します。 - -有効なオプション: 'present'または'absent'。 - -#### `extension` - -有効化する拡張を指定します。空欄にした場合、リソースの名前が使用されます。 - -#### `version` - -データベースが使用するエクステンションのバージョンを指定します。 -拡張パッケージが更新された場合、各データベースで有効なバージョンを自動的に変更することはありません。 - -そのためには、PostgreSQLに固有のSQL `ALTER EXTENSION...`を使用して更新する必要があります - -`version`は`latest`に設定できます。この場合、SQL `ALTER EXTENSION "extension" UPDATE`がこのデータベースのみに適用されます。 - -`version`は特定のバージョンに設定できます。この場合、拡張は`ALTER EXTENSION "extension" UPDATE TO 'version'`を使用して更新されます - -例えば、拡張を`postgis`、バージョンを`2.3.3`に設定した場合、SQL `ALTER EXTENSION "postgis" UPDATE TO '2.3.3'`がこのデータベースのみに適用されます。 - -`version`は省略される場合もあります。この場合、SQL `ALTER EXTENSION...`は適用されません。バージョンは変更されず、そのままになります。 - -##### `package_name` - -拡張を有効化する前にインストールするパッケージを指定します。 - -##### `package_ensure` - -デフォルトのパッケージ削除動作をオーバーライドします。 - -デフォルトでは、`package_name`で指定されたパッケージが、拡張が有効のときインストールされ、拡張が無効のとき削除されます。この動作をオーバーライドするには、そのパッケージに`ensure`の値を設定してください。 - -#### postgresql::server::grant - -ロールのgrantベースのアクセス権を管理します。詳細については、[PostgreSQLマニュアルの`grant`](http://www.postgresql.org/docs/current/static/sql-grant.html)を参照してください。 - -##### `ensure` - -権限を付与するか、無効化するかを指定します。デフォルトでは権限を付与します。 - -有効な値: 'present'、'absent'。 -* 権限を付与するには'present'を指定します。 -* 権限を無効化するには'absent'を指定します。 - -デフォルト値: 'present'。 - -##### `db` - -アクセス権を付与するデータベースを指定します。 - -##### `object_type` - -権限を付与するオブジェクトのタイプを指定します。 - -有効なオプション: 'DATABASE'、'SCHEMA'、'SEQUENCE'、'ALL SEQUENCES IN SCHEMA'、'TABLE'、または'ALL TABLES IN SCHEMA'。 - -##### `object_name` - -アクセス権を付与する`object_type`の名前を、文字列または2要素の配列で指定します。 - -String: 'object_name' -Array: ['schema_name', 'object_name'] - -##### `port` - -接続に使用するポート。 - -デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 - -##### `privilege` - -付与する権限を指定します。 - -有効なオプション: 'ALL'、'ALL PRIVILEGES'、または'object_type'依存の文字列。 - -##### `psql_db` - -権限付与を実行するデータベースを指定します。 - -**通常、デフォルトを変更しないでください。** - -デフォルト値: 'postgres'。 - -##### `psql_user` - -`psql`を実行するOSユーザを設定します。 - -デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 - -##### `role` - -アクセスを付与するロールまたはユーザを指定します。 - -#### postgresql::server::grant_role - -ロールを(グループ)ロールに割り当てられるようにします。詳細については、[PostgreSQLマニュアルの`Role Membership`](http://www.postgresql.org/docs/current/static/role-membership.html)を参照してください。 - -##### `group` - -ロールを割り当てるグループロールを指定します。 - -##### `role` - -グループに割り当てるロールを指定します。空欄にした場合、リソースの名前が使用されます。 - -##### `ensure` - -メンバーシップを付与するか、無効化するかを指定します。 - -有効なオプション: 'present'または'absent'。 - -デフォルト値: 'present'。 - -##### `port` - -接続に使用するポート。 - -デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 - -##### `psql_db` - -権限付与を実行するデータベースを指定します。 - -**通常、デフォルトを変更しないでください。** - -デフォルト値: 'postgres'。 - -##### `psql_user` - -`psql`を実行するOSユーザを設定します。 - -デフォルト値: モジュールのデフォルトユーザ。通常、`postgres`。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -#### postgresql::server::pg_hba_rule - -`pg_hba.conf`のアクセスルールを作成できるようにします。詳細については、[使用例](#create-an-access-rule-for-pghba.conf)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html)を参照してください。 - -##### `address` - -タイプが'local'ではないとき、このルール一致に対するCIDRベースのアドレスを設定します。 - -##### `auth_method` - -このルールが一致する接続の認証に使用される方法を提供します。詳細な説明は、PostgreSQL `pg_hba.conf`のマニュアルに記載されています。 - -##### `auth_option` - -特定の`auth_method`設定については、受け渡し可能な追加オプションがあります。詳細については、PostgreSQL `pg_hba.conf`マニュアルを参照してください。 - -##### `database` - -このルールが一致するデータベースのコンマ区切りリストを設定します。 - -##### `description` - -必要に応じて、このルールの長めの説明を定義します。この説明は、`pg_hba.conf`のルール上部のコメント内に挿入されます。 - -デフォルト値: 'none'。 - -そのリソースを一意に識別するための方法を指定しますが、機能的には何も実行しません。 - -##### `order` - -`pg_hba.conf`にルールを配置する順序を設定します。 - -文字列または整数を使用できます。 -整数の場合、ゼロパディングで3桁にして文字列に変換します。 -例えば`42`はゼロパディングされて文字列`'042'`になります。 - -`pg_hba_rule`フラグメントのソートでは、[順序]を`alpha`に設定します(https://forge.puppet.com/puppetlabs/concat/reference#order)。 - -デフォルト値: 150。 - -#### `postgresql_version` - -PostgreSQLインスタンス全体を管理することなく、`pg_hba.conf`を管理します。 - -デフォルト値: `postgresql::server`に設定されたバージョン。 - -##### `target` - -ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 - -**注意して使用してください。** - -##### `type` - -ルールのタイプを設定します。 - -有効なオプション: 'local'、'host'、'hostssl'、または'hostnossl'。 - -##### `user` - -このルールが一致するユーザのコンマ区切りリストを設定します。 - - -#### postgresql::server::pg_ident_rule - -`pg_ident.conf`のユーザ名マップを作成可能にします。詳細については、上述の[使用例](#create-user-name-maps-for-pgidentconf)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/auth-username-maps.html)を参照してください。 - -##### `database_username` - -データベースユーザのユーザ名を指定します。このユーザ名には`system_username`がマッピングされています。 - -##### `description` - -必要に応じて、このルールの長めの説明を設定します。この説明は、`pg_ident.conf`のルール上部のコメント内に挿入されます。 - -デフォルト値: 'none'。 - -##### `map_name` - -`pg_hba.conf`でこのマッピングを参照するために使用されるユーザマップの名前を設定します。 - -##### `order` - -`pg_ident.conf`にマッピングを配置する際の順序を定義します。 - -デフォルト値: 150。 - -##### `system_username` - -オペレーティングシステムのユーザ名(データベースへの接続に使用するユーザ名)を指定します。 - -##### `target` - -ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 - -**注意して使用してください。** - -#### postgresql::server::reassign_owned_by - -PostgreSQLコマンド'REASSIGN OWNED'をデータベースに対して実行し、既存オブジェクトの所有権を別のデータベースロールに移します。 - -##### `db` - - 'REASSIGN OWNED'コマンドを適用するデータベースを指定します。 - -##### `old_role` - -指定したデータベース内のオブジェクトを現在所有しているロールまたはユーザを指定します。 - -##### `new_role` - -対象オブジェクトの新しい所有者となるロールまたはユーザを指定します。 - -##### `psql_user` - -`psql`を実行するOSユーザを指定します。 - -デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 - -##### `port` - -接続に使用するポート。 - -デフォルト値: `undef`。PostgreSQLのパッケージングに応じて、通常、デフォルトでポート5432になります。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -#### postgresql::server::recovery - -`recovery.conf`の内容を作成可能にします。詳細については、[使用例](#create-recovery-configuration)および[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)を参照してください。 - -`recovery_target_inclusive`、 `pause_at_recovery_target`、`standby_mode`、`recovery_min_apply_delay`を除くすべてのパラメータ値は、テンプレートに含まれる文字列セットです。 - -全パラメータリストの詳細な説明は、[PostgreSQLマニュアル](http://www.postgresql.org/docs/current/static/recovery-config.html)にあります。 - -テンプレートでは、指定されたパラメータのみが認識されます。`recovery.conf`は、少なくとも1つのパラメータが設定済みで、**かつ**、[manage_recovery_conf](#manage_recovery_conf)がtrueの場合のみ作成されます。 - -パラメータは、次の3つのセクションにグループ分けされています。 - -##### [アーカイブリカバリパラメータ](http://www.postgresql.org/docs/current/static/archive-recovery-settings.html) - -* `restore_command` -* `archive_cleanup_command` -* `recovery_end_command` - -##### [Recovery Target Settings](http://www.postgresql.org/docs/current/static/recovery-target-settings.html) -* `recovery_target_name` -* `recovery_target_time` -* `recovery_target_xid` -* `recovery_target_inclusive` -* `recovery_target` -* `recovery_target_timeline` -* `pause_at_recovery_target` - -##### [Standby Server Settings](http://www.postgresql.org/docs/current/static/standby-settings.html) -* `standby_mode`: 文字列('on'/'off')またはブール値(`true`/`false`)で指定できます。 -* `primary_conninfo` -* `primary_slot_name` -* `trigger_file` -* `recovery_min_apply_delay` - -##### `target` -ルールのターゲットを提供します。通常、内部使用のみのプロパティです。 - -**注意して使用してください。** - -#### postgresql::server::role -PostgreSQLのロールまたはユーザを作成もしくは削除します。 - -##### `ensure` - -ロールを作成するか削除するかを指定します。 - -'present'を指定するとロールが作成され、'absent'を指定するとロールが削除されます。 - -デフォルト値: 'present'。 - -##### `connection_limit` -ロールが同時に接続可能な数を指定します。 - -デフォルト値: '-1'。これは、無制限を意味します。 - -##### `connect_settings` -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `createdb` -このロールに新しいデータベースを作成する能力を付与するかどうかを指定します。 - -デフォルト値: `false`。 - -##### `createrole` -このロールに新しいロールを作成する権限を付与するかどうかを指定します。 - -デフォルト値: `false`。 - -##### `inherit` -新しいロールに継承権限を付与するかどうかを指定します。 - -デフォルト値: `true`。 - -##### `login` -新しいロールにログイン権限を付与するかどうかを指定します。 - -デフォルト値: `true`。 - -##### `password_hash` -パスワード作成中に使用するハッシュを設定します。PostgreSQLがサポートする形式でパスワードが暗号化されていない場合、ここで、`postgresql_password`関数を使用して、MD5ハッシュを提供します。例は次のとおりです。 - -##### `update_password` -trueに設定すると、変更時にパスワードが更新されます。作成後にロールのパスワードを変更しない場合は、falseに設定してください。 - -```puppet -postgresql::server::role { 'myusername': - password_hash => postgresql_password('myusername', 'mypassword'), -} -``` - -##### `replication` - -`true`に設定すると、このロールにレプリケーション機能が提供されます。 - -デフォルト値: `false`。 - -##### `superuser` - -新しいロールにスーパーユーザ権限を付与するかどうかを指定します。 - -デフォルト値: `false`。 - -##### `username` - -作成するロールのユーザ名を定義します。 - -デフォルト値: namevar。 - -#### postgresql::server::schema - -スキーマを作成します。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `db` - -必須。 - -このスキーマを作成するデータベースの名前を設定します。 - -##### `owner` - -スキーマのデフォルト所有者を設定します。 - -##### `schema` - -スキーマの名前を設定します。 - -デフォルト値: namevar。 - -#### postgresql::server::table_grant - -ユーザのgrantベースのアクセス権を管理します。詳細については、PostgreSQLマニュアルの`grant`の項を参照してください。 - -##### `ensure` - -権限を付与するか、無効化するかを指定します。デフォルトでは権限を付与します。 - -有効な値: 'present'、'absent'。 -* 権限を付与するには'present'を指定します。 -* 権限を無効化するには'absent'を指定します。 - -デフォルト値: 'present'。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `db` - -そのテーブルが存在するデータベースを指定します。 - -##### `privilege` - -付与する権限のコンマ区切りリストを指定します。有効なオプション: 'ALL'、'SELECT'、'INSERT'、'UPDATE'、'DELETE'、'TRUNCATE'、'REFERENCES'、'TRIGGER'。 - -##### `psql_db` - -権限付与を実行するデータベースを指定します。 - -通常、デフォルトを変更しないでください。 - -デフォルト値: 'postgres'。 - -##### `psql_user` - -`psql`を実行するOSユーザを指定します。 - -デフォルト値: モジュールのデフォルトユーザ。通常、'postgres'。 - -##### `role` - -アクセスを付与するロールまたはユーザを指定します。 - -##### `table` - -アクセス権を付与するテーブルを指定します。 - -#### postgresql::server::tablespace - -テーブル空間を作成します。必要な場合、場所も作成し、PostgreSQLサーバーと同じパーミッションを割り当てます。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。 - -デフォルト値: ローカルのPostgresインスタンスに接続します。 - -##### `location` - -このテーブル空間へのパスを指定します。 - -##### `owner` - -そのテーブル空間のデフォルト所有者を指定します。 - -##### `spcname` - -テーブル空間の名前を指定します。 - -デフォルト値: namevar。 - -### タイプ - -#### postgresql_psql - -Puppetがpsqlステートメントを実行できるようにします。 - -##### `command` - -必須。 - -psqlを介して実行するSQLコマンドを指定します。 - -##### `cwd` - -psqlコマンドが実行される作業ディレクトリを指定します。 - -デフォルト値: '/tmp'。 - -##### `db` - -SQLコマンドを実行するデータベースの名前を指定します。 - -##### `environment` - -SQLコマンドに対して追加の環境変数を設定する場合に指定します。複数の環境変数を使用する場合は、配列として指定します。 - -##### `name` - -自身の参考用の任意のタグ、すなわちメッセージの名前を設定します。これはnamevarです。 - -##### `onlyif` - -メインのコマンドの前に実行するオプションのSQLコマンドを設定します。通常、これはべき等性に基づいて、データベース内のオブジェクトの存在を確認し、メインのSQLコマンドを実行する必要があるかどうかを判断するため使用されます。 - -##### `port` - -SQLコマンドを実行するデータベースサーバーのポートを指定します。 - -##### `psql_group` - -psqlコマンドを実行するシステムユーザグループアカウントを指定します。 - -デフォルト値: 'postgres'。 - -##### `psql_path` - -psql実行ファイルへのパスを指定します。 - -デフォルト値: 'psql'。 - -##### `psql_user` - -psqlコマンドを実行するシステムユーザアカウントを指定します。 - -デフォルト値: 'postgres'。 - -##### `refreshonly` - -notifyイベントまたはsubscribeイベントが発生したときのみSQLを実行するかどうかを指定します。 - -有効な値: `true`、`false`。 - -デフォルト値: `false`。 - -##### `search_path` - -SQLコマンドを実行するときに使用するスキーマ検索パスを定義します。 - -##### `unless` - -`onlyif`の逆です。 - -#### postgresql_conf - -Puppetが`postgresql.conf`パラメータを管理できるようにします。 - -##### `name` - -管理するPostgreSQLパラメータ名を指定します。 - -これはnamevarです。 - -##### `target` - -`postgresql.conf`へのパスを指定します。 - -デフォルト値: '/etc/postgresql.conf'。 - -##### `value` - -このパラメータに設定する値を指定します。 - -#### postgresql_replication_slot - -PostgreSQLマスターサーバー上でウォームスタンバイレプリケーションを登録するためのレプリケーションスロットを作成および消去できるようにします。 - -##### `name` - -作成するスロットの名前を指定します。有効なレプリケーションスロット名である必要があります。 - -これはnamevarです。 - -##### `ensure` - -必須。 - -指定されたスロットに対して、作成または消去のいずれかのアクションを指定します。 - -有効な値: 'present'、'absent'。 - -デフォルト値: 'present'。 - -#### postgresql_conn_validator - -このタイプを使用するローカルまたはリモートのPostgreSQLデータベースへの接続を検証します。 - -##### `connect_settings` - -リモートサーバーへの接続時に使用する環境変数のハッシュを指定します。個々のパラメータ(`host`など)を設定する代わりに使用されますが、個々のパラメータが設定されている場合は個々のパラメータが優先されます。 - -デフォルト値: {} - -##### `db_name` - -テストするデータベースの名前を指定します。Specifies the name of the database you wish to test. - -デフォルト値: '' - -##### `db_password` - -接続するパスワードを指定します。`.pgpass`が使用されている場合は空欄にできます。それ以外の場合、空欄にすることは推奨されません。 - -デフォルト値: '' - -##### `db_username` - -接続するユーザ名を指定します。 - -デフォルト値: '' - -Unixソケットとident認証を使用するとき、このユーザとして実行されます。 - -##### `command` - -接続性を検証するためにターゲットデータベースで実行されるコマンドです。 - -デフォルト値: 'SELECT 1' - -##### `host` - -テストするデータベースのホスト名を設定します。 - -デフォルト値: ''。これは、通常指定されたローカルUnixソケットを使用します。 - -**ホストがリモートの場合、ユーザ名を指定する必要があります。** - -##### `port` - -接続するときに使用するポートを定義します。 - -デフォルト値: '' - -##### `run_as` - -`psql`コマンドの実行ユーザを指定します。これは、Unixソケットと`ident`認証を使用してローカルにデータベースに接続するときに重要です。リモートテストには必要ありません。 - -##### `sleep` - -失敗した後、再試行する前にスリープする時間を秒単位で設定します。 - -##### `tries` - -失敗した後、リソースを失敗とみなすまで再試行する回数を設定します。 - -### 関数 - -#### postgresql_password - -PostgreSQL暗号化パスワードを生成します。次のように、`postgresql_password`をコマンドラインから呼び出し、暗号化されたパスワードをマニフェストにコピーペーストします。 - -```shell -puppet apply --execute 'notify { 'test': message => postgresql_password('username', 'password') }' -``` - -本番マニフェストからこの関数を呼び出すことも可能ですが、その場合、マニフェストには暗号化していない平文のパスワードを含める必要があります。 - -#### postgresql_acls_to_resources_hash(acl_array, id, order_offset) - -この内部関数は、`pg_hba.conf`ベースのACLのリスト(文字列の配列として受け渡されたもの)を`postgresql::pg_hba_rule`リソースと互換性のある形式に変換します。 - -**この関数は、モジュールによる内部的な使用のみ可能です。** - -### タスク - -Postgresqlモジュールにはサンプルタスクがあり、ユーザはデータベースに対して任意のSQLを実行できます。[PEマニュアル](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html)または[Boltマニュアル](https://puppet.com/docs/bolt/latest/bolt.html) で、タスクを実行する方法に関する情報を参照してください。 - - -## 制約事項 - -PostgreSQLのバージョン8.1~9.5で動作します。 - -サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/metadata.json)を参照してください。 - -### Aptモジュールのサポート - -このモジュールは1.xと2.x両方のバージョンの'puppetlabs-apt'モジュールをサポートしていますが、'puppetlabs-apt'の2.0.0と2.0.1はサポートしていません。 - - -### PostGISのサポート - -PostGISは、現時点ではすべてのプラットフォームで正常に動作するわけではないため、サポート対象外の機能とみなします。 - -### すべてのバージョンのRHEL/CentOS - -SELinuxが有効化されている場合、次の方法で`postgresql_port_t`コンテキストに使用中のカスタムポートを追加する必要があります。 - -```shell -semanage port -a -t postgresql_port_t -p tcp $customport -``` - -## 開発 - -Puppet Forgeに公開されているPuppet Labsモジュールはオープンプロジェクトのため、維持するにはコミュニティの貢献が不可欠です。Puppetは、現在私たちがアクセスできない無数のプラットフォームやハードウェア、ソフトウェア、デプロイ構成にも利用されることを目的としています。私たちの目標は、できる限り簡単に変更に貢献し、みなさまの環境で私たちのモジュールが機能できるようにすることです。最高の状態を維持するため、コントリビュータにはいくつかのガイドラインを守っていただく必要があります。詳細については、[モジュールコントリビューションガイド](https://docs.puppetlabs.com/forge/contributing.html)を参照してください。 - -### テスト - -このモジュールには、2種類のテストが配布されています。`rspec-puppet`のユニットテストと、`rspec-system`を使用したシステムテストです。 - -ユニットテストを実行するには、以下がインストールされていることを確認してください。 - -* rake -* bundler - -次のように、必要なgemをインストールします。 - -```shell -bundle install --path=vendor -``` - -そして、次のように記述して、ユニットテストを実行します。 - -```shell -bundle exec rake spec -``` - -ユニットテストは、Travis-CIでも実行されます。自身のテスト結果を確認するには、このプロジェクトのご自身のGitHubクローンのアカウントセクションから、Travis-CIを介してサービスフックを登録してください。 - -システムテストを実行するには、以下のツールもインストールされていることを確認してください。 - -* Vagrant > 1.2.x -* VirtualBox > 4.2.10 - -次の記述を使用してテストを実行します。 - -```shell -bundle exec rspec spec/acceptance -``` - -異なるオペレーティングシステムでテストを実行するには、`.nodeset.yml`で利用可能なセットを確認して、次の構文で特定のセットを実行します。 - -```shell -RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance -``` - -### コントリビュータ - -貢献してくださった方々の一覧を[Github](https://github.com/puppetlabs/puppetlabs-postgresql/graphs/contributors)でご覧いただけます。 From ece77516a4f9f4badd18e25c8b3ae974ef5be459 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 22:42:04 +0200 Subject: [PATCH 0878/1000] Cleanup useless $connect_setting validation In the past we checked if $connect_setting isn't undef. That is not required because the default is {} and the Datatype is hash. Undef isn't allowed. --- manifests/server/database.pp | 4 ++-- manifests/server/default_privileges.pp | 12 ++++++------ manifests/server/extension.pp | 4 ++-- manifests/server/grant.pp | 6 +++--- manifests/server/grant_role.pp | 2 +- manifests/server/reassign_owned_by.pp | 13 ++++--------- manifests/server/role.pp | 6 +++--- manifests/server/schema.pp | 2 +- manifests/server/tablespace.pp | 2 +- 9 files changed, 23 insertions(+), 28 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 27e49e2eab..2b6db8f10e 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -27,14 +27,14 @@ # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and 'DBVERSION' in $connect_settings { + if 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version } # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and 'PGPORT' in $connect_settings { + if 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 6a9541864e..ac8052ba35 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -37,7 +37,7 @@ ) { # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and 'DBVERSION' in $connect_settings { + if 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version @@ -62,15 +62,15 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # - if $port != undef { + if $port { $port_override = $port - } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { + } elsif 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port } - if $target_role != undef { + if $target_role { $_target_role = " FOR ROLE ${target_role}" $_check_target_role = "/${target_role}" } else { @@ -178,11 +178,11 @@ environment => 'PGOPTIONS=--client-min-messages=error', } - if($role != undef and defined(Postgresql::Server::Role[$role])) { + if defined(Postgresql::Server::Role[$role]) { Postgresql::Server::Role[$role] -> Postgresql_psql["default_privileges:${name}"] } - if($db != undef and defined(Postgresql::Server::Database[$db])) { + if defined(Postgresql::Server::Database[$db]) { Postgresql::Server::Database[$db] -> Postgresql_psql["default_privileges:${name}"] } } diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 227e451d1a..581c8d8e81 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -77,9 +77,9 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # - if $port != undef { + if $port { $port_override = $port - } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { + } elsif 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index ec4d5d2c98..30b698c54b 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -77,7 +77,7 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # - if $port != undef { + if $port { $port_override = $port } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { $port_override = undef @@ -483,11 +483,11 @@ onlyif => $_onlyif, } - if($role != undef and defined(Postgresql::Server::Role[$role])) { + if defined(Postgresql::Server::Role[$role]) { Postgresql::Server::Role[$role] -> Postgresql_psql["grant:${name}"] } - if($db != undef and defined(Postgresql::Server::Database[$db])) { + if defined(Postgresql::Server::Database[$db]) { Postgresql::Server::Database[$db] -> Postgresql_psql["grant:${name}"] } } diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index a061a8341f..4edf59ea0d 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -39,7 +39,7 @@ connect_settings => $connect_settings, } - if ! $connect_settings or empty($connect_settings) { + if empty($connect_settings) { Class['postgresql::server'] -> Postgresql_psql["grant_role:${name}"] } if defined(Postgresql::Server::Role[$role]) { diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index c0b15461fc..0a40bdc35d 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -21,15 +21,10 @@ $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - # - # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # - if $port { - $port_override = $port - } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { + if 'PGPORT' in $connect_settings { $port_override = undef } else { - $port_override = $postgresql::server::port + $port_override = $port } $onlyif = "SELECT tablename FROM pg_catalog.pg_tables WHERE @@ -54,14 +49,14 @@ onlyif => $onlyif, } - if($old_role != undef and defined(Postgresql::Server::Role[$old_role])) { + if defined(Postgresql::Server::Role[$old_role]) { Postgresql::Server::Role[$old_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } if($new_role != undef and defined(Postgresql::Server::Role[$new_role])) { Postgresql::Server::Role[$new_role] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } - if($db != undef and defined(Postgresql::Server::Database[$db])) { + if defined(Postgresql::Server::Database[$db]) { Postgresql::Server::Database[$db] -> Postgresql_psql["reassign_owned_by:${db}:${sql_command}"] } } diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 576a71abd9..40d581f266 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -53,9 +53,9 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port # - if $port != undef { + if $port { $port_override = $port - } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { + } elsif 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port @@ -63,7 +63,7 @@ # If possible use the version of the remote database, otherwise # fallback to our local DB version - if $connect_settings != undef and 'DBVERSION' in $connect_settings { + if 'DBVERSION' in $connect_settings { $version = $connect_settings['DBVERSION'] } else { $version = $postgresql::server::_version diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index ad160367ca..20c47ac877 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -27,7 +27,7 @@ Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and 'PGPORT' in $connect_settings { + if 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index aa96f926e7..93d790e695 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -18,7 +18,7 @@ $module_workdir = $postgresql::server::module_workdir # If the connection settings do not contain a port, then use the local server port - if $connect_settings != undef and 'PGPORT' in $connect_settings { + if 'PGPORT' in $connect_settings { $port = undef } else { $port = $postgresql::server::port From 98321c4d891aaaaf2dcf681fd9b9edd53d26393f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 30 Aug 2023 22:28:54 +0200 Subject: [PATCH 0879/1000] Drop postgresql 8.1/RHEL5 specific code --- manifests/globals.pp | 2 -- manifests/server/database.pp | 20 +++++--------------- manifests/server/instance/config.pp | 9 --------- manifests/server/pg_hba_rule.pp | 1 - spec/acceptance/db_spec.rb | 8 ++------ spec/acceptance/server/grant_role_spec.rb | 19 ------------------- spec/acceptance/server/schema_spec.rb | 11 ----------- 7 files changed, 7 insertions(+), 63 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index d04dda7e47..e3e81ae9f6 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -196,7 +196,6 @@ '8' => '10', '7' => '9.2', '6' => '8.4', - '5' => '8.1', default => undef, }, }, @@ -248,7 +247,6 @@ } $default_postgis_version = $globals_version ? { - '8.1' => '1.3.6', '8.4' => '2.0', '9.0' => '2.1', '9.1' => '2.1', diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 27e49e2eab..fc7fede53b 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -52,16 +52,11 @@ # Optionally set the locale switch. Older versions of createdb may not accept # --locale, so if the parameter is undefined its safer not to pass it. - if ($version != '8.1') { - $locale_option = $locale ? { - undef => '', - default => "LC_COLLATE = '${locale}' LC_CTYPE = '${locale}'", - } - $public_revoke_privilege = 'CONNECT' - } else { - $locale_option = '' - $public_revoke_privilege = 'ALL' + $locale_option = $locale ? { + undef => '', + default => "LC_COLLATE = '${locale}' LC_CTYPE = '${locale}'", } + $public_revoke_privilege = 'CONNECT' $template_option = $template ? { undef => '', @@ -96,14 +91,9 @@ } if $comment { - # The shobj_description function was only introduced with 8.2 - $comment_information_function = $version ? { - '8.1' => 'obj_description', - default => 'shobj_description', - } Postgresql_psql["CREATE DATABASE \"${dbname}\""] -> postgresql_psql { "COMMENT ON DATABASE \"${dbname}\" IS '${comment}'": - unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", # lint:ignore:140chars + unless => "SELECT 1 FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.shobj_description(d.oid, 'pg_database') = '${comment}'", # lint:ignore:140chars db => $dbname, } } diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 3eeb855a6a..a0d7b0df49 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -89,24 +89,16 @@ user => 'all', } - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - postgresql::server::pg_hba_rule { "local access as postgres user for instance ${name}": type => 'local', user => $user, auth_method => 'ident', - auth_option => $local_auth_option, order => 1; "local access to database with same name for instance ${name}": type => 'local', auth_method => 'ident', - auth_option => $local_auth_option, order => 2; "allow localhost TCP access to postgresql user for instance ${name}": @@ -174,7 +166,6 @@ } else { $package_name = $facts['os']['release']['major'] ? { - '5' => 'policycoreutils', '6' => 'policycoreutils-python', '7' => 'policycoreutils-python', default => 'policycoreutils-python-utils', diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index ffcb9b03da..24717b232c 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -72,7 +72,6 @@ '8.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'cert', 'pam'], '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], - '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], default => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] # lint:ignore:140chars } diff --git a/spec/acceptance/db_spec.rb b/spec/acceptance/db_spec.rb index 51fe5825af..2564aaedf5 100644 --- a/spec/acceptance/db_spec.rb +++ b/spec/acceptance/db_spec.rb @@ -37,12 +37,8 @@ class { 'postgresql::server': result = psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test-user\'"') expect(result.stdout).to match(%r{\(1 row\)}) - comment_information_function = if Gem::Version.new(postgresql_version) > Gem::Version.new('8.1') - 'shobj_description' - else - 'obj_description' - end - result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Layout/LineLength + + result = psql("--dbname postgresql-test-db --command=\"SELECT pg_catalog.shobj_description(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql-test-db' AND pg_catalog.shobj_description(d.oid, 'pg_database') = 'testcomment'\"") # rubocop:disable Layout/LineLength expect(result.stdout).to match(%r{\(1 row\)}) ensure psql('--command=\'drop database "postgresql-test-db"\'') diff --git a/spec/acceptance/server/grant_role_spec.rb b/spec/acceptance/server/grant_role_spec.rb index 6a32dc03e8..246328e23f 100644 --- a/spec/acceptance/server/grant_role_spec.rb +++ b/spec/acceptance/server/grant_role_spec.rb @@ -7,16 +7,12 @@ let(:user) { 'psql_grant_role_tester' } let(:group) { 'test_group' } let(:password) { 'psql_grant_role_pw' } - let(:version) do - '8.1' if os[:family] == 'redhat' && os[:release].start_with?('5') - end let(:pp_one) do <<-MANIFEST.unindent $db = #{db} $user = #{user} $group = #{group} $password = #{password} - $version = '#{version}' class { 'postgresql::server': } @@ -34,19 +30,12 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', - auth_option => $local_auth_option, order => 1, } @@ -70,7 +59,6 @@ class { 'postgresql::server': } $user = "#{user}" $group = "#{group}" $password = #{password} - $version = '#{version}' class { 'postgresql::server': } @@ -88,19 +76,12 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', - auth_option => $local_auth_option, order => 1, } diff --git a/spec/acceptance/server/schema_spec.rb b/spec/acceptance/server/schema_spec.rb index dc2bc5d6c3..250ffeca81 100644 --- a/spec/acceptance/server/schema_spec.rb +++ b/spec/acceptance/server/schema_spec.rb @@ -3,15 +3,11 @@ require 'spec_helper_acceptance' describe 'postgresql::server::schema:' do - let(:version) do - '8.1' if os[:family] == 'redhat' && os[:release].start_with?('5') - end let(:pp) do <<-MANIFEST.unindent $db = 'schema_test' $user = 'psql_schema_tester' $password = 'psql_schema_pw' - $version = '#{version}' class { 'postgresql::server': } @@ -29,19 +25,12 @@ class { 'postgresql::server': } require => Postgresql::Server::Role[$user], } - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', - auth_option => $local_auth_option, order => 1, } From 55f9c24d4b43d5366298a4290e7eb4a9fe29c9ee Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 31 Aug 2023 10:47:46 +0200 Subject: [PATCH 0880/1000] Drop postgresql 8.4/RHEL6 specific code --- manifests/globals.pp | 2 -- manifests/server/pg_hba_rule.pp | 3 --- spec/acceptance/server/grant_spec.rb | 12 +++++------- 3 files changed, 5 insertions(+), 12 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index e3e81ae9f6..04599c1d9c 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -195,7 +195,6 @@ '9' => '13', '8' => '10', '7' => '9.2', - '6' => '8.4', default => undef, }, }, @@ -247,7 +246,6 @@ } $default_postgis_version = $globals_version ? { - '8.4' => '2.0', '9.0' => '2.1', '9.1' => '2.1', '91' => '2.1', diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 24717b232c..1144327951 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -69,9 +69,6 @@ '9.2' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.1' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.0' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'radius', 'cert', 'pam'], - '8.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'cert', 'pam'], - '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], - '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], default => ['trust', 'reject', 'scram-sha-256', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt', 'bsd'] # lint:ignore:140chars } diff --git a/spec/acceptance/server/grant_spec.rb b/spec/acceptance/server/grant_spec.rb index 41b977eb96..51a4ac1416 100644 --- a/spec/acceptance/server/grant_spec.rb +++ b/spec/acceptance/server/grant_spec.rb @@ -79,16 +79,14 @@ class { 'postgresql::server': } end it 'is expected to run idempotently' do - idempotent_apply(pp) if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') + idempotent_apply(pp) end it 'is expected to GRANT USAGE ON LANGUAGE plpgsql to ROLE' do - if Gem::Version.new(postgresql_version) >= Gem::Version.new('8.4.0') - ## Check that the privilege was granted to the user - psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| - expect(r.stdout).to match(%r{\(1 row\)}) - expect(r.stderr).to eq('') - end + ## Check that the privilege was granted to the user + psql("-d #{db} --command=\"SELECT 1 WHERE has_language_privilege('#{user}', 'plpgsql', 'USAGE')\"", superuser) do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') end end end From ffcdc070fa62fa569ef10298790c0bc8ab2bf252 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 11:37:55 +0200 Subject: [PATCH 0881/1000] make path configurable for config_entry --- manifests/server/config_entry.pp | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 1849695621..65cd68315c 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -9,15 +9,8 @@ Enum['present', 'absent'] $ensure = 'present', String[1] $key = $name, Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, - Variant[Boolean, String[1]] $path = false + Stdlib::Absolutepath $path = $postgresql::server::postgresql_conf_path ) { - $postgresql_conf_path = $postgresql::server::postgresql_conf_path - - $target = $path ? { - false => $postgresql_conf_path, - default => $path, - } - # Those are the variables that are marked as "(change requires restart)" # on postgresql.conf. Items are ordered as on postgresql.conf. # @@ -91,7 +84,7 @@ postgresql_conf { $name: ensure => $ensure, - target => $target, + target => $path, name => $key, value => $value, require => Class['postgresql::server::initdb'], From 3ffd00ed1113714de55c7e3f18897e21600f7202 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 13:16:39 +0200 Subject: [PATCH 0882/1000] Remove String datatype from parameters using Stdlib::Absolutepath --- manifests/globals.pp | 16 +++++----- manifests/server.pp | 12 +++---- manifests/server/default_privileges.pp | 18 +++++------ manifests/server/grant.pp | 2 +- manifests/server/instance/config.pp | 8 ++--- manifests/server/instance/initdb.pp | 2 +- manifests/server/instance/late_initdb.pp | 2 +- manifests/server/instance/passwd.pp | 2 +- manifests/server/instance/service.pp | 2 +- manifests/server/pg_ident_rule.pp | 2 +- manifests/server/recovery.pp | 2 +- manifests/server/role.pp | 40 ++++++++++++------------ 12 files changed, 54 insertions(+), 54 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 04599c1d9c..371e30cca3 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -122,14 +122,14 @@ Optional[String[1]] $validcon_script_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $initdb_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $psql_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_hba_conf_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $pg_ident_conf_path = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $postgresql_conf_path = undef, - Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, - Optional[Variant[String[1], Stdlib::Absolutepath]] $recovery_conf_path = undef, - Hash $default_connect_settings = {}, + Optional[Stdlib::Absolutepath] $initdb_path = undef, + Optional[Stdlib::Absolutepath] $psql_path = undef, + Optional[Stdlib::Absolutepath] $pg_hba_conf_path = undef, + Optional[Stdlib::Absolutepath] $pg_ident_conf_path = undef, + Optional[Stdlib::Absolutepath] $postgresql_conf_path = undef, + Optional[Stdlib::Filemode] $postgresql_conf_mode = undef, + Optional[Stdlib::Absolutepath] $recovery_conf_path = undef, + Hash $default_connect_settings = {}, Optional[Boolean] $pg_hba_conf_defaults = undef, diff --git a/manifests/server.pp b/manifests/server.pp index 99285b458c..4cf601cbda 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -138,13 +138,13 @@ Array[String[1]] $ipv4acls = $postgresql::params::ipv4acls, Array[String[1]] $ipv6acls = $postgresql::params::ipv6acls, - Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::params::initdb_path, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::params::psql_path, - Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, - Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, - Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::params::postgresql_conf_path, + Stdlib::Absolutepath $initdb_path = $postgresql::params::initdb_path, + Stdlib::Absolutepath $psql_path = $postgresql::params::psql_path, + Stdlib::Absolutepath $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, + Stdlib::Absolutepath $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, + Stdlib::Absolutepath $postgresql_conf_path = $postgresql::params::postgresql_conf_path, Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, - Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::params::recovery_conf_path, + Stdlib::Absolutepath $recovery_conf_path = $postgresql::params::recovery_conf_path, String[1] $datadir = $postgresql::params::datadir, Optional[String[1]] $xlogdir = $postgresql::params::xlogdir, diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index ac8052ba35..096007a0a4 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -25,15 +25,15 @@ /(?i:^TYPES$)/, /(?i:^SCHEMAS$)/ ] $object_type, - String $schema = 'public', - String $psql_db = $postgresql::server::default_database, - String $psql_user = $postgresql::server::user, - Stdlib::Port $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Enum['present', 'absent'] $ensure = 'present', - String $group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - Optional[String] $target_role = undef, + String $schema = 'public', + String $psql_db = $postgresql::server::default_database, + String $psql_user = $postgresql::server::user, + Stdlib::Port $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Enum['present', 'absent'] $ensure = 'present', + String $group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + Optional[String] $target_role = undef, ) { # If possible use the version of the remote database, otherwise # fallback to our local DB version diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 30b698c54b..2a23b1b891 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -46,7 +46,7 @@ Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', String $group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, ) { case $ensure { default: { diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index a0d7b0df49..3c05c03e9f 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -51,11 +51,11 @@ Stdlib::Port $port = $postgresql::server::port, Array[String[1]] $ipv4acls = $postgresql::server::ipv4acls, Array[String[1]] $ipv6acls = $postgresql::server::ipv6acls, - Variant[String[1], Stdlib::Absolutepath] $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, - Variant[String[1], Stdlib::Absolutepath] $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, - Variant[String[1], Stdlib::Absolutepath] $postgresql_conf_path = $postgresql::server::postgresql_conf_path, + Stdlib::Absolutepath $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path, + Stdlib::Absolutepath $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path, + Stdlib::Absolutepath $postgresql_conf_path = $postgresql::server::postgresql_conf_path, Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::server::postgresql_conf_mode, - Variant[String[1], Stdlib::Absolutepath] $recovery_conf_path = $postgresql::server::recovery_conf_path, + Stdlib::Absolutepath $recovery_conf_path = $postgresql::server::recovery_conf_path, Boolean $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults, String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 74a5882465..397a10c20c 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -32,7 +32,7 @@ String[1] $datadir = $postgresql::server::datadir, Optional[String[1]] $encoding = $postgresql::server::encoding, String[1] $group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $initdb_path = $postgresql::server::initdb_path, + Stdlib::Absolutepath $initdb_path = $postgresql::server::initdb_path, Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, Optional[String[1]] $locale = $postgresql::server::locale, Optional[String[1]] $logdir = $postgresql::server::logdir, diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index ef7971cd0a..d864ff9065 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -15,7 +15,7 @@ Optional[String[1]] $encoding = $postgresql::server::encoding, String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Stdlib::Port $port = $postgresql::server::port, String[1] $module_workdir = $postgresql::server::module_workdir, ) { diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 4221f94f5d..4c4c22f926 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -16,7 +16,7 @@ define postgresql::server::instance::passwd ( String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Stdlib::Port $port = $postgresql::server::port, String[1] $database = $postgresql::server::default_database, String[1] $module_workdir = $postgresql::server::module_workdir, diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index af917308e8..1054b382fd 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -27,7 +27,7 @@ String[1] $user = $postgresql::server::user, Stdlib::Port $port = $postgresql::server::port, String[1] $default_database = $postgresql::server::default_database, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Hash $connect_settings = $postgresql::server::default_connect_settings, ) { anchor { "postgresql::server::service::begin::${name}": } diff --git a/manifests/server/pg_ident_rule.pp b/manifests/server/pg_ident_rule.pp index 85398d2a25..088bce6c98 100644 --- a/manifests/server/pg_ident_rule.pp +++ b/manifests/server/pg_ident_rule.pp @@ -19,7 +19,7 @@ # Needed for testing primarily, support for multiple files is not really # working. - Variant[String[1], Stdlib::Absolutepath] $target = $postgresql::server::pg_ident_conf_path + Stdlib::Absolutepath $target = $postgresql::server::pg_ident_conf_path ) { if $postgresql::server::manage_pg_ident_conf == false { fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/recovery.pp b/manifests/server/recovery.pp index b8ad9c3513..e28976e7f5 100644 --- a/manifests/server/recovery.pp +++ b/manifests/server/recovery.pp @@ -46,7 +46,7 @@ Optional[String[1]] $primary_slot_name = undef, Optional[String[1]] $trigger_file = undef, Optional[Integer] $recovery_min_apply_delay = undef, - Variant[String[1], Stdlib::Absolutepath] $target = $postgresql::server::recovery_conf_path + Stdlib::Absolutepath $target = $postgresql::server::recovery_conf_path ) { if $postgresql::server::manage_recovery_conf == false { fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') # lint:ignore:140chars diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 40d581f266..cd8645703c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -24,26 +24,26 @@ # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) define postgresql::server::role ( - Boolean $update_password = true, - Variant[Boolean, String, Sensitive[String]] $password_hash = false, - Boolean $createdb = false, - Boolean $createrole = false, - String[1] $db = $postgresql::server::default_database, - Optional[Stdlib::Port] $port = undef, - Boolean $login = true, - Boolean $inherit = true, - Boolean $superuser = false, - Boolean $replication = false, - String[1] $connection_limit = '-1', - String[1] $username = $title, - Hash $connect_settings = $postgresql::server::default_connect_settings, - String[1] $psql_user = $postgresql::server::user, - String[1] $psql_group = $postgresql::server::group, - Variant[String[1], Stdlib::Absolutepath] $psql_path = $postgresql::server::psql_path, - String[1] $module_workdir = $postgresql::server::module_workdir, - Enum['present', 'absent'] $ensure = 'present', - Optional[Enum['md5', 'scram-sha-256']] $hash = undef, - Optional[Variant[String[1], Integer]] $salt = undef, + Boolean $update_password = true, + Variant[Boolean, String, Sensitive[String]] $password_hash = false, + Boolean $createdb = false, + Boolean $createrole = false, + String[1] $db = $postgresql::server::default_database, + Optional[Stdlib::Port] $port = undef, + Boolean $login = true, + Boolean $inherit = true, + Boolean $superuser = false, + Boolean $replication = false, + String[1] $connection_limit = '-1', + String[1] $username = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $psql_user = $postgresql::server::user, + String[1] $psql_group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + String[1] $module_workdir = $postgresql::server::module_workdir, + Enum['present', 'absent'] $ensure = 'present', + Optional[Enum['md5', 'scram-sha-256']] $hash = undef, + Optional[Variant[String[1], Integer]] $salt = undef, ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap From 57ce8db975d1c1a657c273fdec09959993a48de2 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 15:04:39 +0200 Subject: [PATCH 0883/1000] database define variables to parameters --- manifests/server/database.pp | 39 ++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 8ed4ae6430..27333bb91a 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -9,22 +9,27 @@ # @param locale Overrides the locale during creation of the database. # @param istemplate Defines the database as a template if set to true. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param psql_path Specifies the path to the psql command. +# @param default_db Specifies the name of the default database to connect with. On most systems this is 'postgres'. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. +# @param port Specifies the port for the PostgreSQL server to listen on. define postgresql::server::database ( - Optional[String[1]] $comment = undef, - String[1] $dbname = $title, - Optional[String[1]] $owner = undef, - Optional[String[1]] $tablespace = undef, - String[1] $template = 'template0', - Optional[String[1]] $encoding = $postgresql::server::encoding, - Optional[String[1]] $locale = $postgresql::server::locale, - Boolean $istemplate = false, - Hash $connect_settings = $postgresql::server::default_connect_settings, + Optional[String[1]] $comment = undef, + String[1] $dbname = $title, + Optional[String[1]] $owner = undef, + Optional[String[1]] $tablespace = undef, + String[1] $template = 'template0', + Optional[String[1]] $encoding = $postgresql::server::encoding, + Optional[String[1]] $locale = $postgresql::server::locale, + Boolean $istemplate = false, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + String[1] $default_db = $postgresql::server::default_database, + Stdlib::Port $port = $postgresql::server::port ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $default_db = $postgresql::server::default_database - # If possible use the version of the remote database, otherwise # fallback to our local DB version if 'DBVERSION' in $connect_settings { @@ -35,9 +40,9 @@ # If the connection settings do not contain a port, then use the local server port if 'PGPORT' in $connect_settings { - $port = undef + $port_override = undef } else { - $port = $postgresql::server::port + $port_override = $port } # Set the defaults for the postgresql_psql resource @@ -46,7 +51,7 @@ psql_user => $user, psql_group => $group, psql_path => $psql_path, - port => $port, + port => $port_override, connect_settings => $connect_settings, } From 4304290c3356bd3aedc323652027c2e369d49f42 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 31 Aug 2023 16:31:49 +0200 Subject: [PATCH 0884/1000] server::grant: make port optional/restore connect_settings feature Previously the port parameter had a default value. This broke the logic to identify the port. The port is now optional. If it's not set, $connect_settings is checked for PGPORT. If that also doesn't exist, the default from the server class is used. --- REFERENCE.md | 204 +++++--------------------------------- manifests/server/grant.pp | 6 +- 2 files changed, 29 insertions(+), 181 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index ab1b6fea54..770f3ada84 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -47,7 +47,6 @@ * [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correctpermissions. * [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. * [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. -* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. * [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. * [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance * [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance @@ -348,7 +347,7 @@ Default value: `undef` ##### `initdb_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Path to the initdb command. @@ -356,7 +355,7 @@ Default value: `undef` ##### `psql_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Sets the path to the psql command. @@ -364,7 +363,7 @@ Default value: `undef` ##### `pg_hba_conf_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_hba.conf file. @@ -372,7 +371,7 @@ Default value: `undef` ##### `pg_ident_conf_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_ident.conf file. @@ -380,7 +379,7 @@ Default value: `undef` ##### `postgresql_conf_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Sets the path to your postgresql.conf file. @@ -396,7 +395,7 @@ Default value: `undef` ##### `recovery_conf_path` -Data type: `Optional[Variant[String[1], Stdlib::Absolutepath]]` +Data type: `Optional[Stdlib::Absolutepath]` Path to your recovery.conf file. @@ -1068,7 +1067,7 @@ Default value: `$postgresql::params::ipv6acls` ##### `initdb_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the initdb command. @@ -1076,7 +1075,7 @@ Default value: `$postgresql::params::initdb_path` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the psql command. @@ -1084,7 +1083,7 @@ Default value: `$postgresql::params::psql_path` ##### `pg_hba_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your pg_hba.conf file. @@ -1092,7 +1091,7 @@ Default value: `$postgresql::params::pg_hba_conf_path` ##### `pg_ident_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your pg_ident.conf file. @@ -1100,7 +1099,7 @@ Default value: `$postgresql::params::pg_ident_conf_path` ##### `postgresql_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your postgresql.conf file. @@ -1116,7 +1115,7 @@ Default value: `$postgresql::params::postgresql_conf_mode` ##### `recovery_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your recovery.conf file. @@ -1543,11 +1542,11 @@ Default value: `undef` ##### `path` -Data type: `Variant[Boolean, String[1]]` +Data type: `Stdlib::Absolutepath` Path for postgresql.conf -Default value: `false` +Default value: `$postgresql::server::postgresql_conf_path` ### `postgresql::server::database` @@ -1910,7 +1909,7 @@ Default value: `$postgresql::server::user` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. @@ -2045,157 +2044,6 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` -### `postgresql::server::grant` - -Define for granting permissions to roles. - -#### Parameters - -The following parameters are available in the `postgresql::server::grant` defined type: - -* [`role`](#-postgresql--server--grant--role) -* [`db`](#-postgresql--server--grant--db) -* [`privilege`](#-postgresql--server--grant--privilege) -* [`object_type`](#-postgresql--server--grant--object_type) -* [`object_name`](#-postgresql--server--grant--object_name) -* [`object_arguments`](#-postgresql--server--grant--object_arguments) -* [`psql_db`](#-postgresql--server--grant--psql_db) -* [`psql_user`](#-postgresql--server--grant--psql_user) -* [`port`](#-postgresql--server--grant--port) -* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists) -* [`connect_settings`](#-postgresql--server--grant--connect_settings) -* [`ensure`](#-postgresql--server--grant--ensure) -* [`group`](#-postgresql--server--grant--group) -* [`psql_path`](#-postgresql--server--grant--psql_path) - -##### `role` - -Data type: `String` - -Specifies the role or user whom you are granting access to. - -##### `db` - -Data type: `String` - -Specifies the database to which you are granting access. - -##### `privilege` - -Data type: `String` - -Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. - -Default value: `''` - -##### `object_type` - -Data type: - -```puppet -Pattern[#/(?i:^COLUMN$)/, - /(?i:^ALL SEQUENCES IN SCHEMA$)/, - /(?i:^ALL TABLES IN SCHEMA$)/, - /(?i:^DATABASE$)/, - #/(?i:^FOREIGN DATA WRAPPER$)/, - #/(?i:^FOREIGN SERVER$)/, - /(?i:^FUNCTION$)/, - /(?i:^LANGUAGE$)/, - #/(?i:^PROCEDURAL LANGUAGE$)/, - /(?i:^TABLE$)/, - #/(?i:^TABLESPACE$)/, - /(?i:^SCHEMA$)/, - /(?i:^SEQUENCE$)/ - #/(?i:^VIEW$)/ - ] -``` - -Specifies the type of object to which you are granting privileges. -Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. - -Default value: `'database'` - -##### `object_name` - -Data type: `Optional[Variant[Array[String,2,2],String[1]]]` - -Specifies name of object_type to which to grant access, can be either a string or a two element array. -String: 'object_name' Array: ['schema_name', 'object_name'] - -Default value: `undef` - -##### `object_arguments` - -Data type: `Array[String[1],0]` - -Specifies any arguments to be passed alongisde the access grant. - -Default value: `[]` - -##### `psql_db` - -Data type: `String` - -Specifies the database to execute the grant against. This should not ordinarily be changed from the default - -Default value: `$postgresql::server::default_database` - -##### `psql_user` - -Data type: `String` - -Sets the OS user to run psql. - -Default value: `$postgresql::server::user` - -##### `port` - -Data type: `Stdlib::Port` - -Port to use when connecting. - -Default value: `$postgresql::server::port` - -##### `onlyif_exists` - -Data type: `Boolean` - -Create grant only if doesn't exist - -Default value: `false` - -##### `connect_settings` - -Data type: `Hash` - -Specifies a hash of environment variables used when connecting to a remote server. - -Default value: `$postgresql::server::default_connect_settings` - -##### `ensure` - -Data type: `Enum['present', 'absent']` - -Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. - -Default value: `'present'` - -##### `group` - -Data type: `String` - -Sets the OS group to run psql - -Default value: `$postgresql::server::group` - -##### `psql_path` - -Data type: `Variant[String[1], Stdlib::Absolutepath]` - -Sets the path to psql command - -Default value: `$postgresql::server::psql_path` - ### `postgresql::server::grant_role` Define for granting membership to a role. @@ -2360,7 +2208,7 @@ Default value: `$postgresql::server::ipv6acls` ##### `pg_hba_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your pg_hba.conf file. @@ -2368,7 +2216,7 @@ Default value: `$postgresql::server::pg_hba_conf_path` ##### `pg_ident_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your pg_ident.conf file. @@ -2376,7 +2224,7 @@ Default value: `$postgresql::server::pg_ident_conf_path` ##### `postgresql_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your postgresql.conf file. @@ -2392,7 +2240,7 @@ Default value: `$postgresql::server::postgresql_conf_mode` ##### `recovery_conf_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to your recovery.conf file. @@ -2609,7 +2457,7 @@ Default value: `$postgresql::server::group` ##### `initdb_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the initdb command. @@ -2749,7 +2597,7 @@ Default value: `$postgresql::server::group` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the psql command. @@ -2808,7 +2656,7 @@ Default value: `$postgresql::server::group` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the psql command. @@ -2973,7 +2821,7 @@ Default value: `$postgresql::server::default_database` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Specifies the path to the psql command. @@ -3140,7 +2988,7 @@ Default value: `'150'` ##### `target` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Provides the target for the rule and is generally an internal only property. Use with caution. @@ -3360,7 +3208,7 @@ Default value: `undef` ##### `target` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Provides the target for the rule, and is generally an internal only property. Use with caution. @@ -3525,7 +3373,7 @@ Default value: `$postgresql::server::group` ##### `psql_path` -Data type: `Variant[String[1], Stdlib::Absolutepath]` +Data type: `Stdlib::Absolutepath` Sets path to psql command diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 2a23b1b891..fe1e9bf596 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -41,7 +41,7 @@ Array[String[1],0] $object_arguments = [], String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Stdlib::Port $port = $postgresql::server::port, + Optional[Stdlib::Port] $port = undef, Boolean $onlyif_exists = false, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', @@ -76,10 +76,10 @@ # # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # + # We don't use pick() here because that would introduce a hard dependency to the postgresql::server class if $port { $port_override = $port - } elsif $connect_settings != undef and 'PGPORT' in $connect_settings { + } elsif 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port From 1119ec21a9c3257c30d9fdc30d5c4a81c00be4b4 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 17:04:34 +0200 Subject: [PATCH 0885/1000] server::extension make user/group/psql_path configureable --- manifests/server/extension.pp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 581c8d8e81..15be2b5761 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -21,6 +21,9 @@ # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. +# @param psql_path Specifies the path to the psql command. +# @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param group Overrides the default postgres user group to be used for related files in the file system. define postgresql::server::extension ( String[1] $database, Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]] $package_ensure = undef, @@ -32,11 +35,10 @@ Optional[Stdlib::Port] $port = undef, Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, + String[1] $user = postgresql::default('user'), + String[1] $group = postgresql::default('group'), + Stdlib::Absolutepath $psql_path = postgresql::default('psql_path'), ) { - $user = postgresql::default('user') - $group = postgresql::default('group') - $psql_path = postgresql::default('psql_path') - if( $database != 'postgres' ) { # The database postgres cannot managed by this module, so it is exempt from this dependency $default_psql_require = Postgresql::Server::Database[$database_resource_name] @@ -86,12 +88,10 @@ } postgresql_psql { "${database}: ${command}": - psql_user => $user, psql_group => $group, psql_path => $psql_path, connect_settings => $connect_settings, - db => $database, port => $port_override, command => $command, From 56fa9717cce7f709996ba105bbc3bb0257450d04 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 31 Aug 2023 15:02:24 +0200 Subject: [PATCH 0886/1000] server::database_grant: Always set default user/group/port This enables us to make it configureable. When a user doesn't specify it, the defaults will be passed, without breaking existing behaviour. --- REFERENCE.md | 246 ++++++++++++++++++++- manifests/server/database_grant.pp | 8 +- spec/defines/server/database_grant_spec.rb | 39 +++- 3 files changed, 280 insertions(+), 13 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 770f3ada84..83eb112af8 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -47,6 +47,7 @@ * [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correctpermissions. * [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. * [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. +* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. * [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. * [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance * [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance @@ -1565,6 +1566,11 @@ The following parameters are available in the `postgresql::server::database` def * [`locale`](#-postgresql--server--database--locale) * [`istemplate`](#-postgresql--server--database--istemplate) * [`connect_settings`](#-postgresql--server--database--connect_settings) +* [`psql_path`](#-postgresql--server--database--psql_path) +* [`default_db`](#-postgresql--server--database--default_db) +* [`user`](#-postgresql--server--database--user) +* [`group`](#-postgresql--server--database--group) +* [`port`](#-postgresql--server--database--port) ##### `comment` @@ -1638,6 +1644,46 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Specifies the path to the psql command. + +Default value: `$postgresql::server::psql_path` + +##### `default_db` + +Data type: `String[1]` + +Specifies the name of the default database to connect with. On most systems this is 'postgres'. + +Default value: `$postgresql::server::default_database` + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + +##### `port` + +Data type: `Stdlib::Port` + +Specifies the port for the PostgreSQL server to listen on. + +Default value: `$postgresql::server::port` + ### `postgresql::server::database_grant` Manage a database grant. @@ -1652,7 +1698,9 @@ The following parameters are available in the `postgresql::server::database_gran * [`ensure`](#-postgresql--server--database_grant--ensure) * [`psql_db`](#-postgresql--server--database_grant--psql_db) * [`psql_user`](#-postgresql--server--database_grant--psql_user) +* [`psql_group`](#-postgresql--server--database_grant--psql_group) * [`connect_settings`](#-postgresql--server--database_grant--connect_settings) +* [`port`](#-postgresql--server--database_grant--port) ##### `privilege` @@ -1690,11 +1738,19 @@ Default value: `undef` ##### `psql_user` -Data type: `Optional[String[1]]` +Data type: `String[1]` Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. -Default value: `undef` +Default value: `$postgresql::server::user` + +##### `psql_group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` ##### `connect_settings` @@ -1704,6 +1760,14 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `undef` +##### `port` + +Data type: `Optional[Stdlib::Port]` + +Port to use when connecting. + +Default value: `undef` + ### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correctpermissions. @@ -1957,6 +2021,9 @@ The following parameters are available in the `postgresql::server::extension` de * [`port`](#-postgresql--server--extension--port) * [`connect_settings`](#-postgresql--server--extension--connect_settings) * [`database_resource_name`](#-postgresql--server--extension--database_resource_name) +* [`psql_path`](#-postgresql--server--extension--psql_path) +* [`user`](#-postgresql--server--extension--user) +* [`group`](#-postgresql--server--extension--group) ##### `database` @@ -2044,6 +2111,181 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Specifies the path to the psql command. + +Default value: `postgresql::default('psql_path')` + +##### `user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `postgresql::default('user')` + +##### `group` + +Data type: `String[1]` + +Overrides the default postgres user group to be used for related files in the file system. + +Default value: `postgresql::default('group')` + +### `postgresql::server::grant` + +Define for granting permissions to roles. + +#### Parameters + +The following parameters are available in the `postgresql::server::grant` defined type: + +* [`role`](#-postgresql--server--grant--role) +* [`db`](#-postgresql--server--grant--db) +* [`privilege`](#-postgresql--server--grant--privilege) +* [`object_type`](#-postgresql--server--grant--object_type) +* [`object_name`](#-postgresql--server--grant--object_name) +* [`object_arguments`](#-postgresql--server--grant--object_arguments) +* [`psql_db`](#-postgresql--server--grant--psql_db) +* [`psql_user`](#-postgresql--server--grant--psql_user) +* [`port`](#-postgresql--server--grant--port) +* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists) +* [`connect_settings`](#-postgresql--server--grant--connect_settings) +* [`ensure`](#-postgresql--server--grant--ensure) +* [`group`](#-postgresql--server--grant--group) +* [`psql_path`](#-postgresql--server--grant--psql_path) + +##### `role` + +Data type: `String` + +Specifies the role or user whom you are granting access to. + +##### `db` + +Data type: `String` + +Specifies the database to which you are granting access. + +##### `privilege` + +Data type: `String` + +Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string. + +Default value: `''` + +##### `object_type` + +Data type: + +```puppet +Pattern[#/(?i:^COLUMN$)/, + /(?i:^ALL SEQUENCES IN SCHEMA$)/, + /(?i:^ALL TABLES IN SCHEMA$)/, + /(?i:^DATABASE$)/, + #/(?i:^FOREIGN DATA WRAPPER$)/, + #/(?i:^FOREIGN SERVER$)/, + /(?i:^FUNCTION$)/, + /(?i:^LANGUAGE$)/, + #/(?i:^PROCEDURAL LANGUAGE$)/, + /(?i:^TABLE$)/, + #/(?i:^TABLESPACE$)/, + /(?i:^SCHEMA$)/, + /(?i:^SEQUENCE$)/ + #/(?i:^VIEW$)/ + ] +``` + +Specifies the type of object to which you are granting privileges. +Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. + +Default value: `'database'` + +##### `object_name` + +Data type: `Optional[Variant[Array[String,2,2],String[1]]]` + +Specifies name of object_type to which to grant access, can be either a string or a two element array. +String: 'object_name' Array: ['schema_name', 'object_name'] + +Default value: `undef` + +##### `object_arguments` + +Data type: `Array[String[1],0]` + +Specifies any arguments to be passed alongisde the access grant. + +Default value: `[]` + +##### `psql_db` + +Data type: `String` + +Specifies the database to execute the grant against. This should not ordinarily be changed from the default + +Default value: `$postgresql::server::default_database` + +##### `psql_user` + +Data type: `String` + +Sets the OS user to run psql. + +Default value: `$postgresql::server::user` + +##### `port` + +Data type: `Optional[Stdlib::Port]` + +Port to use when connecting. + +Default value: `undef` + +##### `onlyif_exists` + +Data type: `Boolean` + +Create grant only if doesn't exist + +Default value: `false` + +##### `connect_settings` + +Data type: `Hash` + +Specifies a hash of environment variables used when connecting to a remote server. + +Default value: `$postgresql::server::default_connect_settings` + +##### `ensure` + +Data type: `Enum['present', 'absent']` + +Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. + +Default value: `'present'` + +##### `group` + +Data type: `String` + +Sets the OS group to run psql + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Sets the path to psql command + +Default value: `$postgresql::server::psql_path` + ### `postgresql::server::grant_role` Define for granting membership to a role. diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 6705280377..18b196f590 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -6,15 +6,19 @@ # @param ensure Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. # @param psql_db Defines the database to execute the grant against. This should not ordinarily be changed from the default # @param psql_user Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. +# @param psql_group Overrides the default postgres user group to be used for related files in the file system. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param port Port to use when connecting. define postgresql::server::database_grant ( Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp'] $privilege, String[1] $db, String[1] $role, Optional[Enum['present', 'absent']] $ensure = undef, Optional[String[1]] $psql_db = undef, - Optional[String[1]] $psql_user = undef, + String[1] $psql_user = $postgresql::server::user, Optional[Hash] $connect_settings = undef, + String[1] $psql_group = $postgresql::server::group, + Optional[Stdlib::Port] $port = undef, ) { postgresql::server::grant { "database:${name}": ensure => $ensure, @@ -25,6 +29,8 @@ object_name => $db, psql_db => $psql_db, psql_user => $psql_user, + group => $psql_group, + port => $port, connect_settings => $connect_settings, } } diff --git a/spec/defines/server/database_grant_spec.rb b/spec/defines/server/database_grant_spec.rb index 70ff90bb19..a1e83e84c6 100644 --- a/spec/defines/server/database_grant_spec.rb +++ b/spec/defines/server/database_grant_spec.rb @@ -9,18 +9,37 @@ 'test' end - let :params do - { - privilege: 'ALL', - db: 'test', - role: 'test' - } - end - let :pre_condition do "class {'postgresql::server':}" end - it { is_expected.to contain_postgresql__server__database_grant('test') } - it { is_expected.to contain_postgresql__server__grant('database:test') } + context 'with minimal settings' do + let :params do + { + privilege: 'ALL', + db: 'test', + role: 'test' + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__database_grant('test') } + it { is_expected.to contain_postgresql__server__grant('database:test').with_psql_user('postgres').without_port.with_group('postgres') } + end + + context 'with different user/group/port' do + let :params do + { + privilege: 'ALL', + db: 'test', + role: 'test', + psql_user: 'foo', + psql_group: 'bar', + port: 1337 + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__grant('database:test').with_psql_user('foo').with_port(1337).with_group('bar') } + end end From 1dadd63174d2b96147788e9de00435f5e8d47a57 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 31 Aug 2023 20:48:54 +0200 Subject: [PATCH 0887/1000] server::db: Make port/user/group configureable (#1494) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Simon Hönscheid --- REFERENCE.md | 31 +++++++++++++++++++++++++++++-- manifests/server/db.pp | 25 ++++++++++++++++++++----- spec/defines/server/db_spec.rb | 31 ++++++++++++++++++++++--------- 3 files changed, 71 insertions(+), 16 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 83eb112af8..509bb46137 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -44,7 +44,7 @@ * [`postgresql::server::config_entry`](#postgresql--server--config_entry): Manage a postgresql.conf entry. * [`postgresql::server::database`](#postgresql--server--database): Define for creating a database. * [`postgresql::server::database_grant`](#postgresql--server--database_grant): Manage a database grant. -* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correctpermissions. +* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correct permissions. * [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. * [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. * [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. @@ -1770,7 +1770,7 @@ Default value: `undef` ### `postgresql::server::db` -Define for conveniently creating a role, database and assigning the correctpermissions. +Define for conveniently creating a role, database and assigning the correct permissions. #### Parameters @@ -1787,6 +1787,9 @@ The following parameters are available in the `postgresql::server::db` defined t * [`template`](#-postgresql--server--db--template) * [`istemplate`](#-postgresql--server--db--istemplate) * [`owner`](#-postgresql--server--db--owner) +* [`port`](#-postgresql--server--db--port) +* [`psql_user`](#-postgresql--server--db--psql_user) +* [`psql_group`](#-postgresql--server--db--psql_group) ##### `user` @@ -1874,6 +1877,30 @@ Sets a user as the owner of the database. Default value: `undef` +##### `port` + +Data type: `Optional[Stdlib::Port]` + +Specifies the port where the PostgreSQL server is listening on. + +Default value: `undef` + +##### `psql_user` + +Data type: `String[1]` + +Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. + +Default value: `$postgresql::server::user` + +##### `psql_group` + +Data type: `String[1]` + +Overrides the default PostgreSQL user group to be used for related files in the file system. + +Default value: `$postgresql::server::group` + ### `postgresql::server::default_privileges` Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 9cd7ad4afe..01cc61b665 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -1,4 +1,4 @@ -# @summary Define for conveniently creating a role, database and assigning the correctpermissions. +# @summary Define for conveniently creating a role, database and assigning the correct permissions. # # @param user User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. # @param password Sets the password for the created user (if a user is created). @@ -11,6 +11,9 @@ # @param template Specifies the name of the template database from which to build this database. Defaults value: template0. # @param istemplate Specifies that the database is a template, if set to true. # @param owner Sets a user as the owner of the database. +# @param port Specifies the port where the PostgreSQL server is listening on. +# @param psql_user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. +# @param psql_group Overrides the default PostgreSQL user group to be used for related files in the file system. define postgresql::server::db ( String[1] $user, Optional[Variant[String, Sensitive[String]]] $password = undef, @@ -22,7 +25,10 @@ Optional[String[1]] $tablespace = undef, String[1] $template = 'template0', Boolean $istemplate = false, - Optional[String[1]] $owner = undef + Optional[String[1]] $owner = undef, + Optional[Stdlib::Port] $port = undef, + String[1] $psql_user = $postgresql::server::user, + String[1] $psql_group = $postgresql::server::group, ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: @@ -33,21 +39,30 @@ locale => $locale, istemplate => $istemplate, owner => $owner, + port => $port, + user => $psql_user, + group => $psql_group, } } if ! defined(Postgresql::Server::Role[$user]) { postgresql::server::role { $user: password_hash => $password, + port => $port, + psql_user => $psql_user, + psql_group => $psql_group, before => Postgresql::Server::Database[$dbname], } } if ! defined(Postgresql::Server::Database_grant["GRANT ${user} - ${grant} - ${dbname}"]) { postgresql::server::database_grant { "GRANT ${user} - ${grant} - ${dbname}": - privilege => $grant, - db => $dbname, - role => $user, + privilege => $grant, + db => $dbname, + role => $user, + port => $port, + psql_user => $psql_user, + psql_group => $psql_group, } -> Postgresql_conn_validator<| db_name == $dbname |> } diff --git a/spec/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb index 0051b678c9..cfd4f80d71 100644 --- a/spec/defines/server/db_spec.rb +++ b/spec/defines/server/db_spec.rb @@ -6,7 +6,24 @@ include_examples 'Debian 11' let :title do - 'test' + 'testdb' + end + let :pre_condition do + "class {'postgresql::server':}" + end + + context 'with minimal params' do + let :params do + { + user: 'foo' + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server__db('testdb').without_port.with_user('foo').with_psql_user('postgres').with_psql_group('postgres') } + it { is_expected.to contain_postgresql__server__database('testdb').without_owner.with_user('postgres').with_group('postgres') } + it { is_expected.to contain_postgresql__server__role('foo').that_comes_before('Postgresql::Server::Database[testdb]').without_port.with_psql_user('postgres').with_psql_group('postgres') } + it { is_expected.to contain_postgresql__server__database_grant('GRANT foo - ALL - testdb').without_port.with_psql_user('postgres').with_psql_group('postgres') } end context 'without dbname param' do @@ -18,14 +35,10 @@ } end - let :pre_condition do - "class {'postgresql::server':}" - end - - it { is_expected.to contain_postgresql__server__db('test') } - it { is_expected.to contain_postgresql__server__database('test').with_owner('tester') } - it { is_expected.to contain_postgresql__server__role('test').that_comes_before('Postgresql::Server::Database[test]') } - it { is_expected.to contain_postgresql__server__database_grant('GRANT test - ALL - test') } + it { is_expected.to contain_postgresql__server__db('testdb') } + it { is_expected.to contain_postgresql__server__database('testdb').with_owner('tester') } + it { is_expected.to contain_postgresql__server__role('test').that_comes_before('Postgresql::Server::Database[testdb]') } + it { is_expected.to contain_postgresql__server__database_grant('GRANT test - ALL - testdb') } end context 'dbname' do From f43f4b88aefb09208ea50f66ca13d21755190dda Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 23:20:35 +0200 Subject: [PATCH 0888/1000] set datatype for directories to Stdlib::Absolutepath --- manifests/globals.pp | 12 ++++++------ manifests/server.pp | 8 ++++---- manifests/server/instance/config.pp | 4 ++-- manifests/server/instance/initdb.pp | 8 ++++---- manifests/server/instance/late_initdb.pp | 2 +- manifests/server/instance/passwd.pp | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 371e30cca3..ddd9353a73 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -133,11 +133,11 @@ Optional[Boolean] $pg_hba_conf_defaults = undef, - Optional[String[1]] $datadir = undef, - Optional[String[1]] $confdir = undef, - Optional[String[1]] $bindir = undef, - Optional[String[1]] $xlogdir = undef, - Optional[String[1]] $logdir = undef, + Optional[Stdlib::Absolutepath] $datadir = undef, + Optional[Stdlib::Absolutepath] $confdir = undef, + Optional[Stdlib::Absolutepath] $bindir = undef, + Optional[Stdlib::Absolutepath] $xlogdir = undef, + Optional[Stdlib::Absolutepath] $logdir = undef, Optional[String[1]] $log_line_prefix = undef, Optional[Boolean] $manage_datadir = undef, Optional[Boolean] $manage_logdir = undef, @@ -167,7 +167,7 @@ Optional[Boolean] $manage_package_repo = undef, Boolean $manage_dnf_module = false, - Optional[String[1]] $module_workdir = undef, + Optional[Stdlib::Absolutepath] $module_workdir = undef, ) { # We are determining this here, because it is needed by the package repo # class. diff --git a/manifests/server.pp b/manifests/server.pp index 4cf601cbda..fcd31bfce7 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -146,9 +146,9 @@ Optional[Stdlib::Filemode] $postgresql_conf_mode = $postgresql::params::postgresql_conf_mode, Stdlib::Absolutepath $recovery_conf_path = $postgresql::params::recovery_conf_path, - String[1] $datadir = $postgresql::params::datadir, - Optional[String[1]] $xlogdir = $postgresql::params::xlogdir, - Optional[String[1]] $logdir = $postgresql::params::logdir, + Stdlib::Absolutepath $datadir = $postgresql::params::datadir, + Optional[Stdlib::Absolutepath] $xlogdir = $postgresql::params::xlogdir, + Optional[Stdlib::Absolutepath] $logdir = $postgresql::params::logdir, Optional[String[1]] $log_line_prefix = $postgresql::params::log_line_prefix, @@ -173,7 +173,7 @@ Boolean $manage_recovery_conf = $postgresql::params::manage_recovery_conf, Boolean $manage_postgresql_conf_perms = $postgresql::params::manage_postgresql_conf_perms, Boolean $manage_selinux = $postgresql::params::manage_selinux, - String[1] $module_workdir = $postgresql::params::module_workdir, + Stdlib::Absolutepath $module_workdir = $postgresql::params::module_workdir, Boolean $manage_datadir = $postgresql::params::manage_datadir, Boolean $manage_logdir = $postgresql::params::manage_logdir, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 3c05c03e9f..4b049a8a00 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -64,8 +64,8 @@ Boolean $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf, Boolean $manage_recovery_conf = $postgresql::server::manage_recovery_conf, Boolean $manage_postgresql_conf_perms = $postgresql::server::manage_postgresql_conf_perms, - String[1] $datadir = $postgresql::server::datadir, - Optional[String[1]] $logdir = $postgresql::server::logdir, + Stdlib::Absolutepath $datadir = $postgresql::server::datadir, + Optional[Stdlib::Absolutepath] $logdir = $postgresql::server::logdir, String[1] $service_name = $postgresql::server::service_name, Boolean $service_enable = $postgresql::server::service_enable, Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 397a10c20c..87ee475c63 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -29,21 +29,21 @@ Optional[String[1]] $auth_host = $postgresql::server::auth_host, Optional[String[1]] $auth_local = $postgresql::server::auth_local, Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, - String[1] $datadir = $postgresql::server::datadir, + Stdlib::Absolutepath $datadir = $postgresql::server::datadir, Optional[String[1]] $encoding = $postgresql::server::encoding, String[1] $group = $postgresql::server::group, Stdlib::Absolutepath $initdb_path = $postgresql::server::initdb_path, Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, Optional[String[1]] $locale = $postgresql::server::locale, - Optional[String[1]] $logdir = $postgresql::server::logdir, + Optional[Stdlib::Absolutepath] $logdir = $postgresql::server::logdir, Boolean $manage_datadir = $postgresql::server::manage_datadir, Boolean $manage_logdir = $postgresql::server::manage_logdir, Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, - String[1] $module_workdir = $postgresql::server::module_workdir, + Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, Boolean $needs_initdb = $postgresql::server::needs_initdb, String[1] $user = $postgresql::server::user, Optional[String[1]] $username = $postgresql::server::username, - Optional[String[1]] $xlogdir = $postgresql::server::xlogdir, + Optional[Stdlib::Absolutepath] $xlogdir = $postgresql::server::xlogdir, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index d864ff9065..05a93f81a6 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -17,7 +17,7 @@ String[1] $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Stdlib::Port $port = $postgresql::server::port, - String[1] $module_workdir = $postgresql::server::module_workdir, + Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, ) { # Set the defaults for the postgresql_psql resource Postgresql_psql { diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index 4c4c22f926..e539b7a69c 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -19,7 +19,7 @@ Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Stdlib::Port $port = $postgresql::server::port, String[1] $database = $postgresql::server::default_database, - String[1] $module_workdir = $postgresql::server::module_workdir, + Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, Optional[Variant[String[1], Sensitive[String[1]], Integer]] $postgres_password = $postgresql::server::postgres_password, ) { $real_postgres_password = if $postgres_password =~ Sensitive { From 8fdd1ad5eba70c1bae0e96e238d212d16eed62fa Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 31 Aug 2023 22:59:39 +0200 Subject: [PATCH 0889/1000] update documentation/reference --- REFERENCE.md | 2152 +++++++++++++++++++++++++------------------------- 1 file changed, 1078 insertions(+), 1074 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 509bb46137..1733d7fdfe 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -8,18 +8,18 @@ #### Public Classes -* [`postgresql::client`](#postgresql--client): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::globals`](#postgresql--globals): Class for setting cross-class global overrides. -* [`postgresql::lib::devel`](#postgresql--lib--devel): This class installs postgresql development libraries. -* [`postgresql::lib::docs`](#postgresql--lib--docs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::lib::java`](#postgresql--lib--java): This class installs the postgresql jdbc connector. -* [`postgresql::lib::perl`](#postgresql--lib--perl): This class installs the perl libs for postgresql. -* [`postgresql::lib::python`](#postgresql--lib--python): This class installs the python libs for postgresql. -* [`postgresql::server`](#postgresql--server): This installs a PostgreSQL server -* [`postgresql::server::contrib`](#postgresql--server--contrib): Install the contrib postgresql packaging. -* [`postgresql::server::plperl`](#postgresql--server--plperl): This class installs the PL/Perl procedural language for postgresql. -* [`postgresql::server::plpython`](#postgresql--server--plpython): This class installs the PL/Python procedural language for postgresql. -* [`postgresql::server::postgis`](#postgresql--server--postgis): Install the postgis postgresql packaging. +* [`postgresql::client`](#postgresqlclient): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. +* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. +* [`postgresql::lib::docs`](#postgresqllibdocs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. +* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. +* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. +* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server +* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. +* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. +* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. +* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. #### Private Classes @@ -41,28 +41,28 @@ #### Public Defined types -* [`postgresql::server::config_entry`](#postgresql--server--config_entry): Manage a postgresql.conf entry. -* [`postgresql::server::database`](#postgresql--server--database): Define for creating a database. -* [`postgresql::server::database_grant`](#postgresql--server--database_grant): Manage a database grant. -* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correct permissions. -* [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. -* [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. -* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. -* [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. -* [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance -* [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance -* [`postgresql::server::instance::late_initdb`](#postgresql--server--instance--late_initdb): Manage the default encoding when database initialization is managed by the package -* [`postgresql::server::instance::passwd`](#postgresql--server--instance--passwd): Overrides the default PostgreSQL superuser -* [`postgresql::server::instance::reload`](#postgresql--server--instance--reload): Overrides the default reload or status command for your PostgreSQL service -* [`postgresql::server::instance::service`](#postgresql--server--instance--service): Manages the service for the postgres main instance (default) or additional instances -* [`postgresql::server::pg_hba_rule`](#postgresql--server--pg_hba_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::pg_ident_rule`](#postgresql--server--pg_ident_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::reassign_owned_by`](#postgresql--server--reassign_owned_by): Define for reassigning the ownership of objects within a database. -* [`postgresql::server::recovery`](#postgresql--server--recovery): This resource manages the parameters that applies to the recovery.conf template. -* [`postgresql::server::role`](#postgresql--server--role): Define for creating a database role. -* [`postgresql::server::schema`](#postgresql--server--schema): Create a new schema. -* [`postgresql::server::table_grant`](#postgresql--server--table_grant): This resource wraps the grant resource to manage table grants specifically. -* [`postgresql::server::tablespace`](#postgresql--server--tablespace): This module creates tablespace. +* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. +* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. +* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. +* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correct permissions. +* [`postgresql::server::default_privileges`](#postgresqlserverdefault_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. +* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. +* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. +* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. +* [`postgresql::server::instance::config`](#postgresqlserverinstanceconfig): Manages the config for a postgresql::server instance +* [`postgresql::server::instance::initdb`](#postgresqlserverinstanceinitdb): Manages initdb feature for a postgresql::server instance +* [`postgresql::server::instance::late_initdb`](#postgresqlserverinstancelate_initdb): Manage the default encoding when database initialization is managed by the package +* [`postgresql::server::instance::passwd`](#postgresqlserverinstancepasswd): Overrides the default PostgreSQL superuser +* [`postgresql::server::instance::reload`](#postgresqlserverinstancereload): Overrides the default reload or status command for your PostgreSQL service +* [`postgresql::server::instance::service`](#postgresqlserverinstanceservice): Manages the service for the postgres main instance (default) or additional instances +* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. +* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. +* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. +* [`postgresql::server::schema`](#postgresqlserverschema): Create a new schema. +* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. +* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. #### Private Defined types @@ -79,10 +79,10 @@ #### Public Functions -* [`postgresql::default`](#postgresql--default): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. -* [`postgresql::postgresql_escape`](#postgresql--postgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. -* [`postgresql::postgresql_password`](#postgresql--postgresql_password): This function returns the postgresql password hash from the clear text username / password -* [`postgresql::prepend_sql_password`](#postgresql--prepend_sql_password): This function exists for usage of a role password that is a deferred function +* [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. +* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. +* [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql::prepend_sql_password`](#postgresqlprepend_sql_password): This function exists for usage of a role password that is a deferred function * [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. @@ -92,11 +92,11 @@ ### Data types -* [`Postgresql::Pg_hba_rule`](#Postgresql--Pg_hba_rule): type for all parameters in the postgresql::server::hba_rule defined resource -* [`Postgresql::Pg_hba_rule_address`](#Postgresql--Pg_hba_rule_address): Supported address types -* [`Postgresql::Pg_hba_rule_type`](#Postgresql--Pg_hba_rule_type): enum for all different types for the pg_hba_conf -* [`Postgresql::Pg_hba_rules`](#Postgresql--Pg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf -* [`Postgresql::Pg_password_encryption`](#Postgresql--Pg_password_encryption): the supported password_encryption +* [`Postgresql::Pg_hba_rule`](#postgresqlpg_hba_rule): type for all parameters in the postgresql::server::hba_rule defined resource +* [`Postgresql::Pg_hba_rule_address`](#postgresqlpg_hba_rule_address): Supported address types +* [`Postgresql::Pg_hba_rule_type`](#postgresqlpg_hba_rule_type): enum for all different types for the pg_hba_conf +* [`Postgresql::Pg_hba_rules`](#postgresqlpg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf +* [`Postgresql::Pg_password_encryption`](#postgresqlpg_password_encryption): the supported password_encryption ### Tasks @@ -104,7 +104,7 @@ ## Classes -### `postgresql::client` +### `postgresql::client` Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. @@ -114,12 +114,12 @@ Installs PostgreSQL client software. Set the following parameters if you have a The following parameters are available in the `postgresql::client` class: -* [`file_ensure`](#-postgresql--client--file_ensure) -* [`validcon_script_path`](#-postgresql--client--validcon_script_path) -* [`package_name`](#-postgresql--client--package_name) -* [`package_ensure`](#-postgresql--client--package_ensure) +* [`file_ensure`](#file_ensure) +* [`validcon_script_path`](#validcon_script_path) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `file_ensure` +##### `file_ensure` Data type: `Enum['file', 'absent']` @@ -127,7 +127,7 @@ Ensure the connection validation script is present Default value: `'file'` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Stdlib::Absolutepath` @@ -135,7 +135,7 @@ Optional. Absolute path for the postgresql connection validation script. Default value: `$postgresql::params::validcon_script_path` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -143,7 +143,7 @@ Sets the name of the PostgreSQL client package. Default value: `$postgresql::params::client_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -151,7 +151,7 @@ Ensure the client package is installed Default value: `'present'` -### `postgresql::globals` +### `postgresql::globals` Class for setting cross-class global overrides. @@ -163,246 +163,246 @@ as version or manage_package_repo. The following parameters are available in the `postgresql::globals` class: -* [`client_package_name`](#-postgresql--globals--client_package_name) -* [`server_package_name`](#-postgresql--globals--server_package_name) -* [`contrib_package_name`](#-postgresql--globals--contrib_package_name) -* [`devel_package_name`](#-postgresql--globals--devel_package_name) -* [`java_package_name`](#-postgresql--globals--java_package_name) -* [`docs_package_name`](#-postgresql--globals--docs_package_name) -* [`perl_package_name`](#-postgresql--globals--perl_package_name) -* [`plperl_package_name`](#-postgresql--globals--plperl_package_name) -* [`plpython_package_name`](#-postgresql--globals--plpython_package_name) -* [`python_package_name`](#-postgresql--globals--python_package_name) -* [`postgis_package_name`](#-postgresql--globals--postgis_package_name) -* [`service_name`](#-postgresql--globals--service_name) -* [`service_provider`](#-postgresql--globals--service_provider) -* [`service_status`](#-postgresql--globals--service_status) -* [`default_database`](#-postgresql--globals--default_database) -* [`validcon_script_path`](#-postgresql--globals--validcon_script_path) -* [`initdb_path`](#-postgresql--globals--initdb_path) -* [`psql_path`](#-postgresql--globals--psql_path) -* [`pg_hba_conf_path`](#-postgresql--globals--pg_hba_conf_path) -* [`pg_ident_conf_path`](#-postgresql--globals--pg_ident_conf_path) -* [`postgresql_conf_path`](#-postgresql--globals--postgresql_conf_path) -* [`postgresql_conf_mode`](#-postgresql--globals--postgresql_conf_mode) -* [`recovery_conf_path`](#-postgresql--globals--recovery_conf_path) -* [`default_connect_settings`](#-postgresql--globals--default_connect_settings) -* [`pg_hba_conf_defaults`](#-postgresql--globals--pg_hba_conf_defaults) -* [`datadir`](#-postgresql--globals--datadir) -* [`confdir`](#-postgresql--globals--confdir) -* [`bindir`](#-postgresql--globals--bindir) -* [`xlogdir`](#-postgresql--globals--xlogdir) -* [`logdir`](#-postgresql--globals--logdir) -* [`log_line_prefix`](#-postgresql--globals--log_line_prefix) -* [`user`](#-postgresql--globals--user) -* [`group`](#-postgresql--globals--group) -* [`version`](#-postgresql--globals--version) -* [`postgis_version`](#-postgresql--globals--postgis_version) -* [`repo_proxy`](#-postgresql--globals--repo_proxy) -* [`repo_baseurl`](#-postgresql--globals--repo_baseurl) -* [`yum_repo_commonurl`](#-postgresql--globals--yum_repo_commonurl) -* [`needs_initdb`](#-postgresql--globals--needs_initdb) -* [`encoding`](#-postgresql--globals--encoding) -* [`locale`](#-postgresql--globals--locale) -* [`data_checksums`](#-postgresql--globals--data_checksums) -* [`timezone`](#-postgresql--globals--timezone) -* [`manage_pg_hba_conf`](#-postgresql--globals--manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#-postgresql--globals--manage_pg_ident_conf) -* [`manage_recovery_conf`](#-postgresql--globals--manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#-postgresql--globals--manage_postgresql_conf_perms) -* [`manage_selinux`](#-postgresql--globals--manage_selinux) -* [`manage_datadir`](#-postgresql--globals--manage_datadir) -* [`manage_logdir`](#-postgresql--globals--manage_logdir) -* [`manage_xlogdir`](#-postgresql--globals--manage_xlogdir) -* [`manage_package_repo`](#-postgresql--globals--manage_package_repo) -* [`manage_dnf_module`](#-postgresql--globals--manage_dnf_module) -* [`module_workdir`](#-postgresql--globals--module_workdir) - -##### `client_package_name` +* [`client_package_name`](#client_package_name) +* [`server_package_name`](#server_package_name) +* [`contrib_package_name`](#contrib_package_name) +* [`devel_package_name`](#devel_package_name) +* [`java_package_name`](#java_package_name) +* [`docs_package_name`](#docs_package_name) +* [`perl_package_name`](#perl_package_name) +* [`plperl_package_name`](#plperl_package_name) +* [`plpython_package_name`](#plpython_package_name) +* [`python_package_name`](#python_package_name) +* [`postgis_package_name`](#postgis_package_name) +* [`service_name`](#service_name) +* [`service_provider`](#service_provider) +* [`service_status`](#service_status) +* [`default_database`](#default_database) +* [`validcon_script_path`](#validcon_script_path) +* [`initdb_path`](#initdb_path) +* [`psql_path`](#psql_path) +* [`pg_hba_conf_path`](#pg_hba_conf_path) +* [`pg_ident_conf_path`](#pg_ident_conf_path) +* [`postgresql_conf_path`](#postgresql_conf_path) +* [`postgresql_conf_mode`](#postgresql_conf_mode) +* [`recovery_conf_path`](#recovery_conf_path) +* [`default_connect_settings`](#default_connect_settings) +* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) +* [`datadir`](#datadir) +* [`confdir`](#confdir) +* [`bindir`](#bindir) +* [`xlogdir`](#xlogdir) +* [`logdir`](#logdir) +* [`log_line_prefix`](#log_line_prefix) +* [`user`](#user) +* [`group`](#group) +* [`version`](#version) +* [`postgis_version`](#postgis_version) +* [`repo_proxy`](#repo_proxy) +* [`repo_baseurl`](#repo_baseurl) +* [`yum_repo_commonurl`](#yum_repo_commonurl) +* [`needs_initdb`](#needs_initdb) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`data_checksums`](#data_checksums) +* [`timezone`](#timezone) +* [`manage_pg_hba_conf`](#manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#manage_pg_ident_conf) +* [`manage_recovery_conf`](#manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`manage_selinux`](#manage_selinux) +* [`manage_datadir`](#manage_datadir) +* [`manage_logdir`](#manage_logdir) +* [`manage_xlogdir`](#manage_xlogdir) +* [`manage_package_repo`](#manage_package_repo) +* [`manage_dnf_module`](#manage_dnf_module) +* [`module_workdir`](#module_workdir) + +##### `client_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL client package name. -Default value: `undef` +Default value: ``undef`` -##### `server_package_name` +##### `server_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL server package name. -Default value: `undef` +Default value: ``undef`` -##### `contrib_package_name` +##### `contrib_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL contrib package name. -Default value: `undef` +Default value: ``undef`` -##### `devel_package_name` +##### `devel_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL devel package name. -Default value: `undef` +Default value: ``undef`` -##### `java_package_name` +##### `java_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL java package name. -Default value: `undef` +Default value: ``undef`` -##### `docs_package_name` +##### `docs_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL docs package name. -Default value: `undef` +Default value: ``undef`` -##### `perl_package_name` +##### `perl_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL Perl package name. -Default value: `undef` +Default value: ``undef`` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Perl package name. -Default value: `undef` +Default value: ``undef`` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Python package name. -Default value: `undef` +Default value: ``undef`` -##### `python_package_name` +##### `python_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL Python package name. -Default value: `undef` +Default value: ``undef`` -##### `postgis_package_name` +##### `postgis_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PostGIS package name. -Default value: `undef` +Default value: ``undef`` -##### `service_name` +##### `service_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL service name. -Default value: `undef` +Default value: ``undef`` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` Overrides the default PostgreSQL service provider. -Default value: `undef` +Default value: ``undef`` -##### `service_status` +##### `service_status` Data type: `Optional[String[1]]` Overrides the default status check command for your PostgreSQL service. -Default value: `undef` +Default value: ``undef`` -##### `default_database` +##### `default_database` Data type: `Optional[String[1]]` Specifies the name of the default database to connect with. -Default value: `undef` +Default value: ``undef`` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Optional[String[1]]` Scipt path for the connection validation check. -Default value: `undef` +Default value: ``undef`` -##### `initdb_path` +##### `initdb_path` Data type: `Optional[Stdlib::Absolutepath]` Path to the initdb command. -Default value: `undef` +Default value: ``undef`` -##### `psql_path` +##### `psql_path` Data type: `Optional[Stdlib::Absolutepath]` Sets the path to the psql command. -Default value: `undef` +Default value: ``undef`` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_hba.conf file. -Default value: `undef` +Default value: ``undef`` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_ident.conf file. -Default value: `undef` +Default value: ``undef`` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Sets the path to your postgresql.conf file. -Default value: `undef` +Default value: ``undef`` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. -Default value: `undef` +Default value: ``undef`` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Path to your recovery.conf file. -Default value: `undef` +Default value: ``undef`` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Hash` @@ -410,17 +410,17 @@ Default connection settings. Default value: `{}` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Optional[Boolean]` Disables the defaults supplied with the module for pg_hba.conf if set to false. -Default value: `undef` +Default value: ``undef`` -##### `datadir` +##### `datadir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL data directory for the target platform. Changing the datadir after installation causes the server to come to a full stop before making the change. @@ -430,113 +430,113 @@ defaults to true on other systems). Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original -Default value: `undef` +Default value: ``undef`` -##### `confdir` +##### `confdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL configuration directory for the target platform. -Default value: `undef` +Default value: ``undef`` -##### `bindir` +##### `bindir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL binaries directory for the target platform. -Default value: `undef` +Default value: ``undef`` -##### `xlogdir` +##### `xlogdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL xlog directory. -Default value: `undef` +Default value: ``undef`` -##### `logdir` +##### `logdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL log directory. -Default value: `undef` +Default value: ``undef`` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` Overrides the default PostgreSQL log prefix. -Default value: `undef` +Default value: ``undef`` -##### `user` +##### `user` Data type: `Optional[String[1]]` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: `undef` +Default value: ``undef`` -##### `group` +##### `group` Data type: `Optional[String[1]]` Overrides the default postgres user group to be used for related files in the file system. -Default value: `undef` +Default value: ``undef`` -##### `version` +##### `version` Data type: `Optional[String[1]]` The version of PostgreSQL to install and manage. -Default value: `undef` +Default value: ``undef`` -##### `postgis_version` +##### `postgis_version` Data type: `Optional[String[1]]` Defines the version of PostGIS to install, if you install PostGIS. -Default value: `undef` +Default value: ``undef`` -##### `repo_proxy` +##### `repo_proxy` Data type: `Optional[String[1]]` Sets the proxy option for the official PostgreSQL yum-repositories only. -Default value: `undef` +Default value: ``undef`` -##### `repo_baseurl` +##### `repo_baseurl` Data type: `Optional[String[1]]` Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: `undef` +Default value: ``undef`` -##### `yum_repo_commonurl` +##### `yum_repo_commonurl` Data type: `Optional[String[1]]` Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. -Default value: `undef` +Default value: ``undef`` -##### `needs_initdb` +##### `needs_initdb` Data type: `Optional[Boolean]` Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. -Default value: `undef` +Default value: ``undef`` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -544,9 +544,9 @@ Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -Default value: `undef` +Default value: ``undef`` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -555,50 +555,50 @@ On certain operating systems, this is also used during the template1 initializat so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. -Default value: `undef` +Default value: ``undef`` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. -Default value: `undef` +Default value: ``undef`` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. -Default value: `undef` +Default value: ``undef`` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the pg_hba.conf file. -Default value: `undef` +Default value: ``undef`` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the pg_ident.conf file. -Default value: `undef` +Default value: ``undef`` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the recovery.conf file. -Default value: `undef` +Default value: ``undef`` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Optional[Boolean]` @@ -606,49 +606,49 @@ Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry. -Default value: `undef` +Default value: ``undef`` -##### `manage_selinux` +##### `manage_selinux` Data type: `Optional[Boolean]` Allows Puppet to manage the appropriate configuration file for selinux. -Default value: `undef` +Default value: ``undef`` -##### `manage_datadir` +##### `manage_datadir` Data type: `Optional[Boolean]` Set to false if you have file{ $datadir: } already defined -Default value: `undef` +Default value: ``undef`` -##### `manage_logdir` +##### `manage_logdir` Data type: `Optional[Boolean]` Set to false if you have file{ $logdir: } already defined -Default value: `undef` +Default value: ``undef`` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Optional[Boolean]` Set to false if you have file{ $xlogdir: } already defined -Default value: `undef` +Default value: ``undef`` -##### `manage_package_repo` +##### `manage_package_repo` Data type: `Optional[Boolean]` Sets up official PostgreSQL repositories on your host if set to true. -Default value: `undef` +Default value: ``undef`` -##### `manage_dnf_module` +##### `manage_dnf_module` Data type: `Boolean` @@ -656,18 +656,18 @@ Manage the DNF module. This only makes sense on distributions that use DNF package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or Puppet 6.15.0+ since they ship the dnfmodule provider. -Default value: `false` +Default value: ``false`` -##### `module_workdir` +##### `module_workdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: `undef` +Default value: ``undef`` -### `postgresql::lib::devel` +### `postgresql::lib::devel` This class installs postgresql development libraries. @@ -675,11 +675,11 @@ This class installs postgresql development libraries. The following parameters are available in the `postgresql::lib::devel` class: -* [`package_name`](#-postgresql--lib--devel--package_name) -* [`package_ensure`](#-postgresql--lib--devel--package_ensure) -* [`link_pg_config`](#-postgresql--lib--devel--link_pg_config) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`link_pg_config`](#link_pg_config) -##### `package_name` +##### `package_name` Data type: `String` @@ -687,7 +687,7 @@ Override devel package name Default value: `$postgresql::params::devel_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -695,7 +695,7 @@ Ensure the development libraries are installed Default value: `'present'` -##### `link_pg_config` +##### `link_pg_config` Data type: `Boolean` @@ -704,7 +704,7 @@ into usr/bin (not applicable to Debian systems). Set to false to disable this be Default value: `$postgresql::params::link_pg_config` -### `postgresql::lib::docs` +### `postgresql::lib::docs` Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -714,10 +714,10 @@ Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if The following parameters are available in the `postgresql::lib::docs` class: -* [`package_name`](#-postgresql--lib--docs--package_name) -* [`package_ensure`](#-postgresql--lib--docs--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -725,7 +725,7 @@ Specifies the name of the PostgreSQL docs package. Default value: `$postgresql::params::docs_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -733,7 +733,7 @@ Whether the PostgreSQL docs package resource should be present. Default value: `'present'` -### `postgresql::lib::java` +### `postgresql::lib::java` This class installs the postgresql jdbc connector. @@ -743,10 +743,10 @@ This class installs the postgresql jdbc connector. The following parameters are available in the `postgresql::lib::java` class: -* [`package_name`](#-postgresql--lib--java--package_name) -* [`package_ensure`](#-postgresql--lib--java--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -754,7 +754,7 @@ Specifies the name of the PostgreSQL java package. Default value: `$postgresql::params::java_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -762,7 +762,7 @@ Specifies whether the package is present. Default value: `'present'` -### `postgresql::lib::perl` +### `postgresql::lib::perl` This class installs the perl libs for postgresql. @@ -770,10 +770,10 @@ This class installs the perl libs for postgresql. The following parameters are available in the `postgresql::lib::perl` class: -* [`package_name`](#-postgresql--lib--perl--package_name) -* [`package_ensure`](#-postgresql--lib--perl--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -781,7 +781,7 @@ Specifies the name of the PostgreSQL perl package to install. Default value: `$postgresql::params::perl_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -789,7 +789,7 @@ Ensure the perl libs for postgresql are installed. Default value: `'present'` -### `postgresql::lib::python` +### `postgresql::lib::python` This class installs the python libs for postgresql. @@ -797,10 +797,10 @@ This class installs the python libs for postgresql. The following parameters are available in the `postgresql::lib::python` class: -* [`package_name`](#-postgresql--lib--python--package_name) -* [`package_ensure`](#-postgresql--lib--python--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -808,7 +808,7 @@ The name of the PostgreSQL Python package. Default value: `$postgresql::params::python_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -816,7 +816,7 @@ Ensure the python libs for postgresql are installed. Default value: `'present'` -### `postgresql::server` +### `postgresql::server` This installs a PostgreSQL server @@ -824,78 +824,78 @@ This installs a PostgreSQL server The following parameters are available in the `postgresql::server` class: -* [`postgres_password`](#-postgresql--server--postgres_password) -* [`package_name`](#-postgresql--server--package_name) -* [`package_ensure`](#-postgresql--server--package_ensure) -* [`plperl_package_name`](#-postgresql--server--plperl_package_name) -* [`plpython_package_name`](#-postgresql--server--plpython_package_name) -* [`service_ensure`](#-postgresql--server--service_ensure) -* [`service_enable`](#-postgresql--server--service_enable) -* [`service_manage`](#-postgresql--server--service_manage) -* [`service_name`](#-postgresql--server--service_name) -* [`service_restart_on_change`](#-postgresql--server--service_restart_on_change) -* [`service_provider`](#-postgresql--server--service_provider) -* [`service_reload`](#-postgresql--server--service_reload) -* [`service_status`](#-postgresql--server--service_status) -* [`default_database`](#-postgresql--server--default_database) -* [`default_connect_settings`](#-postgresql--server--default_connect_settings) -* [`listen_addresses`](#-postgresql--server--listen_addresses) -* [`port`](#-postgresql--server--port) -* [`ip_mask_deny_postgres_user`](#-postgresql--server--ip_mask_deny_postgres_user) -* [`ip_mask_allow_all_users`](#-postgresql--server--ip_mask_allow_all_users) -* [`ipv4acls`](#-postgresql--server--ipv4acls) -* [`ipv6acls`](#-postgresql--server--ipv6acls) -* [`initdb_path`](#-postgresql--server--initdb_path) -* [`psql_path`](#-postgresql--server--psql_path) -* [`pg_hba_conf_path`](#-postgresql--server--pg_hba_conf_path) -* [`pg_ident_conf_path`](#-postgresql--server--pg_ident_conf_path) -* [`postgresql_conf_path`](#-postgresql--server--postgresql_conf_path) -* [`postgresql_conf_mode`](#-postgresql--server--postgresql_conf_mode) -* [`recovery_conf_path`](#-postgresql--server--recovery_conf_path) -* [`datadir`](#-postgresql--server--datadir) -* [`xlogdir`](#-postgresql--server--xlogdir) -* [`logdir`](#-postgresql--server--logdir) -* [`log_line_prefix`](#-postgresql--server--log_line_prefix) -* [`pg_hba_conf_defaults`](#-postgresql--server--pg_hba_conf_defaults) -* [`user`](#-postgresql--server--user) -* [`group`](#-postgresql--server--group) -* [`needs_initdb`](#-postgresql--server--needs_initdb) -* [`encoding`](#-postgresql--server--encoding) -* [`locale`](#-postgresql--server--locale) -* [`data_checksums`](#-postgresql--server--data_checksums) -* [`timezone`](#-postgresql--server--timezone) -* [`manage_pg_hba_conf`](#-postgresql--server--manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#-postgresql--server--manage_pg_ident_conf) -* [`manage_recovery_conf`](#-postgresql--server--manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#-postgresql--server--manage_postgresql_conf_perms) -* [`manage_selinux`](#-postgresql--server--manage_selinux) -* [`module_workdir`](#-postgresql--server--module_workdir) -* [`manage_datadir`](#-postgresql--server--manage_datadir) -* [`manage_logdir`](#-postgresql--server--manage_logdir) -* [`manage_xlogdir`](#-postgresql--server--manage_xlogdir) -* [`password_encryption`](#-postgresql--server--password_encryption) -* [`roles`](#-postgresql--server--roles) -* [`config_entries`](#-postgresql--server--config_entries) -* [`pg_hba_rules`](#-postgresql--server--pg_hba_rules) -* [`backup_enable`](#-postgresql--server--backup_enable) -* [`backup_options`](#-postgresql--server--backup_options) -* [`backup_provider`](#-postgresql--server--backup_provider) -* [`extra_systemd_config`](#-postgresql--server--extra_systemd_config) -* [`auth_host`](#-postgresql--server--auth_host) -* [`auth_local`](#-postgresql--server--auth_local) -* [`lc_messages`](#-postgresql--server--lc_messages) -* [`username`](#-postgresql--server--username) - -##### `postgres_password` +* [`postgres_password`](#postgres_password) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`plperl_package_name`](#plperl_package_name) +* [`plpython_package_name`](#plpython_package_name) +* [`service_ensure`](#service_ensure) +* [`service_enable`](#service_enable) +* [`service_manage`](#service_manage) +* [`service_name`](#service_name) +* [`service_restart_on_change`](#service_restart_on_change) +* [`service_provider`](#service_provider) +* [`service_reload`](#service_reload) +* [`service_status`](#service_status) +* [`default_database`](#default_database) +* [`default_connect_settings`](#default_connect_settings) +* [`listen_addresses`](#listen_addresses) +* [`port`](#port) +* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) +* [`ipv4acls`](#ipv4acls) +* [`ipv6acls`](#ipv6acls) +* [`initdb_path`](#initdb_path) +* [`psql_path`](#psql_path) +* [`pg_hba_conf_path`](#pg_hba_conf_path) +* [`pg_ident_conf_path`](#pg_ident_conf_path) +* [`postgresql_conf_path`](#postgresql_conf_path) +* [`postgresql_conf_mode`](#postgresql_conf_mode) +* [`recovery_conf_path`](#recovery_conf_path) +* [`datadir`](#datadir) +* [`xlogdir`](#xlogdir) +* [`logdir`](#logdir) +* [`log_line_prefix`](#log_line_prefix) +* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) +* [`user`](#user) +* [`group`](#group) +* [`needs_initdb`](#needs_initdb) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`data_checksums`](#data_checksums) +* [`timezone`](#timezone) +* [`manage_pg_hba_conf`](#manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#manage_pg_ident_conf) +* [`manage_recovery_conf`](#manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`manage_selinux`](#manage_selinux) +* [`module_workdir`](#module_workdir) +* [`manage_datadir`](#manage_datadir) +* [`manage_logdir`](#manage_logdir) +* [`manage_xlogdir`](#manage_xlogdir) +* [`password_encryption`](#password_encryption) +* [`roles`](#roles) +* [`config_entries`](#config_entries) +* [`pg_hba_rules`](#pg_hba_rules) +* [`backup_enable`](#backup_enable) +* [`backup_options`](#backup_options) +* [`backup_provider`](#backup_provider) +* [`extra_systemd_config`](#extra_systemd_config) +* [`auth_host`](#auth_host) +* [`auth_local`](#auth_local) +* [`lc_messages`](#lc_messages) +* [`username`](#username) + +##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -Default value: `undef` +Default value: ``undef`` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -903,7 +903,7 @@ Specifies the name of the package to use for installing the server software. Default value: `$postgresql::params::server_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -911,7 +911,7 @@ Passes a value through to the package resource when creating the server instance Default value: `$postgresql::params::package_ensure` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Optional[String[1]]` @@ -919,7 +919,7 @@ Sets the default package name for the PL/Perl extension. Default value: `$postgresql::params::plperl_package_name` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Optional[String[1]]` @@ -927,7 +927,7 @@ Sets the default package name for the PL/Python extension. Default value: `$postgresql::params::plpython_package_name` -##### `service_ensure` +##### `service_ensure` Data type: `Variant[Enum['running', 'stopped'], Boolean]` @@ -935,7 +935,7 @@ Ensure service is installed Default value: `$postgresql::params::service_ensure` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -943,7 +943,7 @@ Enable the PostgreSQL service Default value: `$postgresql::params::service_enable` -##### `service_manage` +##### `service_manage` Data type: `Boolean` @@ -951,7 +951,7 @@ Defines whether or not Puppet should manage the service. Default value: `$postgresql::params::service_manage` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -959,7 +959,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::params::service_name` -##### `service_restart_on_change` +##### `service_restart_on_change` Data type: `Boolean` @@ -968,7 +968,7 @@ to become active. Default value: `$postgresql::params::service_restart_on_change` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` @@ -976,7 +976,7 @@ Overrides the default PostgreSQL service provider. Default value: `$postgresql::params::service_provider` -##### `service_reload` +##### `service_reload` Data type: `String[1]` @@ -984,7 +984,7 @@ Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::params::service_reload` -##### `service_status` +##### `service_status` Data type: `Optional[String[1]]` @@ -992,7 +992,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::params::service_status` -##### `default_database` +##### `default_database` Data type: `String[1]` @@ -1000,7 +1000,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::params::default_database` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Hash` @@ -1009,7 +1009,7 @@ postgresql::server::role. Default value: `$postgresql::globals::default_connect_settings` -##### `listen_addresses` +##### `listen_addresses` Data type: `Optional[Variant[String[1], Array[String[1]]]]` @@ -1017,7 +1017,7 @@ Address list on which the PostgreSQL service will listen Default value: `$postgresql::params::listen_addresses` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -1029,7 +1029,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` -##### `ip_mask_deny_postgres_user` +##### `ip_mask_deny_postgres_user` Data type: `String[1]` @@ -1038,7 +1038,7 @@ Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::params::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` Data type: `String[1]` @@ -1050,7 +1050,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -1058,7 +1058,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::params::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -1066,7 +1066,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::params::ipv6acls` -##### `initdb_path` +##### `initdb_path` Data type: `Stdlib::Absolutepath` @@ -1074,7 +1074,7 @@ Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -1082,7 +1082,7 @@ Specifies the path to the psql command. Default value: `$postgresql::params::psql_path` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Stdlib::Absolutepath` @@ -1090,7 +1090,7 @@ Specifies the path to your pg_hba.conf file. Default value: `$postgresql::params::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Stdlib::Absolutepath` @@ -1098,7 +1098,7 @@ Specifies the path to your pg_ident.conf file. Default value: `$postgresql::params::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Stdlib::Absolutepath` @@ -1106,7 +1106,7 @@ Specifies the path to your postgresql.conf file. Default value: `$postgresql::params::postgresql_conf_path` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` @@ -1114,7 +1114,7 @@ Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_c Default value: `$postgresql::params::postgresql_conf_mode` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Stdlib::Absolutepath` @@ -1122,31 +1122,31 @@ Specifies the path to your recovery.conf file. Default value: `$postgresql::params::recovery_conf_path` -##### `datadir` +##### `datadir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` PostgreSQL data directory Default value: `$postgresql::params::datadir` -##### `xlogdir` +##### `xlogdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` PostgreSQL xlog directory Default value: `$postgresql::params::xlogdir` -##### `logdir` +##### `logdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` PostgreSQL log directory Default value: `$postgresql::params::logdir` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` @@ -1154,7 +1154,7 @@ PostgreSQL log line prefix Default value: `$postgresql::params::log_line_prefix` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Boolean` @@ -1164,7 +1164,7 @@ basic psql operations for example. Default value: `$postgresql::params::pg_hba_conf_defaults` -##### `user` +##### `user` Data type: `String[1]` @@ -1172,7 +1172,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::params::user` -##### `group` +##### `group` Data type: `String[1]` @@ -1180,7 +1180,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::params::group` -##### `needs_initdb` +##### `needs_initdb` Data type: `Boolean` @@ -1188,7 +1188,7 @@ Explicitly calls the initdb operation after server package is installed, and bef Default value: `$postgresql::params::needs_initdb` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1197,7 +1197,7 @@ template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::params::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1206,7 +1206,7 @@ template1 initialization as well, so it becomes a default outside of the module. Default value: `$postgresql::params::locale` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` @@ -1216,7 +1216,7 @@ If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` @@ -1224,7 +1224,7 @@ Set timezone for the PostgreSQL instance Default value: `$postgresql::params::timezone` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Boolean` @@ -1232,7 +1232,7 @@ Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::params::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Boolean` @@ -1240,7 +1240,7 @@ Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::params::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Boolean` @@ -1248,7 +1248,7 @@ Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::params::manage_recovery_conf` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Boolean` @@ -1258,7 +1258,7 @@ postgresql::server::config_entry. Default value: `$postgresql::params::manage_postgresql_conf_perms` -##### `manage_selinux` +##### `manage_selinux` Data type: `Boolean` @@ -1266,15 +1266,15 @@ Specifies whether or not manage the conf file for selinux. Default value: `$postgresql::params::manage_selinux` -##### `module_workdir` +##### `module_workdir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` Working directory for the PostgreSQL module Default value: `$postgresql::params::module_workdir` -##### `manage_datadir` +##### `manage_datadir` Data type: `Boolean` @@ -1282,7 +1282,7 @@ Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::params::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` Data type: `Boolean` @@ -1290,7 +1290,7 @@ Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::params::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Boolean` @@ -1298,7 +1298,7 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::params::manage_xlogdir` -##### `password_encryption` +##### `password_encryption` Data type: `Optional[Postgresql::Pg_password_encryption]` @@ -1306,7 +1306,7 @@ Specify the type of encryption set for the password. Default value: `$postgresql::params::password_encryption` -##### `roles` +##### `roles` Data type: `Hash[String, Hash]` @@ -1314,7 +1314,7 @@ Specifies a hash from which to generate postgresql::server::role resources. Default value: `{}` -##### `config_entries` +##### `config_entries` Data type: `Hash[String, Any]` @@ -1322,7 +1322,7 @@ Specifies a hash from which to generate postgresql::server::config_entry resourc Default value: `{}` -##### `pg_hba_rules` +##### `pg_hba_rules` Data type: `Postgresql::Pg_hba_rules` @@ -1330,7 +1330,7 @@ Specifies a hash from which to generate postgresql::server::pg_hba_rule resource Default value: `{}` -##### `backup_enable` +##### `backup_enable` Data type: `Boolean` @@ -1338,7 +1338,7 @@ Whether a backup job should be enabled. Default value: `$postgresql::params::backup_enable` -##### `backup_options` +##### `backup_options` Data type: `Hash` @@ -1346,7 +1346,7 @@ A hash of options that should be passed through to the backup provider. Default value: `{}` -##### `backup_provider` +##### `backup_provider` Data type: `Enum['pg_dump']` @@ -1354,7 +1354,7 @@ Specifies the backup provider to use. Default value: `$postgresql::params::backup_provider` -##### `extra_systemd_config` +##### `extra_systemd_config` Data type: `Optional[String]` @@ -1362,39 +1362,39 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::params::extra_systemd_config` -##### `auth_host` +##### `auth_host` Data type: `Optional[String[1]]` auth method used by default for host authorization -Default value: `undef` +Default value: ``undef`` -##### `auth_local` +##### `auth_local` Data type: `Optional[String[1]]` auth method used by default for local authorization -Default value: `undef` +Default value: ``undef`` -##### `lc_messages` +##### `lc_messages` Data type: `Optional[String[1]]` locale used for logging and system messages -Default value: `undef` +Default value: ``undef`` -##### `username` +##### `username` Data type: `Optional[String[1]]` username of user running the postgres instance -Default value: `undef` +Default value: ``undef`` -### `postgresql::server::contrib` +### `postgresql::server::contrib` Install the contrib postgresql packaging. @@ -1402,10 +1402,10 @@ Install the contrib postgresql packaging. The following parameters are available in the `postgresql::server::contrib` class: -* [`package_name`](#-postgresql--server--contrib--package_name) -* [`package_ensure`](#-postgresql--server--contrib--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1413,7 +1413,7 @@ The name of the PostgreSQL contrib package. Default value: `$postgresql::params::contrib_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1421,7 +1421,7 @@ Ensure the contrib package is installed. Default value: `'present'` -### `postgresql::server::plperl` +### `postgresql::server::plperl` This class installs the PL/Perl procedural language for postgresql. @@ -1429,10 +1429,10 @@ This class installs the PL/Perl procedural language for postgresql. The following parameters are available in the `postgresql::server::plperl` class: -* [`package_ensure`](#-postgresql--server--plperl--package_ensure) -* [`package_name`](#-postgresql--server--plperl--package_name) +* [`package_ensure`](#package_ensure) +* [`package_name`](#package_name) -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1440,7 +1440,7 @@ The ensure parameter passed on to PostgreSQL PL/Perl package resource. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1448,7 +1448,7 @@ The name of the PostgreSQL PL/Perl package. Default value: `$postgresql::server::plperl_package_name` -### `postgresql::server::plpython` +### `postgresql::server::plpython` This class installs the PL/Python procedural language for postgresql. @@ -1456,10 +1456,10 @@ This class installs the PL/Python procedural language for postgresql. The following parameters are available in the `postgresql::server::plpython` class: -* [`package_ensure`](#-postgresql--server--plpython--package_ensure) -* [`package_name`](#-postgresql--server--plpython--package_name) +* [`package_ensure`](#package_ensure) +* [`package_name`](#package_name) -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1467,7 +1467,7 @@ Specifies whether the package is present. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1475,7 +1475,7 @@ Specifies the name of the postgresql PL/Python package. Default value: `$postgresql::server::plpython_package_name` -### `postgresql::server::postgis` +### `postgresql::server::postgis` Install the postgis postgresql packaging. @@ -1483,10 +1483,10 @@ Install the postgis postgresql packaging. The following parameters are available in the `postgresql::server::postgis` class: -* [`package_name`](#-postgresql--server--postgis--package_name) -* [`package_ensure`](#-postgresql--server--postgis--package_ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -1494,7 +1494,7 @@ Sets the package name. Default value: `$postgresql::params::postgis_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1504,7 +1504,7 @@ Default value: `'present'` ## Defined types -### `postgresql::server::config_entry` +### `postgresql::server::config_entry` Manage a postgresql.conf entry. @@ -1512,12 +1512,12 @@ Manage a postgresql.conf entry. The following parameters are available in the `postgresql::server::config_entry` defined type: -* [`ensure`](#-postgresql--server--config_entry--ensure) -* [`key`](#-postgresql--server--config_entry--key) -* [`value`](#-postgresql--server--config_entry--value) -* [`path`](#-postgresql--server--config_entry--path) +* [`ensure`](#ensure) +* [`key`](#key) +* [`value`](#value) +* [`path`](#path) -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1525,7 +1525,7 @@ Removes an entry if set to 'absent'. Default value: `'present'` -##### `key` +##### `key` Data type: `String[1]` @@ -1533,15 +1533,15 @@ Defines the key/name for the setting. Defaults to $name Default value: `$name` -##### `value` +##### `value` Data type: `Optional[Variant[String[1], Numeric, Array[String[1]]]]` Defines the value for the setting. -Default value: `undef` +Default value: ``undef`` -##### `path` +##### `path` Data type: `Stdlib::Absolutepath` @@ -1549,7 +1549,7 @@ Path for postgresql.conf Default value: `$postgresql::server::postgresql_conf_path` -### `postgresql::server::database` +### `postgresql::server::database` Define for creating a database. @@ -1557,30 +1557,30 @@ Define for creating a database. The following parameters are available in the `postgresql::server::database` defined type: -* [`comment`](#-postgresql--server--database--comment) -* [`dbname`](#-postgresql--server--database--dbname) -* [`owner`](#-postgresql--server--database--owner) -* [`tablespace`](#-postgresql--server--database--tablespace) -* [`template`](#-postgresql--server--database--template) -* [`encoding`](#-postgresql--server--database--encoding) -* [`locale`](#-postgresql--server--database--locale) -* [`istemplate`](#-postgresql--server--database--istemplate) -* [`connect_settings`](#-postgresql--server--database--connect_settings) -* [`psql_path`](#-postgresql--server--database--psql_path) -* [`default_db`](#-postgresql--server--database--default_db) -* [`user`](#-postgresql--server--database--user) -* [`group`](#-postgresql--server--database--group) -* [`port`](#-postgresql--server--database--port) - -##### `comment` +* [`comment`](#comment) +* [`dbname`](#dbname) +* [`owner`](#owner) +* [`tablespace`](#tablespace) +* [`template`](#template) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`istemplate`](#istemplate) +* [`connect_settings`](#connect_settings) +* [`psql_path`](#psql_path) +* [`default_db`](#default_db) +* [`user`](#user) +* [`group`](#group) +* [`port`](#port) + +##### `comment` Data type: `Optional[String[1]]` Sets a comment on the database. -Default value: `undef` +Default value: ``undef`` -##### `dbname` +##### `dbname` Data type: `String[1]` @@ -1588,23 +1588,23 @@ Sets the name of the database. Default value: `$title` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets name of the database owner. -Default value: `undef` +Default value: ``undef`` -##### `tablespace` +##### `tablespace` Data type: `Optional[String[1]]` Sets tablespace for where to create this database. -Default value: `undef` +Default value: ``undef`` -##### `template` +##### `template` Data type: `String[1]` @@ -1612,7 +1612,7 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1620,7 +1620,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1628,15 +1628,15 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `istemplate` +##### `istemplate` Data type: `Boolean` Defines the database as a template if set to true. -Default value: `false` +Default value: ``false`` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -1644,7 +1644,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -1652,7 +1652,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `default_db` +##### `default_db` Data type: `String[1]` @@ -1660,7 +1660,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::server::default_database` -##### `user` +##### `user` Data type: `String[1]` @@ -1668,7 +1668,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -1676,7 +1676,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -1684,7 +1684,7 @@ Specifies the port for the PostgreSQL server to listen on. Default value: `$postgresql::server::port` -### `postgresql::server::database_grant` +### `postgresql::server::database_grant` Manage a database grant. @@ -1692,51 +1692,51 @@ Manage a database grant. The following parameters are available in the `postgresql::server::database_grant` defined type: -* [`privilege`](#-postgresql--server--database_grant--privilege) -* [`db`](#-postgresql--server--database_grant--db) -* [`role`](#-postgresql--server--database_grant--role) -* [`ensure`](#-postgresql--server--database_grant--ensure) -* [`psql_db`](#-postgresql--server--database_grant--psql_db) -* [`psql_user`](#-postgresql--server--database_grant--psql_user) -* [`psql_group`](#-postgresql--server--database_grant--psql_group) -* [`connect_settings`](#-postgresql--server--database_grant--connect_settings) -* [`port`](#-postgresql--server--database_grant--port) +* [`privilege`](#privilege) +* [`db`](#db) +* [`role`](#role) +* [`ensure`](#ensure) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`psql_group`](#psql_group) +* [`connect_settings`](#connect_settings) +* [`port`](#port) -##### `privilege` +##### `privilege` Data type: `Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp']` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. -##### `db` +##### `db` Data type: `String[1]` Specifies the database to which you are granting access. -##### `role` +##### `role` Data type: `String[1]` Specifies the role or user whom you are granting access to. -##### `ensure` +##### `ensure` Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. -Default value: `undef` +Default value: ``undef`` -##### `psql_db` +##### `psql_db` Data type: `Optional[String[1]]` Defines the database to execute the grant against. This should not ordinarily be changed from the default -Default value: `undef` +Default value: ``undef`` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -1744,7 +1744,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -1752,23 +1752,23 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `connect_settings` +##### `connect_settings` Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: `undef` +Default value: ``undef`` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` -### `postgresql::server::db` +### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correct permissions. @@ -1776,44 +1776,44 @@ Define for conveniently creating a role, database and assigning the correct perm The following parameters are available in the `postgresql::server::db` defined type: -* [`user`](#-postgresql--server--db--user) -* [`password`](#-postgresql--server--db--password) -* [`comment`](#-postgresql--server--db--comment) -* [`dbname`](#-postgresql--server--db--dbname) -* [`encoding`](#-postgresql--server--db--encoding) -* [`locale`](#-postgresql--server--db--locale) -* [`grant`](#-postgresql--server--db--grant) -* [`tablespace`](#-postgresql--server--db--tablespace) -* [`template`](#-postgresql--server--db--template) -* [`istemplate`](#-postgresql--server--db--istemplate) -* [`owner`](#-postgresql--server--db--owner) -* [`port`](#-postgresql--server--db--port) -* [`psql_user`](#-postgresql--server--db--psql_user) -* [`psql_group`](#-postgresql--server--db--psql_group) - -##### `user` +* [`user`](#user) +* [`password`](#password) +* [`comment`](#comment) +* [`dbname`](#dbname) +* [`encoding`](#encoding) +* [`locale`](#locale) +* [`grant`](#grant) +* [`tablespace`](#tablespace) +* [`template`](#template) +* [`istemplate`](#istemplate) +* [`owner`](#owner) +* [`port`](#port) +* [`psql_user`](#psql_user) +* [`psql_group`](#psql_group) + +##### `user` Data type: `String[1]` User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. -##### `password` +##### `password` Data type: `Optional[Variant[String, Sensitive[String]]]` Sets the password for the created user (if a user is created). -Default value: `undef` +Default value: ``undef`` -##### `comment` +##### `comment` Data type: `Optional[String[1]]` Defines a comment to be stored about the database using the PostgreSQL COMMENT command. -Default value: `undef` +Default value: ``undef`` -##### `dbname` +##### `dbname` Data type: `String[1]` @@ -1821,7 +1821,7 @@ Sets the name of the database to be created. Default value: `$title` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1829,7 +1829,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1837,7 +1837,7 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `grant` +##### `grant` Data type: `Variant[String[1], Array[String[1]]]` @@ -1845,15 +1845,15 @@ Specifies the permissions to grant during creation. Default value: 'ALL'. Default value: `'ALL'` -##### `tablespace` +##### `tablespace` Data type: `Optional[String[1]]` Defines the name of the tablespace to allocate the created database to. -Default value: `undef` +Default value: ``undef`` -##### `template` +##### `template` Data type: `String[1]` @@ -1861,31 +1861,31 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `istemplate` +##### `istemplate` Data type: `Boolean` Specifies that the database is a template, if set to true. -Default value: `false` +Default value: ``false`` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets a user as the owner of the database. -Default value: `undef` +Default value: ``undef`` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Specifies the port where the PostgreSQL server is listening on. -Default value: `undef` +Default value: ``undef`` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -1893,7 +1893,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -1901,7 +1901,7 @@ Overrides the default PostgreSQL user group to be used for related files in the Default value: `$postgresql::server::group` -### `postgresql::server::default_privileges` +### `postgresql::server::default_privileges` Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. @@ -1909,29 +1909,29 @@ Manage a database defaults privileges. Only works with PostgreSQL version 9.6 an The following parameters are available in the `postgresql::server::default_privileges` defined type: -* [`target_role`](#-postgresql--server--default_privileges--target_role) -* [`ensure`](#-postgresql--server--default_privileges--ensure) -* [`role`](#-postgresql--server--default_privileges--role) -* [`db`](#-postgresql--server--default_privileges--db) -* [`object_type`](#-postgresql--server--default_privileges--object_type) -* [`privilege`](#-postgresql--server--default_privileges--privilege) -* [`schema`](#-postgresql--server--default_privileges--schema) -* [`psql_db`](#-postgresql--server--default_privileges--psql_db) -* [`psql_user`](#-postgresql--server--default_privileges--psql_user) -* [`psql_path`](#-postgresql--server--default_privileges--psql_path) -* [`port`](#-postgresql--server--default_privileges--port) -* [`connect_settings`](#-postgresql--server--default_privileges--connect_settings) -* [`group`](#-postgresql--server--default_privileges--group) - -##### `target_role` +* [`target_role`](#target_role) +* [`ensure`](#ensure) +* [`role`](#role) +* [`db`](#db) +* [`object_type`](#object_type) +* [`privilege`](#privilege) +* [`schema`](#schema) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`psql_path`](#psql_path) +* [`port`](#port) +* [`connect_settings`](#connect_settings) +* [`group`](#group) + +##### `target_role` Data type: `Optional[String]` Target role whose created objects will receive the default privileges. Defaults to the current user. -Default value: `undef` +Default value: ``undef`` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1939,42 +1939,38 @@ Specifies whether to grant or revoke the privilege. Default value: `'present'` -##### `role` +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `object_type` +##### `object_type` -Data type: - -```puppet -Pattern[ +Data type: `Pattern[ /(?i:^FUNCTIONS$)/, /(?i:^ROUTINES$)/, /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, /(?i:^SCHEMAS$)/ - ] -``` + ]` Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. -##### `privilege` +##### `privilege` Data type: `String` Specifies comma-separated list of privileges to grant. Valid options: depends on object type. -##### `schema` +##### `schema` Data type: `String` @@ -1982,7 +1978,7 @@ Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas. Default value: `'public'` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -1990,7 +1986,7 @@ Defines the database to execute the grant against. This should not ordinarily be Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -1998,7 +1994,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::user` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2006,7 +2002,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2014,7 +2010,7 @@ Specifies the port to access the server. Default value: The default user for the Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2022,7 +2018,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `group` +##### `group` Data type: `String` @@ -2030,7 +2026,7 @@ Specifies the user group to which the privileges will be granted. Default value: `$postgresql::server::group` -### `postgresql::server::extension` +### `postgresql::server::extension` Activate an extension on a postgresql database. @@ -2038,27 +2034,27 @@ Activate an extension on a postgresql database. The following parameters are available in the `postgresql::server::extension` defined type: -* [`database`](#-postgresql--server--extension--database) -* [`extension`](#-postgresql--server--extension--extension) -* [`schema`](#-postgresql--server--extension--schema) -* [`version`](#-postgresql--server--extension--version) -* [`ensure`](#-postgresql--server--extension--ensure) -* [`package_name`](#-postgresql--server--extension--package_name) -* [`package_ensure`](#-postgresql--server--extension--package_ensure) -* [`port`](#-postgresql--server--extension--port) -* [`connect_settings`](#-postgresql--server--extension--connect_settings) -* [`database_resource_name`](#-postgresql--server--extension--database_resource_name) -* [`psql_path`](#-postgresql--server--extension--psql_path) -* [`user`](#-postgresql--server--extension--user) -* [`group`](#-postgresql--server--extension--group) - -##### `database` +* [`database`](#database) +* [`extension`](#extension) +* [`schema`](#schema) +* [`version`](#version) +* [`ensure`](#ensure) +* [`package_name`](#package_name) +* [`package_ensure`](#package_ensure) +* [`port`](#port) +* [`connect_settings`](#connect_settings) +* [`database_resource_name`](#database_resource_name) +* [`psql_path`](#psql_path) +* [`user`](#user) +* [`group`](#group) + +##### `database` Data type: `String[1]` Specifies the database on which to activate the extension. -##### `extension` +##### `extension` Data type: `String[1]` @@ -2066,15 +2062,15 @@ Specifies the extension to activate. If left blank, uses the name of the resourc Default value: `$name` -##### `schema` +##### `schema` Data type: `Optional[String[1]]` Specifies the schema on which to activate the extension. -Default value: `undef` +Default value: ``undef`` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -2087,9 +2083,9 @@ eg. If extension is set to postgis and version is set to 2.3.3, this will apply this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. -Default value: `undef` +Default value: ``undef`` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2097,32 +2093,32 @@ Specifies whether to activate or deactivate the extension. Valid options: 'prese Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` Specifies a package to install prior to activating the extension. -Default value: `undef` +Default value: ``undef`` -##### `package_ensure` +##### `package_ensure` Data type: `Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]]` Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. -Default value: `undef` +Default value: ``undef`` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2130,7 +2126,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `postgresql::default('default_connect_settings')` -##### `database_resource_name` +##### `database_resource_name` Data type: `String[1]` @@ -2138,7 +2134,7 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2146,7 +2142,7 @@ Specifies the path to the psql command. Default value: `postgresql::default('psql_path')` -##### `user` +##### `user` Data type: `String[1]` @@ -2154,7 +2150,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `postgresql::default('user')` -##### `group` +##### `group` Data type: `String[1]` @@ -2162,7 +2158,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `postgresql::default('group')` -### `postgresql::server::grant` +### `postgresql::server::grant` Define for granting permissions to roles. @@ -2170,34 +2166,34 @@ Define for granting permissions to roles. The following parameters are available in the `postgresql::server::grant` defined type: -* [`role`](#-postgresql--server--grant--role) -* [`db`](#-postgresql--server--grant--db) -* [`privilege`](#-postgresql--server--grant--privilege) -* [`object_type`](#-postgresql--server--grant--object_type) -* [`object_name`](#-postgresql--server--grant--object_name) -* [`object_arguments`](#-postgresql--server--grant--object_arguments) -* [`psql_db`](#-postgresql--server--grant--psql_db) -* [`psql_user`](#-postgresql--server--grant--psql_user) -* [`port`](#-postgresql--server--grant--port) -* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists) -* [`connect_settings`](#-postgresql--server--grant--connect_settings) -* [`ensure`](#-postgresql--server--grant--ensure) -* [`group`](#-postgresql--server--grant--group) -* [`psql_path`](#-postgresql--server--grant--psql_path) - -##### `role` +* [`role`](#role) +* [`db`](#db) +* [`privilege`](#privilege) +* [`object_type`](#object_type) +* [`object_name`](#object_name) +* [`object_arguments`](#object_arguments) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`onlyif_exists`](#onlyif_exists) +* [`connect_settings`](#connect_settings) +* [`ensure`](#ensure) +* [`group`](#group) +* [`psql_path`](#psql_path) + +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `privilege` +##### `privilege` Data type: `String` @@ -2205,12 +2201,9 @@ Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'obj Default value: `''` -##### `object_type` - -Data type: +##### `object_type` -```puppet -Pattern[#/(?i:^COLUMN$)/, +Data type: `Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, /(?i:^ALL TABLES IN SCHEMA$)/, /(?i:^DATABASE$)/, @@ -2224,24 +2217,23 @@ Pattern[#/(?i:^COLUMN$)/, /(?i:^SCHEMA$)/, /(?i:^SEQUENCE$)/ #/(?i:^VIEW$)/ - ] -``` + ]` Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. Default value: `'database'` -##### `object_name` +##### `object_name` Data type: `Optional[Variant[Array[String,2,2],String[1]]]` Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] -Default value: `undef` +Default value: ``undef`` -##### `object_arguments` +##### `object_arguments` Data type: `Array[String[1],0]` @@ -2249,7 +2241,7 @@ Specifies any arguments to be passed alongisde the access grant. Default value: `[]` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -2257,7 +2249,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -2265,23 +2257,23 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Boolean` Create grant only if doesn't exist -Default value: `false` +Default value: ``false`` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2289,7 +2281,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2297,7 +2289,7 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: `'present'` -##### `group` +##### `group` Data type: `String` @@ -2305,7 +2297,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2313,7 +2305,7 @@ Sets the path to psql command Default value: `$postgresql::server::psql_path` -### `postgresql::server::grant_role` +### `postgresql::server::grant_role` Define for granting membership to a role. @@ -2321,21 +2313,21 @@ Define for granting membership to a role. The following parameters are available in the `postgresql::server::grant_role` defined type: -* [`group`](#-postgresql--server--grant_role--group) -* [`role`](#-postgresql--server--grant_role--role) -* [`ensure`](#-postgresql--server--grant_role--ensure) -* [`psql_db`](#-postgresql--server--grant_role--psql_db) -* [`psql_user`](#-postgresql--server--grant_role--psql_user) -* [`port`](#-postgresql--server--grant_role--port) -* [`connect_settings`](#-postgresql--server--grant_role--connect_settings) +* [`group`](#group) +* [`role`](#role) +* [`ensure`](#ensure) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`connect_settings`](#connect_settings) -##### `group` +##### `group` Data type: `String[1]` Specifies the group role to which you are assigning a role. -##### `role` +##### `role` Data type: `String[1]` @@ -2343,7 +2335,7 @@ Specifies the role you want to assign to a group. If left blank, uses the name o Default value: `$name` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2351,7 +2343,7 @@ Specifies whether to grant or revoke the membership. Valid options: 'present' or Default value: `'present'` -##### `psql_db` +##### `psql_db` Data type: `String[1]` @@ -2359,7 +2351,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -2367,7 +2359,7 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2375,7 +2367,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2383,7 +2375,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::instance::config` +### `postgresql::server::instance::config` Manages the config for a postgresql::server instance @@ -2391,35 +2383,35 @@ Manages the config for a postgresql::server instance The following parameters are available in the `postgresql::server::instance::config` defined type: -* [`ip_mask_deny_postgres_user`](#-postgresql--server--instance--config--ip_mask_deny_postgres_user) -* [`ip_mask_allow_all_users`](#-postgresql--server--instance--config--ip_mask_allow_all_users) -* [`listen_addresses`](#-postgresql--server--instance--config--listen_addresses) -* [`port`](#-postgresql--server--instance--config--port) -* [`ipv4acls`](#-postgresql--server--instance--config--ipv4acls) -* [`ipv6acls`](#-postgresql--server--instance--config--ipv6acls) -* [`pg_hba_conf_path`](#-postgresql--server--instance--config--pg_hba_conf_path) -* [`pg_ident_conf_path`](#-postgresql--server--instance--config--pg_ident_conf_path) -* [`postgresql_conf_path`](#-postgresql--server--instance--config--postgresql_conf_path) -* [`postgresql_conf_mode`](#-postgresql--server--instance--config--postgresql_conf_mode) -* [`recovery_conf_path`](#-postgresql--server--instance--config--recovery_conf_path) -* [`pg_hba_conf_defaults`](#-postgresql--server--instance--config--pg_hba_conf_defaults) -* [`user`](#-postgresql--server--instance--config--user) -* [`group`](#-postgresql--server--instance--config--group) -* [`version`](#-postgresql--server--instance--config--version) -* [`manage_pg_hba_conf`](#-postgresql--server--instance--config--manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#-postgresql--server--instance--config--manage_pg_ident_conf) -* [`manage_recovery_conf`](#-postgresql--server--instance--config--manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#-postgresql--server--instance--config--manage_postgresql_conf_perms) -* [`datadir`](#-postgresql--server--instance--config--datadir) -* [`logdir`](#-postgresql--server--instance--config--logdir) -* [`service_name`](#-postgresql--server--instance--config--service_name) -* [`service_enable`](#-postgresql--server--instance--config--service_enable) -* [`log_line_prefix`](#-postgresql--server--instance--config--log_line_prefix) -* [`timezone`](#-postgresql--server--instance--config--timezone) -* [`password_encryption`](#-postgresql--server--instance--config--password_encryption) -* [`extra_systemd_config`](#-postgresql--server--instance--config--extra_systemd_config) - -##### `ip_mask_deny_postgres_user` +* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) +* [`listen_addresses`](#listen_addresses) +* [`port`](#port) +* [`ipv4acls`](#ipv4acls) +* [`ipv6acls`](#ipv6acls) +* [`pg_hba_conf_path`](#pg_hba_conf_path) +* [`pg_ident_conf_path`](#pg_ident_conf_path) +* [`postgresql_conf_path`](#postgresql_conf_path) +* [`postgresql_conf_mode`](#postgresql_conf_mode) +* [`recovery_conf_path`](#recovery_conf_path) +* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) +* [`user`](#user) +* [`group`](#group) +* [`version`](#version) +* [`manage_pg_hba_conf`](#manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#manage_pg_ident_conf) +* [`manage_recovery_conf`](#manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) +* [`datadir`](#datadir) +* [`logdir`](#logdir) +* [`service_name`](#service_name) +* [`service_enable`](#service_enable) +* [`log_line_prefix`](#log_line_prefix) +* [`timezone`](#timezone) +* [`password_encryption`](#password_encryption) +* [`extra_systemd_config`](#extra_systemd_config) + +##### `ip_mask_deny_postgres_user` Data type: `String[1]` @@ -2428,7 +2420,7 @@ Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::server::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` Data type: `String[1]` @@ -2440,7 +2432,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::server::ip_mask_allow_all_users` -##### `listen_addresses` +##### `listen_addresses` Data type: `Optional[Variant[String[1], Array[String[1]]]]` @@ -2448,7 +2440,7 @@ Address list on which the PostgreSQL service will listen Default value: `$postgresql::server::listen_addresses` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2459,7 +2451,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -2467,7 +2459,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::server::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -2475,7 +2467,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::server::ipv6acls` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Stdlib::Absolutepath` @@ -2483,7 +2475,7 @@ Specifies the path to your pg_hba.conf file. Default value: `$postgresql::server::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Stdlib::Absolutepath` @@ -2491,7 +2483,7 @@ Specifies the path to your pg_ident.conf file. Default value: `$postgresql::server::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Stdlib::Absolutepath` @@ -2499,7 +2491,7 @@ Specifies the path to your postgresql.conf file. Default value: `$postgresql::server::postgresql_conf_path` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` @@ -2507,7 +2499,7 @@ Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_c Default value: `$postgresql::server::postgresql_conf_mode` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Stdlib::Absolutepath` @@ -2515,7 +2507,7 @@ Specifies the path to your recovery.conf file. Default value: `$postgresql::server::recovery_conf_path` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Boolean` @@ -2525,7 +2517,7 @@ basic psql operations for example. Default value: `$postgresql::server::pg_hba_conf_defaults` -##### `user` +##### `user` Data type: `String[1]` @@ -2533,7 +2525,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2541,7 +2533,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -2549,7 +2541,7 @@ Sets PostgreSQL version Default value: `$postgresql::server::_version` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Boolean` @@ -2557,7 +2549,7 @@ Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::server::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Boolean` @@ -2565,7 +2557,7 @@ Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::server::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Boolean` @@ -2573,7 +2565,7 @@ Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::server::manage_recovery_conf` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Boolean` @@ -2583,23 +2575,23 @@ postgresql::server::config_entry. Default value: `$postgresql::server::manage_postgresql_conf_perms` -##### `datadir` +##### `datadir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` PostgreSQL data directory Default value: `$postgresql::server::datadir` -##### `logdir` +##### `logdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` PostgreSQL log directory Default value: `$postgresql::server::logdir` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -2607,7 +2599,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::server::service_name` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -2615,7 +2607,7 @@ Enable the PostgreSQL service Default value: `$postgresql::server::service_enable` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` @@ -2623,7 +2615,7 @@ PostgreSQL log line prefix Default value: `$postgresql::server::log_line_prefix` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` @@ -2631,7 +2623,7 @@ Set timezone for the PostgreSQL instance Default value: `$postgresql::server::timezone` -##### `password_encryption` +##### `password_encryption` Data type: `Optional[Postgresql::Pg_password_encryption]` @@ -2639,7 +2631,7 @@ Specify the type of encryption set for the password. Default value: `$postgresql::server::password_encryption` -##### `extra_systemd_config` +##### `extra_systemd_config` Data type: `Optional[String]` @@ -2647,7 +2639,7 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::server::extra_systemd_config` -### `postgresql::server::instance::initdb` +### `postgresql::server::instance::initdb` Manages initdb feature for a postgresql::server instance @@ -2655,26 +2647,26 @@ Manages initdb feature for a postgresql::server instance The following parameters are available in the `postgresql::server::instance::initdb` defined type: -* [`auth_host`](#-postgresql--server--instance--initdb--auth_host) -* [`auth_local`](#-postgresql--server--instance--initdb--auth_local) -* [`data_checksums`](#-postgresql--server--instance--initdb--data_checksums) -* [`datadir`](#-postgresql--server--instance--initdb--datadir) -* [`encoding`](#-postgresql--server--instance--initdb--encoding) -* [`group`](#-postgresql--server--instance--initdb--group) -* [`initdb_path`](#-postgresql--server--instance--initdb--initdb_path) -* [`lc_messages`](#-postgresql--server--instance--initdb--lc_messages) -* [`locale`](#-postgresql--server--instance--initdb--locale) -* [`logdir`](#-postgresql--server--instance--initdb--logdir) -* [`manage_datadir`](#-postgresql--server--instance--initdb--manage_datadir) -* [`manage_logdir`](#-postgresql--server--instance--initdb--manage_logdir) -* [`manage_xlogdir`](#-postgresql--server--instance--initdb--manage_xlogdir) -* [`module_workdir`](#-postgresql--server--instance--initdb--module_workdir) -* [`needs_initdb`](#-postgresql--server--instance--initdb--needs_initdb) -* [`user`](#-postgresql--server--instance--initdb--user) -* [`username`](#-postgresql--server--instance--initdb--username) -* [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) - -##### `auth_host` +* [`auth_host`](#auth_host) +* [`auth_local`](#auth_local) +* [`data_checksums`](#data_checksums) +* [`datadir`](#datadir) +* [`encoding`](#encoding) +* [`group`](#group) +* [`initdb_path`](#initdb_path) +* [`lc_messages`](#lc_messages) +* [`locale`](#locale) +* [`logdir`](#logdir) +* [`manage_datadir`](#manage_datadir) +* [`manage_logdir`](#manage_logdir) +* [`manage_xlogdir`](#manage_xlogdir) +* [`module_workdir`](#module_workdir) +* [`needs_initdb`](#needs_initdb) +* [`user`](#user) +* [`username`](#username) +* [`xlogdir`](#xlogdir) + +##### `auth_host` Data type: `Optional[String[1]]` @@ -2682,7 +2674,7 @@ auth method used by default for host authorization Default value: `$postgresql::server::auth_host` -##### `auth_local` +##### `auth_local` Data type: `Optional[String[1]]` @@ -2690,7 +2682,7 @@ auth method used by default for local authorization Default value: `$postgresql::server::auth_local` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` @@ -2698,15 +2690,15 @@ Boolean. Use checksums on data pages to help detect corruption by the I/O system Default value: `$postgresql::server::data_checksums` -##### `datadir` +##### `datadir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` PostgreSQL data directory Default value: `$postgresql::server::datadir` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -2716,7 +2708,7 @@ so it becomes a default outside of the module as well. Default value: `$postgresql::server::encoding` -##### `group` +##### `group` Data type: `String[1]` @@ -2724,7 +2716,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `initdb_path` +##### `initdb_path` Data type: `Stdlib::Absolutepath` @@ -2732,7 +2724,7 @@ Specifies the path to the initdb command. Default value: `$postgresql::server::initdb_path` -##### `lc_messages` +##### `lc_messages` Data type: `Optional[String[1]]` @@ -2740,7 +2732,7 @@ locale used for logging and system messages Default value: `$postgresql::server::lc_messages` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -2751,15 +2743,15 @@ If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::server::locale` -##### `logdir` +##### `logdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` PostgreSQL log directory Default value: `$postgresql::server::logdir` -##### `manage_datadir` +##### `manage_datadir` Data type: `Boolean` @@ -2767,7 +2759,7 @@ Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::server::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` Data type: `Boolean` @@ -2775,7 +2767,7 @@ Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::server::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Boolean` @@ -2783,15 +2775,15 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::server::manage_xlogdir` -##### `module_workdir` +##### `module_workdir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -##### `needs_initdb` +##### `needs_initdb` Data type: `Boolean` @@ -2800,7 +2792,7 @@ and before the PostgreSQL service is started. Default value: `$postgresql::server::needs_initdb` -##### `user` +##### `user` Data type: `String[1]` @@ -2808,7 +2800,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `username` +##### `username` Data type: `Optional[String[1]]` @@ -2816,15 +2808,15 @@ username of user running the postgres instance Default value: `$postgresql::server::username` -##### `xlogdir` +##### `xlogdir` -Data type: `Optional[String[1]]` +Data type: `Optional[Stdlib::Absolutepath]` PostgreSQL xlog/WAL directory Default value: `$postgresql::server::xlogdir` -### `postgresql::server::instance::late_initdb` +### `postgresql::server::instance::late_initdb` Manage the default encoding when database initialization is managed by the package @@ -2832,14 +2824,14 @@ Manage the default encoding when database initialization is managed by the packa The following parameters are available in the `postgresql::server::instance::late_initdb` defined type: -* [`encoding`](#-postgresql--server--instance--late_initdb--encoding) -* [`user`](#-postgresql--server--instance--late_initdb--user) -* [`group`](#-postgresql--server--instance--late_initdb--group) -* [`psql_path`](#-postgresql--server--instance--late_initdb--psql_path) -* [`port`](#-postgresql--server--instance--late_initdb--port) -* [`module_workdir`](#-postgresql--server--instance--late_initdb--module_workdir) +* [`encoding`](#encoding) +* [`user`](#user) +* [`group`](#group) +* [`psql_path`](#psql_path) +* [`port`](#port) +* [`module_workdir`](#module_workdir) -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -2848,7 +2840,7 @@ template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::server::encoding` -##### `user` +##### `user` Data type: `String[1]` @@ -2856,7 +2848,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2864,7 +2856,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2872,7 +2864,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2882,15 +2874,15 @@ changing the port causes the server to come to a full stop before being able to Default value: `$postgresql::server::port` -##### `module_workdir` +##### `module_workdir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -### `postgresql::server::instance::passwd` +### `postgresql::server::instance::passwd` Overrides the default PostgreSQL superuser @@ -2898,15 +2890,15 @@ Overrides the default PostgreSQL superuser The following parameters are available in the `postgresql::server::instance::passwd` defined type: -* [`user`](#-postgresql--server--instance--passwd--user) -* [`group`](#-postgresql--server--instance--passwd--group) -* [`psql_path`](#-postgresql--server--instance--passwd--psql_path) -* [`port`](#-postgresql--server--instance--passwd--port) -* [`database`](#-postgresql--server--instance--passwd--database) -* [`module_workdir`](#-postgresql--server--instance--passwd--module_workdir) -* [`postgres_password`](#-postgresql--server--instance--passwd--postgres_password) +* [`user`](#user) +* [`group`](#group) +* [`psql_path`](#psql_path) +* [`port`](#port) +* [`database`](#database) +* [`module_workdir`](#module_workdir) +* [`postgres_password`](#postgres_password) -##### `user` +##### `user` Data type: `String[1]` @@ -2914,7 +2906,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2923,7 +2915,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2931,7 +2923,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2941,7 +2933,7 @@ changing the port causes the server to come to a full stop before being able to Default value: `$postgresql::server::port` -##### `database` +##### `database` Data type: `String[1]` @@ -2949,15 +2941,15 @@ Specifies the name of the database to connect with. On most systems this is 'pos Default value: `$postgresql::server::default_database` -##### `module_workdir` +##### `module_workdir` -Data type: `String[1]` +Data type: `Stdlib::Absolutepath` Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -##### `postgres_password` +##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` @@ -2966,7 +2958,7 @@ database, with a user called postgres and no password. Default value: `$postgresql::server::postgres_password` -### `postgresql::server::instance::reload` +### `postgresql::server::instance::reload` Overrides the default reload or status command for your PostgreSQL service @@ -2974,10 +2966,10 @@ Overrides the default reload or status command for your PostgreSQL service The following parameters are available in the `postgresql::server::instance::reload` defined type: -* [`service_reload`](#-postgresql--server--instance--reload--service_reload) -* [`service_status`](#-postgresql--server--instance--reload--service_status) +* [`service_reload`](#service_reload) +* [`service_status`](#service_status) -##### `service_reload` +##### `service_reload` Data type: `String[1]` @@ -2985,7 +2977,7 @@ Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::server::service_reload` -##### `service_status` +##### `service_status` Data type: `String[1]` @@ -2993,7 +2985,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::server::service_status` -### `postgresql::server::instance::service` +### `postgresql::server::instance::service` Manages the service for the postgres main instance (default) or additional instances @@ -3001,19 +2993,19 @@ Manages the service for the postgres main instance (default) or additional insta The following parameters are available in the `postgresql::server::instance::service` defined type: -* [`service_ensure`](#-postgresql--server--instance--service--service_ensure) -* [`service_enable`](#-postgresql--server--instance--service--service_enable) -* [`service_manage`](#-postgresql--server--instance--service--service_manage) -* [`service_name`](#-postgresql--server--instance--service--service_name) -* [`service_provider`](#-postgresql--server--instance--service--service_provider) -* [`service_status`](#-postgresql--server--instance--service--service_status) -* [`user`](#-postgresql--server--instance--service--user) -* [`port`](#-postgresql--server--instance--service--port) -* [`default_database`](#-postgresql--server--instance--service--default_database) -* [`psql_path`](#-postgresql--server--instance--service--psql_path) -* [`connect_settings`](#-postgresql--server--instance--service--connect_settings) +* [`service_ensure`](#service_ensure) +* [`service_enable`](#service_enable) +* [`service_manage`](#service_manage) +* [`service_name`](#service_name) +* [`service_provider`](#service_provider) +* [`service_status`](#service_status) +* [`user`](#user) +* [`port`](#port) +* [`default_database`](#default_database) +* [`psql_path`](#psql_path) +* [`connect_settings`](#connect_settings) -##### `service_ensure` +##### `service_ensure` Data type: `Variant[Enum['running', 'stopped'], Boolean]` @@ -3021,7 +3013,7 @@ Ensure service is installed Default value: `$postgresql::server::service_ensure` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -3029,7 +3021,7 @@ Enable the PostgreSQL service Default value: `$postgresql::server::service_enable` -##### `service_manage` +##### `service_manage` Data type: `Boolean` @@ -3037,7 +3029,7 @@ Defines whether or not Puppet should manage the service. Default value: `$postgresql::server::service_manage` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -3045,7 +3037,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::server::service_name` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` @@ -3053,7 +3045,7 @@ Overrides the default PostgreSQL service provider. Default value: `$postgresql::server::service_provider` -##### `service_status` +##### `service_status` Data type: `String[1]` @@ -3061,7 +3053,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::server::service_status` -##### `user` +##### `user` Data type: `String[1]` @@ -3069,7 +3061,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -3080,7 +3072,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` -##### `default_database` +##### `default_database` Data type: `String[1]` @@ -3088,7 +3080,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::server::default_database` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -3096,7 +3088,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3105,7 +3097,7 @@ such as postgresql::server::role. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::pg_hba_rule` +### `postgresql::server::pg_hba_rule` This resource manages an individual rule that applies to the file defined in target. @@ -3113,43 +3105,43 @@ This resource manages an individual rule that applies to the file defined in tar The following parameters are available in the `postgresql::server::pg_hba_rule` defined type: -* [`type`](#-postgresql--server--pg_hba_rule--type) -* [`database`](#-postgresql--server--pg_hba_rule--database) -* [`user`](#-postgresql--server--pg_hba_rule--user) -* [`auth_method`](#-postgresql--server--pg_hba_rule--auth_method) -* [`address`](#-postgresql--server--pg_hba_rule--address) -* [`description`](#-postgresql--server--pg_hba_rule--description) -* [`auth_option`](#-postgresql--server--pg_hba_rule--auth_option) -* [`order`](#-postgresql--server--pg_hba_rule--order) -* [`target`](#-postgresql--server--pg_hba_rule--target) -* [`postgresql_version`](#-postgresql--server--pg_hba_rule--postgresql_version) +* [`type`](#type) +* [`database`](#database) +* [`user`](#user) +* [`auth_method`](#auth_method) +* [`address`](#address) +* [`description`](#description) +* [`auth_option`](#auth_option) +* [`order`](#order) +* [`target`](#target) +* [`postgresql_version`](#postgresql_version) -##### `type` +##### `type` Data type: `Postgresql::Pg_hba_rule_type` Sets the type of rule. -##### `database` +##### `database` Data type: `String[1]` Sets a comma-separated list of databases that this rule matches. -##### `user` +##### `user` Data type: `String[1]` Sets a comma-separated list of users that this rule matches. -##### `auth_method` +##### `auth_method` Data type: `String[1]` Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -##### `address` +##### `address` Data type: `Optional[Postgresql::Pg_hba_rule_address]` @@ -3157,9 +3149,9 @@ Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Default value: `undef` +Default value: ``undef`` -##### `description` +##### `description` Data type: `String[1]` @@ -3168,16 +3160,16 @@ Default value: 'none'. Default value: `'none'` -##### `auth_option` +##### `auth_option` Data type: `Optional[String]` For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. -Default value: `undef` +Default value: ``undef`` -##### `order` +##### `order` Data type: `Variant[String, Integer]` @@ -3188,7 +3180,7 @@ Default value: 150. Default value: `150` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3196,7 +3188,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::pg_hba_conf_path` -##### `postgresql_version` +##### `postgresql_version` Data type: `String` @@ -3204,7 +3196,7 @@ Manages pg_hba.conf without managing the entire PostgreSQL instance. Default value: `$postgresql::server::_version` -### `postgresql::server::pg_ident_rule` +### `postgresql::server::pg_ident_rule` This resource manages an individual rule that applies to the file defined in target. @@ -3212,33 +3204,33 @@ This resource manages an individual rule that applies to the file defined in tar The following parameters are available in the `postgresql::server::pg_ident_rule` defined type: -* [`map_name`](#-postgresql--server--pg_ident_rule--map_name) -* [`system_username`](#-postgresql--server--pg_ident_rule--system_username) -* [`database_username`](#-postgresql--server--pg_ident_rule--database_username) -* [`description`](#-postgresql--server--pg_ident_rule--description) -* [`order`](#-postgresql--server--pg_ident_rule--order) -* [`target`](#-postgresql--server--pg_ident_rule--target) +* [`map_name`](#map_name) +* [`system_username`](#system_username) +* [`database_username`](#database_username) +* [`description`](#description) +* [`order`](#order) +* [`target`](#target) -##### `map_name` +##### `map_name` Data type: `String[1]` Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. -##### `system_username` +##### `system_username` Data type: `String[1]` Specifies the operating system user name (the user name used to connect to the database). -##### `database_username` +##### `database_username` Data type: `String[1]` Specifies the user name of the database user. The system_username is mapped to this user name. -##### `description` +##### `description` Data type: `String[1]` @@ -3247,7 +3239,7 @@ This description is placed in the comments above the rule in pg_ident.conf. Default value: `'none'` -##### `order` +##### `order` Data type: `String[1]` @@ -3255,7 +3247,7 @@ Defines an order for placing the mapping in pg_ident.conf. Default value: 150. Default value: `'150'` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3263,7 +3255,7 @@ Provides the target for the rule and is generally an internal only property. Use Default value: `$postgresql::server::pg_ident_conf_path` -### `postgresql::server::reassign_owned_by` +### `postgresql::server::reassign_owned_by` Define for reassigning the ownership of objects within a database. @@ -3273,32 +3265,32 @@ Define for reassigning the ownership of objects within a database. The following parameters are available in the `postgresql::server::reassign_owned_by` defined type: -* [`old_role`](#-postgresql--server--reassign_owned_by--old_role) -* [`new_role`](#-postgresql--server--reassign_owned_by--new_role) -* [`db`](#-postgresql--server--reassign_owned_by--db) -* [`psql_user`](#-postgresql--server--reassign_owned_by--psql_user) -* [`port`](#-postgresql--server--reassign_owned_by--port) -* [`connect_settings`](#-postgresql--server--reassign_owned_by--connect_settings) +* [`old_role`](#old_role) +* [`new_role`](#new_role) +* [`db`](#db) +* [`psql_user`](#psql_user) +* [`port`](#port) +* [`connect_settings`](#connect_settings) -##### `old_role` +##### `old_role` Data type: `String` Specifies the role or user who is the current owner of the objects in the specified db -##### `new_role` +##### `new_role` Data type: `String` Specifies the role or user who will be the new owner of these objects -##### `db` +##### `db` Data type: `String` Specifies the database to which the 'REASSIGN OWNED' will be applied -##### `psql_user` +##### `psql_user` Data type: `String` @@ -3306,7 +3298,7 @@ Specifies the OS user for running psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -3314,7 +3306,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3322,7 +3314,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::recovery` +### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -3337,145 +3329,145 @@ manage_recovery_conf is set to true. The following parameters are available in the `postgresql::server::recovery` defined type: -* [`restore_command`](#-postgresql--server--recovery--restore_command) -* [`archive_cleanup_command`](#-postgresql--server--recovery--archive_cleanup_command) -* [`recovery_end_command`](#-postgresql--server--recovery--recovery_end_command) -* [`recovery_target_name`](#-postgresql--server--recovery--recovery_target_name) -* [`recovery_target_time`](#-postgresql--server--recovery--recovery_target_time) -* [`recovery_target_xid`](#-postgresql--server--recovery--recovery_target_xid) -* [`recovery_target_inclusive`](#-postgresql--server--recovery--recovery_target_inclusive) -* [`recovery_target`](#-postgresql--server--recovery--recovery_target) -* [`recovery_target_timeline`](#-postgresql--server--recovery--recovery_target_timeline) -* [`pause_at_recovery_target`](#-postgresql--server--recovery--pause_at_recovery_target) -* [`standby_mode`](#-postgresql--server--recovery--standby_mode) -* [`primary_conninfo`](#-postgresql--server--recovery--primary_conninfo) -* [`primary_slot_name`](#-postgresql--server--recovery--primary_slot_name) -* [`trigger_file`](#-postgresql--server--recovery--trigger_file) -* [`recovery_min_apply_delay`](#-postgresql--server--recovery--recovery_min_apply_delay) -* [`target`](#-postgresql--server--recovery--target) - -##### `restore_command` +* [`restore_command`](#restore_command) +* [`archive_cleanup_command`](#archive_cleanup_command) +* [`recovery_end_command`](#recovery_end_command) +* [`recovery_target_name`](#recovery_target_name) +* [`recovery_target_time`](#recovery_target_time) +* [`recovery_target_xid`](#recovery_target_xid) +* [`recovery_target_inclusive`](#recovery_target_inclusive) +* [`recovery_target`](#recovery_target) +* [`recovery_target_timeline`](#recovery_target_timeline) +* [`pause_at_recovery_target`](#pause_at_recovery_target) +* [`standby_mode`](#standby_mode) +* [`primary_conninfo`](#primary_conninfo) +* [`primary_slot_name`](#primary_slot_name) +* [`trigger_file`](#trigger_file) +* [`recovery_min_apply_delay`](#recovery_min_apply_delay) +* [`target`](#target) + +##### `restore_command` Data type: `Optional[String]` The shell command to execute to retrieve an archived segment of the WAL file series. -Default value: `undef` +Default value: ``undef`` -##### `archive_cleanup_command` +##### `archive_cleanup_command` Data type: `Optional[String[1]]` This optional parameter specifies a shell command that will be executed at every restartpoint. -Default value: `undef` +Default value: ``undef`` -##### `recovery_end_command` +##### `recovery_end_command` Data type: `Optional[String[1]]` This parameter specifies a shell command that will be executed once only at the end of recovery. -Default value: `undef` +Default value: ``undef`` -##### `recovery_target_name` +##### `recovery_target_name` Data type: `Optional[String[1]]` This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` -##### `recovery_target_time` +##### `recovery_target_time` Data type: `Optional[String[1]]` This parameter specifies the time stamp up to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` -##### `recovery_target_xid` +##### `recovery_target_xid` Data type: `Optional[String[1]]` This parameter specifies the transaction ID up to which recovery will proceed. -Default value: `undef` +Default value: ``undef`` -##### `recovery_target_inclusive` +##### `recovery_target_inclusive` Data type: `Optional[Boolean]` Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). -Default value: `undef` +Default value: ``undef`` -##### `recovery_target` +##### `recovery_target` Data type: `Optional[String[1]]` This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. -Default value: `undef` +Default value: ``undef`` -##### `recovery_target_timeline` +##### `recovery_target_timeline` Data type: `Optional[String[1]]` Specifies recovering into a particular timeline. -Default value: `undef` +Default value: ``undef`` -##### `pause_at_recovery_target` +##### `pause_at_recovery_target` Data type: `Optional[Boolean]` Specifies whether recovery should pause when the recovery target is reached. -Default value: `undef` +Default value: ``undef`` -##### `standby_mode` +##### `standby_mode` Data type: `Optional[String[1]]` Specifies whether to start the PostgreSQL server as a standby. -Default value: `undef` +Default value: ``undef`` -##### `primary_conninfo` +##### `primary_conninfo` Data type: `Optional[String[1]]` Specifies a connection string to be used for the standby server to connect with the primary. -Default value: `undef` +Default value: ``undef`` -##### `primary_slot_name` +##### `primary_slot_name` Data type: `Optional[String[1]]` Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. -Default value: `undef` +Default value: ``undef`` -##### `trigger_file` +##### `trigger_file` Data type: `Optional[String[1]]` Specifies a trigger file whose presence ends recovery in the standby. -Default value: `undef` +Default value: ``undef`` -##### `recovery_min_apply_delay` +##### `recovery_min_apply_delay` Data type: `Optional[Integer]` This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. -Default value: `undef` +Default value: ``undef`` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3483,7 +3475,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::recovery_conf_path` -### `postgresql::server::role` +### `postgresql::server::role` Define for creating a database role. @@ -3491,60 +3483,60 @@ Define for creating a database role. The following parameters are available in the `postgresql::server::role` defined type: -* [`update_password`](#-postgresql--server--role--update_password) -* [`password_hash`](#-postgresql--server--role--password_hash) -* [`createdb`](#-postgresql--server--role--createdb) -* [`createrole`](#-postgresql--server--role--createrole) -* [`db`](#-postgresql--server--role--db) -* [`port`](#-postgresql--server--role--port) -* [`login`](#-postgresql--server--role--login) -* [`inherit`](#-postgresql--server--role--inherit) -* [`superuser`](#-postgresql--server--role--superuser) -* [`replication`](#-postgresql--server--role--replication) -* [`connection_limit`](#-postgresql--server--role--connection_limit) -* [`username`](#-postgresql--server--role--username) -* [`connect_settings`](#-postgresql--server--role--connect_settings) -* [`ensure`](#-postgresql--server--role--ensure) -* [`psql_user`](#-postgresql--server--role--psql_user) -* [`psql_group`](#-postgresql--server--role--psql_group) -* [`psql_path`](#-postgresql--server--role--psql_path) -* [`module_workdir`](#-postgresql--server--role--module_workdir) -* [`hash`](#-postgresql--server--role--hash) -* [`salt`](#-postgresql--server--role--salt) - -##### `update_password` +* [`update_password`](#update_password) +* [`password_hash`](#password_hash) +* [`createdb`](#createdb) +* [`createrole`](#createrole) +* [`db`](#db) +* [`port`](#port) +* [`login`](#login) +* [`inherit`](#inherit) +* [`superuser`](#superuser) +* [`replication`](#replication) +* [`connection_limit`](#connection_limit) +* [`username`](#username) +* [`connect_settings`](#connect_settings) +* [`ensure`](#ensure) +* [`psql_user`](#psql_user) +* [`psql_group`](#psql_group) +* [`psql_path`](#psql_path) +* [`module_workdir`](#module_workdir) +* [`hash`](#hash) +* [`salt`](#salt) + +##### `update_password` Data type: `Boolean` If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. -Default value: `true` +Default value: ``true`` -##### `password_hash` +##### `password_hash` Data type: `Variant[Boolean, String, Sensitive[String]]` Sets the hash to use during password creation. -Default value: `false` +Default value: ``false`` -##### `createdb` +##### `createdb` Data type: `Boolean` Specifies whether to grant the ability to create new databases with this role. -Default value: `false` +Default value: ``false`` -##### `createrole` +##### `createrole` Data type: `Boolean` Specifies whether to grant the ability to create new roles with this role. -Default value: `false` +Default value: ``false`` -##### `db` +##### `db` Data type: `String[1]` @@ -3552,47 +3544,47 @@ Database used to connect to. Default value: `$postgresql::server::default_database` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` -##### `login` +##### `login` Data type: `Boolean` Specifies whether to grant login capability for the new role. -Default value: `true` +Default value: ``true`` -##### `inherit` +##### `inherit` Data type: `Boolean` Specifies whether to grant inherit capability for the new role. -Default value: `true` +Default value: ``true`` -##### `superuser` +##### `superuser` Data type: `Boolean` Specifies whether to grant super user capability for the new role. -Default value: `false` +Default value: ``false`` -##### `replication` +##### `replication` Data type: `Boolean` Provides provides replication capabilities for this role if set to true. -Default value: `false` +Default value: ``false`` -##### `connection_limit` +##### `connection_limit` Data type: `String[1]` @@ -3600,7 +3592,7 @@ Specifies how many concurrent connections the role can make. Default value: '-1' Default value: `'-1'` -##### `username` +##### `username` Data type: `String[1]` @@ -3608,7 +3600,7 @@ Defines the username of the role to create. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3616,7 +3608,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -3624,7 +3616,7 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: `'present'` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -3632,7 +3624,7 @@ Sets the OS user to run psql Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -3640,7 +3632,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -3648,7 +3640,7 @@ Sets path to psql command Default value: `$postgresql::server::psql_path` -##### `module_workdir` +##### `module_workdir` Data type: `String[1]` @@ -3657,23 +3649,23 @@ May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` -##### `hash` +##### `hash` Data type: `Optional[Enum['md5', 'scram-sha-256']]` Specify the hash method for pg password -Default value: `undef` +Default value: ``undef`` -##### `salt` +##### `salt` Data type: `Optional[Variant[String[1], Integer]]` Specify the salt use for the scram-sha-256 encoding password (default username) -Default value: `undef` +Default value: ``undef`` -### `postgresql::server::schema` +### `postgresql::server::schema` Create a new schema. @@ -3693,12 +3685,12 @@ postgresql::server::schema {'private': The following parameters are available in the `postgresql::server::schema` defined type: -* [`db`](#-postgresql--server--schema--db) -* [`owner`](#-postgresql--server--schema--owner) -* [`schema`](#-postgresql--server--schema--schema) -* [`connect_settings`](#-postgresql--server--schema--connect_settings) +* [`db`](#db) +* [`owner`](#owner) +* [`schema`](#schema) +* [`connect_settings`](#connect_settings) -##### `db` +##### `db` Data type: `String[1]` @@ -3706,15 +3698,15 @@ Required. Sets the name of the database in which to create this schema. Default value: `$postgresql::server::default_database` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets the default owner of the schema. -Default value: `undef` +Default value: ``undef`` -##### `schema` +##### `schema` Data type: `String[1]` @@ -3722,7 +3714,7 @@ Sets the name of the schema. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3730,7 +3722,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::table_grant` +### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -3738,96 +3730,92 @@ This resource wraps the grant resource to manage table grants specifically. The following parameters are available in the `postgresql::server::table_grant` defined type: -* [`privilege`](#-postgresql--server--table_grant--privilege) -* [`table`](#-postgresql--server--table_grant--table) -* [`db`](#-postgresql--server--table_grant--db) -* [`role`](#-postgresql--server--table_grant--role) -* [`ensure`](#-postgresql--server--table_grant--ensure) -* [`port`](#-postgresql--server--table_grant--port) -* [`psql_db`](#-postgresql--server--table_grant--psql_db) -* [`psql_user`](#-postgresql--server--table_grant--psql_user) -* [`connect_settings`](#-postgresql--server--table_grant--connect_settings) -* [`onlyif_exists`](#-postgresql--server--table_grant--onlyif_exists) +* [`privilege`](#privilege) +* [`table`](#table) +* [`db`](#db) +* [`role`](#role) +* [`ensure`](#ensure) +* [`port`](#port) +* [`psql_db`](#psql_db) +* [`psql_user`](#psql_user) +* [`connect_settings`](#connect_settings) +* [`onlyif_exists`](#onlyif_exists) -##### `privilege` +##### `privilege` -Data type: - -```puppet -Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', - 'truncate', 'references', 'trigger'] -``` +Data type: `Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', + 'truncate', 'references', 'trigger']` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. -##### `table` +##### `table` Data type: `String[1]` Specifies the table to which you are granting access. -##### `db` +##### `db` Data type: `String[1]` Specifies which database the table is in. -##### `role` +##### `role` Data type: `String[1]` Specifies the role or user to whom you are granting access. -##### `ensure` +##### `ensure` Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Default is to grant the privilege. -Default value: `undef` +Default value: ``undef`` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: `undef` +Default value: ``undef`` -##### `psql_db` +##### `psql_db` Data type: `Optional[String[1]]` Specifies the database to execute the grant against. This should not ordinarily be changed from the default. -Default value: `undef` +Default value: ``undef`` -##### `psql_user` +##### `psql_user` Data type: `Optional[String[1]]` Specifies the OS user for running psql. -Default value: `undef` +Default value: ``undef`` -##### `connect_settings` +##### `connect_settings` Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: `undef` +Default value: ``undef`` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Boolean` Create grant only if it doesn't exist. -Default value: `false` +Default value: ``false`` -### `postgresql::server::tablespace` +### `postgresql::server::tablespace` This module creates tablespace. @@ -3835,35 +3823,35 @@ This module creates tablespace. The following parameters are available in the `postgresql::server::tablespace` defined type: -* [`location`](#-postgresql--server--tablespace--location) -* [`manage_location`](#-postgresql--server--tablespace--manage_location) -* [`owner`](#-postgresql--server--tablespace--owner) -* [`spcname`](#-postgresql--server--tablespace--spcname) -* [`connect_settings`](#-postgresql--server--tablespace--connect_settings) +* [`location`](#location) +* [`manage_location`](#manage_location) +* [`owner`](#owner) +* [`spcname`](#spcname) +* [`connect_settings`](#connect_settings) -##### `location` +##### `location` Data type: `String[1]` Specifies the path to locate this tablespace. -##### `manage_location` +##### `manage_location` Data type: `Boolean` Set to false if you have file{ $location: } already defined -Default value: `true` +Default value: ``true`` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Specifies the default owner of the tablespace. -Default value: `undef` +Default value: ``undef`` -##### `spcname` +##### `spcname` Data type: `String[1]` @@ -3871,7 +3859,7 @@ Specifies the name of the tablespace. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3909,10 +3897,10 @@ The value to set for this parameter. The following parameters are available in the `postgresql_conf` type. -* [`name`](#-postgresql_conf--name) -* [`provider`](#-postgresql_conf--provider) +* [`name`](#name) +* [`provider`](#provider) -##### `name` +##### `name` Valid values: `%r{^[\w.]+$}` @@ -3920,7 +3908,7 @@ namevar The postgresql parameter name to manage. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. @@ -3949,76 +3937,76 @@ Default value: `present` The following parameters are available in the `postgresql_conn_validator` type. -* [`command`](#-postgresql_conn_validator--command) -* [`connect_settings`](#-postgresql_conn_validator--connect_settings) -* [`db_name`](#-postgresql_conn_validator--db_name) -* [`db_password`](#-postgresql_conn_validator--db_password) -* [`db_username`](#-postgresql_conn_validator--db_username) -* [`host`](#-postgresql_conn_validator--host) -* [`name`](#-postgresql_conn_validator--name) -* [`port`](#-postgresql_conn_validator--port) -* [`provider`](#-postgresql_conn_validator--provider) -* [`psql_path`](#-postgresql_conn_validator--psql_path) -* [`run_as`](#-postgresql_conn_validator--run_as) -* [`sleep`](#-postgresql_conn_validator--sleep) -* [`tries`](#-postgresql_conn_validator--tries) - -##### `command` +* [`command`](#command) +* [`connect_settings`](#connect_settings) +* [`db_name`](#db_name) +* [`db_password`](#db_password) +* [`db_username`](#db_username) +* [`host`](#host) +* [`name`](#name) +* [`port`](#port) +* [`provider`](#provider) +* [`psql_path`](#psql_path) +* [`run_as`](#run_as) +* [`sleep`](#sleep) +* [`tries`](#tries) + +##### `command` Command to run against target database. Default value: `SELECT 1` -##### `connect_settings` +##### `connect_settings` Hash of environment variables for connection to a db. -##### `db_name` +##### `db_name` The name of the database you are trying to validate a connection with. -##### `db_password` +##### `db_password` The password required to access the target PostgreSQL database. -##### `db_username` +##### `db_username` A user that has access to the target PostgreSQL database. -##### `host` +##### `host` The DNS name or IP address of the server where PostgreSQL should be running. -##### `name` +##### `name` namevar An arbitrary name used as the identity of the resource. -##### `port` +##### `port` The port that the PostgreSQL server should be listening on. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conn_validator` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_path` +##### `psql_path` Path to the psql command. -##### `run_as` +##### `run_as` System user that will run the psql command. -##### `sleep` +##### `sleep` The length of sleep time between connection tries. Default value: `2` -##### `tries` +##### `tries` The number of tries to validate the connection to the target PostgreSQL database. @@ -4040,104 +4028,104 @@ The SQL command to execute via psql. The following parameters are available in the `postgresql_psql` type. -* [`connect_settings`](#-postgresql_psql--connect_settings) -* [`cwd`](#-postgresql_psql--cwd) -* [`db`](#-postgresql_psql--db) -* [`environment`](#-postgresql_psql--environment) -* [`name`](#-postgresql_psql--name) -* [`onlyif`](#-postgresql_psql--onlyif) -* [`port`](#-postgresql_psql--port) -* [`provider`](#-postgresql_psql--provider) -* [`psql_group`](#-postgresql_psql--psql_group) -* [`psql_path`](#-postgresql_psql--psql_path) -* [`psql_user`](#-postgresql_psql--psql_user) -* [`refreshonly`](#-postgresql_psql--refreshonly) -* [`search_path`](#-postgresql_psql--search_path) -* [`sensitive`](#-postgresql_psql--sensitive) -* [`unless`](#-postgresql_psql--unless) - -##### `connect_settings` +* [`connect_settings`](#connect_settings) +* [`cwd`](#cwd) +* [`db`](#db) +* [`environment`](#environment) +* [`name`](#name) +* [`onlyif`](#onlyif) +* [`port`](#port) +* [`provider`](#provider) +* [`psql_group`](#psql_group) +* [`psql_path`](#psql_path) +* [`psql_user`](#psql_user) +* [`refreshonly`](#refreshonly) +* [`search_path`](#search_path) +* [`sensitive`](#sensitive) +* [`unless`](#unless) + +##### `connect_settings` Connection settings that will be used when connecting to postgres -##### `cwd` +##### `cwd` The working directory under which the psql command should be executed. Default value: `/tmp` -##### `db` +##### `db` The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings -##### `environment` +##### `environment` Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. -##### `name` +##### `name` namevar An arbitrary tag for your own reference; the name of the message. -##### `onlyif` +##### `onlyif` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -##### `port` +##### `port` The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_psql` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_group` +##### `psql_group` The system user group account under which the psql command should be executed. Default value: `postgres` -##### `psql_path` +##### `psql_path` The path to psql executable. Default value: `psql` -##### `psql_user` +##### `psql_user` The system user account under which the psql command should be executed. Default value: `postgres` -##### `refreshonly` +##### `refreshonly` -Valid values: `true`, `false` +Valid values: ``true``, ``false`` If 'true', then the SQL will only be executed via a notify/subscribe event. -Default value: `false` +Default value: ``false`` -##### `search_path` +##### `search_path` The schema search path to use when executing the SQL command -##### `sensitive` +##### `sensitive` -Valid values: `true`, `false` +Valid values: ``true``, ``false`` If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing through. -Default value: `false` +Default value: ``false`` -##### `unless` +##### `unless` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check @@ -4166,10 +4154,10 @@ Default value: `present` The following parameters are available in the `postgresql_replication_slot` type. -* [`name`](#-postgresql_replication_slot--name) -* [`provider`](#-postgresql_replication_slot--provider) +* [`name`](#name) +* [`provider`](#provider) -##### `name` +##### `name` Valid values: `%r{^[a-z0-9_]+$}` @@ -4177,14 +4165,14 @@ namevar The name of the slot to create. Must be a valid replication slot name. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_replication_slot` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. ## Functions -### `postgresql::default` +### `postgresql::default` Type: Puppet Language @@ -4218,7 +4206,7 @@ Data type: `String` -### `postgresql::postgresql_escape` +### `postgresql::postgresql_escape` Type: Ruby 4.x API @@ -4236,7 +4224,7 @@ Data type: `String[1]` The unescaped string you want to escape using `dollar quoting` -### `postgresql::postgresql_password` +### `postgresql::postgresql_password` Type: Ruby 4.x API @@ -4278,7 +4266,7 @@ Data type: `Optional[Optional[Variant[String[1], Integer]]]` Use a specific salt value for scram-sha-256, default is username -### `postgresql::prepend_sql_password` +### `postgresql::prepend_sql_password` Type: Ruby 4.x API @@ -4334,7 +4322,7 @@ Data type: `Any` ## Data types -### `Postgresql::Pg_hba_rule` +### `Postgresql::Pg_hba_rule` type for all parameters in the postgresql::server::hba_rule defined resource @@ -4358,38 +4346,54 @@ Struct[{ }] ``` -### `Postgresql::Pg_hba_rule_address` +### `Postgresql::Pg_hba_rule_address` Supported address types * **See also** * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Alias of `Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Stdlib::Fqdn, Enum['all', 'samehost', 'samenet'], Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/]]` +Alias of + +```puppet +Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Stdlib::Fqdn, Enum['all', 'samehost', 'samenet'], Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/]] +``` -### `Postgresql::Pg_hba_rule_type` +### `Postgresql::Pg_hba_rule_type` enum for all different types for the pg_hba_conf * **See also** * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Alias of `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc']` +Alias of + +```puppet +Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc'] +``` -### `Postgresql::Pg_hba_rules` +### `Postgresql::Pg_hba_rules` validates a hash of entries for postgresql::server::pg_hab_conf * **See also** * https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp -Alias of `Hash[String[1], Postgresql::Pg_hba_rule]` +Alias of -### `Postgresql::Pg_password_encryption` +```puppet +Hash[String[1], Postgresql::Pg_hba_rule] +``` + +### `Postgresql::Pg_password_encryption` the supported password_encryption -Alias of `Enum['md5', 'scram-sha-256']` +Alias of + +```puppet +Enum['md5', 'scram-sha-256'] +``` ## Tasks From 8a409c58695dfd87d7a2b66788ab762242c2b1f4 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Mon, 4 Sep 2023 10:16:54 +0530 Subject: [PATCH 0890/1000] CAT-1366 : Fix issue url from old jira to github --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 1c8b7d8611..911007298a 100644 --- a/metadata.json +++ b/metadata.json @@ -6,7 +6,7 @@ "license": "Apache-2.0", "source": "https://github.com/puppetlabs/puppetlabs-postgresql", "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "issues_url": "https://github.com/puppetlabs/puppetlabs-postgresql/issues", "dependencies": [ { "name": "puppetlabs/stdlib", From 1a4125ea19ec571b6d747fb313fb96b18fdc143a Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 4 Sep 2023 09:44:36 +0200 Subject: [PATCH 0891/1000] Prefer $connect_settings over explicit parameter This is the outcome of a large refactoring in #1450 and discussions on IRC and slack. We noticed that the behaviour of `$connect_settings` is currently inconsistent. Sometimes it's preferred over explicity parameters, sometimes not. Reminder: The idea of `$connect_settings` is to provide a hash with environment variable to tell puppet to manage a remote database instead of a local instance. One example is: https://github.com/puppetlabs/puppetlabs-postgresql/blob/93386b48861ff41d5f47033afee592e0506526c5/manifests/server/grant.pp#L80-L86 ``` if $port { $port_override = $port } elsif 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $postgresql::server::port } ``` Here the local $port parameter is preferred over `$connect_settings`. The problem is that we now cannot set a default in the resource for `$port`. The default is hardcoded to `$postgresql::server::port`. This becomes. Other classes handle it in a different way: https://github.com/puppetlabs/puppetlabs-postgresql/blob/93386b48861ff41d5f47033afee592e0506526c5/manifests/server/database.pp#L41-L46 ``` if 'PGPORT' in $connect_settings { $port_override = undef } else { $port_override = $port } ``` Here `$connct_settings` is checked first. It defaults to an empty hash. If `PGPORT` isn't in it, `$port` is used. The logic is shorter and enables us to expose $port as a parameter with a default value. With this approach users can decide if they pass `$port` or `$connect_settings`. At the moment the remote database support is broken because the logic to parse `$connect_settings` isn't consistent. The goal of this PR is to unify the logic and prefer `$connect_settings` if it's provided by the user. --- README.md | 10 +- REFERENCE.md | 2144 +++++++++-------- manifests/server/database.pp | 16 +- manifests/server/database_grant.pp | 4 +- manifests/server/default_privileges.pp | 20 +- manifests/server/extension.pp | 13 +- manifests/server/grant.pp | 13 +- manifests/server/reassign_owned_by.pp | 6 +- manifests/server/role.pp | 22 +- manifests/server/schema.pp | 10 +- manifests/server/tablespace.pp | 10 +- spec/defines/server/database_grant_spec.rb | 2 +- spec/defines/server/database_spec.rb | 4 +- spec/defines/server/db_spec.rb | 4 +- .../defines/server/default_privileges_spec.rb | 2 +- spec/defines/server/extension_spec.rb | 4 +- spec/defines/server/grant_spec.rb | 2 +- 17 files changed, 1117 insertions(+), 1169 deletions(-) diff --git a/README.md b/README.md index 2b9fdcb8c2..bef4b8bac6 100644 --- a/README.md +++ b/README.md @@ -175,11 +175,15 @@ class { 'postgresql::server': ### Manage remote users, roles, and permissions -Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. +Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a `$connect_settings` hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. -The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) documentation for a complete list of variables. +The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', 'PGUSER' and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](https://www.postgresql.org/docs/current/libpq-envars.html) documentation for a complete list of variables. -Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. +Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `$connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance. + +**The $connect_settings hash has priority over the explicit variables like $port and $user** + +When a user provides only the `$port` parameter to a resource and no `$connect_settings`, `$port` will be used. When `$connect_settings` contains `PGPORT` and `$port` is set, `$connect_settings['PGPORT']` will be used. You can provide a `connect_settings` hash for each of the Puppet resources, or you can set a default `connect_settings` hash in `postgresql::globals`. Configuring `connect_settings` per resource allows SQL objects to be created on multiple databases by multiple users. diff --git a/REFERENCE.md b/REFERENCE.md index 1733d7fdfe..0a574806bc 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -8,18 +8,18 @@ #### Public Classes -* [`postgresql::client`](#postgresqlclient): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::globals`](#postgresqlglobals): Class for setting cross-class global overrides. -* [`postgresql::lib::devel`](#postgresqllibdevel): This class installs postgresql development libraries. -* [`postgresql::lib::docs`](#postgresqllibdocs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. -* [`postgresql::lib::java`](#postgresqllibjava): This class installs the postgresql jdbc connector. -* [`postgresql::lib::perl`](#postgresqllibperl): This class installs the perl libs for postgresql. -* [`postgresql::lib::python`](#postgresqllibpython): This class installs the python libs for postgresql. -* [`postgresql::server`](#postgresqlserver): This installs a PostgreSQL server -* [`postgresql::server::contrib`](#postgresqlservercontrib): Install the contrib postgresql packaging. -* [`postgresql::server::plperl`](#postgresqlserverplperl): This class installs the PL/Perl procedural language for postgresql. -* [`postgresql::server::plpython`](#postgresqlserverplpython): This class installs the PL/Python procedural language for postgresql. -* [`postgresql::server::postgis`](#postgresqlserverpostgis): Install the postgis postgresql packaging. +* [`postgresql::client`](#postgresql--client): Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::globals`](#postgresql--globals): Class for setting cross-class global overrides. +* [`postgresql::lib::devel`](#postgresql--lib--devel): This class installs postgresql development libraries. +* [`postgresql::lib::docs`](#postgresql--lib--docs): Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. +* [`postgresql::lib::java`](#postgresql--lib--java): This class installs the postgresql jdbc connector. +* [`postgresql::lib::perl`](#postgresql--lib--perl): This class installs the perl libs for postgresql. +* [`postgresql::lib::python`](#postgresql--lib--python): This class installs the python libs for postgresql. +* [`postgresql::server`](#postgresql--server): This installs a PostgreSQL server +* [`postgresql::server::contrib`](#postgresql--server--contrib): Install the contrib postgresql packaging. +* [`postgresql::server::plperl`](#postgresql--server--plperl): This class installs the PL/Perl procedural language for postgresql. +* [`postgresql::server::plpython`](#postgresql--server--plpython): This class installs the PL/Python procedural language for postgresql. +* [`postgresql::server::postgis`](#postgresql--server--postgis): Install the postgis postgresql packaging. #### Private Classes @@ -41,28 +41,28 @@ #### Public Defined types -* [`postgresql::server::config_entry`](#postgresqlserverconfig_entry): Manage a postgresql.conf entry. -* [`postgresql::server::database`](#postgresqlserverdatabase): Define for creating a database. -* [`postgresql::server::database_grant`](#postgresqlserverdatabase_grant): Manage a database grant. -* [`postgresql::server::db`](#postgresqlserverdb): Define for conveniently creating a role, database and assigning the correct permissions. -* [`postgresql::server::default_privileges`](#postgresqlserverdefault_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. -* [`postgresql::server::extension`](#postgresqlserverextension): Activate an extension on a postgresql database. -* [`postgresql::server::grant`](#postgresqlservergrant): Define for granting permissions to roles. -* [`postgresql::server::grant_role`](#postgresqlservergrant_role): Define for granting membership to a role. -* [`postgresql::server::instance::config`](#postgresqlserverinstanceconfig): Manages the config for a postgresql::server instance -* [`postgresql::server::instance::initdb`](#postgresqlserverinstanceinitdb): Manages initdb feature for a postgresql::server instance -* [`postgresql::server::instance::late_initdb`](#postgresqlserverinstancelate_initdb): Manage the default encoding when database initialization is managed by the package -* [`postgresql::server::instance::passwd`](#postgresqlserverinstancepasswd): Overrides the default PostgreSQL superuser -* [`postgresql::server::instance::reload`](#postgresqlserverinstancereload): Overrides the default reload or status command for your PostgreSQL service -* [`postgresql::server::instance::service`](#postgresqlserverinstanceservice): Manages the service for the postgres main instance (default) or additional instances -* [`postgresql::server::pg_hba_rule`](#postgresqlserverpg_hba_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::pg_ident_rule`](#postgresqlserverpg_ident_rule): This resource manages an individual rule that applies to the file defined in target. -* [`postgresql::server::reassign_owned_by`](#postgresqlserverreassign_owned_by): Define for reassigning the ownership of objects within a database. -* [`postgresql::server::recovery`](#postgresqlserverrecovery): This resource manages the parameters that applies to the recovery.conf template. -* [`postgresql::server::role`](#postgresqlserverrole): Define for creating a database role. -* [`postgresql::server::schema`](#postgresqlserverschema): Create a new schema. -* [`postgresql::server::table_grant`](#postgresqlservertable_grant): This resource wraps the grant resource to manage table grants specifically. -* [`postgresql::server::tablespace`](#postgresqlservertablespace): This module creates tablespace. +* [`postgresql::server::config_entry`](#postgresql--server--config_entry): Manage a postgresql.conf entry. +* [`postgresql::server::database`](#postgresql--server--database): Define for creating a database. +* [`postgresql::server::database_grant`](#postgresql--server--database_grant): Manage a database grant. +* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correct permissions. +* [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. +* [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database. +* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles. +* [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role. +* [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance +* [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance +* [`postgresql::server::instance::late_initdb`](#postgresql--server--instance--late_initdb): Manage the default encoding when database initialization is managed by the package +* [`postgresql::server::instance::passwd`](#postgresql--server--instance--passwd): Overrides the default PostgreSQL superuser +* [`postgresql::server::instance::reload`](#postgresql--server--instance--reload): Overrides the default reload or status command for your PostgreSQL service +* [`postgresql::server::instance::service`](#postgresql--server--instance--service): Manages the service for the postgres main instance (default) or additional instances +* [`postgresql::server::pg_hba_rule`](#postgresql--server--pg_hba_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::pg_ident_rule`](#postgresql--server--pg_ident_rule): This resource manages an individual rule that applies to the file defined in target. +* [`postgresql::server::reassign_owned_by`](#postgresql--server--reassign_owned_by): Define for reassigning the ownership of objects within a database. +* [`postgresql::server::recovery`](#postgresql--server--recovery): This resource manages the parameters that applies to the recovery.conf template. +* [`postgresql::server::role`](#postgresql--server--role): Define for creating a database role. +* [`postgresql::server::schema`](#postgresql--server--schema): Create a new schema. +* [`postgresql::server::table_grant`](#postgresql--server--table_grant): This resource wraps the grant resource to manage table grants specifically. +* [`postgresql::server::tablespace`](#postgresql--server--tablespace): This module creates tablespace. #### Private Defined types @@ -79,10 +79,10 @@ #### Public Functions -* [`postgresql::default`](#postgresqldefault): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. -* [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. -* [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password -* [`postgresql::prepend_sql_password`](#postgresqlprepend_sql_password): This function exists for usage of a role password that is a deferred function +* [`postgresql::default`](#postgresql--default): This function pull default values from the `params` class or `globals` class if the value is not present in `params`. +* [`postgresql::postgresql_escape`](#postgresql--postgresql_escape): This function escapes a string using [Dollar Quoting](https://www.postgresql.org/docs/12/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING) using a randomly generated tag if required. +* [`postgresql::postgresql_password`](#postgresql--postgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql::prepend_sql_password`](#postgresql--prepend_sql_password): This function exists for usage of a role password that is a deferred function * [`postgresql_escape`](#postgresql_escape): DEPRECATED. Use the namespaced function [`postgresql::postgresql_escape`](#postgresqlpostgresql_escape) instead. * [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. @@ -92,11 +92,11 @@ ### Data types -* [`Postgresql::Pg_hba_rule`](#postgresqlpg_hba_rule): type for all parameters in the postgresql::server::hba_rule defined resource -* [`Postgresql::Pg_hba_rule_address`](#postgresqlpg_hba_rule_address): Supported address types -* [`Postgresql::Pg_hba_rule_type`](#postgresqlpg_hba_rule_type): enum for all different types for the pg_hba_conf -* [`Postgresql::Pg_hba_rules`](#postgresqlpg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf -* [`Postgresql::Pg_password_encryption`](#postgresqlpg_password_encryption): the supported password_encryption +* [`Postgresql::Pg_hba_rule`](#Postgresql--Pg_hba_rule): type for all parameters in the postgresql::server::hba_rule defined resource +* [`Postgresql::Pg_hba_rule_address`](#Postgresql--Pg_hba_rule_address): Supported address types +* [`Postgresql::Pg_hba_rule_type`](#Postgresql--Pg_hba_rule_type): enum for all different types for the pg_hba_conf +* [`Postgresql::Pg_hba_rules`](#Postgresql--Pg_hba_rules): validates a hash of entries for postgresql::server::pg_hab_conf +* [`Postgresql::Pg_password_encryption`](#Postgresql--Pg_password_encryption): the supported password_encryption ### Tasks @@ -104,7 +104,7 @@ ## Classes -### `postgresql::client` +### `postgresql::client` Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. @@ -114,12 +114,12 @@ Installs PostgreSQL client software. Set the following parameters if you have a The following parameters are available in the `postgresql::client` class: -* [`file_ensure`](#file_ensure) -* [`validcon_script_path`](#validcon_script_path) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`file_ensure`](#-postgresql--client--file_ensure) +* [`validcon_script_path`](#-postgresql--client--validcon_script_path) +* [`package_name`](#-postgresql--client--package_name) +* [`package_ensure`](#-postgresql--client--package_ensure) -##### `file_ensure` +##### `file_ensure` Data type: `Enum['file', 'absent']` @@ -127,7 +127,7 @@ Ensure the connection validation script is present Default value: `'file'` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Stdlib::Absolutepath` @@ -135,7 +135,7 @@ Optional. Absolute path for the postgresql connection validation script. Default value: `$postgresql::params::validcon_script_path` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -143,7 +143,7 @@ Sets the name of the PostgreSQL client package. Default value: `$postgresql::params::client_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -151,7 +151,7 @@ Ensure the client package is installed Default value: `'present'` -### `postgresql::globals` +### `postgresql::globals` Class for setting cross-class global overrides. @@ -163,246 +163,246 @@ as version or manage_package_repo. The following parameters are available in the `postgresql::globals` class: -* [`client_package_name`](#client_package_name) -* [`server_package_name`](#server_package_name) -* [`contrib_package_name`](#contrib_package_name) -* [`devel_package_name`](#devel_package_name) -* [`java_package_name`](#java_package_name) -* [`docs_package_name`](#docs_package_name) -* [`perl_package_name`](#perl_package_name) -* [`plperl_package_name`](#plperl_package_name) -* [`plpython_package_name`](#plpython_package_name) -* [`python_package_name`](#python_package_name) -* [`postgis_package_name`](#postgis_package_name) -* [`service_name`](#service_name) -* [`service_provider`](#service_provider) -* [`service_status`](#service_status) -* [`default_database`](#default_database) -* [`validcon_script_path`](#validcon_script_path) -* [`initdb_path`](#initdb_path) -* [`psql_path`](#psql_path) -* [`pg_hba_conf_path`](#pg_hba_conf_path) -* [`pg_ident_conf_path`](#pg_ident_conf_path) -* [`postgresql_conf_path`](#postgresql_conf_path) -* [`postgresql_conf_mode`](#postgresql_conf_mode) -* [`recovery_conf_path`](#recovery_conf_path) -* [`default_connect_settings`](#default_connect_settings) -* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) -* [`datadir`](#datadir) -* [`confdir`](#confdir) -* [`bindir`](#bindir) -* [`xlogdir`](#xlogdir) -* [`logdir`](#logdir) -* [`log_line_prefix`](#log_line_prefix) -* [`user`](#user) -* [`group`](#group) -* [`version`](#version) -* [`postgis_version`](#postgis_version) -* [`repo_proxy`](#repo_proxy) -* [`repo_baseurl`](#repo_baseurl) -* [`yum_repo_commonurl`](#yum_repo_commonurl) -* [`needs_initdb`](#needs_initdb) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`data_checksums`](#data_checksums) -* [`timezone`](#timezone) -* [`manage_pg_hba_conf`](#manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#manage_pg_ident_conf) -* [`manage_recovery_conf`](#manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`manage_selinux`](#manage_selinux) -* [`manage_datadir`](#manage_datadir) -* [`manage_logdir`](#manage_logdir) -* [`manage_xlogdir`](#manage_xlogdir) -* [`manage_package_repo`](#manage_package_repo) -* [`manage_dnf_module`](#manage_dnf_module) -* [`module_workdir`](#module_workdir) - -##### `client_package_name` +* [`client_package_name`](#-postgresql--globals--client_package_name) +* [`server_package_name`](#-postgresql--globals--server_package_name) +* [`contrib_package_name`](#-postgresql--globals--contrib_package_name) +* [`devel_package_name`](#-postgresql--globals--devel_package_name) +* [`java_package_name`](#-postgresql--globals--java_package_name) +* [`docs_package_name`](#-postgresql--globals--docs_package_name) +* [`perl_package_name`](#-postgresql--globals--perl_package_name) +* [`plperl_package_name`](#-postgresql--globals--plperl_package_name) +* [`plpython_package_name`](#-postgresql--globals--plpython_package_name) +* [`python_package_name`](#-postgresql--globals--python_package_name) +* [`postgis_package_name`](#-postgresql--globals--postgis_package_name) +* [`service_name`](#-postgresql--globals--service_name) +* [`service_provider`](#-postgresql--globals--service_provider) +* [`service_status`](#-postgresql--globals--service_status) +* [`default_database`](#-postgresql--globals--default_database) +* [`validcon_script_path`](#-postgresql--globals--validcon_script_path) +* [`initdb_path`](#-postgresql--globals--initdb_path) +* [`psql_path`](#-postgresql--globals--psql_path) +* [`pg_hba_conf_path`](#-postgresql--globals--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--globals--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--globals--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--globals--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--globals--recovery_conf_path) +* [`default_connect_settings`](#-postgresql--globals--default_connect_settings) +* [`pg_hba_conf_defaults`](#-postgresql--globals--pg_hba_conf_defaults) +* [`datadir`](#-postgresql--globals--datadir) +* [`confdir`](#-postgresql--globals--confdir) +* [`bindir`](#-postgresql--globals--bindir) +* [`xlogdir`](#-postgresql--globals--xlogdir) +* [`logdir`](#-postgresql--globals--logdir) +* [`log_line_prefix`](#-postgresql--globals--log_line_prefix) +* [`user`](#-postgresql--globals--user) +* [`group`](#-postgresql--globals--group) +* [`version`](#-postgresql--globals--version) +* [`postgis_version`](#-postgresql--globals--postgis_version) +* [`repo_proxy`](#-postgresql--globals--repo_proxy) +* [`repo_baseurl`](#-postgresql--globals--repo_baseurl) +* [`yum_repo_commonurl`](#-postgresql--globals--yum_repo_commonurl) +* [`needs_initdb`](#-postgresql--globals--needs_initdb) +* [`encoding`](#-postgresql--globals--encoding) +* [`locale`](#-postgresql--globals--locale) +* [`data_checksums`](#-postgresql--globals--data_checksums) +* [`timezone`](#-postgresql--globals--timezone) +* [`manage_pg_hba_conf`](#-postgresql--globals--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--globals--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--globals--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--globals--manage_postgresql_conf_perms) +* [`manage_selinux`](#-postgresql--globals--manage_selinux) +* [`manage_datadir`](#-postgresql--globals--manage_datadir) +* [`manage_logdir`](#-postgresql--globals--manage_logdir) +* [`manage_xlogdir`](#-postgresql--globals--manage_xlogdir) +* [`manage_package_repo`](#-postgresql--globals--manage_package_repo) +* [`manage_dnf_module`](#-postgresql--globals--manage_dnf_module) +* [`module_workdir`](#-postgresql--globals--module_workdir) + +##### `client_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL client package name. -Default value: ``undef`` +Default value: `undef` -##### `server_package_name` +##### `server_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL server package name. -Default value: ``undef`` +Default value: `undef` -##### `contrib_package_name` +##### `contrib_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL contrib package name. -Default value: ``undef`` +Default value: `undef` -##### `devel_package_name` +##### `devel_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL devel package name. -Default value: ``undef`` +Default value: `undef` -##### `java_package_name` +##### `java_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL java package name. -Default value: ``undef`` +Default value: `undef` -##### `docs_package_name` +##### `docs_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL docs package name. -Default value: ``undef`` +Default value: `undef` -##### `perl_package_name` +##### `perl_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL Perl package name. -Default value: ``undef`` +Default value: `undef` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Perl package name. -Default value: ``undef`` +Default value: `undef` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PL/Python package name. -Default value: ``undef`` +Default value: `undef` -##### `python_package_name` +##### `python_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL Python package name. -Default value: ``undef`` +Default value: `undef` -##### `postgis_package_name` +##### `postgis_package_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL PostGIS package name. -Default value: ``undef`` +Default value: `undef` -##### `service_name` +##### `service_name` Data type: `Optional[String[1]]` Overrides the default PostgreSQL service name. -Default value: ``undef`` +Default value: `undef` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` Overrides the default PostgreSQL service provider. -Default value: ``undef`` +Default value: `undef` -##### `service_status` +##### `service_status` Data type: `Optional[String[1]]` Overrides the default status check command for your PostgreSQL service. -Default value: ``undef`` +Default value: `undef` -##### `default_database` +##### `default_database` Data type: `Optional[String[1]]` Specifies the name of the default database to connect with. -Default value: ``undef`` +Default value: `undef` -##### `validcon_script_path` +##### `validcon_script_path` Data type: `Optional[String[1]]` Scipt path for the connection validation check. -Default value: ``undef`` +Default value: `undef` -##### `initdb_path` +##### `initdb_path` Data type: `Optional[Stdlib::Absolutepath]` Path to the initdb command. -Default value: ``undef`` +Default value: `undef` -##### `psql_path` +##### `psql_path` Data type: `Optional[Stdlib::Absolutepath]` Sets the path to the psql command. -Default value: ``undef`` +Default value: `undef` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_hba.conf file. -Default value: ``undef`` +Default value: `undef` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Specifies the path to your pg_ident.conf file. -Default value: ``undef`` +Default value: `undef` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Sets the path to your postgresql.conf file. -Default value: ``undef`` +Default value: `undef` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true. -Default value: ``undef`` +Default value: `undef` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Optional[Stdlib::Absolutepath]` Path to your recovery.conf file. -Default value: ``undef`` +Default value: `undef` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Hash` @@ -410,15 +410,15 @@ Default connection settings. Default value: `{}` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Optional[Boolean]` Disables the defaults supplied with the module for pg_hba.conf if set to false. -Default value: ``undef`` +Default value: `undef` -##### `datadir` +##### `datadir` Data type: `Optional[Stdlib::Absolutepath]` @@ -430,113 +430,113 @@ defaults to true on other systems). Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original -Default value: ``undef`` +Default value: `undef` -##### `confdir` +##### `confdir` Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL configuration directory for the target platform. -Default value: ``undef`` +Default value: `undef` -##### `bindir` +##### `bindir` Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL binaries directory for the target platform. -Default value: ``undef`` +Default value: `undef` -##### `xlogdir` +##### `xlogdir` Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL xlog directory. -Default value: ``undef`` +Default value: `undef` -##### `logdir` +##### `logdir` Data type: `Optional[Stdlib::Absolutepath]` Overrides the default PostgreSQL log directory. -Default value: ``undef`` +Default value: `undef` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` Overrides the default PostgreSQL log prefix. -Default value: ``undef`` +Default value: `undef` -##### `user` +##### `user` Data type: `Optional[String[1]]` Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. -Default value: ``undef`` +Default value: `undef` -##### `group` +##### `group` Data type: `Optional[String[1]]` Overrides the default postgres user group to be used for related files in the file system. -Default value: ``undef`` +Default value: `undef` -##### `version` +##### `version` Data type: `Optional[String[1]]` The version of PostgreSQL to install and manage. -Default value: ``undef`` +Default value: `undef` -##### `postgis_version` +##### `postgis_version` Data type: `Optional[String[1]]` Defines the version of PostGIS to install, if you install PostGIS. -Default value: ``undef`` +Default value: `undef` -##### `repo_proxy` +##### `repo_proxy` Data type: `Optional[String[1]]` Sets the proxy option for the official PostgreSQL yum-repositories only. -Default value: ``undef`` +Default value: `undef` -##### `repo_baseurl` +##### `repo_baseurl` Data type: `Optional[String[1]]` Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. -Default value: ``undef`` +Default value: `undef` -##### `yum_repo_commonurl` +##### `yum_repo_commonurl` Data type: `Optional[String[1]]` Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. -Default value: ``undef`` +Default value: `undef` -##### `needs_initdb` +##### `needs_initdb` Data type: `Optional[Boolean]` Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. -Default value: ``undef`` +Default value: `undef` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -544,9 +544,9 @@ Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. -Default value: ``undef`` +Default value: `undef` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -555,50 +555,50 @@ On certain operating systems, this is also used during the template1 initializat so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL. -Default value: ``undef`` +Default value: `undef` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. -Default value: ``undef`` +Default value: `undef` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. -Default value: ``undef`` +Default value: `undef` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the pg_hba.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the pg_ident.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Optional[Boolean]` Allow Puppet to manage the recovery.conf file. -Default value: ``undef`` +Default value: `undef` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Optional[Boolean]` @@ -606,49 +606,49 @@ Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry. -Default value: ``undef`` +Default value: `undef` -##### `manage_selinux` +##### `manage_selinux` Data type: `Optional[Boolean]` Allows Puppet to manage the appropriate configuration file for selinux. -Default value: ``undef`` +Default value: `undef` -##### `manage_datadir` +##### `manage_datadir` Data type: `Optional[Boolean]` Set to false if you have file{ $datadir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_logdir` +##### `manage_logdir` Data type: `Optional[Boolean]` Set to false if you have file{ $logdir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Optional[Boolean]` Set to false if you have file{ $xlogdir: } already defined -Default value: ``undef`` +Default value: `undef` -##### `manage_package_repo` +##### `manage_package_repo` Data type: `Optional[Boolean]` Sets up official PostgreSQL repositories on your host if set to true. -Default value: ``undef`` +Default value: `undef` -##### `manage_dnf_module` +##### `manage_dnf_module` Data type: `Boolean` @@ -656,18 +656,18 @@ Manage the DNF module. This only makes sense on distributions that use DNF package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or Puppet 6.15.0+ since they ship the dnfmodule provider. -Default value: ``false`` +Default value: `false` -##### `module_workdir` +##### `module_workdir` Data type: `Optional[Stdlib::Absolutepath]` Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. -Default value: ``undef`` +Default value: `undef` -### `postgresql::lib::devel` +### `postgresql::lib::devel` This class installs postgresql development libraries. @@ -675,11 +675,11 @@ This class installs postgresql development libraries. The following parameters are available in the `postgresql::lib::devel` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`link_pg_config`](#link_pg_config) +* [`package_name`](#-postgresql--lib--devel--package_name) +* [`package_ensure`](#-postgresql--lib--devel--package_ensure) +* [`link_pg_config`](#-postgresql--lib--devel--link_pg_config) -##### `package_name` +##### `package_name` Data type: `String` @@ -687,7 +687,7 @@ Override devel package name Default value: `$postgresql::params::devel_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -695,7 +695,7 @@ Ensure the development libraries are installed Default value: `'present'` -##### `link_pg_config` +##### `link_pg_config` Data type: `Boolean` @@ -704,7 +704,7 @@ into usr/bin (not applicable to Debian systems). Set to false to disable this be Default value: `$postgresql::params::link_pg_config` -### `postgresql::lib::docs` +### `postgresql::lib::docs` Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install. @@ -714,10 +714,10 @@ Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if The following parameters are available in the `postgresql::lib::docs` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--docs--package_name) +* [`package_ensure`](#-postgresql--lib--docs--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -725,7 +725,7 @@ Specifies the name of the PostgreSQL docs package. Default value: `$postgresql::params::docs_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -733,7 +733,7 @@ Whether the PostgreSQL docs package resource should be present. Default value: `'present'` -### `postgresql::lib::java` +### `postgresql::lib::java` This class installs the postgresql jdbc connector. @@ -743,10 +743,10 @@ This class installs the postgresql jdbc connector. The following parameters are available in the `postgresql::lib::java` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--java--package_name) +* [`package_ensure`](#-postgresql--lib--java--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -754,7 +754,7 @@ Specifies the name of the PostgreSQL java package. Default value: `$postgresql::params::java_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -762,7 +762,7 @@ Specifies whether the package is present. Default value: `'present'` -### `postgresql::lib::perl` +### `postgresql::lib::perl` This class installs the perl libs for postgresql. @@ -770,10 +770,10 @@ This class installs the perl libs for postgresql. The following parameters are available in the `postgresql::lib::perl` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--perl--package_name) +* [`package_ensure`](#-postgresql--lib--perl--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -781,7 +781,7 @@ Specifies the name of the PostgreSQL perl package to install. Default value: `$postgresql::params::perl_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -789,7 +789,7 @@ Ensure the perl libs for postgresql are installed. Default value: `'present'` -### `postgresql::lib::python` +### `postgresql::lib::python` This class installs the python libs for postgresql. @@ -797,10 +797,10 @@ This class installs the python libs for postgresql. The following parameters are available in the `postgresql::lib::python` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--lib--python--package_name) +* [`package_ensure`](#-postgresql--lib--python--package_ensure) -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -808,7 +808,7 @@ The name of the PostgreSQL Python package. Default value: `$postgresql::params::python_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -816,7 +816,7 @@ Ensure the python libs for postgresql are installed. Default value: `'present'` -### `postgresql::server` +### `postgresql::server` This installs a PostgreSQL server @@ -824,78 +824,78 @@ This installs a PostgreSQL server The following parameters are available in the `postgresql::server` class: -* [`postgres_password`](#postgres_password) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`plperl_package_name`](#plperl_package_name) -* [`plpython_package_name`](#plpython_package_name) -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`service_manage`](#service_manage) -* [`service_name`](#service_name) -* [`service_restart_on_change`](#service_restart_on_change) -* [`service_provider`](#service_provider) -* [`service_reload`](#service_reload) -* [`service_status`](#service_status) -* [`default_database`](#default_database) -* [`default_connect_settings`](#default_connect_settings) -* [`listen_addresses`](#listen_addresses) -* [`port`](#port) -* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) -* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) -* [`ipv4acls`](#ipv4acls) -* [`ipv6acls`](#ipv6acls) -* [`initdb_path`](#initdb_path) -* [`psql_path`](#psql_path) -* [`pg_hba_conf_path`](#pg_hba_conf_path) -* [`pg_ident_conf_path`](#pg_ident_conf_path) -* [`postgresql_conf_path`](#postgresql_conf_path) -* [`postgresql_conf_mode`](#postgresql_conf_mode) -* [`recovery_conf_path`](#recovery_conf_path) -* [`datadir`](#datadir) -* [`xlogdir`](#xlogdir) -* [`logdir`](#logdir) -* [`log_line_prefix`](#log_line_prefix) -* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) -* [`user`](#user) -* [`group`](#group) -* [`needs_initdb`](#needs_initdb) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`data_checksums`](#data_checksums) -* [`timezone`](#timezone) -* [`manage_pg_hba_conf`](#manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#manage_pg_ident_conf) -* [`manage_recovery_conf`](#manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`manage_selinux`](#manage_selinux) -* [`module_workdir`](#module_workdir) -* [`manage_datadir`](#manage_datadir) -* [`manage_logdir`](#manage_logdir) -* [`manage_xlogdir`](#manage_xlogdir) -* [`password_encryption`](#password_encryption) -* [`roles`](#roles) -* [`config_entries`](#config_entries) -* [`pg_hba_rules`](#pg_hba_rules) -* [`backup_enable`](#backup_enable) -* [`backup_options`](#backup_options) -* [`backup_provider`](#backup_provider) -* [`extra_systemd_config`](#extra_systemd_config) -* [`auth_host`](#auth_host) -* [`auth_local`](#auth_local) -* [`lc_messages`](#lc_messages) -* [`username`](#username) - -##### `postgres_password` +* [`postgres_password`](#-postgresql--server--postgres_password) +* [`package_name`](#-postgresql--server--package_name) +* [`package_ensure`](#-postgresql--server--package_ensure) +* [`plperl_package_name`](#-postgresql--server--plperl_package_name) +* [`plpython_package_name`](#-postgresql--server--plpython_package_name) +* [`service_ensure`](#-postgresql--server--service_ensure) +* [`service_enable`](#-postgresql--server--service_enable) +* [`service_manage`](#-postgresql--server--service_manage) +* [`service_name`](#-postgresql--server--service_name) +* [`service_restart_on_change`](#-postgresql--server--service_restart_on_change) +* [`service_provider`](#-postgresql--server--service_provider) +* [`service_reload`](#-postgresql--server--service_reload) +* [`service_status`](#-postgresql--server--service_status) +* [`default_database`](#-postgresql--server--default_database) +* [`default_connect_settings`](#-postgresql--server--default_connect_settings) +* [`listen_addresses`](#-postgresql--server--listen_addresses) +* [`port`](#-postgresql--server--port) +* [`ip_mask_deny_postgres_user`](#-postgresql--server--ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#-postgresql--server--ip_mask_allow_all_users) +* [`ipv4acls`](#-postgresql--server--ipv4acls) +* [`ipv6acls`](#-postgresql--server--ipv6acls) +* [`initdb_path`](#-postgresql--server--initdb_path) +* [`psql_path`](#-postgresql--server--psql_path) +* [`pg_hba_conf_path`](#-postgresql--server--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--server--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--server--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--server--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--server--recovery_conf_path) +* [`datadir`](#-postgresql--server--datadir) +* [`xlogdir`](#-postgresql--server--xlogdir) +* [`logdir`](#-postgresql--server--logdir) +* [`log_line_prefix`](#-postgresql--server--log_line_prefix) +* [`pg_hba_conf_defaults`](#-postgresql--server--pg_hba_conf_defaults) +* [`user`](#-postgresql--server--user) +* [`group`](#-postgresql--server--group) +* [`needs_initdb`](#-postgresql--server--needs_initdb) +* [`encoding`](#-postgresql--server--encoding) +* [`locale`](#-postgresql--server--locale) +* [`data_checksums`](#-postgresql--server--data_checksums) +* [`timezone`](#-postgresql--server--timezone) +* [`manage_pg_hba_conf`](#-postgresql--server--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--server--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--server--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--server--manage_postgresql_conf_perms) +* [`manage_selinux`](#-postgresql--server--manage_selinux) +* [`module_workdir`](#-postgresql--server--module_workdir) +* [`manage_datadir`](#-postgresql--server--manage_datadir) +* [`manage_logdir`](#-postgresql--server--manage_logdir) +* [`manage_xlogdir`](#-postgresql--server--manage_xlogdir) +* [`password_encryption`](#-postgresql--server--password_encryption) +* [`roles`](#-postgresql--server--roles) +* [`config_entries`](#-postgresql--server--config_entries) +* [`pg_hba_rules`](#-postgresql--server--pg_hba_rules) +* [`backup_enable`](#-postgresql--server--backup_enable) +* [`backup_options`](#-postgresql--server--backup_options) +* [`backup_provider`](#-postgresql--server--backup_provider) +* [`extra_systemd_config`](#-postgresql--server--extra_systemd_config) +* [`auth_host`](#-postgresql--server--auth_host) +* [`auth_local`](#-postgresql--server--auth_local) +* [`lc_messages`](#-postgresql--server--lc_messages) +* [`username`](#-postgresql--server--username) + +##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password. -Default value: ``undef`` +Default value: `undef` -##### `package_name` +##### `package_name` Data type: `String[1]` @@ -903,7 +903,7 @@ Specifies the name of the package to use for installing the server software. Default value: `$postgresql::params::server_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -911,7 +911,7 @@ Passes a value through to the package resource when creating the server instance Default value: `$postgresql::params::package_ensure` -##### `plperl_package_name` +##### `plperl_package_name` Data type: `Optional[String[1]]` @@ -919,7 +919,7 @@ Sets the default package name for the PL/Perl extension. Default value: `$postgresql::params::plperl_package_name` -##### `plpython_package_name` +##### `plpython_package_name` Data type: `Optional[String[1]]` @@ -927,7 +927,7 @@ Sets the default package name for the PL/Python extension. Default value: `$postgresql::params::plpython_package_name` -##### `service_ensure` +##### `service_ensure` Data type: `Variant[Enum['running', 'stopped'], Boolean]` @@ -935,7 +935,7 @@ Ensure service is installed Default value: `$postgresql::params::service_ensure` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -943,7 +943,7 @@ Enable the PostgreSQL service Default value: `$postgresql::params::service_enable` -##### `service_manage` +##### `service_manage` Data type: `Boolean` @@ -951,7 +951,7 @@ Defines whether or not Puppet should manage the service. Default value: `$postgresql::params::service_manage` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -959,7 +959,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::params::service_name` -##### `service_restart_on_change` +##### `service_restart_on_change` Data type: `Boolean` @@ -968,7 +968,7 @@ to become active. Default value: `$postgresql::params::service_restart_on_change` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` @@ -976,7 +976,7 @@ Overrides the default PostgreSQL service provider. Default value: `$postgresql::params::service_provider` -##### `service_reload` +##### `service_reload` Data type: `String[1]` @@ -984,7 +984,7 @@ Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::params::service_reload` -##### `service_status` +##### `service_status` Data type: `Optional[String[1]]` @@ -992,7 +992,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::params::service_status` -##### `default_database` +##### `default_database` Data type: `String[1]` @@ -1000,7 +1000,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::params::default_database` -##### `default_connect_settings` +##### `default_connect_settings` Data type: `Hash` @@ -1009,7 +1009,7 @@ postgresql::server::role. Default value: `$postgresql::globals::default_connect_settings` -##### `listen_addresses` +##### `listen_addresses` Data type: `Optional[Variant[String[1], Array[String[1]]]]` @@ -1017,7 +1017,7 @@ Address list on which the PostgreSQL service will listen Default value: `$postgresql::params::listen_addresses` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -1029,7 +1029,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::params::port` -##### `ip_mask_deny_postgres_user` +##### `ip_mask_deny_postgres_user` Data type: `String[1]` @@ -1038,7 +1038,7 @@ Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::params::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` Data type: `String[1]` @@ -1050,7 +1050,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::params::ip_mask_allow_all_users` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -1058,7 +1058,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::params::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -1066,7 +1066,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::params::ipv6acls` -##### `initdb_path` +##### `initdb_path` Data type: `Stdlib::Absolutepath` @@ -1074,7 +1074,7 @@ Specifies the path to the initdb command. Default value: `$postgresql::params::initdb_path` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -1082,7 +1082,7 @@ Specifies the path to the psql command. Default value: `$postgresql::params::psql_path` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Stdlib::Absolutepath` @@ -1090,7 +1090,7 @@ Specifies the path to your pg_hba.conf file. Default value: `$postgresql::params::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Stdlib::Absolutepath` @@ -1098,7 +1098,7 @@ Specifies the path to your pg_ident.conf file. Default value: `$postgresql::params::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Stdlib::Absolutepath` @@ -1106,7 +1106,7 @@ Specifies the path to your postgresql.conf file. Default value: `$postgresql::params::postgresql_conf_path` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` @@ -1114,7 +1114,7 @@ Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_c Default value: `$postgresql::params::postgresql_conf_mode` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Stdlib::Absolutepath` @@ -1122,7 +1122,7 @@ Specifies the path to your recovery.conf file. Default value: `$postgresql::params::recovery_conf_path` -##### `datadir` +##### `datadir` Data type: `Stdlib::Absolutepath` @@ -1130,7 +1130,7 @@ PostgreSQL data directory Default value: `$postgresql::params::datadir` -##### `xlogdir` +##### `xlogdir` Data type: `Optional[Stdlib::Absolutepath]` @@ -1138,7 +1138,7 @@ PostgreSQL xlog directory Default value: `$postgresql::params::xlogdir` -##### `logdir` +##### `logdir` Data type: `Optional[Stdlib::Absolutepath]` @@ -1146,7 +1146,7 @@ PostgreSQL log directory Default value: `$postgresql::params::logdir` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` @@ -1154,7 +1154,7 @@ PostgreSQL log line prefix Default value: `$postgresql::params::log_line_prefix` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Boolean` @@ -1164,7 +1164,7 @@ basic psql operations for example. Default value: `$postgresql::params::pg_hba_conf_defaults` -##### `user` +##### `user` Data type: `String[1]` @@ -1172,7 +1172,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::params::user` -##### `group` +##### `group` Data type: `String[1]` @@ -1180,7 +1180,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::params::group` -##### `needs_initdb` +##### `needs_initdb` Data type: `Boolean` @@ -1188,7 +1188,7 @@ Explicitly calls the initdb operation after server package is installed, and bef Default value: `$postgresql::params::needs_initdb` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1197,7 +1197,7 @@ template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::params::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1206,7 +1206,7 @@ template1 initialization as well, so it becomes a default outside of the module. Default value: `$postgresql::params::locale` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` @@ -1216,7 +1216,7 @@ If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::params::data_checksums` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` @@ -1224,7 +1224,7 @@ Set timezone for the PostgreSQL instance Default value: `$postgresql::params::timezone` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Boolean` @@ -1232,7 +1232,7 @@ Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::params::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Boolean` @@ -1240,7 +1240,7 @@ Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::params::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Boolean` @@ -1248,7 +1248,7 @@ Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::params::manage_recovery_conf` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Boolean` @@ -1258,7 +1258,7 @@ postgresql::server::config_entry. Default value: `$postgresql::params::manage_postgresql_conf_perms` -##### `manage_selinux` +##### `manage_selinux` Data type: `Boolean` @@ -1266,7 +1266,7 @@ Specifies whether or not manage the conf file for selinux. Default value: `$postgresql::params::manage_selinux` -##### `module_workdir` +##### `module_workdir` Data type: `Stdlib::Absolutepath` @@ -1274,7 +1274,7 @@ Working directory for the PostgreSQL module Default value: `$postgresql::params::module_workdir` -##### `manage_datadir` +##### `manage_datadir` Data type: `Boolean` @@ -1282,7 +1282,7 @@ Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::params::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` Data type: `Boolean` @@ -1290,7 +1290,7 @@ Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::params::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Boolean` @@ -1298,7 +1298,7 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::params::manage_xlogdir` -##### `password_encryption` +##### `password_encryption` Data type: `Optional[Postgresql::Pg_password_encryption]` @@ -1306,7 +1306,7 @@ Specify the type of encryption set for the password. Default value: `$postgresql::params::password_encryption` -##### `roles` +##### `roles` Data type: `Hash[String, Hash]` @@ -1314,7 +1314,7 @@ Specifies a hash from which to generate postgresql::server::role resources. Default value: `{}` -##### `config_entries` +##### `config_entries` Data type: `Hash[String, Any]` @@ -1322,7 +1322,7 @@ Specifies a hash from which to generate postgresql::server::config_entry resourc Default value: `{}` -##### `pg_hba_rules` +##### `pg_hba_rules` Data type: `Postgresql::Pg_hba_rules` @@ -1330,7 +1330,7 @@ Specifies a hash from which to generate postgresql::server::pg_hba_rule resource Default value: `{}` -##### `backup_enable` +##### `backup_enable` Data type: `Boolean` @@ -1338,7 +1338,7 @@ Whether a backup job should be enabled. Default value: `$postgresql::params::backup_enable` -##### `backup_options` +##### `backup_options` Data type: `Hash` @@ -1346,7 +1346,7 @@ A hash of options that should be passed through to the backup provider. Default value: `{}` -##### `backup_provider` +##### `backup_provider` Data type: `Enum['pg_dump']` @@ -1354,7 +1354,7 @@ Specifies the backup provider to use. Default value: `$postgresql::params::backup_provider` -##### `extra_systemd_config` +##### `extra_systemd_config` Data type: `Optional[String]` @@ -1362,39 +1362,39 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::params::extra_systemd_config` -##### `auth_host` +##### `auth_host` Data type: `Optional[String[1]]` auth method used by default for host authorization -Default value: ``undef`` +Default value: `undef` -##### `auth_local` +##### `auth_local` Data type: `Optional[String[1]]` auth method used by default for local authorization -Default value: ``undef`` +Default value: `undef` -##### `lc_messages` +##### `lc_messages` Data type: `Optional[String[1]]` locale used for logging and system messages -Default value: ``undef`` +Default value: `undef` -##### `username` +##### `username` Data type: `Optional[String[1]]` username of user running the postgres instance -Default value: ``undef`` +Default value: `undef` -### `postgresql::server::contrib` +### `postgresql::server::contrib` Install the contrib postgresql packaging. @@ -1402,10 +1402,10 @@ Install the contrib postgresql packaging. The following parameters are available in the `postgresql::server::contrib` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--server--contrib--package_name) +* [`package_ensure`](#-postgresql--server--contrib--package_ensure) -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1413,7 +1413,7 @@ The name of the PostgreSQL contrib package. Default value: `$postgresql::params::contrib_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1421,7 +1421,7 @@ Ensure the contrib package is installed. Default value: `'present'` -### `postgresql::server::plperl` +### `postgresql::server::plperl` This class installs the PL/Perl procedural language for postgresql. @@ -1429,10 +1429,10 @@ This class installs the PL/Perl procedural language for postgresql. The following parameters are available in the `postgresql::server::plperl` class: -* [`package_ensure`](#package_ensure) -* [`package_name`](#package_name) +* [`package_ensure`](#-postgresql--server--plperl--package_ensure) +* [`package_name`](#-postgresql--server--plperl--package_name) -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1440,7 +1440,7 @@ The ensure parameter passed on to PostgreSQL PL/Perl package resource. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1448,7 +1448,7 @@ The name of the PostgreSQL PL/Perl package. Default value: `$postgresql::server::plperl_package_name` -### `postgresql::server::plpython` +### `postgresql::server::plpython` This class installs the PL/Python procedural language for postgresql. @@ -1456,10 +1456,10 @@ This class installs the PL/Python procedural language for postgresql. The following parameters are available in the `postgresql::server::plpython` class: -* [`package_ensure`](#package_ensure) -* [`package_name`](#package_name) +* [`package_ensure`](#-postgresql--server--plpython--package_ensure) +* [`package_name`](#-postgresql--server--plpython--package_name) -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1467,7 +1467,7 @@ Specifies whether the package is present. Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` @@ -1475,7 +1475,7 @@ Specifies the name of the postgresql PL/Python package. Default value: `$postgresql::server::plpython_package_name` -### `postgresql::server::postgis` +### `postgresql::server::postgis` Install the postgis postgresql packaging. @@ -1483,10 +1483,10 @@ Install the postgis postgresql packaging. The following parameters are available in the `postgresql::server::postgis` class: -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) +* [`package_name`](#-postgresql--server--postgis--package_name) +* [`package_ensure`](#-postgresql--server--postgis--package_ensure) -##### `package_name` +##### `package_name` Data type: `String` @@ -1494,7 +1494,7 @@ Sets the package name. Default value: `$postgresql::params::postgis_package_name` -##### `package_ensure` +##### `package_ensure` Data type: `Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]` @@ -1504,7 +1504,7 @@ Default value: `'present'` ## Defined types -### `postgresql::server::config_entry` +### `postgresql::server::config_entry` Manage a postgresql.conf entry. @@ -1512,12 +1512,12 @@ Manage a postgresql.conf entry. The following parameters are available in the `postgresql::server::config_entry` defined type: -* [`ensure`](#ensure) -* [`key`](#key) -* [`value`](#value) -* [`path`](#path) +* [`ensure`](#-postgresql--server--config_entry--ensure) +* [`key`](#-postgresql--server--config_entry--key) +* [`value`](#-postgresql--server--config_entry--value) +* [`path`](#-postgresql--server--config_entry--path) -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1525,7 +1525,7 @@ Removes an entry if set to 'absent'. Default value: `'present'` -##### `key` +##### `key` Data type: `String[1]` @@ -1533,15 +1533,15 @@ Defines the key/name for the setting. Defaults to $name Default value: `$name` -##### `value` +##### `value` Data type: `Optional[Variant[String[1], Numeric, Array[String[1]]]]` Defines the value for the setting. -Default value: ``undef`` +Default value: `undef` -##### `path` +##### `path` Data type: `Stdlib::Absolutepath` @@ -1549,7 +1549,7 @@ Path for postgresql.conf Default value: `$postgresql::server::postgresql_conf_path` -### `postgresql::server::database` +### `postgresql::server::database` Define for creating a database. @@ -1557,30 +1557,30 @@ Define for creating a database. The following parameters are available in the `postgresql::server::database` defined type: -* [`comment`](#comment) -* [`dbname`](#dbname) -* [`owner`](#owner) -* [`tablespace`](#tablespace) -* [`template`](#template) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`istemplate`](#istemplate) -* [`connect_settings`](#connect_settings) -* [`psql_path`](#psql_path) -* [`default_db`](#default_db) -* [`user`](#user) -* [`group`](#group) -* [`port`](#port) - -##### `comment` +* [`comment`](#-postgresql--server--database--comment) +* [`dbname`](#-postgresql--server--database--dbname) +* [`owner`](#-postgresql--server--database--owner) +* [`tablespace`](#-postgresql--server--database--tablespace) +* [`template`](#-postgresql--server--database--template) +* [`encoding`](#-postgresql--server--database--encoding) +* [`locale`](#-postgresql--server--database--locale) +* [`istemplate`](#-postgresql--server--database--istemplate) +* [`connect_settings`](#-postgresql--server--database--connect_settings) +* [`psql_path`](#-postgresql--server--database--psql_path) +* [`default_db`](#-postgresql--server--database--default_db) +* [`user`](#-postgresql--server--database--user) +* [`group`](#-postgresql--server--database--group) +* [`port`](#-postgresql--server--database--port) + +##### `comment` Data type: `Optional[String[1]]` Sets a comment on the database. -Default value: ``undef`` +Default value: `undef` -##### `dbname` +##### `dbname` Data type: `String[1]` @@ -1588,23 +1588,23 @@ Sets the name of the database. Default value: `$title` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets name of the database owner. -Default value: ``undef`` +Default value: `undef` -##### `tablespace` +##### `tablespace` Data type: `Optional[String[1]]` Sets tablespace for where to create this database. -Default value: ``undef`` +Default value: `undef` -##### `template` +##### `template` Data type: `String[1]` @@ -1612,7 +1612,7 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1620,7 +1620,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1628,15 +1628,15 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `istemplate` +##### `istemplate` Data type: `Boolean` Defines the database as a template if set to true. -Default value: ``false`` +Default value: `false` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -1644,7 +1644,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -1652,7 +1652,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `default_db` +##### `default_db` Data type: `String[1]` @@ -1660,7 +1660,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::server::default_database` -##### `user` +##### `user` Data type: `String[1]` @@ -1668,7 +1668,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -1676,7 +1676,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -1684,7 +1684,7 @@ Specifies the port for the PostgreSQL server to listen on. Default value: `$postgresql::server::port` -### `postgresql::server::database_grant` +### `postgresql::server::database_grant` Manage a database grant. @@ -1692,51 +1692,51 @@ Manage a database grant. The following parameters are available in the `postgresql::server::database_grant` defined type: -* [`privilege`](#privilege) -* [`db`](#db) -* [`role`](#role) -* [`ensure`](#ensure) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`psql_group`](#psql_group) -* [`connect_settings`](#connect_settings) -* [`port`](#port) +* [`privilege`](#-postgresql--server--database_grant--privilege) +* [`db`](#-postgresql--server--database_grant--db) +* [`role`](#-postgresql--server--database_grant--role) +* [`ensure`](#-postgresql--server--database_grant--ensure) +* [`psql_db`](#-postgresql--server--database_grant--psql_db) +* [`psql_user`](#-postgresql--server--database_grant--psql_user) +* [`psql_group`](#-postgresql--server--database_grant--psql_group) +* [`connect_settings`](#-postgresql--server--database_grant--connect_settings) +* [`port`](#-postgresql--server--database_grant--port) -##### `privilege` +##### `privilege` Data type: `Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp']` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'. -##### `db` +##### `db` Data type: `String[1]` Specifies the database to which you are granting access. -##### `role` +##### `role` Data type: `String[1]` Specifies the role or user whom you are granting access to. -##### `ensure` +##### `ensure` Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later. -Default value: ``undef`` +Default value: `undef` -##### `psql_db` +##### `psql_db` Data type: `Optional[String[1]]` Defines the database to execute the grant against. This should not ordinarily be changed from the default -Default value: ``undef`` +Default value: `undef` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -1744,7 +1744,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -1752,23 +1752,23 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `connect_settings` +##### `connect_settings` -Data type: `Optional[Hash]` +Data type: `Hash` Specifies a hash of environment variables used when connecting to a remote server. -Default value: ``undef`` +Default value: `$postgresql::server::default_connect_settings` -##### `port` +##### `port` -Data type: `Optional[Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. -Default value: ``undef`` +Default value: `$postgresql::server::port` -### `postgresql::server::db` +### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correct permissions. @@ -1776,44 +1776,44 @@ Define for conveniently creating a role, database and assigning the correct perm The following parameters are available in the `postgresql::server::db` defined type: -* [`user`](#user) -* [`password`](#password) -* [`comment`](#comment) -* [`dbname`](#dbname) -* [`encoding`](#encoding) -* [`locale`](#locale) -* [`grant`](#grant) -* [`tablespace`](#tablespace) -* [`template`](#template) -* [`istemplate`](#istemplate) -* [`owner`](#owner) -* [`port`](#port) -* [`psql_user`](#psql_user) -* [`psql_group`](#psql_group) - -##### `user` +* [`user`](#-postgresql--server--db--user) +* [`password`](#-postgresql--server--db--password) +* [`comment`](#-postgresql--server--db--comment) +* [`dbname`](#-postgresql--server--db--dbname) +* [`encoding`](#-postgresql--server--db--encoding) +* [`locale`](#-postgresql--server--db--locale) +* [`grant`](#-postgresql--server--db--grant) +* [`tablespace`](#-postgresql--server--db--tablespace) +* [`template`](#-postgresql--server--db--template) +* [`istemplate`](#-postgresql--server--db--istemplate) +* [`owner`](#-postgresql--server--db--owner) +* [`port`](#-postgresql--server--db--port) +* [`psql_user`](#-postgresql--server--db--psql_user) +* [`psql_group`](#-postgresql--server--db--psql_group) + +##### `user` Data type: `String[1]` User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory. -##### `password` +##### `password` Data type: `Optional[Variant[String, Sensitive[String]]]` Sets the password for the created user (if a user is created). -Default value: ``undef`` +Default value: `undef` -##### `comment` +##### `comment` Data type: `Optional[String[1]]` Defines a comment to be stored about the database using the PostgreSQL COMMENT command. -Default value: ``undef`` +Default value: `undef` -##### `dbname` +##### `dbname` Data type: `String[1]` @@ -1821,7 +1821,7 @@ Sets the name of the database to be created. Default value: `$title` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -1829,7 +1829,7 @@ Overrides the character set during creation of the database. Default value: `$postgresql::server::encoding` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -1837,7 +1837,7 @@ Overrides the locale during creation of the database. Default value: `$postgresql::server::locale` -##### `grant` +##### `grant` Data type: `Variant[String[1], Array[String[1]]]` @@ -1845,15 +1845,15 @@ Specifies the permissions to grant during creation. Default value: 'ALL'. Default value: `'ALL'` -##### `tablespace` +##### `tablespace` Data type: `Optional[String[1]]` Defines the name of the tablespace to allocate the created database to. -Default value: ``undef`` +Default value: `undef` -##### `template` +##### `template` Data type: `String[1]` @@ -1861,31 +1861,31 @@ Specifies the name of the template database from which to build this database. D Default value: `'template0'` -##### `istemplate` +##### `istemplate` Data type: `Boolean` Specifies that the database is a template, if set to true. -Default value: ``false`` +Default value: `false` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets a user as the owner of the database. -Default value: ``undef`` +Default value: `undef` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Specifies the port where the PostgreSQL server is listening on. -Default value: ``undef`` +Default value: `undef` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -1893,7 +1893,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -1901,7 +1901,7 @@ Overrides the default PostgreSQL user group to be used for related files in the Default value: `$postgresql::server::group` -### `postgresql::server::default_privileges` +### `postgresql::server::default_privileges` Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. @@ -1909,29 +1909,29 @@ Manage a database defaults privileges. Only works with PostgreSQL version 9.6 an The following parameters are available in the `postgresql::server::default_privileges` defined type: -* [`target_role`](#target_role) -* [`ensure`](#ensure) -* [`role`](#role) -* [`db`](#db) -* [`object_type`](#object_type) -* [`privilege`](#privilege) -* [`schema`](#schema) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`psql_path`](#psql_path) -* [`port`](#port) -* [`connect_settings`](#connect_settings) -* [`group`](#group) - -##### `target_role` +* [`target_role`](#-postgresql--server--default_privileges--target_role) +* [`ensure`](#-postgresql--server--default_privileges--ensure) +* [`role`](#-postgresql--server--default_privileges--role) +* [`db`](#-postgresql--server--default_privileges--db) +* [`object_type`](#-postgresql--server--default_privileges--object_type) +* [`privilege`](#-postgresql--server--default_privileges--privilege) +* [`schema`](#-postgresql--server--default_privileges--schema) +* [`psql_db`](#-postgresql--server--default_privileges--psql_db) +* [`psql_user`](#-postgresql--server--default_privileges--psql_user) +* [`psql_path`](#-postgresql--server--default_privileges--psql_path) +* [`port`](#-postgresql--server--default_privileges--port) +* [`connect_settings`](#-postgresql--server--default_privileges--connect_settings) +* [`group`](#-postgresql--server--default_privileges--group) + +##### `target_role` Data type: `Optional[String]` Target role whose created objects will receive the default privileges. Defaults to the current user. -Default value: ``undef`` +Default value: `undef` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -1939,38 +1939,42 @@ Specifies whether to grant or revoke the privilege. Default value: `'present'` -##### `role` +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `object_type` +##### `object_type` + +Data type: -Data type: `Pattern[ +```puppet +Pattern[ /(?i:^FUNCTIONS$)/, /(?i:^ROUTINES$)/, /(?i:^SEQUENCES$)/, /(?i:^TABLES$)/, /(?i:^TYPES$)/, /(?i:^SCHEMAS$)/ - ]` + ] +``` Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'. -##### `privilege` +##### `privilege` Data type: `String` Specifies comma-separated list of privileges to grant. Valid options: depends on object type. -##### `schema` +##### `schema` Data type: `String` @@ -1978,7 +1982,7 @@ Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas. Default value: `'public'` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -1986,7 +1990,7 @@ Defines the database to execute the grant against. This should not ordinarily be Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -1994,7 +1998,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::user` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2002,7 +2006,7 @@ Specifies the OS user for running psql. Default value: The default user for the Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2010,7 +2014,7 @@ Specifies the port to access the server. Default value: The default user for the Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2018,7 +2022,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `group` +##### `group` Data type: `String` @@ -2026,7 +2030,7 @@ Specifies the user group to which the privileges will be granted. Default value: `$postgresql::server::group` -### `postgresql::server::extension` +### `postgresql::server::extension` Activate an extension on a postgresql database. @@ -2034,27 +2038,27 @@ Activate an extension on a postgresql database. The following parameters are available in the `postgresql::server::extension` defined type: -* [`database`](#database) -* [`extension`](#extension) -* [`schema`](#schema) -* [`version`](#version) -* [`ensure`](#ensure) -* [`package_name`](#package_name) -* [`package_ensure`](#package_ensure) -* [`port`](#port) -* [`connect_settings`](#connect_settings) -* [`database_resource_name`](#database_resource_name) -* [`psql_path`](#psql_path) -* [`user`](#user) -* [`group`](#group) - -##### `database` +* [`database`](#-postgresql--server--extension--database) +* [`extension`](#-postgresql--server--extension--extension) +* [`schema`](#-postgresql--server--extension--schema) +* [`version`](#-postgresql--server--extension--version) +* [`ensure`](#-postgresql--server--extension--ensure) +* [`package_name`](#-postgresql--server--extension--package_name) +* [`package_ensure`](#-postgresql--server--extension--package_ensure) +* [`port`](#-postgresql--server--extension--port) +* [`connect_settings`](#-postgresql--server--extension--connect_settings) +* [`database_resource_name`](#-postgresql--server--extension--database_resource_name) +* [`psql_path`](#-postgresql--server--extension--psql_path) +* [`user`](#-postgresql--server--extension--user) +* [`group`](#-postgresql--server--extension--group) + +##### `database` Data type: `String[1]` Specifies the database on which to activate the extension. -##### `extension` +##### `extension` Data type: `String[1]` @@ -2062,15 +2066,15 @@ Specifies the extension to activate. If left blank, uses the name of the resourc Default value: `$name` -##### `schema` +##### `schema` Data type: `Optional[String[1]]` Specifies the schema on which to activate the extension. -Default value: ``undef`` +Default value: `undef` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -2083,9 +2087,9 @@ eg. If extension is set to postgis and version is set to 2.3.3, this will apply this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged. -Default value: ``undef`` +Default value: `undef` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2093,32 +2097,32 @@ Specifies whether to activate or deactivate the extension. Valid options: 'prese Default value: `'present'` -##### `package_name` +##### `package_name` Data type: `Optional[String[1]]` Specifies a package to install prior to activating the extension. -Default value: ``undef`` +Default value: `undef` -##### `package_ensure` +##### `package_ensure` Data type: `Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]]` Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package. -Default value: ``undef`` +Default value: `undef` -##### `port` +##### `port` -Data type: `Optional[Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. -Default value: ``undef`` +Default value: `postgresql::default('port')` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2126,7 +2130,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `postgresql::default('default_connect_settings')` -##### `database_resource_name` +##### `database_resource_name` Data type: `String[1]` @@ -2134,7 +2138,7 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2142,7 +2146,7 @@ Specifies the path to the psql command. Default value: `postgresql::default('psql_path')` -##### `user` +##### `user` Data type: `String[1]` @@ -2150,7 +2154,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `postgresql::default('user')` -##### `group` +##### `group` Data type: `String[1]` @@ -2158,7 +2162,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `postgresql::default('group')` -### `postgresql::server::grant` +### `postgresql::server::grant` Define for granting permissions to roles. @@ -2166,34 +2170,34 @@ Define for granting permissions to roles. The following parameters are available in the `postgresql::server::grant` defined type: -* [`role`](#role) -* [`db`](#db) -* [`privilege`](#privilege) -* [`object_type`](#object_type) -* [`object_name`](#object_name) -* [`object_arguments`](#object_arguments) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`onlyif_exists`](#onlyif_exists) -* [`connect_settings`](#connect_settings) -* [`ensure`](#ensure) -* [`group`](#group) -* [`psql_path`](#psql_path) - -##### `role` +* [`role`](#-postgresql--server--grant--role) +* [`db`](#-postgresql--server--grant--db) +* [`privilege`](#-postgresql--server--grant--privilege) +* [`object_type`](#-postgresql--server--grant--object_type) +* [`object_name`](#-postgresql--server--grant--object_name) +* [`object_arguments`](#-postgresql--server--grant--object_arguments) +* [`psql_db`](#-postgresql--server--grant--psql_db) +* [`psql_user`](#-postgresql--server--grant--psql_user) +* [`port`](#-postgresql--server--grant--port) +* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists) +* [`connect_settings`](#-postgresql--server--grant--connect_settings) +* [`ensure`](#-postgresql--server--grant--ensure) +* [`group`](#-postgresql--server--grant--group) +* [`psql_path`](#-postgresql--server--grant--psql_path) + +##### `role` Data type: `String` Specifies the role or user whom you are granting access to. -##### `db` +##### `db` Data type: `String` Specifies the database to which you are granting access. -##### `privilege` +##### `privilege` Data type: `String` @@ -2201,9 +2205,12 @@ Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'obj Default value: `''` -##### `object_type` +##### `object_type` + +Data type: -Data type: `Pattern[#/(?i:^COLUMN$)/, +```puppet +Pattern[#/(?i:^COLUMN$)/, /(?i:^ALL SEQUENCES IN SCHEMA$)/, /(?i:^ALL TABLES IN SCHEMA$)/, /(?i:^DATABASE$)/, @@ -2217,23 +2224,24 @@ Data type: `Pattern[#/(?i:^COLUMN$)/, /(?i:^SCHEMA$)/, /(?i:^SEQUENCE$)/ #/(?i:^VIEW$)/ - ]` + ] +``` Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'. Default value: `'database'` -##### `object_name` +##### `object_name` Data type: `Optional[Variant[Array[String,2,2],String[1]]]` Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name'] -Default value: ``undef`` +Default value: `undef` -##### `object_arguments` +##### `object_arguments` Data type: `Array[String[1],0]` @@ -2241,7 +2249,7 @@ Specifies any arguments to be passed alongisde the access grant. Default value: `[]` -##### `psql_db` +##### `psql_db` Data type: `String` @@ -2249,7 +2257,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String` @@ -2257,23 +2265,23 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` -Data type: `Optional[Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. -Default value: ``undef`` +Default value: `$postgresql::server::port` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Boolean` Create grant only if doesn't exist -Default value: ``false`` +Default value: `false` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2281,7 +2289,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2289,7 +2297,7 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: `'present'` -##### `group` +##### `group` Data type: `String` @@ -2297,7 +2305,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2305,7 +2313,7 @@ Sets the path to psql command Default value: `$postgresql::server::psql_path` -### `postgresql::server::grant_role` +### `postgresql::server::grant_role` Define for granting membership to a role. @@ -2313,21 +2321,21 @@ Define for granting membership to a role. The following parameters are available in the `postgresql::server::grant_role` defined type: -* [`group`](#group) -* [`role`](#role) -* [`ensure`](#ensure) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`connect_settings`](#connect_settings) +* [`group`](#-postgresql--server--grant_role--group) +* [`role`](#-postgresql--server--grant_role--role) +* [`ensure`](#-postgresql--server--grant_role--ensure) +* [`psql_db`](#-postgresql--server--grant_role--psql_db) +* [`psql_user`](#-postgresql--server--grant_role--psql_user) +* [`port`](#-postgresql--server--grant_role--port) +* [`connect_settings`](#-postgresql--server--grant_role--connect_settings) -##### `group` +##### `group` Data type: `String[1]` Specifies the group role to which you are assigning a role. -##### `role` +##### `role` Data type: `String[1]` @@ -2335,7 +2343,7 @@ Specifies the role you want to assign to a group. If left blank, uses the name o Default value: `$name` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -2343,7 +2351,7 @@ Specifies whether to grant or revoke the membership. Valid options: 'present' or Default value: `'present'` -##### `psql_db` +##### `psql_db` Data type: `String[1]` @@ -2351,7 +2359,7 @@ Specifies the database to execute the grant against. This should not ordinarily Default value: `$postgresql::server::default_database` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -2359,7 +2367,7 @@ Sets the OS user to run psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2367,7 +2375,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -2375,7 +2383,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::instance::config` +### `postgresql::server::instance::config` Manages the config for a postgresql::server instance @@ -2383,35 +2391,35 @@ Manages the config for a postgresql::server instance The following parameters are available in the `postgresql::server::instance::config` defined type: -* [`ip_mask_deny_postgres_user`](#ip_mask_deny_postgres_user) -* [`ip_mask_allow_all_users`](#ip_mask_allow_all_users) -* [`listen_addresses`](#listen_addresses) -* [`port`](#port) -* [`ipv4acls`](#ipv4acls) -* [`ipv6acls`](#ipv6acls) -* [`pg_hba_conf_path`](#pg_hba_conf_path) -* [`pg_ident_conf_path`](#pg_ident_conf_path) -* [`postgresql_conf_path`](#postgresql_conf_path) -* [`postgresql_conf_mode`](#postgresql_conf_mode) -* [`recovery_conf_path`](#recovery_conf_path) -* [`pg_hba_conf_defaults`](#pg_hba_conf_defaults) -* [`user`](#user) -* [`group`](#group) -* [`version`](#version) -* [`manage_pg_hba_conf`](#manage_pg_hba_conf) -* [`manage_pg_ident_conf`](#manage_pg_ident_conf) -* [`manage_recovery_conf`](#manage_recovery_conf) -* [`manage_postgresql_conf_perms`](#manage_postgresql_conf_perms) -* [`datadir`](#datadir) -* [`logdir`](#logdir) -* [`service_name`](#service_name) -* [`service_enable`](#service_enable) -* [`log_line_prefix`](#log_line_prefix) -* [`timezone`](#timezone) -* [`password_encryption`](#password_encryption) -* [`extra_systemd_config`](#extra_systemd_config) - -##### `ip_mask_deny_postgres_user` +* [`ip_mask_deny_postgres_user`](#-postgresql--server--instance--config--ip_mask_deny_postgres_user) +* [`ip_mask_allow_all_users`](#-postgresql--server--instance--config--ip_mask_allow_all_users) +* [`listen_addresses`](#-postgresql--server--instance--config--listen_addresses) +* [`port`](#-postgresql--server--instance--config--port) +* [`ipv4acls`](#-postgresql--server--instance--config--ipv4acls) +* [`ipv6acls`](#-postgresql--server--instance--config--ipv6acls) +* [`pg_hba_conf_path`](#-postgresql--server--instance--config--pg_hba_conf_path) +* [`pg_ident_conf_path`](#-postgresql--server--instance--config--pg_ident_conf_path) +* [`postgresql_conf_path`](#-postgresql--server--instance--config--postgresql_conf_path) +* [`postgresql_conf_mode`](#-postgresql--server--instance--config--postgresql_conf_mode) +* [`recovery_conf_path`](#-postgresql--server--instance--config--recovery_conf_path) +* [`pg_hba_conf_defaults`](#-postgresql--server--instance--config--pg_hba_conf_defaults) +* [`user`](#-postgresql--server--instance--config--user) +* [`group`](#-postgresql--server--instance--config--group) +* [`version`](#-postgresql--server--instance--config--version) +* [`manage_pg_hba_conf`](#-postgresql--server--instance--config--manage_pg_hba_conf) +* [`manage_pg_ident_conf`](#-postgresql--server--instance--config--manage_pg_ident_conf) +* [`manage_recovery_conf`](#-postgresql--server--instance--config--manage_recovery_conf) +* [`manage_postgresql_conf_perms`](#-postgresql--server--instance--config--manage_postgresql_conf_perms) +* [`datadir`](#-postgresql--server--instance--config--datadir) +* [`logdir`](#-postgresql--server--instance--config--logdir) +* [`service_name`](#-postgresql--server--instance--config--service_name) +* [`service_enable`](#-postgresql--server--instance--config--service_enable) +* [`log_line_prefix`](#-postgresql--server--instance--config--log_line_prefix) +* [`timezone`](#-postgresql--server--instance--config--timezone) +* [`password_encryption`](#-postgresql--server--instance--config--password_encryption) +* [`extra_systemd_config`](#-postgresql--server--instance--config--extra_systemd_config) + +##### `ip_mask_deny_postgres_user` Data type: `String[1]` @@ -2420,7 +2428,7 @@ Default value: '0.0.0.0/0', which denies any remote connection. Default value: `$postgresql::server::ip_mask_deny_postgres_user` -##### `ip_mask_allow_all_users` +##### `ip_mask_allow_all_users` Data type: `String[1]` @@ -2432,7 +2440,7 @@ Default value: '127.0.0.1/32'. Default value: `$postgresql::server::ip_mask_allow_all_users` -##### `listen_addresses` +##### `listen_addresses` Data type: `Optional[Variant[String[1], Array[String[1]]]]` @@ -2440,7 +2448,7 @@ Address list on which the PostgreSQL service will listen Default value: `$postgresql::server::listen_addresses` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2451,7 +2459,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` -##### `ipv4acls` +##### `ipv4acls` Data type: `Array[String[1]]` @@ -2459,7 +2467,7 @@ Lists strings for access control for connection method, users, databases, IPv4 a Default value: `$postgresql::server::ipv4acls` -##### `ipv6acls` +##### `ipv6acls` Data type: `Array[String[1]]` @@ -2467,7 +2475,7 @@ Lists strings for access control for connection method, users, databases, IPv6 a Default value: `$postgresql::server::ipv6acls` -##### `pg_hba_conf_path` +##### `pg_hba_conf_path` Data type: `Stdlib::Absolutepath` @@ -2475,7 +2483,7 @@ Specifies the path to your pg_hba.conf file. Default value: `$postgresql::server::pg_hba_conf_path` -##### `pg_ident_conf_path` +##### `pg_ident_conf_path` Data type: `Stdlib::Absolutepath` @@ -2483,7 +2491,7 @@ Specifies the path to your pg_ident.conf file. Default value: `$postgresql::server::pg_ident_conf_path` -##### `postgresql_conf_path` +##### `postgresql_conf_path` Data type: `Stdlib::Absolutepath` @@ -2491,7 +2499,7 @@ Specifies the path to your postgresql.conf file. Default value: `$postgresql::server::postgresql_conf_path` -##### `postgresql_conf_mode` +##### `postgresql_conf_mode` Data type: `Optional[Stdlib::Filemode]` @@ -2499,7 +2507,7 @@ Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_c Default value: `$postgresql::server::postgresql_conf_mode` -##### `recovery_conf_path` +##### `recovery_conf_path` Data type: `Stdlib::Absolutepath` @@ -2507,7 +2515,7 @@ Specifies the path to your recovery.conf file. Default value: `$postgresql::server::recovery_conf_path` -##### `pg_hba_conf_defaults` +##### `pg_hba_conf_defaults` Data type: `Boolean` @@ -2517,7 +2525,7 @@ basic psql operations for example. Default value: `$postgresql::server::pg_hba_conf_defaults` -##### `user` +##### `user` Data type: `String[1]` @@ -2525,7 +2533,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2533,7 +2541,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `version` +##### `version` Data type: `Optional[String[1]]` @@ -2541,7 +2549,7 @@ Sets PostgreSQL version Default value: `$postgresql::server::_version` -##### `manage_pg_hba_conf` +##### `manage_pg_hba_conf` Data type: `Boolean` @@ -2549,7 +2557,7 @@ Boolean. Whether to manage the pg_hba.conf. Default value: `$postgresql::server::manage_pg_hba_conf` -##### `manage_pg_ident_conf` +##### `manage_pg_ident_conf` Data type: `Boolean` @@ -2557,7 +2565,7 @@ Boolean. Overwrites the pg_ident.conf file. Default value: `$postgresql::server::manage_pg_ident_conf` -##### `manage_recovery_conf` +##### `manage_recovery_conf` Data type: `Boolean` @@ -2565,7 +2573,7 @@ Boolean. Specifies whether or not manage the recovery.conf. Default value: `$postgresql::server::manage_recovery_conf` -##### `manage_postgresql_conf_perms` +##### `manage_postgresql_conf_perms` Data type: `Boolean` @@ -2575,7 +2583,7 @@ postgresql::server::config_entry. Default value: `$postgresql::server::manage_postgresql_conf_perms` -##### `datadir` +##### `datadir` Data type: `Stdlib::Absolutepath` @@ -2583,7 +2591,7 @@ PostgreSQL data directory Default value: `$postgresql::server::datadir` -##### `logdir` +##### `logdir` Data type: `Optional[Stdlib::Absolutepath]` @@ -2591,7 +2599,7 @@ PostgreSQL log directory Default value: `$postgresql::server::logdir` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -2599,7 +2607,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::server::service_name` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -2607,7 +2615,7 @@ Enable the PostgreSQL service Default value: `$postgresql::server::service_enable` -##### `log_line_prefix` +##### `log_line_prefix` Data type: `Optional[String[1]]` @@ -2615,7 +2623,7 @@ PostgreSQL log line prefix Default value: `$postgresql::server::log_line_prefix` -##### `timezone` +##### `timezone` Data type: `Optional[String[1]]` @@ -2623,7 +2631,7 @@ Set timezone for the PostgreSQL instance Default value: `$postgresql::server::timezone` -##### `password_encryption` +##### `password_encryption` Data type: `Optional[Postgresql::Pg_password_encryption]` @@ -2631,7 +2639,7 @@ Specify the type of encryption set for the password. Default value: `$postgresql::server::password_encryption` -##### `extra_systemd_config` +##### `extra_systemd_config` Data type: `Optional[String]` @@ -2639,7 +2647,7 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::server::extra_systemd_config` -### `postgresql::server::instance::initdb` +### `postgresql::server::instance::initdb` Manages initdb feature for a postgresql::server instance @@ -2647,26 +2655,26 @@ Manages initdb feature for a postgresql::server instance The following parameters are available in the `postgresql::server::instance::initdb` defined type: -* [`auth_host`](#auth_host) -* [`auth_local`](#auth_local) -* [`data_checksums`](#data_checksums) -* [`datadir`](#datadir) -* [`encoding`](#encoding) -* [`group`](#group) -* [`initdb_path`](#initdb_path) -* [`lc_messages`](#lc_messages) -* [`locale`](#locale) -* [`logdir`](#logdir) -* [`manage_datadir`](#manage_datadir) -* [`manage_logdir`](#manage_logdir) -* [`manage_xlogdir`](#manage_xlogdir) -* [`module_workdir`](#module_workdir) -* [`needs_initdb`](#needs_initdb) -* [`user`](#user) -* [`username`](#username) -* [`xlogdir`](#xlogdir) - -##### `auth_host` +* [`auth_host`](#-postgresql--server--instance--initdb--auth_host) +* [`auth_local`](#-postgresql--server--instance--initdb--auth_local) +* [`data_checksums`](#-postgresql--server--instance--initdb--data_checksums) +* [`datadir`](#-postgresql--server--instance--initdb--datadir) +* [`encoding`](#-postgresql--server--instance--initdb--encoding) +* [`group`](#-postgresql--server--instance--initdb--group) +* [`initdb_path`](#-postgresql--server--instance--initdb--initdb_path) +* [`lc_messages`](#-postgresql--server--instance--initdb--lc_messages) +* [`locale`](#-postgresql--server--instance--initdb--locale) +* [`logdir`](#-postgresql--server--instance--initdb--logdir) +* [`manage_datadir`](#-postgresql--server--instance--initdb--manage_datadir) +* [`manage_logdir`](#-postgresql--server--instance--initdb--manage_logdir) +* [`manage_xlogdir`](#-postgresql--server--instance--initdb--manage_xlogdir) +* [`module_workdir`](#-postgresql--server--instance--initdb--module_workdir) +* [`needs_initdb`](#-postgresql--server--instance--initdb--needs_initdb) +* [`user`](#-postgresql--server--instance--initdb--user) +* [`username`](#-postgresql--server--instance--initdb--username) +* [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) + +##### `auth_host` Data type: `Optional[String[1]]` @@ -2674,7 +2682,7 @@ auth method used by default for host authorization Default value: `$postgresql::server::auth_host` -##### `auth_local` +##### `auth_local` Data type: `Optional[String[1]]` @@ -2682,7 +2690,7 @@ auth method used by default for local authorization Default value: `$postgresql::server::auth_local` -##### `data_checksums` +##### `data_checksums` Data type: `Optional[Boolean]` @@ -2690,7 +2698,7 @@ Boolean. Use checksums on data pages to help detect corruption by the I/O system Default value: `$postgresql::server::data_checksums` -##### `datadir` +##### `datadir` Data type: `Stdlib::Absolutepath` @@ -2698,7 +2706,7 @@ PostgreSQL data directory Default value: `$postgresql::server::datadir` -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -2708,7 +2716,7 @@ so it becomes a default outside of the module as well. Default value: `$postgresql::server::encoding` -##### `group` +##### `group` Data type: `String[1]` @@ -2716,7 +2724,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `initdb_path` +##### `initdb_path` Data type: `Stdlib::Absolutepath` @@ -2724,7 +2732,7 @@ Specifies the path to the initdb command. Default value: `$postgresql::server::initdb_path` -##### `lc_messages` +##### `lc_messages` Data type: `Optional[String[1]]` @@ -2732,7 +2740,7 @@ locale used for logging and system messages Default value: `$postgresql::server::lc_messages` -##### `locale` +##### `locale` Data type: `Optional[String[1]]` @@ -2743,7 +2751,7 @@ If set, checksums are calculated for all objects, in all databases. Default value: `$postgresql::server::locale` -##### `logdir` +##### `logdir` Data type: `Optional[Stdlib::Absolutepath]` @@ -2751,7 +2759,7 @@ PostgreSQL log directory Default value: `$postgresql::server::logdir` -##### `manage_datadir` +##### `manage_datadir` Data type: `Boolean` @@ -2759,7 +2767,7 @@ Set to false if you have file{ $datadir: } already defined Default value: `$postgresql::server::manage_datadir` -##### `manage_logdir` +##### `manage_logdir` Data type: `Boolean` @@ -2767,7 +2775,7 @@ Set to false if you have file{ $logdir: } already defined Default value: `$postgresql::server::manage_logdir` -##### `manage_xlogdir` +##### `manage_xlogdir` Data type: `Boolean` @@ -2775,7 +2783,7 @@ Set to false if you have file{ $xlogdir: } already defined Default value: `$postgresql::server::manage_xlogdir` -##### `module_workdir` +##### `module_workdir` Data type: `Stdlib::Absolutepath` @@ -2783,7 +2791,7 @@ Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -##### `needs_initdb` +##### `needs_initdb` Data type: `Boolean` @@ -2792,7 +2800,7 @@ and before the PostgreSQL service is started. Default value: `$postgresql::server::needs_initdb` -##### `user` +##### `user` Data type: `String[1]` @@ -2800,7 +2808,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `username` +##### `username` Data type: `Optional[String[1]]` @@ -2808,7 +2816,7 @@ username of user running the postgres instance Default value: `$postgresql::server::username` -##### `xlogdir` +##### `xlogdir` Data type: `Optional[Stdlib::Absolutepath]` @@ -2816,7 +2824,7 @@ PostgreSQL xlog/WAL directory Default value: `$postgresql::server::xlogdir` -### `postgresql::server::instance::late_initdb` +### `postgresql::server::instance::late_initdb` Manage the default encoding when database initialization is managed by the package @@ -2824,14 +2832,14 @@ Manage the default encoding when database initialization is managed by the packa The following parameters are available in the `postgresql::server::instance::late_initdb` defined type: -* [`encoding`](#encoding) -* [`user`](#user) -* [`group`](#group) -* [`psql_path`](#psql_path) -* [`port`](#port) -* [`module_workdir`](#module_workdir) +* [`encoding`](#-postgresql--server--instance--late_initdb--encoding) +* [`user`](#-postgresql--server--instance--late_initdb--user) +* [`group`](#-postgresql--server--instance--late_initdb--group) +* [`psql_path`](#-postgresql--server--instance--late_initdb--psql_path) +* [`port`](#-postgresql--server--instance--late_initdb--port) +* [`module_workdir`](#-postgresql--server--instance--late_initdb--module_workdir) -##### `encoding` +##### `encoding` Data type: `Optional[String[1]]` @@ -2840,7 +2848,7 @@ template1 initialization, so it becomes a default outside of the module as well. Default value: `$postgresql::server::encoding` -##### `user` +##### `user` Data type: `String[1]` @@ -2848,7 +2856,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2856,7 +2864,7 @@ Overrides the default postgres user group to be used for related files in the fi Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2864,7 +2872,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2874,7 +2882,7 @@ changing the port causes the server to come to a full stop before being able to Default value: `$postgresql::server::port` -##### `module_workdir` +##### `module_workdir` Data type: `Stdlib::Absolutepath` @@ -2882,7 +2890,7 @@ Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -### `postgresql::server::instance::passwd` +### `postgresql::server::instance::passwd` Overrides the default PostgreSQL superuser @@ -2890,15 +2898,15 @@ Overrides the default PostgreSQL superuser The following parameters are available in the `postgresql::server::instance::passwd` defined type: -* [`user`](#user) -* [`group`](#group) -* [`psql_path`](#psql_path) -* [`port`](#port) -* [`database`](#database) -* [`module_workdir`](#module_workdir) -* [`postgres_password`](#postgres_password) +* [`user`](#-postgresql--server--instance--passwd--user) +* [`group`](#-postgresql--server--instance--passwd--group) +* [`psql_path`](#-postgresql--server--instance--passwd--psql_path) +* [`port`](#-postgresql--server--instance--passwd--port) +* [`database`](#-postgresql--server--instance--passwd--database) +* [`module_workdir`](#-postgresql--server--instance--passwd--module_workdir) +* [`postgres_password`](#-postgresql--server--instance--passwd--postgres_password) -##### `user` +##### `user` Data type: `String[1]` @@ -2906,7 +2914,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `group` +##### `group` Data type: `String[1]` @@ -2915,7 +2923,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2923,7 +2931,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -2933,7 +2941,7 @@ changing the port causes the server to come to a full stop before being able to Default value: `$postgresql::server::port` -##### `database` +##### `database` Data type: `String[1]` @@ -2941,7 +2949,7 @@ Specifies the name of the database to connect with. On most systems this is 'pos Default value: `$postgresql::server::default_database` -##### `module_workdir` +##### `module_workdir` Data type: `Stdlib::Absolutepath` @@ -2949,7 +2957,7 @@ Working directory for the PostgreSQL module Default value: `$postgresql::server::module_workdir` -##### `postgres_password` +##### `postgres_password` Data type: `Optional[Variant[String[1], Sensitive[String[1]], Integer]]` @@ -2958,7 +2966,7 @@ database, with a user called postgres and no password. Default value: `$postgresql::server::postgres_password` -### `postgresql::server::instance::reload` +### `postgresql::server::instance::reload` Overrides the default reload or status command for your PostgreSQL service @@ -2966,10 +2974,10 @@ Overrides the default reload or status command for your PostgreSQL service The following parameters are available in the `postgresql::server::instance::reload` defined type: -* [`service_reload`](#service_reload) -* [`service_status`](#service_status) +* [`service_reload`](#-postgresql--server--instance--reload--service_reload) +* [`service_status`](#-postgresql--server--instance--reload--service_status) -##### `service_reload` +##### `service_reload` Data type: `String[1]` @@ -2977,7 +2985,7 @@ Overrides the default reload command for your PostgreSQL service. Default value: `$postgresql::server::service_reload` -##### `service_status` +##### `service_status` Data type: `String[1]` @@ -2985,7 +2993,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::server::service_status` -### `postgresql::server::instance::service` +### `postgresql::server::instance::service` Manages the service for the postgres main instance (default) or additional instances @@ -2993,19 +3001,19 @@ Manages the service for the postgres main instance (default) or additional insta The following parameters are available in the `postgresql::server::instance::service` defined type: -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`service_manage`](#service_manage) -* [`service_name`](#service_name) -* [`service_provider`](#service_provider) -* [`service_status`](#service_status) -* [`user`](#user) -* [`port`](#port) -* [`default_database`](#default_database) -* [`psql_path`](#psql_path) -* [`connect_settings`](#connect_settings) +* [`service_ensure`](#-postgresql--server--instance--service--service_ensure) +* [`service_enable`](#-postgresql--server--instance--service--service_enable) +* [`service_manage`](#-postgresql--server--instance--service--service_manage) +* [`service_name`](#-postgresql--server--instance--service--service_name) +* [`service_provider`](#-postgresql--server--instance--service--service_provider) +* [`service_status`](#-postgresql--server--instance--service--service_status) +* [`user`](#-postgresql--server--instance--service--user) +* [`port`](#-postgresql--server--instance--service--port) +* [`default_database`](#-postgresql--server--instance--service--default_database) +* [`psql_path`](#-postgresql--server--instance--service--psql_path) +* [`connect_settings`](#-postgresql--server--instance--service--connect_settings) -##### `service_ensure` +##### `service_ensure` Data type: `Variant[Enum['running', 'stopped'], Boolean]` @@ -3013,7 +3021,7 @@ Ensure service is installed Default value: `$postgresql::server::service_ensure` -##### `service_enable` +##### `service_enable` Data type: `Boolean` @@ -3021,7 +3029,7 @@ Enable the PostgreSQL service Default value: `$postgresql::server::service_enable` -##### `service_manage` +##### `service_manage` Data type: `Boolean` @@ -3029,7 +3037,7 @@ Defines whether or not Puppet should manage the service. Default value: `$postgresql::server::service_manage` -##### `service_name` +##### `service_name` Data type: `String[1]` @@ -3037,7 +3045,7 @@ Overrides the default PostgreSQL service name. Default value: `$postgresql::server::service_name` -##### `service_provider` +##### `service_provider` Data type: `Optional[String[1]]` @@ -3045,7 +3053,7 @@ Overrides the default PostgreSQL service provider. Default value: `$postgresql::server::service_provider` -##### `service_status` +##### `service_status` Data type: `String[1]` @@ -3053,7 +3061,7 @@ Overrides the default status check command for your PostgreSQL service. Default value: `$postgresql::server::service_status` -##### `user` +##### `user` Data type: `String[1]` @@ -3061,7 +3069,7 @@ Overrides the default PostgreSQL super user and owner of PostgreSQL related file Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -3072,7 +3080,7 @@ Default value: 5432. Meaning the Postgres server listens on TCP port 5432. Default value: `$postgresql::server::port` -##### `default_database` +##### `default_database` Data type: `String[1]` @@ -3080,7 +3088,7 @@ Specifies the name of the default database to connect with. On most systems this Default value: `$postgresql::server::default_database` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -3088,7 +3096,7 @@ Specifies the path to the psql command. Default value: `$postgresql::server::psql_path` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3097,7 +3105,7 @@ such as postgresql::server::role. Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::pg_hba_rule` +### `postgresql::server::pg_hba_rule` This resource manages an individual rule that applies to the file defined in target. @@ -3105,43 +3113,43 @@ This resource manages an individual rule that applies to the file defined in tar The following parameters are available in the `postgresql::server::pg_hba_rule` defined type: -* [`type`](#type) -* [`database`](#database) -* [`user`](#user) -* [`auth_method`](#auth_method) -* [`address`](#address) -* [`description`](#description) -* [`auth_option`](#auth_option) -* [`order`](#order) -* [`target`](#target) -* [`postgresql_version`](#postgresql_version) +* [`type`](#-postgresql--server--pg_hba_rule--type) +* [`database`](#-postgresql--server--pg_hba_rule--database) +* [`user`](#-postgresql--server--pg_hba_rule--user) +* [`auth_method`](#-postgresql--server--pg_hba_rule--auth_method) +* [`address`](#-postgresql--server--pg_hba_rule--address) +* [`description`](#-postgresql--server--pg_hba_rule--description) +* [`auth_option`](#-postgresql--server--pg_hba_rule--auth_option) +* [`order`](#-postgresql--server--pg_hba_rule--order) +* [`target`](#-postgresql--server--pg_hba_rule--target) +* [`postgresql_version`](#-postgresql--server--pg_hba_rule--postgresql_version) -##### `type` +##### `type` Data type: `Postgresql::Pg_hba_rule_type` Sets the type of rule. -##### `database` +##### `database` Data type: `String[1]` Sets a comma-separated list of databases that this rule matches. -##### `user` +##### `user` Data type: `String[1]` Sets a comma-separated list of users that this rule matches. -##### `auth_method` +##### `auth_method` Data type: `String[1]` Provides the method that is used for authentication for the connection that this rule matches. Described further in the PostgreSQL pg_hba.conf documentation. -##### `address` +##### `address` Data type: `Optional[Postgresql::Pg_hba_rule_address]` @@ -3149,9 +3157,9 @@ Sets a address for this rule matching when the type is not 'local'. Value can either be IPv4 CIDR, IPv6 CIDR, a FQDN, the strings 'all', 'samehost' or 'samenet' or a domain either with or without starting dot (.) https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Default value: ``undef`` +Default value: `undef` -##### `description` +##### `description` Data type: `String[1]` @@ -3160,16 +3168,16 @@ Default value: 'none'. Default value: `'none'` -##### `auth_option` +##### `auth_option` Data type: `Optional[String]` For certain auth_method settings there are extra options that can be passed. Consult the PostgreSQL pg_hba.conf documentation for further details. -Default value: ``undef`` +Default value: `undef` -##### `order` +##### `order` Data type: `Variant[String, Integer]` @@ -3180,7 +3188,7 @@ Default value: 150. Default value: `150` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3188,7 +3196,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::pg_hba_conf_path` -##### `postgresql_version` +##### `postgresql_version` Data type: `String` @@ -3196,7 +3204,7 @@ Manages pg_hba.conf without managing the entire PostgreSQL instance. Default value: `$postgresql::server::_version` -### `postgresql::server::pg_ident_rule` +### `postgresql::server::pg_ident_rule` This resource manages an individual rule that applies to the file defined in target. @@ -3204,33 +3212,33 @@ This resource manages an individual rule that applies to the file defined in tar The following parameters are available in the `postgresql::server::pg_ident_rule` defined type: -* [`map_name`](#map_name) -* [`system_username`](#system_username) -* [`database_username`](#database_username) -* [`description`](#description) -* [`order`](#order) -* [`target`](#target) +* [`map_name`](#-postgresql--server--pg_ident_rule--map_name) +* [`system_username`](#-postgresql--server--pg_ident_rule--system_username) +* [`database_username`](#-postgresql--server--pg_ident_rule--database_username) +* [`description`](#-postgresql--server--pg_ident_rule--description) +* [`order`](#-postgresql--server--pg_ident_rule--order) +* [`target`](#-postgresql--server--pg_ident_rule--target) -##### `map_name` +##### `map_name` Data type: `String[1]` Sets the name of the user map that is used to refer to this mapping in pg_hba.conf. -##### `system_username` +##### `system_username` Data type: `String[1]` Specifies the operating system user name (the user name used to connect to the database). -##### `database_username` +##### `database_username` Data type: `String[1]` Specifies the user name of the database user. The system_username is mapped to this user name. -##### `description` +##### `description` Data type: `String[1]` @@ -3239,7 +3247,7 @@ This description is placed in the comments above the rule in pg_ident.conf. Default value: `'none'` -##### `order` +##### `order` Data type: `String[1]` @@ -3247,7 +3255,7 @@ Defines an order for placing the mapping in pg_ident.conf. Default value: 150. Default value: `'150'` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3255,7 +3263,7 @@ Provides the target for the rule and is generally an internal only property. Use Default value: `$postgresql::server::pg_ident_conf_path` -### `postgresql::server::reassign_owned_by` +### `postgresql::server::reassign_owned_by` Define for reassigning the ownership of objects within a database. @@ -3265,32 +3273,32 @@ Define for reassigning the ownership of objects within a database. The following parameters are available in the `postgresql::server::reassign_owned_by` defined type: -* [`old_role`](#old_role) -* [`new_role`](#new_role) -* [`db`](#db) -* [`psql_user`](#psql_user) -* [`port`](#port) -* [`connect_settings`](#connect_settings) +* [`old_role`](#-postgresql--server--reassign_owned_by--old_role) +* [`new_role`](#-postgresql--server--reassign_owned_by--new_role) +* [`db`](#-postgresql--server--reassign_owned_by--db) +* [`psql_user`](#-postgresql--server--reassign_owned_by--psql_user) +* [`port`](#-postgresql--server--reassign_owned_by--port) +* [`connect_settings`](#-postgresql--server--reassign_owned_by--connect_settings) -##### `old_role` +##### `old_role` Data type: `String` Specifies the role or user who is the current owner of the objects in the specified db -##### `new_role` +##### `new_role` Data type: `String` Specifies the role or user who will be the new owner of these objects -##### `db` +##### `db` Data type: `String` Specifies the database to which the 'REASSIGN OWNED' will be applied -##### `psql_user` +##### `psql_user` Data type: `String` @@ -3298,7 +3306,7 @@ Specifies the OS user for running psql. Default value: `$postgresql::server::user` -##### `port` +##### `port` Data type: `Stdlib::Port` @@ -3306,7 +3314,7 @@ Port to use when connecting. Default value: `$postgresql::server::port` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3314,7 +3322,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::recovery` +### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -3329,145 +3337,145 @@ manage_recovery_conf is set to true. The following parameters are available in the `postgresql::server::recovery` defined type: -* [`restore_command`](#restore_command) -* [`archive_cleanup_command`](#archive_cleanup_command) -* [`recovery_end_command`](#recovery_end_command) -* [`recovery_target_name`](#recovery_target_name) -* [`recovery_target_time`](#recovery_target_time) -* [`recovery_target_xid`](#recovery_target_xid) -* [`recovery_target_inclusive`](#recovery_target_inclusive) -* [`recovery_target`](#recovery_target) -* [`recovery_target_timeline`](#recovery_target_timeline) -* [`pause_at_recovery_target`](#pause_at_recovery_target) -* [`standby_mode`](#standby_mode) -* [`primary_conninfo`](#primary_conninfo) -* [`primary_slot_name`](#primary_slot_name) -* [`trigger_file`](#trigger_file) -* [`recovery_min_apply_delay`](#recovery_min_apply_delay) -* [`target`](#target) - -##### `restore_command` +* [`restore_command`](#-postgresql--server--recovery--restore_command) +* [`archive_cleanup_command`](#-postgresql--server--recovery--archive_cleanup_command) +* [`recovery_end_command`](#-postgresql--server--recovery--recovery_end_command) +* [`recovery_target_name`](#-postgresql--server--recovery--recovery_target_name) +* [`recovery_target_time`](#-postgresql--server--recovery--recovery_target_time) +* [`recovery_target_xid`](#-postgresql--server--recovery--recovery_target_xid) +* [`recovery_target_inclusive`](#-postgresql--server--recovery--recovery_target_inclusive) +* [`recovery_target`](#-postgresql--server--recovery--recovery_target) +* [`recovery_target_timeline`](#-postgresql--server--recovery--recovery_target_timeline) +* [`pause_at_recovery_target`](#-postgresql--server--recovery--pause_at_recovery_target) +* [`standby_mode`](#-postgresql--server--recovery--standby_mode) +* [`primary_conninfo`](#-postgresql--server--recovery--primary_conninfo) +* [`primary_slot_name`](#-postgresql--server--recovery--primary_slot_name) +* [`trigger_file`](#-postgresql--server--recovery--trigger_file) +* [`recovery_min_apply_delay`](#-postgresql--server--recovery--recovery_min_apply_delay) +* [`target`](#-postgresql--server--recovery--target) + +##### `restore_command` Data type: `Optional[String]` The shell command to execute to retrieve an archived segment of the WAL file series. -Default value: ``undef`` +Default value: `undef` -##### `archive_cleanup_command` +##### `archive_cleanup_command` Data type: `Optional[String[1]]` This optional parameter specifies a shell command that will be executed at every restartpoint. -Default value: ``undef`` +Default value: `undef` -##### `recovery_end_command` +##### `recovery_end_command` Data type: `Optional[String[1]]` This parameter specifies a shell command that will be executed once only at the end of recovery. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_name` +##### `recovery_target_name` Data type: `Optional[String[1]]` This parameter specifies the named restore point (created with pg_create_restore_point()) to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_time` +##### `recovery_target_time` Data type: `Optional[String[1]]` This parameter specifies the time stamp up to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_xid` +##### `recovery_target_xid` Data type: `Optional[String[1]]` This parameter specifies the transaction ID up to which recovery will proceed. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_inclusive` +##### `recovery_target_inclusive` Data type: `Optional[Boolean]` Specifies whether to stop just after the specified recovery target (true), or just before the recovery target (false). -Default value: ``undef`` +Default value: `undef` -##### `recovery_target` +##### `recovery_target` Data type: `Optional[String[1]]` This parameter specifies that recovery should end as soon as a consistent state is reached, i.e. as early as possible. -Default value: ``undef`` +Default value: `undef` -##### `recovery_target_timeline` +##### `recovery_target_timeline` Data type: `Optional[String[1]]` Specifies recovering into a particular timeline. -Default value: ``undef`` +Default value: `undef` -##### `pause_at_recovery_target` +##### `pause_at_recovery_target` Data type: `Optional[Boolean]` Specifies whether recovery should pause when the recovery target is reached. -Default value: ``undef`` +Default value: `undef` -##### `standby_mode` +##### `standby_mode` Data type: `Optional[String[1]]` Specifies whether to start the PostgreSQL server as a standby. -Default value: ``undef`` +Default value: `undef` -##### `primary_conninfo` +##### `primary_conninfo` Data type: `Optional[String[1]]` Specifies a connection string to be used for the standby server to connect with the primary. -Default value: ``undef`` +Default value: `undef` -##### `primary_slot_name` +##### `primary_slot_name` Data type: `Optional[String[1]]` Optionally specifies an existing replication slot to be used when connecting to the primary via streaming replication to control resource removal on the upstream node. -Default value: ``undef`` +Default value: `undef` -##### `trigger_file` +##### `trigger_file` Data type: `Optional[String[1]]` Specifies a trigger file whose presence ends recovery in the standby. -Default value: ``undef`` +Default value: `undef` -##### `recovery_min_apply_delay` +##### `recovery_min_apply_delay` Data type: `Optional[Integer]` This parameter allows you to delay recovery by a fixed period of time, measured in milliseconds if no unit is specified. -Default value: ``undef`` +Default value: `undef` -##### `target` +##### `target` Data type: `Stdlib::Absolutepath` @@ -3475,7 +3483,7 @@ Provides the target for the rule, and is generally an internal only property. Us Default value: `$postgresql::server::recovery_conf_path` -### `postgresql::server::role` +### `postgresql::server::role` Define for creating a database role. @@ -3483,60 +3491,60 @@ Define for creating a database role. The following parameters are available in the `postgresql::server::role` defined type: -* [`update_password`](#update_password) -* [`password_hash`](#password_hash) -* [`createdb`](#createdb) -* [`createrole`](#createrole) -* [`db`](#db) -* [`port`](#port) -* [`login`](#login) -* [`inherit`](#inherit) -* [`superuser`](#superuser) -* [`replication`](#replication) -* [`connection_limit`](#connection_limit) -* [`username`](#username) -* [`connect_settings`](#connect_settings) -* [`ensure`](#ensure) -* [`psql_user`](#psql_user) -* [`psql_group`](#psql_group) -* [`psql_path`](#psql_path) -* [`module_workdir`](#module_workdir) -* [`hash`](#hash) -* [`salt`](#salt) - -##### `update_password` +* [`update_password`](#-postgresql--server--role--update_password) +* [`password_hash`](#-postgresql--server--role--password_hash) +* [`createdb`](#-postgresql--server--role--createdb) +* [`createrole`](#-postgresql--server--role--createrole) +* [`db`](#-postgresql--server--role--db) +* [`port`](#-postgresql--server--role--port) +* [`login`](#-postgresql--server--role--login) +* [`inherit`](#-postgresql--server--role--inherit) +* [`superuser`](#-postgresql--server--role--superuser) +* [`replication`](#-postgresql--server--role--replication) +* [`connection_limit`](#-postgresql--server--role--connection_limit) +* [`username`](#-postgresql--server--role--username) +* [`connect_settings`](#-postgresql--server--role--connect_settings) +* [`ensure`](#-postgresql--server--role--ensure) +* [`psql_user`](#-postgresql--server--role--psql_user) +* [`psql_group`](#-postgresql--server--role--psql_group) +* [`psql_path`](#-postgresql--server--role--psql_path) +* [`module_workdir`](#-postgresql--server--role--module_workdir) +* [`hash`](#-postgresql--server--role--hash) +* [`salt`](#-postgresql--server--role--salt) + +##### `update_password` Data type: `Boolean` If set to true, updates the password on changes. Set this to false to not modify the role's password after creation. -Default value: ``true`` +Default value: `true` -##### `password_hash` +##### `password_hash` Data type: `Variant[Boolean, String, Sensitive[String]]` Sets the hash to use during password creation. -Default value: ``false`` +Default value: `false` -##### `createdb` +##### `createdb` Data type: `Boolean` Specifies whether to grant the ability to create new databases with this role. -Default value: ``false`` +Default value: `false` -##### `createrole` +##### `createrole` Data type: `Boolean` Specifies whether to grant the ability to create new roles with this role. -Default value: ``false`` +Default value: `false` -##### `db` +##### `db` Data type: `String[1]` @@ -3544,47 +3552,47 @@ Database used to connect to. Default value: `$postgresql::server::default_database` -##### `port` +##### `port` -Data type: `Optional[Stdlib::Port]` +Data type: `Stdlib::Port` Port to use when connecting. -Default value: ``undef`` +Default value: `postgresql::default('port')` -##### `login` +##### `login` Data type: `Boolean` Specifies whether to grant login capability for the new role. -Default value: ``true`` +Default value: `true` -##### `inherit` +##### `inherit` Data type: `Boolean` Specifies whether to grant inherit capability for the new role. -Default value: ``true`` +Default value: `true` -##### `superuser` +##### `superuser` Data type: `Boolean` Specifies whether to grant super user capability for the new role. -Default value: ``false`` +Default value: `false` -##### `replication` +##### `replication` Data type: `Boolean` Provides provides replication capabilities for this role if set to true. -Default value: ``false`` +Default value: `false` -##### `connection_limit` +##### `connection_limit` Data type: `String[1]` @@ -3592,7 +3600,7 @@ Specifies how many concurrent connections the role can make. Default value: '-1' Default value: `'-1'` -##### `username` +##### `username` Data type: `String[1]` @@ -3600,7 +3608,7 @@ Defines the username of the role to create. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3608,7 +3616,7 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -##### `ensure` +##### `ensure` Data type: `Enum['present', 'absent']` @@ -3616,7 +3624,7 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: `'present'` -##### `psql_user` +##### `psql_user` Data type: `String[1]` @@ -3624,7 +3632,7 @@ Sets the OS user to run psql Default value: `$postgresql::server::user` -##### `psql_group` +##### `psql_group` Data type: `String[1]` @@ -3632,7 +3640,7 @@ Sets the OS group to run psql Default value: `$postgresql::server::group` -##### `psql_path` +##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -3640,7 +3648,7 @@ Sets path to psql command Default value: `$postgresql::server::psql_path` -##### `module_workdir` +##### `module_workdir` Data type: `String[1]` @@ -3649,23 +3657,23 @@ May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` -##### `hash` +##### `hash` Data type: `Optional[Enum['md5', 'scram-sha-256']]` Specify the hash method for pg password -Default value: ``undef`` +Default value: `undef` -##### `salt` +##### `salt` Data type: `Optional[Variant[String[1], Integer]]` Specify the salt use for the scram-sha-256 encoding password (default username) -Default value: ``undef`` +Default value: `undef` -### `postgresql::server::schema` +### `postgresql::server::schema` Create a new schema. @@ -3685,12 +3693,13 @@ postgresql::server::schema {'private': The following parameters are available in the `postgresql::server::schema` defined type: -* [`db`](#db) -* [`owner`](#owner) -* [`schema`](#schema) -* [`connect_settings`](#connect_settings) +* [`db`](#-postgresql--server--schema--db) +* [`owner`](#-postgresql--server--schema--owner) +* [`schema`](#-postgresql--server--schema--schema) +* [`connect_settings`](#-postgresql--server--schema--connect_settings) +* [`port`](#-postgresql--server--schema--port) -##### `db` +##### `db` Data type: `String[1]` @@ -3698,15 +3707,15 @@ Required. Sets the name of the database in which to create this schema. Default value: `$postgresql::server::default_database` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Sets the default owner of the schema. -Default value: ``undef`` +Default value: `undef` -##### `schema` +##### `schema` Data type: `String[1]` @@ -3714,7 +3723,7 @@ Sets the name of the schema. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3722,7 +3731,15 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` -### `postgresql::server::table_grant` +##### `port` + +Data type: `Stdlib::Port` + +the post the postgresql instance is listening on. + +Default value: `$postgresql::server::port` + +### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -3730,92 +3747,96 @@ This resource wraps the grant resource to manage table grants specifically. The following parameters are available in the `postgresql::server::table_grant` defined type: -* [`privilege`](#privilege) -* [`table`](#table) -* [`db`](#db) -* [`role`](#role) -* [`ensure`](#ensure) -* [`port`](#port) -* [`psql_db`](#psql_db) -* [`psql_user`](#psql_user) -* [`connect_settings`](#connect_settings) -* [`onlyif_exists`](#onlyif_exists) +* [`privilege`](#-postgresql--server--table_grant--privilege) +* [`table`](#-postgresql--server--table_grant--table) +* [`db`](#-postgresql--server--table_grant--db) +* [`role`](#-postgresql--server--table_grant--role) +* [`ensure`](#-postgresql--server--table_grant--ensure) +* [`port`](#-postgresql--server--table_grant--port) +* [`psql_db`](#-postgresql--server--table_grant--psql_db) +* [`psql_user`](#-postgresql--server--table_grant--psql_user) +* [`connect_settings`](#-postgresql--server--table_grant--connect_settings) +* [`onlyif_exists`](#-postgresql--server--table_grant--onlyif_exists) -##### `privilege` +##### `privilege` -Data type: `Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', - 'truncate', 'references', 'trigger']` +Data type: + +```puppet +Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', + 'truncate', 'references', 'trigger'] +``` Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER'. -##### `table` +##### `table` Data type: `String[1]` Specifies the table to which you are granting access. -##### `db` +##### `db` Data type: `String[1]` Specifies which database the table is in. -##### `role` +##### `role` Data type: `String[1]` Specifies the role or user to whom you are granting access. -##### `ensure` +##### `ensure` Data type: `Optional[Enum['present', 'absent']]` Specifies whether to grant or revoke the privilege. Default is to grant the privilege. -Default value: ``undef`` +Default value: `undef` -##### `port` +##### `port` Data type: `Optional[Stdlib::Port]` Port to use when connecting. -Default value: ``undef`` +Default value: `undef` -##### `psql_db` +##### `psql_db` Data type: `Optional[String[1]]` Specifies the database to execute the grant against. This should not ordinarily be changed from the default. -Default value: ``undef`` +Default value: `undef` -##### `psql_user` +##### `psql_user` Data type: `Optional[String[1]]` Specifies the OS user for running psql. -Default value: ``undef`` +Default value: `undef` -##### `connect_settings` +##### `connect_settings` Data type: `Optional[Hash]` Specifies a hash of environment variables used when connecting to a remote server. -Default value: ``undef`` +Default value: `undef` -##### `onlyif_exists` +##### `onlyif_exists` Data type: `Boolean` Create grant only if it doesn't exist. -Default value: ``false`` +Default value: `false` -### `postgresql::server::tablespace` +### `postgresql::server::tablespace` This module creates tablespace. @@ -3823,35 +3844,36 @@ This module creates tablespace. The following parameters are available in the `postgresql::server::tablespace` defined type: -* [`location`](#location) -* [`manage_location`](#manage_location) -* [`owner`](#owner) -* [`spcname`](#spcname) -* [`connect_settings`](#connect_settings) +* [`location`](#-postgresql--server--tablespace--location) +* [`manage_location`](#-postgresql--server--tablespace--manage_location) +* [`owner`](#-postgresql--server--tablespace--owner) +* [`spcname`](#-postgresql--server--tablespace--spcname) +* [`connect_settings`](#-postgresql--server--tablespace--connect_settings) +* [`port`](#-postgresql--server--tablespace--port) -##### `location` +##### `location` Data type: `String[1]` Specifies the path to locate this tablespace. -##### `manage_location` +##### `manage_location` Data type: `Boolean` Set to false if you have file{ $location: } already defined -Default value: ``true`` +Default value: `true` -##### `owner` +##### `owner` Data type: `Optional[String[1]]` Specifies the default owner of the tablespace. -Default value: ``undef`` +Default value: `undef` -##### `spcname` +##### `spcname` Data type: `String[1]` @@ -3859,7 +3881,7 @@ Specifies the name of the tablespace. Default value: `$title` -##### `connect_settings` +##### `connect_settings` Data type: `Hash` @@ -3867,6 +3889,14 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` +##### `port` + +Data type: `Stdlib::Port` + +the port of the postgresql instance that sould be used. + +Default value: `$postgresql::server::port` + ## Resource types ### `postgresql_conf` @@ -3897,10 +3927,10 @@ The value to set for this parameter. The following parameters are available in the `postgresql_conf` type. -* [`name`](#name) -* [`provider`](#provider) +* [`name`](#-postgresql_conf--name) +* [`provider`](#-postgresql_conf--provider) -##### `name` +##### `name` Valid values: `%r{^[\w.]+$}` @@ -3908,7 +3938,7 @@ namevar The postgresql parameter name to manage. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. @@ -3937,76 +3967,76 @@ Default value: `present` The following parameters are available in the `postgresql_conn_validator` type. -* [`command`](#command) -* [`connect_settings`](#connect_settings) -* [`db_name`](#db_name) -* [`db_password`](#db_password) -* [`db_username`](#db_username) -* [`host`](#host) -* [`name`](#name) -* [`port`](#port) -* [`provider`](#provider) -* [`psql_path`](#psql_path) -* [`run_as`](#run_as) -* [`sleep`](#sleep) -* [`tries`](#tries) - -##### `command` +* [`command`](#-postgresql_conn_validator--command) +* [`connect_settings`](#-postgresql_conn_validator--connect_settings) +* [`db_name`](#-postgresql_conn_validator--db_name) +* [`db_password`](#-postgresql_conn_validator--db_password) +* [`db_username`](#-postgresql_conn_validator--db_username) +* [`host`](#-postgresql_conn_validator--host) +* [`name`](#-postgresql_conn_validator--name) +* [`port`](#-postgresql_conn_validator--port) +* [`provider`](#-postgresql_conn_validator--provider) +* [`psql_path`](#-postgresql_conn_validator--psql_path) +* [`run_as`](#-postgresql_conn_validator--run_as) +* [`sleep`](#-postgresql_conn_validator--sleep) +* [`tries`](#-postgresql_conn_validator--tries) + +##### `command` Command to run against target database. Default value: `SELECT 1` -##### `connect_settings` +##### `connect_settings` Hash of environment variables for connection to a db. -##### `db_name` +##### `db_name` The name of the database you are trying to validate a connection with. -##### `db_password` +##### `db_password` The password required to access the target PostgreSQL database. -##### `db_username` +##### `db_username` A user that has access to the target PostgreSQL database. -##### `host` +##### `host` The DNS name or IP address of the server where PostgreSQL should be running. -##### `name` +##### `name` namevar An arbitrary name used as the identity of the resource. -##### `port` +##### `port` The port that the PostgreSQL server should be listening on. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_conn_validator` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_path` +##### `psql_path` Path to the psql command. -##### `run_as` +##### `run_as` System user that will run the psql command. -##### `sleep` +##### `sleep` The length of sleep time between connection tries. Default value: `2` -##### `tries` +##### `tries` The number of tries to validate the connection to the target PostgreSQL database. @@ -4028,104 +4058,104 @@ The SQL command to execute via psql. The following parameters are available in the `postgresql_psql` type. -* [`connect_settings`](#connect_settings) -* [`cwd`](#cwd) -* [`db`](#db) -* [`environment`](#environment) -* [`name`](#name) -* [`onlyif`](#onlyif) -* [`port`](#port) -* [`provider`](#provider) -* [`psql_group`](#psql_group) -* [`psql_path`](#psql_path) -* [`psql_user`](#psql_user) -* [`refreshonly`](#refreshonly) -* [`search_path`](#search_path) -* [`sensitive`](#sensitive) -* [`unless`](#unless) - -##### `connect_settings` +* [`connect_settings`](#-postgresql_psql--connect_settings) +* [`cwd`](#-postgresql_psql--cwd) +* [`db`](#-postgresql_psql--db) +* [`environment`](#-postgresql_psql--environment) +* [`name`](#-postgresql_psql--name) +* [`onlyif`](#-postgresql_psql--onlyif) +* [`port`](#-postgresql_psql--port) +* [`provider`](#-postgresql_psql--provider) +* [`psql_group`](#-postgresql_psql--psql_group) +* [`psql_path`](#-postgresql_psql--psql_path) +* [`psql_user`](#-postgresql_psql--psql_user) +* [`refreshonly`](#-postgresql_psql--refreshonly) +* [`search_path`](#-postgresql_psql--search_path) +* [`sensitive`](#-postgresql_psql--sensitive) +* [`unless`](#-postgresql_psql--unless) + +##### `connect_settings` Connection settings that will be used when connecting to postgres -##### `cwd` +##### `cwd` The working directory under which the psql command should be executed. Default value: `/tmp` -##### `db` +##### `db` The name of the database to execute the SQL command against, this overrides any PGDATABASE value in connect_settings -##### `environment` +##### `environment` Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. -##### `name` +##### `name` namevar An arbitrary tag for your own reference; the name of the message. -##### `onlyif` +##### `onlyif` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. -##### `port` +##### `port` The port of the database server to execute the SQL command against, this overrides any PGPORT value in connect_settings. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_psql` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. -##### `psql_group` +##### `psql_group` The system user group account under which the psql command should be executed. Default value: `postgres` -##### `psql_path` +##### `psql_path` The path to psql executable. Default value: `psql` -##### `psql_user` +##### `psql_user` The system user account under which the psql command should be executed. Default value: `postgres` -##### `refreshonly` +##### `refreshonly` -Valid values: ``true``, ``false`` +Valid values: `true`, `false` If 'true', then the SQL will only be executed via a notify/subscribe event. -Default value: ``false`` +Default value: `false` -##### `search_path` +##### `search_path` The schema search path to use when executing the SQL command -##### `sensitive` +##### `sensitive` -Valid values: ``true``, ``false`` +Valid values: `true`, `false` If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing through. -Default value: ``false`` +Default value: `false` -##### `unless` +##### `unless` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check @@ -4154,10 +4184,10 @@ Default value: `present` The following parameters are available in the `postgresql_replication_slot` type. -* [`name`](#name) -* [`provider`](#provider) +* [`name`](#-postgresql_replication_slot--name) +* [`provider`](#-postgresql_replication_slot--provider) -##### `name` +##### `name` Valid values: `%r{^[a-z0-9_]+$}` @@ -4165,14 +4195,14 @@ namevar The name of the slot to create. Must be a valid replication slot name. -##### `provider` +##### `provider` The specific backend to use for this `postgresql_replication_slot` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. ## Functions -### `postgresql::default` +### `postgresql::default` Type: Puppet Language @@ -4206,7 +4236,7 @@ Data type: `String` -### `postgresql::postgresql_escape` +### `postgresql::postgresql_escape` Type: Ruby 4.x API @@ -4224,7 +4254,7 @@ Data type: `String[1]` The unescaped string you want to escape using `dollar quoting` -### `postgresql::postgresql_password` +### `postgresql::postgresql_password` Type: Ruby 4.x API @@ -4266,7 +4296,7 @@ Data type: `Optional[Optional[Variant[String[1], Integer]]]` Use a specific salt value for scram-sha-256, default is username -### `postgresql::prepend_sql_password` +### `postgresql::prepend_sql_password` Type: Ruby 4.x API @@ -4322,7 +4352,7 @@ Data type: `Any` ## Data types -### `Postgresql::Pg_hba_rule` +### `Postgresql::Pg_hba_rule` type for all parameters in the postgresql::server::hba_rule defined resource @@ -4346,54 +4376,38 @@ Struct[{ }] ``` -### `Postgresql::Pg_hba_rule_address` +### `Postgresql::Pg_hba_rule_address` Supported address types * **See also** * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Alias of - -```puppet -Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Stdlib::Fqdn, Enum['all', 'samehost', 'samenet'], Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/]] -``` +Alias of `Variant[Stdlib::IP::Address::V4::CIDR, Stdlib::IP::Address::V6::CIDR, Stdlib::Fqdn, Enum['all', 'samehost', 'samenet'], Pattern[/^\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$/]]` -### `Postgresql::Pg_hba_rule_type` +### `Postgresql::Pg_hba_rule_type` enum for all different types for the pg_hba_conf * **See also** * https://www.postgresql.org/docs/current/auth-pg-hba-conf.html -Alias of - -```puppet -Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc'] -``` +Alias of `Enum['local', 'host', 'hostssl', 'hostnossl', 'hostgssenc', 'hostnogssenc']` -### `Postgresql::Pg_hba_rules` +### `Postgresql::Pg_hba_rules` validates a hash of entries for postgresql::server::pg_hab_conf * **See also** * https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/server/pg_hba_rule.pp -Alias of - -```puppet -Hash[String[1], Postgresql::Pg_hba_rule] -``` +Alias of `Hash[String[1], Postgresql::Pg_hba_rule]` -### `Postgresql::Pg_password_encryption` +### `Postgresql::Pg_password_encryption` the supported password_encryption -Alias of - -```puppet -Enum['md5', 'scram-sha-256'] -``` +Alias of `Enum['md5', 'scram-sha-256']` ## Tasks diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 27333bb91a..c48e01f805 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -30,20 +30,8 @@ String[1] $default_db = $postgresql::server::default_database, Stdlib::Port $port = $postgresql::server::port ) { - # If possible use the version of the remote database, otherwise - # fallback to our local DB version - if 'DBVERSION' in $connect_settings { - $version = $connect_settings['DBVERSION'] - } else { - $version = $postgresql::server::_version - } - - # If the connection settings do not contain a port, then use the local server port - if 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $port - } + $version = pick($connect_settings['DBVERSION'], $postgresql::server::_version) + $port_override = pick($connect_settings['PGPORT'], $port) # Set the defaults for the postgresql_psql resource Postgresql_psql { diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 18b196f590..3becf35975 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -16,9 +16,9 @@ Optional[Enum['present', 'absent']] $ensure = undef, Optional[String[1]] $psql_db = undef, String[1] $psql_user = $postgresql::server::user, - Optional[Hash] $connect_settings = undef, + Hash $connect_settings = $postgresql::server::default_connect_settings, String[1] $psql_group = $postgresql::server::group, - Optional[Stdlib::Port] $port = undef, + Stdlib::Port $port = $postgresql::server::port, ) { postgresql::server::grant { "database:${name}": ensure => $ensure, diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 096007a0a4..771c86cd58 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -35,13 +35,8 @@ Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Optional[String] $target_role = undef, ) { - # If possible use the version of the remote database, otherwise - # fallback to our local DB version - if 'DBVERSION' in $connect_settings { - $version = $connect_settings['DBVERSION'] - } else { - $version = $postgresql::server::_version - } + $version = pick($connect_settings['DBVERSION'],postgresql::default('version')) + $port_override = pick($connect_settings['PGPORT'], $port) if (versioncmp($version, '9.6') == -1) { fail 'Default_privileges is only useable with PostgreSQL >= 9.6' @@ -59,17 +54,6 @@ } } - # - # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # - if $port { - $port_override = $port - } elsif 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $postgresql::server::port - } - if $target_role { $_target_role = " FOR ROLE ${target_role}" $_check_target_role = "/${target_role}" diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 15be2b5761..79dfd3b126 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -32,7 +32,7 @@ Optional[String[1]] $version = undef, Enum['present', 'absent'] $ensure = 'present', Optional[String[1]] $package_name = undef, - Optional[Stdlib::Port] $port = undef, + Stdlib::Port $port = postgresql::default('port'), Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, String[1] $user = postgresql::default('user'), @@ -76,16 +76,7 @@ } } - # - # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # - if $port { - $port_override = $port - } elsif 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $postgresql::server::port - } + $port_override = pick($connect_settings['PGPORT'], $port) postgresql_psql { "${database}: ${command}": psql_user => $user, diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index fe1e9bf596..68591851bb 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -41,7 +41,7 @@ Array[String[1],0] $object_arguments = [], String $psql_db = $postgresql::server::default_database, String $psql_user = $postgresql::server::user, - Optional[Stdlib::Port] $port = undef, + Stdlib::Port $port = $postgresql::server::port, Boolean $onlyif_exists = false, Hash $connect_settings = $postgresql::server::default_connect_settings, Enum['present', 'absent'] $ensure = 'present', @@ -74,16 +74,7 @@ $_object_name = $object_name } - # - # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # We don't use pick() here because that would introduce a hard dependency to the postgresql::server class - if $port { - $port_override = $port - } elsif 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $postgresql::server::port - } + $port_override = pick($connect_settings['PGPORT'], $port) ## Munge the input values $_object_type = upcase($object_type) diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 0a40bdc35d..db319e7e85 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -21,11 +21,7 @@ $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - if 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $port - } + $port_override = pick($connect_settings['PGPORT'], $port) $onlyif = "SELECT tablename FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND diff --git a/manifests/server/role.pp b/manifests/server/role.pp index cd8645703c..dacdbf7701 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -29,7 +29,7 @@ Boolean $createdb = false, Boolean $createrole = false, String[1] $db = $postgresql::server::default_database, - Optional[Stdlib::Port] $port = undef, + Stdlib::Port $port = postgresql::default('port'), Boolean $login = true, Boolean $inherit = true, Boolean $superuser = false, @@ -50,24 +50,8 @@ } else { $password_hash } - # - # Port, order of precedence: $port parameter, $connect_settings[PGPORT], $postgresql::server::port - # - if $port { - $port_override = $port - } elsif 'PGPORT' in $connect_settings { - $port_override = undef - } else { - $port_override = $postgresql::server::port - } - - # If possible use the version of the remote database, otherwise - # fallback to our local DB version - if 'DBVERSION' in $connect_settings { - $version = $connect_settings['DBVERSION'] - } else { - $version = $postgresql::server::_version - } + $port_override = pick($connect_settings['PGPORT'], $port) + $version = pick($connect_settings['DBVERSION'], postgresql::default('version')) Postgresql_psql { db => $db, diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 20c47ac877..b5515232f3 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -8,6 +8,7 @@ # @param owner Sets the default owner of the schema. # @param schema Sets the name of the schema. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param port the post the postgresql instance is listening on. # @example # postgresql::server::schema {'private': # db => 'template1', @@ -17,6 +18,7 @@ Optional[String[1]] $owner = undef, String[1] $schema = $title, Hash $connect_settings = $postgresql::server::default_connect_settings, + Stdlib::Port $port = $postgresql::server::port, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -27,18 +29,14 @@ Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] # If the connection settings do not contain a port, then use the local server port - if 'PGPORT' in $connect_settings { - $port = undef - } else { - $port = $postgresql::server::port - } + $port_override = pick($connect_settings['PGPORT'], $port) Postgresql_psql { db => $db, psql_user => $user, psql_group => $group, psql_path => $psql_path, - port => $port, + port => $port_override, cwd => $module_workdir, connect_settings => $connect_settings, } diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 93d790e695..f01dcca236 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -5,12 +5,14 @@ # @param owner Specifies the default owner of the tablespace. # @param spcname Specifies the name of the tablespace. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param port the port of the postgresql instance that sould be used. define postgresql::server::tablespace ( String[1] $location, Boolean $manage_location = true, Optional[String[1]] $owner = undef, String[1] $spcname = $title, Hash $connect_settings = $postgresql::server::default_connect_settings, + Stdlib::Port $port = $postgresql::server::port, ) { $user = $postgresql::server::user $group = $postgresql::server::group @@ -18,17 +20,13 @@ $module_workdir = $postgresql::server::module_workdir # If the connection settings do not contain a port, then use the local server port - if 'PGPORT' in $connect_settings { - $port = undef - } else { - $port = $postgresql::server::port - } + $port_override = pick($connect_settings['PGPORT'], $port) Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, - port => $port, + port => $port_override, connect_settings => $connect_settings, cwd => $module_workdir, } diff --git a/spec/defines/server/database_grant_spec.rb b/spec/defines/server/database_grant_spec.rb index a1e83e84c6..61fe77ded8 100644 --- a/spec/defines/server/database_grant_spec.rb +++ b/spec/defines/server/database_grant_spec.rb @@ -24,7 +24,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__database_grant('test') } - it { is_expected.to contain_postgresql__server__grant('database:test').with_psql_user('postgres').without_port.with_group('postgres') } + it { is_expected.to contain_postgresql__server__grant('database:test').with_psql_user('postgres').with_port(5432).with_group('postgres') } end context 'with different user/group/port' do diff --git a/spec/defines/server/database_spec.rb b/spec/defines/server/database_spec.rb index b2754ccaec..8acaff6e3a 100644 --- a/spec/defines/server/database_spec.rb +++ b/spec/defines/server/database_spec.rb @@ -47,7 +47,7 @@ class {'postgresql::server':}" 'PGPORT' => '1234' } } end - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(nil) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port(1234) } end context 'with global db connection settings - including port' do @@ -61,7 +61,7 @@ class {'postgresql::server':}" class {'postgresql::server':}" end - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.2', 'PGPORT' => '1234').with_port(nil) } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.2', 'PGPORT' => '1234').with_port(1234) } end context 'with different owner' do diff --git a/spec/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb index cfd4f80d71..4056f0f4ce 100644 --- a/spec/defines/server/db_spec.rb +++ b/spec/defines/server/db_spec.rb @@ -22,8 +22,8 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__db('testdb').without_port.with_user('foo').with_psql_user('postgres').with_psql_group('postgres') } it { is_expected.to contain_postgresql__server__database('testdb').without_owner.with_user('postgres').with_group('postgres') } - it { is_expected.to contain_postgresql__server__role('foo').that_comes_before('Postgresql::Server::Database[testdb]').without_port.with_psql_user('postgres').with_psql_group('postgres') } - it { is_expected.to contain_postgresql__server__database_grant('GRANT foo - ALL - testdb').without_port.with_psql_user('postgres').with_psql_group('postgres') } + it { is_expected.to contain_postgresql__server__role('foo').that_comes_before('Postgresql::Server::Database[testdb]').with_port(5432).with_psql_user('postgres').with_psql_group('postgres') } + it { is_expected.to contain_postgresql__server__database_grant('GRANT foo - ALL - testdb').with_port(5432).with_psql_user('postgres').with_psql_group('postgres') } end context 'without dbname param' do diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 860229b875..7d1d83eca1 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -257,7 +257,7 @@ class { 'postgresql::server': } it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__default_privileges('test') } - it { is_expected.to contain_postgresql_psql('default_privileges:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', 'PGPORT' => '1234').with_port('5678') } + it { is_expected.to contain_postgresql_psql('default_privileges:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.6', 'PGPORT' => '1234').with_port('1234') } end context 'with specific schema name' do diff --git a/spec/defines/server/extension_spec.rb b/spec/defines/server/extension_spec.rb index 68a161584b..fd2f6ffa8f 100644 --- a/spec/defines/server/extension_spec.rb +++ b/spec/defines/server/extension_spec.rb @@ -211,7 +211,7 @@ it { expect(subject).to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') - .with_port(nil) + .with_port(1234) } end @@ -236,7 +236,7 @@ it { expect(subject).to contain_postgresql_psql('postgres: CREATE EXTENSION "pg_repack"') .with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234') - .with_port('5678') + .with_port('1234') } end end diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 9b9a8e5235..c294864f15 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -155,7 +155,7 @@ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_postgresql__server__grant('test') } - it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('5678') } + it { is_expected.to contain_postgresql_psql('grant:test').with_connect_settings('PGHOST' => 'postgres-db-server', 'DBVERSION' => '9.1', 'PGPORT' => '1234').with_port('1234') } end context 'with specific schema name' do From 09d38490f29e3c06e42d29d8abf72ba6aa0eda5a Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Tue, 5 Sep 2023 10:37:35 +0200 Subject: [PATCH 0892/1000] raise puppet-systemd version after 6.0.0 release --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 911007298a..4ecf928f9b 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 6.0.0" + "version_requirement": ">= 4.0.1 < 7.0.0" }, { "name": "puppetlabs/concat", From 2b15ddf98cd2a110454d1cc28161e028bf5678ea Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Tue, 5 Sep 2023 10:27:53 +0200 Subject: [PATCH 0893/1000] service name should be unique to allow instances --- lib/puppet/type/postgresql_psql.rb | 18 +++++++++++---- manifests/server/instance/service.pp | 8 +++---- spec/classes/server/service_spec.rb | 2 +- spec/classes/server_spec.rb | 22 +++++++++---------- spec/defines/server/database_spec.rb | 2 +- .../defines/server/default_privileges_spec.rb | 2 +- spec/defines/server/grant_spec.rb | 2 +- spec/defines/server/reassign_owned_by_spec.rb | 2 +- spec/defines/server/role_spec.rb | 4 ++-- spec/defines/server/tablespace_spec.rb | 2 +- 10 files changed, 37 insertions(+), 27 deletions(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 45931091bc..126db6d6b8 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -Puppet::Type.newtype(:postgresql_psql) do +Puppet::Type.newtype(:postgresql_psql) do # rubocop:disable Metrics/BlockLength newparam(:name) do desc 'An arbitrary tag for your own reference; the name of the message.' isnamevar @@ -122,6 +122,11 @@ def matches(value) newvalues(:true, :false) end + newparam(:instance) do + desc 'The postgresql instance under which the psql command should be executed.' + defaultto('main') + end + newparam(:sensitive, boolean: true) do desc "If 'true', then the executed command will not be echoed into the log. Use this to protect sensitive information passing through." @@ -129,8 +134,13 @@ def matches(value) newvalues(:true, :false) end - autorequire(:anchor) { ['postgresql::server::service::begin'] } - autorequire(:service) { ['postgresqld'] } + autorequire(:anchor) do + ["postgresql::server::service::begin::#{self[:instance]}"] + end + + autorequire(:service) do + ["postgresqld_instance_#{self[:instance]}"] + end def should_run_sql(refreshing = false) onlyif_param = @parameters[:onlyif] @@ -148,7 +158,7 @@ def refresh private - def set_sensitive_parameters(sensitive_parameters) # rubocop:disable Style/AccessorMethodName + def set_sensitive_parameters(sensitive_parameters) # rubocop:disable Naming/AccessorMethodName # Respect sensitive commands if sensitive_parameters.include?(:unless) sensitive_parameters.delete(:unless) diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index 1054b382fd..f778518dc0 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -33,7 +33,7 @@ anchor { "postgresql::server::service::begin::${name}": } if $service_manage { - service { 'postgresqld': + service { "postgresqld_instance_${name}": ensure => $service_ensure, enable => $service_enable, name => $service_name, @@ -48,7 +48,7 @@ # # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. - postgresql_conn_validator { 'validate_service_is_running': + postgresql_conn_validator { "validate_service_is_running_instance_${name}": run_as => $user, db_name => $default_database, port => $port, @@ -56,10 +56,10 @@ sleep => 1, tries => 60, psql_path => $psql_path, - require => Service['postgresqld'], + require => Service["postgresqld_instance_${name}"], before => Anchor["postgresql::server::service::end::${name}"], } - Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator['validate_service_is_running'] + Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator["validate_service_is_running_instance_${name}"] } } diff --git a/spec/classes/server/service_spec.rb b/spec/classes/server/service_spec.rb index 874d529aaa..1018fbc688 100644 --- a/spec/classes/server/service_spec.rb +++ b/spec/classes/server/service_spec.rb @@ -10,5 +10,5 @@ end it { is_expected.to contain_class('postgresql::server::service') } - it { is_expected.to contain_service('postgresqld').with_name('postgresql').with_status('systemctl status postgresql') } + it { is_expected.to contain_service('postgresqld_instance_main').with_name('postgresql').with_status('systemctl status postgresql') } end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 338fb2ad24..f104112af9 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -15,7 +15,7 @@ } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end @@ -61,7 +61,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server::passwd') } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end it 'sets postgres password' do @@ -85,7 +85,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server::passwd') } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end it 'sets postgres password' do @@ -103,7 +103,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it 'shouldnt validate connection' do - expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end @@ -118,7 +118,7 @@ class { 'postgresql::globals': } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end @@ -135,7 +135,7 @@ class { 'postgresql::globals': it { is_expected.to contain_postgresql__server__config_entry('data_directory_for_instance_main') } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end @@ -150,23 +150,23 @@ class { 'postgresql::globals': } it 'validates connection' do - expect(subject).to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end describe 'service_manage => true' do let(:params) { { service_manage: true } } - it { is_expected.to contain_service('postgresqld') } + it { is_expected.to contain_service('postgresqld_instance_main') } end describe 'service_manage => false' do let(:params) { { service_manage: false } } - it { is_expected.not_to contain_service('postgresqld') } + it { is_expected.not_to contain_service('postgresqld_instance_main') } it 'shouldnt validate connection' do - expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running') + expect(subject).not_to contain_postgresql_conn_validator('validate_service_is_running_instance_main') end end @@ -182,7 +182,7 @@ class { 'postgresql::globals': end it 'stills enable the service' do - expect(subject).to contain_service('postgresqld').with(ensure: 'running') + expect(subject).to contain_service('postgresqld_instance_main').with(ensure: 'running') end end diff --git a/spec/defines/server/database_spec.rb b/spec/defines/server/database_spec.rb index b2754ccaec..423ad3de2c 100644 --- a/spec/defines/server/database_spec.rb +++ b/spec/defines/server/database_spec.rb @@ -13,7 +13,7 @@ end it { is_expected.to contain_postgresql__server__database('test') } - it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').that_requires('Service[postgresqld]') } + it { is_expected.to contain_postgresql_psql('CREATE DATABASE "test"').that_requires('Service[postgresqld_instance_main]') } context "with comment set to 'test comment'" do let(:params) { { comment: 'test comment' } } diff --git a/spec/defines/server/default_privileges_spec.rb b/spec/defines/server/default_privileges_spec.rb index 860229b875..f0dff72139 100644 --- a/spec/defines/server/default_privileges_spec.rb +++ b/spec/defines/server/default_privileges_spec.rb @@ -337,7 +337,7 @@ class {'postgresql::server':} it do expect(subject).to contain_postgresql_psql('default_privileges:test') \ - .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) + .that_requires(['Service[postgresqld_instance_main]', 'Postgresql::Server::Role[test]']) end end diff --git a/spec/defines/server/grant_spec.rb b/spec/defines/server/grant_spec.rb index 9b9a8e5235..72971672ed 100644 --- a/spec/defines/server/grant_spec.rb +++ b/spec/defines/server/grant_spec.rb @@ -207,7 +207,7 @@ class {'postgresql::server':} it do expect(subject).to contain_postgresql_psql('grant:test') \ - .that_requires(['Service[postgresqld]', 'Postgresql::Server::Role[test]']) + .that_requires(['Service[postgresqld_instance_main]', 'Postgresql::Server::Role[test]']) end end diff --git a/spec/defines/server/reassign_owned_by_spec.rb b/spec/defines/server/reassign_owned_by_spec.rb index d0cfb69202..40ca579aaa 100644 --- a/spec/defines/server/reassign_owned_by_spec.rb +++ b/spec/defines/server/reassign_owned_by_spec.rb @@ -31,6 +31,6 @@ class {'postgresql::server':} expect(subject).to contain_postgresql_psql('reassign_owned_by:test:REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_command('REASSIGN OWNED BY "test_old_role" TO "test_new_role"') .with_onlyif(%r{SELECT tablename FROM pg_catalog.pg_tables WHERE\s*schemaname NOT IN \('pg_catalog', 'information_schema'\) AND\s*tableowner = 'test_old_role'.*}m) - .that_requires('Service[postgresqld]') + .that_requires('Service[postgresqld_instance_main]') } end diff --git a/spec/defines/server/role_spec.rb b/spec/defines/server/role_spec.rb index c04080d5cf..0d924a345e 100644 --- a/spec/defines/server/role_spec.rb +++ b/spec/defines/server/role_spec.rb @@ -105,7 +105,7 @@ 'PGUSER' => 'login-user', 'PGPASSWORD' => 'login-pass' }, - ).that_requires('Service[postgresqld]') + ).that_requires('Service[postgresqld_instance_main]') end it 'has alter role for "test" user with password as ****' do @@ -364,7 +364,7 @@ class { 'postgresql::server': end it 'has drop role for "test" user if ensure absent' do - expect(subject).to contain_postgresql_psql('DROP ROLE "test"').that_requires('Service[postgresqld]') + expect(subject).to contain_postgresql_psql('DROP ROLE "test"').that_requires('Service[postgresqld_instance_main]') end end diff --git a/spec/defines/server/tablespace_spec.rb b/spec/defines/server/tablespace_spec.rb index a76eb4a392..4322961307 100644 --- a/spec/defines/server/tablespace_spec.rb +++ b/spec/defines/server/tablespace_spec.rb @@ -21,7 +21,7 @@ it { is_expected.to contain_file('/srv/data/foo').with_ensure('directory') } it { is_expected.to contain_postgresql__server__tablespace('test') } - it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Service[postgresqld]') } + it { is_expected.to contain_postgresql_psql('CREATE TABLESPACE "test"').that_requires('Service[postgresqld_instance_main]') } context 'with different owner' do let :params do From f8d838fa6f1db4439773e678f554e56201084882 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 4 Sep 2023 15:45:06 +0200 Subject: [PATCH 0894/1000] make resources unique to allow multiple instances --- manifests/server/instance/initdb.pp | 9 +++++++-- manifests/server/instance/passwd.pp | 2 +- manifests/server/instance/reload.pp | 2 +- spec/classes/server/initdb_spec.rb | 4 ++-- spec/classes/server_spec.rb | 22 +++++++++++----------- 5 files changed, 22 insertions(+), 17 deletions(-) diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 87ee475c63..97584c9d64 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -175,7 +175,7 @@ # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. - exec { 'postgresql_initdb': + exec { "postgresql_initdb_instance_${name}": command => $initdb_command, creates => "${datadir}/PG_VERSION", user => $user, @@ -185,6 +185,11 @@ cwd => $module_workdir, } } elsif $encoding != undef { - include postgresql::server::late_initdb + postgresql::server::instance::late_initdb { $name: + encoding => $encoding, + user => $user, + group => $group, + module_workdir => $module_workdir, + } } } diff --git a/manifests/server/instance/passwd.pp b/manifests/server/instance/passwd.pp index e539b7a69c..a4bc20f467 100644 --- a/manifests/server/instance/passwd.pp +++ b/manifests/server/instance/passwd.pp @@ -42,7 +42,7 @@ # the default for pg_hba.conf. $escaped = postgresql::postgresql_escape($real_postgres_password) $exec_command = "${stdlib::shell_escape($psql_path)}${_dboption} -c \"ALTER ROLE \\\"${stdlib::shell_escape($user)}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"" # lint:ignore:140chars - exec { 'set_postgres_postgrespw': + exec { "set_postgres_postgrespw_${name}": # This command works w/no password because we run it as postgres system # user command => $exec_command, diff --git a/manifests/server/instance/reload.pp b/manifests/server/instance/reload.pp index d663b840a9..53eb5fad99 100644 --- a/manifests/server/instance/reload.pp +++ b/manifests/server/instance/reload.pp @@ -6,7 +6,7 @@ String[1] $service_status = $postgresql::server::service_status, String[1] $service_reload = $postgresql::server::service_reload, ) { - exec { 'postgresql_reload': + exec { "postgresql_reload_${name}": path => '/usr/bin:/usr/sbin:/bin:/sbin', command => $service_reload, onlyif => $service_status, diff --git a/spec/classes/server/initdb_spec.rb b/spec/classes/server/initdb_spec.rb index a545a8e973..c18c7f92f8 100644 --- a/spec/classes/server/initdb_spec.rb +++ b/spec/classes/server/initdb_spec.rb @@ -65,7 +65,7 @@ class { 'postgresql::server': } end it 'contains exec with specified working directory' do - expect(subject).to contain_exec('postgresql_initdb').with( + expect(subject).to contain_exec('postgresql_initdb_instance_main').with( cwd: '/var/tmp', ) end @@ -82,7 +82,7 @@ class { 'postgresql::server': } end it 'contains exec with default working directory' do - expect(subject).to contain_exec('postgresql_initdb').with( + expect(subject).to contain_exec('postgresql_initdb_instance_main').with( cwd: '/tmp', ) end diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index f104112af9..caf592d611 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -11,7 +11,7 @@ it { is_expected.to contain_file('/var/lib/postgresql/13/main') } it { - expect(subject).to contain_exec('postgresql_reload').with('command' => 'systemctl reload postgresql') + expect(subject).to contain_exec('postgresql_reload_main').with('command' => 'systemctl reload postgresql') } it 'validates connection' do @@ -65,10 +65,10 @@ class { 'postgresql::globals': end it 'sets postgres password' do - expect(subject).to contain_exec('set_postgres_postgrespw').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', - 'user' => 'postgres', - 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], - 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") + expect(subject).to contain_exec('set_postgres_postgrespw_main').with('command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end end @@ -89,10 +89,10 @@ class { 'postgresql::globals': end it 'sets postgres password' do - expect(subject).to contain_exec('set_postgres_postgrespw').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], - 'user' => 'postgres', - 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], - 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") + expect(subject).to contain_exec('set_postgres_postgrespw_main').with('command' => ['/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"'], + 'user' => 'postgres', + 'environment' => ['PGPASSWORD=new-p@s$word-to-set', 'PGPORT=5432', 'NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$'], + 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null") end end @@ -146,7 +146,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - expect(subject).to contain_exec('postgresql_reload').with('command' => '/bin/true') + expect(subject).to contain_exec('postgresql_reload_main').with('command' => '/bin/true') } it 'validates connection' do @@ -194,7 +194,7 @@ class { 'postgresql::globals': end it 'contains proper initdb exec' do - expect(subject).to contain_exec('postgresql_initdb') + expect(subject).to contain_exec('postgresql_initdb_instance_main') end end From 9fe546548b7029d6b0f90e5a94aa66707449e39f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 6 Sep 2023 11:49:16 +0200 Subject: [PATCH 0895/1000] server::schema: Drop unused $version variable --- manifests/server/schema.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index b5515232f3..87df236f27 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -23,7 +23,6 @@ $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path - $version = $postgresql::server::_version $module_workdir = $postgresql::server::module_workdir Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] From 460ebc759c8c7b8089b2481417934f3171e83e38 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 6 Sep 2023 11:57:15 +0200 Subject: [PATCH 0896/1000] variables to parameters for tablespace/schema/reassign_owned_by --- REFERENCE.md | 99 +++++++++++++++++++++++++++ manifests/server/reassign_owned_by.pp | 13 ++-- manifests/server/schema.pp | 25 ++++--- manifests/server/tablespace.pp | 27 +++++--- 4 files changed, 137 insertions(+), 27 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 0a574806bc..a4b40059e7 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -3279,6 +3279,8 @@ The following parameters are available in the `postgresql::server::reassign_owne * [`psql_user`](#-postgresql--server--reassign_owned_by--psql_user) * [`port`](#-postgresql--server--reassign_owned_by--port) * [`connect_settings`](#-postgresql--server--reassign_owned_by--connect_settings) +* [`group`](#-postgresql--server--reassign_owned_by--group) +* [`psql_path`](#-postgresql--server--reassign_owned_by--psql_path) ##### `old_role` @@ -3322,6 +3324,22 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` +##### `group` + +Data type: `String[1]` + +Sets the OS group to run psql + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Sets the path to psql command + +Default value: `$postgresql::server::psql_path` + ### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -3698,6 +3716,10 @@ The following parameters are available in the `postgresql::server::schema` defin * [`schema`](#-postgresql--server--schema--schema) * [`connect_settings`](#-postgresql--server--schema--connect_settings) * [`port`](#-postgresql--server--schema--port) +* [`user`](#-postgresql--server--schema--user) +* [`group`](#-postgresql--server--schema--group) +* [`psql_path`](#-postgresql--server--schema--psql_path) +* [`module_workdir`](#-postgresql--server--schema--module_workdir) ##### `db` @@ -3739,6 +3761,39 @@ the post the postgresql instance is listening on. Default value: `$postgresql::server::port` +##### `user` + +Data type: `String[1]` + +Sets the OS user to run psql + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Sets the OS group to run psql + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Sets path to psql command + +Default value: `$postgresql::server::psql_path` + +##### `module_workdir` + +Data type: `Stdlib::Absolutepath` + +Specifies working directory under which the psql command should be executed. +May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: `$postgresql::server::module_workdir` + ### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -3850,6 +3905,10 @@ The following parameters are available in the `postgresql::server::tablespace` d * [`spcname`](#-postgresql--server--tablespace--spcname) * [`connect_settings`](#-postgresql--server--tablespace--connect_settings) * [`port`](#-postgresql--server--tablespace--port) +* [`user`](#-postgresql--server--tablespace--user) +* [`group`](#-postgresql--server--tablespace--group) +* [`psql_path`](#-postgresql--server--tablespace--psql_path) +* [`module_workdir`](#-postgresql--server--tablespace--module_workdir) ##### `location` @@ -3897,6 +3956,39 @@ the port of the postgresql instance that sould be used. Default value: `$postgresql::server::port` +##### `user` + +Data type: `String[1]` + +Sets the OS user to run psql + +Default value: `$postgresql::server::user` + +##### `group` + +Data type: `String[1]` + +Sets the OS group to run psql + +Default value: `$postgresql::server::group` + +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Sets path to psql command + +Default value: `$postgresql::server::psql_path` + +##### `module_workdir` + +Data type: `String[1]` + +Specifies working directory under which the psql command should be executed. +May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: `$postgresql::server::module_workdir` + ## Resource types ### `postgresql_conf` @@ -4062,6 +4154,7 @@ The following parameters are available in the `postgresql_psql` type. * [`cwd`](#-postgresql_psql--cwd) * [`db`](#-postgresql_psql--db) * [`environment`](#-postgresql_psql--environment) +* [`instance`](#-postgresql_psql--instance) * [`name`](#-postgresql_psql--name) * [`onlyif`](#-postgresql_psql--onlyif) * [`port`](#-postgresql_psql--port) @@ -4094,6 +4187,12 @@ Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. +##### `instance` + +The postgresql instance under which the psql command should be executed. + +Default value: `main` + ##### `name` namevar diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index db319e7e85..30d8729318 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -8,19 +8,20 @@ # @param psql_user Specifies the OS user for running psql. # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param group Sets the OS group to run psql +# @param psql_path Sets the path to psql command define postgresql::server::reassign_owned_by ( String $old_role, String $new_role, String $db, - String $psql_user = $postgresql::server::user, - Stdlib::Port $port = $postgresql::server::port, - Hash $connect_settings = $postgresql::server::default_connect_settings, + String $psql_user = $postgresql::server::user, + Stdlib::Port $port = $postgresql::server::port, + Hash $connect_settings = $postgresql::server::default_connect_settings, + String[1] $group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, ) { $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $port_override = pick($connect_settings['PGPORT'], $port) $onlyif = "SELECT tablename FROM pg_catalog.pg_tables WHERE diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 87df236f27..369f638c35 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -9,22 +9,27 @@ # @param schema Sets the name of the schema. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param port the post the postgresql instance is listening on. +# @param user Sets the OS user to run psql +# @param group Sets the OS group to run psql +# @param psql_path Sets path to psql command +# @param module_workdir +# Specifies working directory under which the psql command should be executed. +# May need to specify if '/tmp' is on volume mounted with noexec option. # @example # postgresql::server::schema {'private': # db => 'template1', # } define postgresql::server::schema ( - String[1] $db = $postgresql::server::default_database, - Optional[String[1]] $owner = undef, - String[1] $schema = $title, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Stdlib::Port $port = $postgresql::server::port, + String[1] $db = $postgresql::server::default_database, + Optional[String[1]] $owner = undef, + String[1] $schema = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Stdlib::Port $port = $postgresql::server::port, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $module_workdir = $postgresql::server::module_workdir - Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] # If the connection settings do not contain a port, then use the local server port diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index f01dcca236..9f166cc7d2 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -6,19 +6,24 @@ # @param spcname Specifies the name of the tablespace. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param port the port of the postgresql instance that sould be used. +# @param user Sets the OS user to run psql +# @param group Sets the OS group to run psql +# @param psql_path Sets path to psql command +# @param module_workdir +# Specifies working directory under which the psql command should be executed. +# May need to specify if '/tmp' is on volume mounted with noexec option. define postgresql::server::tablespace ( - String[1] $location, - Boolean $manage_location = true, - Optional[String[1]] $owner = undef, - String[1] $spcname = $title, - Hash $connect_settings = $postgresql::server::default_connect_settings, - Stdlib::Port $port = $postgresql::server::port, + String[1] $location, + Boolean $manage_location = true, + Optional[String[1]] $owner = undef, + String[1] $spcname = $title, + Hash $connect_settings = $postgresql::server::default_connect_settings, + Stdlib::Port $port = $postgresql::server::port, + String[1] $user = $postgresql::server::user, + String[1] $group = $postgresql::server::group, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + String[1] $module_workdir = $postgresql::server::module_workdir, ) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $module_workdir = $postgresql::server::module_workdir - # If the connection settings do not contain a port, then use the local server port $port_override = pick($connect_settings['PGPORT'], $port) From 0bb5bc8980f96b7b6af2228b99aff10a5c1f796d Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 6 Sep 2023 14:04:57 +0200 Subject: [PATCH 0897/1000] PDK update 3.0.0 --- .gitignore | 2 +- .pdkignore | 8 +- .rubocop.yml | 645 ++++++++++++++++++++++++++++- .rubocop_todo.yml | 153 +------ Gemfile | 46 +- Rakefile | 8 +- lib/puppet/type/postgresql_psql.rb | 4 +- metadata.json | 4 +- spec/default_facts.yml | 6 +- spec/spec_helper.rb | 6 +- spec/spec_helper_local.rb | 2 +- 11 files changed, 686 insertions(+), 198 deletions(-) diff --git a/.gitignore b/.gitignore index 988dcbbe62..3f1551212b 100644 --- a/.gitignore +++ b/.gitignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt diff --git a/.pdkignore b/.pdkignore index c538bea8bd..584438f9a0 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -26,20 +26,16 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml -/appveyor.yml -/.editorconfig /.fixtures.yml /Gemfile /.gitattributes /.gitignore -/.gitlab-ci.yml /.pdkignore /.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ diff --git a/.rubocop.yml b/.rubocop.yml index 67a4a804be..33d66a7ca1 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -5,10 +5,7 @@ require: - rubocop-performance - rubocop-rspec AllCops: - NewCops: enable DisplayCopNames: true - ExtraDetails: true - DisplayStyleGuide: true TargetRubyVersion: '2.6' Include: - "**/*.rb" @@ -84,3 +81,645 @@ Style/Documentation: - spec/**/* Style/WordArray: EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/Sum: + Enabled: true +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +Bundler/GemFilename: + Enabled: false +Bundler/InsecureProtocolSource: + Enabled: false +Capybara/CurrentPathExpectation: + Enabled: false +Capybara/VisibilityMatcher: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: + Enabled: false +Layout/EndOfLine: + Enabled: false +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/BlockNesting: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Capybara/FeatureMethods: + Enabled: false +RSpec/ContainExactly: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/FactoryBot/AttributeDefinedStatically: + Enabled: false +RSpec/FactoryBot/CreateList: + Enabled: false +RSpec/FactoryBot/FactoryClassName: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MatchArray: + Enabled: false +RSpec/MissingExampleGroupArgument: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false +RSpec/NestedGroups: + Enabled: false +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false +Style/SymbolProc: + Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/TripleQuotes: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/ArrayIntersect: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DirEmpty: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NestedFileDirname: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index dc0f19577b..40bf4779ee 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,100 +1,11 @@ # This configuration was generated by # `rubocop --auto-gen-config` -# on 2023-04-25 08:02:29 UTC using RuboCop version 1.48.1. +# on 2023-09-06 12:10:39 UTC using RuboCop version 1.48.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new # versions of RuboCop, may require this file to be generated again. -# Offense count: 15 -# This cop supports unsafe autocorrection (--autocorrect-all). -Lint/BooleanSymbol: - Exclude: - - 'lib/puppet/provider/postgresql_psql/ruby.rb' - - 'lib/puppet/type/postgresql_psql.rb' - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - -# Offense count: 2 -# Configuration parameters: AllowedMethods. -# AllowedMethods: enums -Lint/ConstantDefinitionInBlock: - Exclude: - - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' - -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Lint/RedundantCopEnableDirective: - Exclude: - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - -# Offense count: 6 -# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes. -Metrics/AbcSize: - Max: 48 - -# Offense count: 7 -# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns, inherit_mode. -# AllowedMethods: refine -Metrics/BlockLength: - Max: 119 - -# Offense count: 3 -# Configuration parameters: AllowedMethods, AllowedPatterns. -Metrics/CyclomaticComplexity: - Max: 9 - -# Offense count: 6 -# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns. -Metrics/MethodLength: - Max: 29 - -# Offense count: 1 -# Configuration parameters: CountKeywordArgs, MaxOptionalParameters. -Metrics/ParameterLists: - Max: 6 - -# Offense count: 4 -# Configuration parameters: AllowedMethods, AllowedPatterns. -Metrics/PerceivedComplexity: - Max: 11 - -# Offense count: 24 -# Configuration parameters: ForbiddenDelimiters. -# ForbiddenDelimiters: (?i-mx:(^|\s)(EO[A-Z]{1}|END)(\s|$)) -Naming/HeredocDelimiterNaming: - Exclude: - - 'lib/puppet/type/postgresql_conn_validator.rb' - - 'lib/puppet/type/postgresql_replication_slot.rb' - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/acceptance/server/recovery_spec.rb' - - 'spec/classes/server/config_spec.rb' - - 'spec/classes/server/initdb_spec.rb' - - 'spec/classes/server_spec.rb' - - 'spec/defines/server/default_privileges_spec.rb' - - 'spec/defines/server/grant_spec.rb' - -# Offense count: 101 -# Configuration parameters: Prefixes, AllowedPatterns. -# Prefixes: when, with, without -RSpec/ContextWording: - Enabled: false - -# Offense count: 73 -# Configuration parameters: IgnoredMetadata. -RSpec/DescribeClass: - Enabled: false - -# Offense count: 42 -# Configuration parameters: CountAsOne. -RSpec/ExampleLength: - Max: 53 - -# Offense count: 3 -RSpec/ExpectInHook: - Exclude: - - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - # Offense count: 7 # Configuration parameters: Include, CustomTransform, IgnoreMethods, SpecSuffixOnly. # Include: **/*_spec*rb*, **/spec/**/* @@ -108,64 +19,12 @@ RSpec/FilePath: - 'spec/defines/server/instance/service.rb' - 'spec/unit/puppet/type/postgresql_conn_validator.rb' -# Offense count: 2 -RSpec/LeakyConstantDeclaration: - Exclude: - - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' - -# Offense count: 63 -# This cop supports safe autocorrection (--autocorrect). -RSpec/LetBeforeExamples: - Enabled: false - -# Offense count: 45 -RSpec/MultipleExpectations: - Max: 6 - -# Offense count: 19 -# Configuration parameters: AllowSubject. -RSpec/MultipleMemoizedHelpers: - Max: 18 - -# Offense count: 208 +# Offense count: 214 # Configuration parameters: EnforcedStyle, IgnoreSharedExamples. # SupportedStyles: always, named_only RSpec/NamedSubject: Enabled: false -# Offense count: 1 -# Configuration parameters: AllowedGroups. -RSpec/NestedGroups: - Max: 4 - -# Offense count: 20 -# Configuration parameters: AllowedPatterns. -# AllowedPatterns: ^expect_, ^assert_ -RSpec/NoExpectationExample: - Exclude: - - 'spec/acceptance/alternative_port_spec.rb' - - 'spec/acceptance/default_parameters_spec.rb' - - 'spec/acceptance/postgresql_conn_validator_spec.rb' - - 'spec/acceptance/postgresql_psql_spec.rb' - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/acceptance/server/recovery_spec.rb' - - 'spec/acceptance/sql_task_spec.rb' - - 'spec/acceptance/z_alternative_pgdata_spec.rb' - - 'spec/unit/puppet/provider/postgresql_conn_validator/ruby_spec.rb' - -# Offense count: 17 -RSpec/RepeatedExampleGroupDescription: - Exclude: - - 'spec/acceptance/server/grant_spec.rb' - - 'spec/defines/server/extension_spec.rb' - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - -# Offense count: 15 -RSpec/StubbedMock: - Exclude: - - 'spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb' - - 'spec/unit/puppet/type/postgresql_psql_spec.rb' - # Offense count: 1 # This cop supports unsafe autocorrection (--autocorrect-all). # Configuration parameters: EnforcedStyle. @@ -173,11 +32,3 @@ RSpec/StubbedMock: Style/ClassAndModuleChildren: Exclude: - 'lib/puppet/util/postgresql_validator.rb' - -# Offense count: 2 -# Configuration parameters: AllowedMethods. -# AllowedMethods: respond_to_missing? -Style/OptionalBooleanParameter: - Exclude: - - 'lib/puppet/functions/postgresql/postgresql_password.rb' - - 'lib/puppet/type/postgresql_psql.rb' diff --git a/Gemfile b/Gemfile index ea113b0c78..5ffa566b9f 100644 --- a/Gemfile +++ b/Gemfile @@ -14,31 +14,33 @@ def location_for(place_or_version, fake_version = nil) end group :development do - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false - gem "facterdb", '~> 1.18', require: false - gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false - gem "puppetlabs_spec_helper", '~> 5.0', require: false - gem "rspec-puppet-facts", '~> 2.0', require: false - gem "codecov", '~> 0.2', require: false - gem "dependency_checker", '~> 0.2', require: false - gem "parallel_tests", '= 3.12.1', require: false - gem "pry", '~> 0.10', require: false - gem "simplecov-console", '~> 0.5', require: false - gem "puppet-debugger", '~> 1.0', require: false - gem "rubocop", '~> 1.48.1', require: false - gem "rubocop-performance", '~> 1.16', require: false - gem "rubocop-rspec", '~> 2.19', require: false - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", '= 1.15.2', require: false + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '~> 3.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.48.1', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "puppet-strings", '~> 4.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] - gem "serverspec", '~> 2.41', require: false + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index 6cd888fa02..c87729c986 100644 --- a/Rakefile +++ b/Rakefile @@ -1,11 +1,11 @@ # frozen_string_literal: true require 'bundler' -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? +require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" @@ -45,7 +45,7 @@ PuppetLint.configuration.send('disable_anchor_resource') PuppetLint.configuration.send('disable_params_empty_string_assignment') -if Bundler.rubygems.find_name('github_changelog_generator').any? +if Gem.loaded_specs.key? 'github_changelog_generator' GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 126db6d6b8..021753e7ab 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -Puppet::Type.newtype(:postgresql_psql) do # rubocop:disable Metrics/BlockLength +Puppet::Type.newtype(:postgresql_psql) do newparam(:name) do desc 'An arbitrary tag for your own reference; the name of the message.' isnamevar @@ -158,7 +158,7 @@ def refresh private - def set_sensitive_parameters(sensitive_parameters) # rubocop:disable Naming/AccessorMethodName + def set_sensitive_parameters(sensitive_parameters) # Respect sensitive commands if sensitive_parameters.include?(:unless) sensitive_parameters.delete(:unless) diff --git a/metadata.json b/metadata.json index 4ecf928f9b..5499e3ad1e 100644 --- a/metadata.json +++ b/metadata.json @@ -94,7 +94,7 @@ "version_requirement": ">= 7.0.0 < 9.0.0" } ], - "pdk-version": "2.7.0", + "pdk-version": "3.0.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-ge5b0114" + "template-ref": "heads/main-0-g017b84e" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f3946607e0..3346c394df 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -3,7 +3,7 @@ # Facts specified here will override the values provided by rspec-puppet-facts. --- networking: - ip: "172.16.254.254" - ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" - mac: "AA:AA:AA:AA:AA:AA" + ip: "172.16.254.254" + ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" + mac: "AA:AA:AA:AA:AA:AA" is_pe: false diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 1a8b68bde8..6820cebee7 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -9,11 +9,11 @@ require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) -include RspecPuppetFacts # rubocop:disable Style/MixinUsage +include RspecPuppetFacts default_facts = { puppetversion: Puppet.version, - facterversion: Facter.version + facterversion: Facter.version, } default_fact_files = [ @@ -25,7 +25,7 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) + default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index c957f9ee1b..c9603be72a 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -149,7 +149,7 @@ def param(type, title, param) end # This duplicates spec_helper but we need it for add_custom_fact -include RspecPuppetFacts # rubocop:disable Style/MixinUsage +include RspecPuppetFacts # Rough conversion of grepping in the puppet source: # grep defaultfor lib/puppet/provider/service/*.rb # See https://github.com/voxpupuli/voxpupuli-test/blob/master/lib/voxpupuli/test/facts.rb From 37cac46f6edfe7fe3cb7a4fa3821b90f919b9d70 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 6 Sep 2023 14:52:19 +0200 Subject: [PATCH 0898/1000] server::instance::initdb: simplify if condition --- manifests/server/instance/initdb.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 97584c9d64..70ddb650f9 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -184,7 +184,7 @@ require => File[$require_before_initdb], cwd => $module_workdir, } - } elsif $encoding != undef { + } elsif $encoding { postgresql::server::instance::late_initdb { $name: encoding => $encoding, user => $user, From 71e446a82e7249c69793bda0b93fbf7a024c88a5 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 6 Sep 2023 16:18:52 +0200 Subject: [PATCH 0899/1000] add port and psql_path parameter to initdb define --- REFERENCE.md | 20 +++++++++++++ manifests/server/instance/initdb.pp | 45 +++++++++++++++++------------ 2 files changed, 47 insertions(+), 18 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index a4b40059e7..f96f38e548 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2673,6 +2673,8 @@ The following parameters are available in the `postgresql::server::instance::ini * [`user`](#-postgresql--server--instance--initdb--user) * [`username`](#-postgresql--server--instance--initdb--username) * [`xlogdir`](#-postgresql--server--instance--initdb--xlogdir) +* [`port`](#-postgresql--server--instance--initdb--port) +* [`psql_path`](#-postgresql--server--instance--initdb--psql_path) ##### `auth_host` @@ -2824,6 +2826,24 @@ PostgreSQL xlog/WAL directory Default value: `$postgresql::server::xlogdir` +##### `port` + +Data type: `Stdlib::Port` + +Specifies the port for the PostgreSQL server to listen on. +Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +changing the port causes the server to come to a full stop before being able to make the change. + +Default value: `$postgresql::server::port` + +##### `psql_path` + +Data type: `Stdlib::Absolutepath` + +Specifies the path to the psql command. + +Default value: `$postgresql::server::psql_path` + ### `postgresql::server::instance::late_initdb` Manage the default encoding when database initialization is managed by the package diff --git a/manifests/server/instance/initdb.pp b/manifests/server/instance/initdb.pp index 97584c9d64..5944207bc1 100644 --- a/manifests/server/instance/initdb.pp +++ b/manifests/server/instance/initdb.pp @@ -25,25 +25,32 @@ # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param username username of user running the postgres instance # @param xlogdir PostgreSQL xlog/WAL directory +# @param port +# Specifies the port for the PostgreSQL server to listen on. +# Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, +# changing the port causes the server to come to a full stop before being able to make the change. +# @param psql_path Specifies the path to the psql command. define postgresql::server::instance::initdb ( - Optional[String[1]] $auth_host = $postgresql::server::auth_host, - Optional[String[1]] $auth_local = $postgresql::server::auth_local, - Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, - Stdlib::Absolutepath $datadir = $postgresql::server::datadir, - Optional[String[1]] $encoding = $postgresql::server::encoding, - String[1] $group = $postgresql::server::group, - Stdlib::Absolutepath $initdb_path = $postgresql::server::initdb_path, - Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, - Optional[String[1]] $locale = $postgresql::server::locale, - Optional[Stdlib::Absolutepath] $logdir = $postgresql::server::logdir, - Boolean $manage_datadir = $postgresql::server::manage_datadir, - Boolean $manage_logdir = $postgresql::server::manage_logdir, - Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, - Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, - Boolean $needs_initdb = $postgresql::server::needs_initdb, - String[1] $user = $postgresql::server::user, - Optional[String[1]] $username = $postgresql::server::username, - Optional[Stdlib::Absolutepath] $xlogdir = $postgresql::server::xlogdir, + Optional[String[1]] $auth_host = $postgresql::server::auth_host, + Optional[String[1]] $auth_local = $postgresql::server::auth_local, + Optional[Boolean] $data_checksums = $postgresql::server::data_checksums, + Stdlib::Absolutepath $datadir = $postgresql::server::datadir, + Optional[String[1]] $encoding = $postgresql::server::encoding, + String[1] $group = $postgresql::server::group, + Stdlib::Absolutepath $initdb_path = $postgresql::server::initdb_path, + Optional[String[1]] $lc_messages = $postgresql::server::lc_messages, + Optional[String[1]] $locale = $postgresql::server::locale, + Optional[Stdlib::Absolutepath] $logdir = $postgresql::server::logdir, + Boolean $manage_datadir = $postgresql::server::manage_datadir, + Boolean $manage_logdir = $postgresql::server::manage_logdir, + Boolean $manage_xlogdir = $postgresql::server::manage_xlogdir, + Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, + Boolean $needs_initdb = $postgresql::server::needs_initdb, + String[1] $user = $postgresql::server::user, + Optional[String[1]] $username = $postgresql::server::username, + Optional[Stdlib::Absolutepath] $xlogdir = $postgresql::server::xlogdir, + Stdlib::Port $port = $postgresql::server::port, + Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, ) { if $facts['os']['family'] == 'RedHat' and $facts['os']['selinux']['enabled'] == true { $seltype = 'postgresql_db_t' @@ -190,6 +197,8 @@ user => $user, group => $group, module_workdir => $module_workdir, + psql_path => $psql_path, + port => $port, } } } From d2e208ff860baff7eef421281b5e105feeccc344 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 6 Sep 2023 16:23:31 +0200 Subject: [PATCH 0900/1000] spec file: remove ruby shebang --- spec/unit/type/postgresql_conf_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 66a115019c..179c369740 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -1,4 +1,3 @@ -#! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission # frozen_string_literal: true require 'spec_helper' From 6db5691127ef633e78f7dece939d250e0b91d25d Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 28 Aug 2023 23:16:35 +0200 Subject: [PATCH 0901/1000] flexible value for auth_method in pg_hba.conf if passwords are used --- REFERENCE.md | 24 +++++++++++++++++++-- manifests/params.pp | 2 +- manifests/server.pp | 7 ++++-- manifests/server/instance/config.pp | 14 ++++++++---- spec/acceptance/overridden_settings_spec.rb | 2 +- 5 files changed, 39 insertions(+), 10 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index f96f38e548..f4e078778b 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -874,6 +874,7 @@ The following parameters are available in the `postgresql::server` class: * [`manage_logdir`](#-postgresql--server--manage_logdir) * [`manage_xlogdir`](#-postgresql--server--manage_xlogdir) * [`password_encryption`](#-postgresql--server--password_encryption) +* [`pg_hba_auth_password_encryption`](#-postgresql--server--pg_hba_auth_password_encryption) * [`roles`](#-postgresql--server--roles) * [`config_entries`](#-postgresql--server--config_entries) * [`pg_hba_rules`](#-postgresql--server--pg_hba_rules) @@ -1300,12 +1301,21 @@ Default value: `$postgresql::params::manage_xlogdir` ##### `password_encryption` -Data type: `Optional[Postgresql::Pg_password_encryption]` +Data type: `Postgresql::Pg_password_encryption` Specify the type of encryption set for the password. Default value: `$postgresql::params::password_encryption` +##### `pg_hba_auth_password_encryption` + +Data type: `Optional[Postgresql::Pg_password_encryption]` + +Specify the type of encryption set for the password in pg_hba_conf, +this value is usefull if you want to start enforcing scram-sha-256, but give users transition time. + +Default value: `undef` + ##### `roles` Data type: `Hash[String, Hash]` @@ -2417,6 +2427,7 @@ The following parameters are available in the `postgresql::server::instance::con * [`log_line_prefix`](#-postgresql--server--instance--config--log_line_prefix) * [`timezone`](#-postgresql--server--instance--config--timezone) * [`password_encryption`](#-postgresql--server--instance--config--password_encryption) +* [`pg_hba_auth_password_encryption`](#-postgresql--server--instance--config--pg_hba_auth_password_encryption) * [`extra_systemd_config`](#-postgresql--server--instance--config--extra_systemd_config) ##### `ip_mask_deny_postgres_user` @@ -2633,12 +2644,21 @@ Default value: `$postgresql::server::timezone` ##### `password_encryption` -Data type: `Optional[Postgresql::Pg_password_encryption]` +Data type: `Postgresql::Pg_password_encryption` Specify the type of encryption set for the password. Default value: `$postgresql::server::password_encryption` +##### `pg_hba_auth_password_encryption` + +Data type: `Optional[Postgresql::Pg_password_encryption]` + +Specify the type of encryption set for the password in pg_hba_conf, +this value is usefull if you want to start enforcing scram-sha-256, but give users transition time. + +Default value: `$postgresql::server::pg_hba_auth_password_encryption` + ##### `extra_systemd_config` Data type: `Optional[String]` diff --git a/manifests/params.pp b/manifests/params.pp index a6d3d6f370..3a64384fe9 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -25,7 +25,7 @@ $manage_selinux = pick($manage_selinux, false) $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') - $password_encryption = if versioncmp($version, '14') >= 0 { 'scram-sha-256' } else { undef } + $password_encryption = versioncmp($version, '14') ? { -1 => 'md5', default => 'scram-sha-256' } $extra_systemd_config = undef $manage_datadir = true $manage_logdir = true diff --git a/manifests/server.pp b/manifests/server.pp index fcd31bfce7..89d45fb7d5 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -96,7 +96,9 @@ # @param manage_logdir Set to false if you have file{ $logdir: } already defined # @param manage_xlogdir Set to false if you have file{ $xlogdir: } already defined # @param password_encryption Specify the type of encryption set for the password. -# +# @param pg_hba_auth_password_encryption +# Specify the type of encryption set for the password in pg_hba_conf, +# this value is usefull if you want to start enforcing scram-sha-256, but give users transition time. # @param roles Specifies a hash from which to generate postgresql::server::role resources. # @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. # @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. @@ -178,7 +180,8 @@ Boolean $manage_datadir = $postgresql::params::manage_datadir, Boolean $manage_logdir = $postgresql::params::manage_logdir, Boolean $manage_xlogdir = $postgresql::params::manage_xlogdir, - Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::params::password_encryption, + Postgresql::Pg_password_encryption $password_encryption = $postgresql::params::password_encryption, + Optional[Postgresql::Pg_password_encryption] $pg_hba_auth_password_encryption = undef, Optional[String] $extra_systemd_config = $postgresql::params::extra_systemd_config, Hash[String, Hash] $roles = {}, diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 4b049a8a00..c35928163a 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -42,6 +42,9 @@ # @param log_line_prefix PostgreSQL log line prefix # @param timezone Set timezone for the PostgreSQL instance # @param password_encryption Specify the type of encryption set for the password. +# @param pg_hba_auth_password_encryption +# Specify the type of encryption set for the password in pg_hba_conf, +# this value is usefull if you want to start enforcing scram-sha-256, but give users transition time. # @param extra_systemd_config # Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string define postgresql::server::instance::config ( @@ -70,9 +73,12 @@ Boolean $service_enable = $postgresql::server::service_enable, Optional[String[1]] $log_line_prefix = $postgresql::server::log_line_prefix, Optional[String[1]] $timezone = $postgresql::server::timezone, - Optional[Postgresql::Pg_password_encryption] $password_encryption = $postgresql::server::password_encryption, + Postgresql::Pg_password_encryption $password_encryption = $postgresql::server::password_encryption, + Optional[Postgresql::Pg_password_encryption] $pg_hba_auth_password_encryption = $postgresql::server::pg_hba_auth_password_encryption, Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, ) { + $_pg_hba_auth_password_encryption = pick($pg_hba_auth_password_encryption,$password_encryption) + if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file concat { $pg_hba_conf_path: @@ -105,7 +111,7 @@ type => 'host', user => $user, address => '127.0.0.1/32', - auth_method => 'md5', + auth_method => $_pg_hba_auth_password_encryption, order => 3; "deny access to postgresql user for instance ${name}": @@ -118,13 +124,13 @@ "allow access to all users for instance ${name}": type => 'host', address => $ip_mask_allow_all_users, - auth_method => 'md5', + auth_method => $_pg_hba_auth_password_encryption, order => 100; "allow access to ipv6 localhost for instance ${name}": type => 'host', address => '::1/128', - auth_method => 'md5', + auth_method => $_pg_hba_auth_password_encryption, order => 101; } } diff --git a/spec/acceptance/overridden_settings_spec.rb b/spec/acceptance/overridden_settings_spec.rb index 74695a49e2..225f5c7a78 100644 --- a/spec/acceptance/overridden_settings_spec.rb +++ b/spec/acceptance/overridden_settings_spec.rb @@ -26,7 +26,7 @@ class { 'postgresql::server': type => 'host', database => 'mydb', user => 'myuser', - auth_method => 'md5', + auth_method => postgresql::default('password_encryption'), address => '192.0.2.100/32', }, }, From 3e04518d530ea2dac475ae47536f6bae5a831109 Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Thu, 7 Sep 2023 01:11:27 +0200 Subject: [PATCH 0902/1000] Fix default password_encryption in postgresql_password based on params --- REFERENCE.md | 2 ++ lib/puppet/functions/postgresql/postgresql_password.rb | 5 ++++- spec/functions/postgresql_password_spec.rb | 2 ++ spec/functions/postgresql_postgresql_password_spec.rb | 2 ++ 4 files changed, 10 insertions(+), 1 deletion(-) diff --git a/REFERENCE.md b/REFERENCE.md index f4e078778b..a0e6a924df 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -4429,6 +4429,8 @@ Data type: `Optional[Optional[Postgresql::Pg_password_encryption]]` Set type for password hash +Default value comes from `postgresql::params::password_encryption` and changes based on the `postgresql::globals::version`. + ##### `salt` Data type: `Optional[Optional[Variant[String[1], Integer]]]` diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index 68be8b7374..ef899254da 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -13,6 +13,8 @@ # If the Postgresql-Passwordhash should be of Datatype Sensitive[String] # @param hash # Set type for password hash + # + # Default value comes from `postgresql::params::password_encryption` and changes based on the `postgresql::globals::version`. # @param salt # Use a specific salt value for scram-sha-256, default is username # @@ -27,7 +29,8 @@ return_type 'Variant[String, Sensitive[String]]' end - def default_impl(username, password, sensitive = false, hash = 'md5', salt = nil) + def default_impl(username, password, sensitive = false, hash = nil, salt = nil) + hash = call_function(:'postgresql::default', 'password_encryption') if hash.nil? password = password.unwrap if password.respond_to?(:unwrap) if password.is_a?(String) && password.match?(%r{^(md5[0-9a-f]{32}$|SCRAM-SHA-256\$)}) return Puppet::Pops::Types::PSensitiveType::Sensitive.new(password) if sensitive diff --git a/spec/functions/postgresql_password_spec.rb b/spec/functions/postgresql_password_spec.rb index 0cd765d6b8..1c75c9b6f8 100644 --- a/spec/functions/postgresql_password_spec.rb +++ b/spec/functions/postgresql_password_spec.rb @@ -3,5 +3,7 @@ require 'spec_helper' describe 'postgresql_password' do + include_examples 'Ubuntu 18.04' + it_behaves_like 'postgresql_password function' end diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb index d70feaf15b..d66e5afea9 100644 --- a/spec/functions/postgresql_postgresql_password_spec.rb +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -3,5 +3,7 @@ require 'spec_helper' describe 'postgresql::postgresql_password' do + include_examples 'Ubuntu 18.04' + it_behaves_like 'postgresql_password function' end From 65f4639cdcc036615d94ce561c881d2947e0b35f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 7 Sep 2023 11:25:56 +0200 Subject: [PATCH 0903/1000] spec file: remove ruby shebang --- spec/unit/puppet/type/postgresql_conn_validator.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/unit/puppet/type/postgresql_conn_validator.rb b/spec/unit/puppet/type/postgresql_conn_validator.rb index 189d00aea2..47ae4c9930 100644 --- a/spec/unit/puppet/type/postgresql_conn_validator.rb +++ b/spec/unit/puppet/type/postgresql_conn_validator.rb @@ -1,4 +1,3 @@ -#! /usr/bin/env ruby # rubocop:disable Lint/ScriptPermission # frozen_string_literal: true require 'spec_helper' From 8bc7bad9d304e4388e2a7472126fd23eb17ac1f0 Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Mon, 11 Sep 2023 21:26:41 +0200 Subject: [PATCH 0904/1000] Fix password_encryption for DBVERSION in server::role --- manifests/server/role.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index dacdbf7701..91d07e7798 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -142,7 +142,7 @@ $_hash = if $hash { $hash } elsif $connect_settings != undef and 'DBVERSION' in $connect_settings { - if (versioncmp($version, '14') >= 0) { 'scram-sha-256' } else { undef } + versioncmp($version, '14') ? { -1 => 'md5', default => 'scram-sha-256' } } else { $postgresql::server::password_encryption } From b26a4cc237b733142a59d8c41bba2f8cf97acc86 Mon Sep 17 00:00:00 2001 From: cruelsmith <92088441+cruelsmith@users.noreply.github.com> Date: Tue, 12 Sep 2023 00:37:45 +0200 Subject: [PATCH 0905/1000] Add unit test for role with DBVERSION in connect_settings --- spec/acceptance/server/role_spec.rb | 34 +++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 spec/acceptance/server/role_spec.rb diff --git a/spec/acceptance/server/role_spec.rb b/spec/acceptance/server/role_spec.rb new file mode 100644 index 0000000000..8050653951 --- /dev/null +++ b/spec/acceptance/server/role_spec.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +require 'spec_helper_acceptance' + +describe 'postgresql::server::role' do + let(:user) { 'foo' } + let(:password) { 'bar' } + + it 'with different DBVERSION in connect_settings' do + pp_role = <<-MANIFEST + $user = '#{user}' + $password = '#{password}' + + class { 'postgresql::server': } + + postgresql::server::role { $user: + password_hash => $password, + connect_settings => { + 'DBVERSION' => '13', + }, + } + MANIFEST + + if Gem::Version.new(postgresql_version) >= Gem::Version.new('14') + idempotent_apply(pp_role) + + # verify that password_encryption selectio is based on 'DBVERSION' and not on postgresql::serverglobals::version + psql("--command=\"SELECT 1 FROM pg_shadow WHERE usename = '#{user}' AND passwd = 'md596948aad3fcae80c08a35c9b5958cd89'\"") do |r| + expect(r.stdout).to match(%r{\(1 row\)}) + expect(r.stderr).to eq('') + end + end + end +end From 957588cfe0ae67273a8dbeadcf0d5386aa494793 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 25 Sep 2023 15:32:33 +0200 Subject: [PATCH 0906/1000] add $manage_selinux as a parameter, keep default, simpler condition --- REFERENCE.md | 9 +++++++++ manifests/server/instance/config.pp | 4 +++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/REFERENCE.md b/REFERENCE.md index a0e6a924df..b65c0275e6 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2429,6 +2429,7 @@ The following parameters are available in the `postgresql::server::instance::con * [`password_encryption`](#-postgresql--server--instance--config--password_encryption) * [`pg_hba_auth_password_encryption`](#-postgresql--server--instance--config--pg_hba_auth_password_encryption) * [`extra_systemd_config`](#-postgresql--server--instance--config--extra_systemd_config) +* [`manage_selinux`](#-postgresql--server--instance--config--manage_selinux) ##### `ip_mask_deny_postgres_user` @@ -2667,6 +2668,14 @@ Adds extra config to systemd config file, can for instance be used to add extra Default value: `$postgresql::server::extra_systemd_config` +##### `manage_selinux` + +Data type: `Boolean` + +Specifies whether or not manage the conf file for selinux. + +Default value: `$postgresql::server::manage_selinux` + ### `postgresql::server::instance::initdb` Manages initdb feature for a postgresql::server instance diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index c35928163a..e8eb45b145 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -47,6 +47,7 @@ # this value is usefull if you want to start enforcing scram-sha-256, but give users transition time. # @param extra_systemd_config # Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string +# @param manage_selinux Specifies whether or not manage the conf file for selinux. define postgresql::server::instance::config ( String[1] $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user, String[1] $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users, @@ -76,6 +77,7 @@ Postgresql::Pg_password_encryption $password_encryption = $postgresql::server::password_encryption, Optional[Postgresql::Pg_password_encryption] $pg_hba_auth_password_encryption = $postgresql::server::pg_hba_auth_password_encryption, Optional[String] $extra_systemd_config = $postgresql::server::extra_systemd_config, + Boolean $manage_selinux = $postgresql::server::manage_selinux, ) { $_pg_hba_auth_password_encryption = pick($pg_hba_auth_password_encryption,$password_encryption) @@ -164,7 +166,7 @@ } # ensure that SELinux has a proper label for the port defined - if $postgresql::server::manage_selinux == true and $facts['os']['selinux']['enabled'] == true { + if $manage_selinux and $facts['os']['selinux']['enabled'] { case $facts['os']['family'] { 'RedHat', 'Linux': { if $facts['os']['name'] == 'Amazon' { From 70130eb04615c125e8315b8efee4d7ebc5979f44 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 26 Sep 2023 15:38:12 +0200 Subject: [PATCH 0907/1000] Drop code compatibility for non-systemd Red Hat Only EL6 used sysvinit, but that's no longer supported by the module. --- manifests/params.pp | 9 ++------- manifests/server/instance/config.pp | 7 ++----- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 3a64384fe9..f67ec95815 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -85,13 +85,8 @@ $postgresql_conf_mode = pick($postgresql_conf_mode, '0600') } - if pick($service_provider, $facts['service_provider']) == 'systemd' { - $service_reload = "systemctl reload ${service_name}" - $service_status = pick($service_status, "systemctl status ${service_name}") - } else { - $service_reload = "service ${service_name} reload" - $service_status = pick($service_status, "service ${service_name} status") - } + $service_reload = "systemctl reload ${service_name}" + $service_status = pick($service_status, "systemctl status ${service_name}") $psql_path = pick($psql_path, "${bindir}/psql") diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index e8eb45b145..630bcff3e4 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -242,11 +242,8 @@ notify => Class['postgresql::server::reload'], } } - # lint:ignore:140chars - # RHEL 7 and 8 both support drop-in files for systemd units. Gentoo also supports drop-in files. - # Edit 02/2023 RHEL basedc Systems and Gentoo need Variables set for $PGPORT, $DATA_DIR or $PGDATA, thats what the drop-in file is for. - # lint:endignore:140chars - if $facts['os']['family'] in ['RedHat', 'Gentoo'] and $facts['service_provider'] == 'systemd' { + # RHEL based systems and Gentoo need variables set for $PGPORT, $DATA_DIR or $PGDATA via a drop-in file + if $facts['os']['family'] == 'RedHat' or ($facts['os']['family'] == 'Gentoo' and $facts['service_provider'] == 'systemd') { postgresql::server::instance::systemd { $service_name: port => $port, datadir => $datadir, From e2acb7ac9a55f72798611fceb26fc16d7edf3aeb Mon Sep 17 00:00:00 2001 From: Tim 'bastelfreak' Meusel Date: Tue, 26 Sep 2023 18:51:20 +0200 Subject: [PATCH 0908/1000] Drop EoL FreeBSD 9.4/9.5 specific code Cherry-picked from https://github.com/puppetlabs/puppetlabs-postgresql/pull/1514/ both FreeBSD versions are EoL since a long time and not listed in metadata.json anymore. We can drop them. --- manifests/params.pp | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index f67ec95815..ba45f27b83 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -199,19 +199,9 @@ } 'FreeBSD': { - case $version { - '94', '95': { - $user = pick($user, 'pgsql') - $group = pick($group, 'pgsql') - $datadir = pick($datadir, '/usr/local/pgsql/data') - } - default: { - $user = pick($user, 'postgres') - $group = pick($group, 'postgres') - $datadir = pick($datadir, "/var/db/postgres/data${version}") - } - } - + $user = pick($user, 'postgres') + $group = pick($group, 'postgres') + $datadir = pick($datadir, "/var/db/postgres/data${version}") $link_pg_config = true $client_package_name = pick($client_package_name, "databases/postgresql${version}-client") $server_package_name = pick($server_package_name, "databases/postgresql${version}-server") From e588823cfa6aaa147f1d5f8a59ecabc848decaee Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 27 Sep 2023 09:14:03 +0200 Subject: [PATCH 0909/1000] Drop EoL SLES 11.4 code SLES 11.4 and older are EoL and not present anymore in metadata.json. We can drop the code. --- manifests/params.pp | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index ba45f27b83..053d3632f7 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -264,13 +264,8 @@ $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) - if $facts['os']['name'] == 'SLES' and versioncmp($facts['os']['release']['full'], '11.4') <= 0 { - $service_status = pick($service_status, "/etc/init.d/${service_name} status") - $service_reload = "/etc/init.d/${service_name} reload" - } else { - $service_status = pick($service_status, "systemctl status ${service_name}") - $service_reload = "systemctl reload ${service_name}" - } + $service_status = pick($service_status, "systemctl status ${service_name}") + $service_reload = "systemctl reload ${service_name}" $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) From 54b503dd256801a3e6f1012b1af73e06795c6fa5 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 27 Sep 2023 11:36:57 +0200 Subject: [PATCH 0910/1000] postgis: Drop EL5 leftovers --- manifests/params.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 053d3632f7..13367a8b09 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -99,8 +99,6 @@ if $postgresql::globals::postgis_package_name { $postgis_package_name = $postgresql::globals::postgis_package_name - } elsif $facts['os']['release']['major'] == '5' { - $postgis_package_name = 'postgis' } elsif $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = "postgis${package_version}" } else { From 02b5ebec7a190bf25372c4bcc8366720da3ce8fb Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 27 Sep 2023 12:53:45 +0200 Subject: [PATCH 0911/1000] postgis: fix package name for Fedora --- manifests/params.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/params.pp b/manifests/params.pp index 13367a8b09..b870c191b1 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -99,6 +99,8 @@ if $postgresql::globals::postgis_package_name { $postgis_package_name = $postgresql::globals::postgis_package_name + } elsif $facts['os']['name'] == 'Fedora' { + $postgis_package_name = 'postgis' } elsif $postgis_version and versioncmp($postgis_version, '2') < 0 { $postgis_package_name = "postgis${package_version}" } else { From 144d448a889873b0638a3d1a1b0144734e146d16 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 21 Jun 2023 17:38:30 +0200 Subject: [PATCH 0912/1000] initial server instance define instance directories is now a hash, update example --- README.md | 181 ++++++++++++++++++++++++++++++++++- REFERENCE.md | 163 +++++++++++++++++++++++++++++++ manifests/server_instance.pp | 132 +++++++++++++++++++++++++ 3 files changed, 475 insertions(+), 1 deletion(-) create mode 100644 manifests/server_instance.pp diff --git a/README.md b/README.md index bef4b8bac6..2785010a37 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ * [Getting started with postgresql](#getting-started-with-postgresql) 3. [Usage - Configuration options and additional functionality](#usage) * [Configure a server](#configure-a-server) + * [Configure an instance](#configure-an-instance) * [Create a database](#create-a-database) * [Manage users, roles, and permissions](#manage-users-roles-and-permissions) * [Manage ownership of DB objects](#manage-ownership-of-db-objects) @@ -72,6 +73,184 @@ If you get an error message from these commands, your permission settings restri For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). +### Configure an instance + +This module supports managing multiple instances (the default instance is referred to as 'main' and managed via including the server.pp class) + +**NOTE:** This feature is currently tested on Centos 8 Streams/RHEL8 with DNF Modules enabled. Different Linux plattforms and/or the Postgresql.org +packages distribute different Systemd service files or use wrapper scripts with Systemd to start Postgres. Additional adjustmentments are needed to get this working on these plattforms. + +#### Working Plattforms + +* Centos 8 Streams +* RHEL 8 + +#### Background and example + +creating a new instance has the following advantages: +* files are owned by the postgres user +* instance is running under a different user, if the instance is hacked, the hacker has no access to the file system +* the instance user can be an LDAP user, higher security because of central login monitoring, password policies, password rotation policies +* main instance can be disabled + + +Here is a profile which can be used to create instaces + +```puppet +class profiles::postgres ( + Hash $instances = {}, + String $postgresql_version = '13', +) { + class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', + manage_package_repo => false, + manage_dnf_module => true, + needs_initdb => true, + version => $postgresql_version, + } + include postgresql::server + + $instances.each |String $instance, Hash $instance_settings| { + postgresql::server_instance { $instance: + * => $instance_settings, + } + } +} +``` + +And here is data to create an instance called test1: + +```yaml +# stop default main instance +postgresql::server::service_ensure: "stopped" +postgresql::server::service_enable: false + +#define an instance +profiles::postgres::instances: + test1: + instance_user: "ins_test1" + instance_group: "ins_test1" + instance_directories: + "/opt/pgsql": + ensure: directory + "/opt/pgsql/backup": + ensure: directory + "/opt/pgsql/data": + ensure: directory + "/opt/pgsql/data/13": + ensure: directory + "/opt/pgsql/data/home": + ensure: directory + "/opt/pgsql/wal": + ensure: directory + "/opt/pgsql/log": + ensure: directory + "/opt/pgsql/log/13": + ensure: directory + "/opt/pgsql/log/13/test1": + ensure: directory + config_settings: + pg_hba_conf_path: "/opt/pgsql/data/13/test1/pg_hba.conf" + postgresql_conf_path: "/opt/pgsql/data/13/test1/postgresql.conf" + pg_ident_conf_path: "/opt/pgsql/data/13/test1/pg_ident.conf" + datadir: "/opt/pgsql/data/13/test1" + service_name: "postgresql@13-test1" + port: 5433 + pg_hba_conf_defaults: false + service_settings: + service_name: "postgresql@13-test1" + service_status: "systemctl status postgresql@13-test1.service" + service_ensure: "running" + service_enable: true + initdb_settings: + auth_local: "peer" + auth_host: "md5" + needs_initdb: true + datadir: "/opt/pgsql/data/13/test1" + encoding: "UTF-8" + lc_messages: "en_US.UTF8" + locale: "en_US.UTF8" + data_checksums: false + group: "postgres" + user: "postgres" + username: "ins_test1" + config_entries: + authentication_timeout: + value: "1min" + comment: "a test" + log_statement_stats: + value: "off" + autovacuum_vacuum_scale_factor: + value: 0.3 + databases: + testdb1: + encoding: "UTF8" + locale: "en_US.UTF8" + owner: "dba_test1" + testdb2: + encoding: "UTF8" + locale: "en_US.UTF8" + owner: "dba_test1" + roles: + "ins_test1": + superuser: true + login: true + "dba_test1": + createdb: true + login: true + "app_test1": + login: true + "rep_test1": + replication: true + login: true + "rou_test1": + login: true + pg_hba_rules: + "local all INSTANCE user": + type: "local" + database: "all" + user: "ins_test1" + auth_method: "peer" + order: 1 + "local all DB user": + type: "local" + database: "all" + user: "dba_test1" + auth_method: "peer" + order: 2 + "local all APP user": + type: "local" + database: "all" + user: "app_test1" + auth_method: "peer" + order: 3 + "local all READONLY user": + type: "local" + database: "all" + user: "rou_test1" + auth_method: "peer" + order: 4 + "remote all INSTANCE user PGADMIN server": + type: "host" + database: "all" + user: "ins_test1" + address: "192.168.22.131/32" + auth_method: "md5" + order: 5 + "local replication INSTANCE user": + type: "local" + database: "replication" + user: "ins_test1" + auth_method: "peer" + order: 6 + "local replication REPLICATION user": + type: "local" + database: "replication" + user: "rep_test1" + auth_method: "peer" + order: 7 +``` ### Create a database You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB: @@ -359,7 +538,7 @@ For information on the classes and types, see the [REFERENCE.md](https://github. ## Limitations -Works with versions of PostgreSQL on supported OSes. +Works with versions of PostgreSQL on supported OSes. For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/metadata.json) diff --git a/REFERENCE.md b/REFERENCE.md index b65c0275e6..9b5ffc7197 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -63,6 +63,7 @@ * [`postgresql::server::schema`](#postgresql--server--schema): Create a new schema. * [`postgresql::server::table_grant`](#postgresql--server--table_grant): This resource wraps the grant resource to manage table grants specifically. * [`postgresql::server::tablespace`](#postgresql--server--tablespace): This module creates tablespace. +* [`postgresql::server_instance`](#postgresql--server_instance): define to install and manage additional postgresql instances #### Private Defined types @@ -4038,6 +4039,168 @@ May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` +### `postgresql::server_instance` + +define to install and manage additional postgresql instances + +#### Parameters + +The following parameters are available in the `postgresql::server_instance` defined type: + +* [`instance_name`](#-postgresql--server_instance--instance_name) +* [`instance_user`](#-postgresql--server_instance--instance_user) +* [`instance_group`](#-postgresql--server_instance--instance_group) +* [`instance_user_homedirectory`](#-postgresql--server_instance--instance_user_homedirectory) +* [`manage_instance_user_and_group`](#-postgresql--server_instance--manage_instance_user_and_group) +* [`instance_directories`](#-postgresql--server_instance--instance_directories) +* [`initdb_settings`](#-postgresql--server_instance--initdb_settings) +* [`config_settings`](#-postgresql--server_instance--config_settings) +* [`service_settings`](#-postgresql--server_instance--service_settings) +* [`passwd_settings`](#-postgresql--server_instance--passwd_settings) +* [`roles`](#-postgresql--server_instance--roles) +* [`config_entries`](#-postgresql--server_instance--config_entries) +* [`pg_hba_rules`](#-postgresql--server_instance--pg_hba_rules) +* [`databases`](#-postgresql--server_instance--databases) +* [`databases_and_users`](#-postgresql--server_instance--databases_and_users) +* [`database_grants`](#-postgresql--server_instance--database_grants) +* [`table_grants`](#-postgresql--server_instance--table_grants) + +##### `instance_name` + +Data type: `String[1]` + +The name of the instance. + +Default value: `$name` + +##### `instance_user` + +Data type: `String[1]` + +The user to run the instance as. + +Default value: `$instance_name` + +##### `instance_group` + +Data type: `String[1]` + +The group to run the instance as. + +Default value: `$instance_name` + +##### `instance_user_homedirectory` + +Data type: `Stdlib::Absolutepath` + +The home directory of the instance user. + +Default value: `"/opt/pgsql/data/home/${instance_user}"` + +##### `manage_instance_user_and_group` + +Data type: `Boolean` + +Should Puppet manage the instance user and it's primary group?. + +Default value: `true` + +##### `instance_directories` + +Data type: `Hash` + +directories needed for the instance. Option to manage the directory properties for each directory. + +Default value: `{}` + +##### `initdb_settings` + +Data type: `Hash` + +Specifies a hash witn parameters for postgresql::server::instance::initdb + +Default value: `{}` + +##### `config_settings` + +Data type: `Hash` + +Specifies a hash with parameters for postgresql::server::instance::config + +Default value: `{}` + +##### `service_settings` + +Data type: `Hash` + +Specifies a hash with parameters for postgresql::server:::instance::service + +Default value: `{}` + +##### `passwd_settings` + +Data type: `Hash` + +Specifies a hash with parameters for postgresql::server::instance::passwd + +Default value: `{}` + +##### `roles` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::role resources. + +Default value: `{}` + +##### `config_entries` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::config_entry resources. + +Default value: `{}` + +##### `pg_hba_rules` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. + +Default value: `{}` + +##### `databases` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::database resources. + +Default value: `{}` + +##### `databases_and_users` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::db resources. + +Default value: `{}` + +##### `database_grants` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::database_grant resources. + +Default value: `{}` + +##### `table_grants` + +Data type: `Hash` + +Specifies a hash from which to generate postgresql::server::table_grant resources. + +Default value: `{}` + ## Resource types ### `postgresql_conf` diff --git a/manifests/server_instance.pp b/manifests/server_instance.pp new file mode 100644 index 0000000000..49d2bbb8f7 --- /dev/null +++ b/manifests/server_instance.pp @@ -0,0 +1,132 @@ +# @summary define to install and manage additional postgresql instances +# @param instance_name The name of the instance. +# @param instance_user The user to run the instance as. +# @param instance_group The group to run the instance as. +# @param instance_user_homedirectory The home directory of the instance user. +# @param manage_instance_user_and_group Should Puppet manage the instance user and it's primary group?. +# @param instance_directories directories needed for the instance. Option to manage the directory properties for each directory. +# @param initdb_settings Specifies a hash witn parameters for postgresql::server::instance::initdb +# @param config_settings Specifies a hash with parameters for postgresql::server::instance::config +# @param service_settings Specifies a hash with parameters for postgresql::server:::instance::service +# @param passwd_settings Specifies a hash with parameters for postgresql::server::instance::passwd +# @param roles Specifies a hash from which to generate postgresql::server::role resources. +# @param config_entries Specifies a hash from which to generate postgresql::server::config_entry resources. +# @param pg_hba_rules Specifies a hash from which to generate postgresql::server::pg_hba_rule resources. +# @param databases Specifies a hash from which to generate postgresql::server::database resources. +# @param databases_and_users Specifies a hash from which to generate postgresql::server::db resources. +# @param database_grants Specifies a hash from which to generate postgresql::server::database_grant resources. +# @param table_grants Specifies a hash from which to generate postgresql::server::table_grant resources. +define postgresql::server_instance ( + String[1] $instance_name = $name, + Boolean $manage_instance_user_and_group = true, + Hash $instance_directories = {}, + String[1] $instance_user = $instance_name, + String[1] $instance_group = $instance_name, + Stdlib::Absolutepath $instance_user_homedirectory = "/opt/pgsql/data/home/${instance_user}", + Hash $initdb_settings = {}, + Hash $config_settings = {}, + Hash $service_settings = {}, + Hash $passwd_settings = {}, + Hash $roles = {}, + Hash $config_entries = {}, + Hash $pg_hba_rules = {}, + Hash $databases_and_users = {}, + Hash $databases = {}, + Hash $database_grants = {}, + Hash $table_grants = {}, +) { + unless($facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '8') { + warning('This define postgresql::server_instance is only tested on RHEL8') + } + $instance_directories.each |Stdlib::Absolutepath $directory, Hash $directory_settings| { + file { $directory: + * => $directory_settings, + } + } + + if $manage_instance_user_and_group { + user { $instance_user: + managehome => true, + system => true, + home => $instance_user_homedirectory, + gid => $instance_group, + } + group { $instance_group: + system => true, + } + } + postgresql::server::instance::initdb { $instance_name: + * => $initdb_settings, + } + postgresql::server::instance::config { $instance_name: + * => $config_settings, + } + postgresql::server::instance::service { $instance_name: + * => $service_settings, + port => $config_settings['port'], + user => $instance_user, + } + postgresql::server::instance::passwd { $instance_name: + * => $passwd_settings, + } + + $roles.each |$rolename, $role| { + postgresql::server::role { $rolename: + * => $role, + psql_user => $instance_user, + psql_group => $instance_group, + port => $config_settings['port'], + instance => $instance_name, + } + } + + $config_entries.each |$entry, $settings| { + $value = $settings['value'] + $comment = $settings['comment'] + postgresql::server::config_entry { "${entry}_${$instance_name}": + ensure => bool2str($value =~ Undef, 'absent', 'present'), + key => $entry, + value => $value, + comment => $comment, + path => $config_settings['postgresql_conf_path'], + } + } + $pg_hba_rules.each |String[1] $rule_name, Postgresql::Pg_hba_rule $rule| { + $rule_title = "${rule_name} for instance ${name}" + postgresql::server::pg_hba_rule { $rule_title: + * => $rule, + target => $config_settings['pg_hba_conf_path'], # TODO: breaks if removed + } + } + $databases_and_users.each |$database, $database_details| { + postgresql::server::db { $database: + * => $database_details, + psql_user => $instance_user, + psql_group => $instance_group, + port => $config_settings['port'], + } + } + $databases.each |$database, $database_details| { + postgresql::server::database { $database: + * => $database_details, + user => $instance_user, + group => $instance_group, + port => $config_settings['port'], + } + } + $database_grants.each |$db_grant_title, $dbgrants| { + postgresql::server::database_grant { $db_grant_title: + * => $dbgrants, + psql_user => $instance_user, + psql_group => $instance_group, + port => $config_settings['port'], + } + } + $table_grants.each |$table_grant_title, $tgrants| { + postgresql::server::table_grant { $table_grant_title: + * => $tgrants, + psql_user => $instance_user, + port => $config_settings['port'], + } + } +} From f6ff7c21ad08cb57049285522843327944aa520d Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 5 Jul 2023 14:05:00 +0200 Subject: [PATCH 0913/1000] add default settings for paths * postgresql::server::config_entry in postgresql::server::instance::config * easier path management in postgresql::server::config_entry * add taget to $pg_hba_conf_defaults --- manifests/server/instance/config.pp | 12 +++++++++++- manifests/server/pg_hba_rule.pp | 3 --- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index 630bcff3e4..f41277e3fb 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -94,7 +94,8 @@ if $pg_hba_conf_defaults { Postgresql::Server::Pg_hba_rule { database => 'all', - user => 'all', + target => $pg_hba_conf_path, + user => 'all', } postgresql::server::pg_hba_rule { @@ -135,6 +136,10 @@ auth_method => $_pg_hba_auth_password_encryption, order => 101; } + } else { + Postgresql::Server::Pg_hba_rule { + target => $pg_hba_conf_path, + } } # $ipv4acls and $ipv6acls are arrays of rule strings @@ -148,6 +153,11 @@ } } } + # set default postgresql_conf_path here so the path is configurable in instances for + # default values like port or listen_address + Postgresql::Server::Config_entry { + path => $postgresql_conf_path, + } if $manage_postgresql_conf_perms { file { $postgresql_conf_path: diff --git a/manifests/server/pg_hba_rule.pp b/manifests/server/pg_hba_rule.pp index 1144327951..e7945669e0 100644 --- a/manifests/server/pg_hba_rule.pp +++ b/manifests/server/pg_hba_rule.pp @@ -32,9 +32,6 @@ String[1] $description = 'none', Optional[String] $auth_option = undef, Variant[String, Integer] $order = 150, - - # Needed for testing primarily, support for multiple files is not really - # working. Stdlib::Absolutepath $target = $postgresql::server::pg_hba_conf_path, String $postgresql_version = $postgresql::server::_version ) { From 179472ba261a7d0847fdb93fdcb1d43741c4cdde Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 5 Jul 2023 16:12:30 +0200 Subject: [PATCH 0914/1000] New postgresql_conf provider, handles multiple configs update provider docs --- REFERENCE.md | 37 +++- lib/puppet/provider/postgresql_conf/parsed.rb | 45 ----- lib/puppet/provider/postgresql_conf/ruby.rb | 167 ++++++++++++++++++ lib/puppet/type/postgresql_conf.rb | 32 ++-- manifests/server/config_entry.pp | 13 +- .../provider/postgresql_conf/parsed_spec.rb | 151 ---------------- .../provider/postgresql_conf/ruby_spec.rb | 60 +++++++ spec/unit/type/postgresql_conf_spec.rb | 4 +- 8 files changed, 291 insertions(+), 218 deletions(-) delete mode 100644 lib/puppet/provider/postgresql_conf/parsed.rb create mode 100644 lib/puppet/provider/postgresql_conf/ruby.rb delete mode 100644 spec/unit/provider/postgresql_conf/parsed_spec.rb create mode 100644 spec/unit/provider/postgresql_conf/ruby_spec.rb diff --git a/REFERENCE.md b/REFERENCE.md index 9b5ffc7197..a9609ff4a5 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1527,6 +1527,7 @@ The following parameters are available in the `postgresql::server::config_entry` * [`key`](#-postgresql--server--config_entry--key) * [`value`](#-postgresql--server--config_entry--value) * [`path`](#-postgresql--server--config_entry--path) +* [`comment`](#-postgresql--server--config_entry--comment) ##### `ensure` @@ -1560,6 +1561,14 @@ Path for postgresql.conf Default value: `$postgresql::server::postgresql_conf_path` +##### `comment` + +Data type: `Optional[String[1]]` + +Defines the comment for the setting. The # is added by default. + +Default value: `undef` + ### `postgresql::server::database` Define for creating a database. @@ -4211,6 +4220,12 @@ This type allows puppet to manage postgresql.conf parameters. The following properties are available in the `postgresql_conf` type. +##### `comment` + +Valid values: `%r{^[\w\W]+$}` + +The comment to set for this parameter. + ##### `ensure` Valid values: `present`, `absent` @@ -4219,20 +4234,26 @@ The basic property that the resource should be in. Default value: `present` -##### `target` - -The path to postgresql.conf - ##### `value` +Valid values: `%r{^\S(.*\S)?$}` + The value to set for this parameter. #### Parameters The following parameters are available in the `postgresql_conf` type. +* [`key`](#-postgresql_conf--key) * [`name`](#-postgresql_conf--name) * [`provider`](#-postgresql_conf--provider) +* [`target`](#-postgresql_conf--target) + +##### `key` + +Valid values: `%r{^[\w.]+$}` + +The Postgresql parameter to manage. ##### `name` @@ -4240,13 +4261,19 @@ Valid values: `%r{^[\w.]+$}` namevar -The postgresql parameter name to manage. +A unique title for the resource. ##### `provider` The specific backend to use for this `postgresql_conf` resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. +##### `target` + +Valid values: `%r{^/\S+[a-z0-9(/)-]*\w+.conf$}` + +The path to the postgresql config file + ### `postgresql_conn_validator` Verify that a connection can be successfully established between a node diff --git a/lib/puppet/provider/postgresql_conf/parsed.rb b/lib/puppet/provider/postgresql_conf/parsed.rb deleted file mode 100644 index 8918769cab..0000000000 --- a/lib/puppet/provider/postgresql_conf/parsed.rb +++ /dev/null @@ -1,45 +0,0 @@ -# frozen_string_literal: true - -require 'puppet/provider/parsedfile' - -Puppet::Type.type(:postgresql_conf).provide( - :parsed, - parent: Puppet::Provider::ParsedFile, - default_target: '/etc/postgresql.conf', - filetype: :flat, -) do - desc 'Set key/values in postgresql.conf.' - - text_line :comment, match: %r{^\s*#} - text_line :blank, match: %r{^\s*$} - - record_line :parsed, - fields: ['name', 'value', 'comment'], - optional: ['comment'], - match: %r{^\s*([\w.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$}, - to_line: proc { |h| - # simple string and numeric values don't need to be enclosed in quotes - val = if h[:value].is_a?(Numeric) - h[:value].to_s - elsif h[:value].is_a?(Array) - # multiple listen_addresses specified as a string containing a comma-speparated list - h[:value].join(', ') - else - h[:value] - end - dontneedquote = val.match(%r{^(\d+.?\d+|\w+)$}) - dontneedequal = h[:name].match(%r{^(include|include_if_exists)$}i) - - str = h[:name].downcase # normalize case - str += dontneedequal ? ' ' : ' = ' - str += "'" unless dontneedquote && !dontneedequal - str += val - str += "'" unless dontneedquote && !dontneedequal - str += " # #{h[:comment]}" unless h[:comment].nil? || h[:comment] == :absent - str - }, - post_parse: proc { |h| - h[:name].downcase! # normalize case - h[:value].gsub!(%r{(^'|'$)}, '') # strip out quotes - } -end diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb new file mode 100644 index 0000000000..63b87478d1 --- /dev/null +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -0,0 +1,167 @@ +# frozen_string_literal: true + +# This provider is used to manage postgresql.conf files +# It uses ruby to parse the config file and +# to add, remove or modify settings. +# +# The provider is able to parse postgresql.conf files with the following format: +# key = value # comment + +Puppet::Type.type(:postgresql_conf).provide(:ruby) do + desc 'Set keys, values and comments in a postgresql config file.' + confine kernel: 'Linux' + + # The function pareses the postgresql.conf and figures out which active settings exist in a config file and returns an array of hashes + # + def parse_config + # open the config file + file = File.open(resource[:target]) + # regex to match active keys, values and comments + active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} + # empty array to be filled with hashes + active_settings = [] + # iterate the file and construct a hash for every matching/active setting + # the hash is pushed to the array and the array is returned + File.foreach(file).with_index do |line, index| + line_number = index + 1 + matches = line.match(active_values_regex) + if matches + value = if matches[:value].to_i.to_s == matches[:value] + matches[:value].to_i + elsif matches[:value].to_f.to_s == matches[:value] + matches[:value].to_f + else + matches[:value].delete("'") + end + attributes_hash = { line_number: line_number, key: matches[:key], ensure: 'present', value: value, comment: matches[:comment] } + active_settings.push(attributes_hash) + end + end + Puppet.debug("DEBUG: parse_config Active Settings found in Postgreql config file: #{active_settings}") + active_settings + end + + # Deletes an existing header from a parsed postgresql.conf configuration file + # + # @param [Array] lines of the parsed postgresql configuration file + def delete_header(lines) + header_regex = %r{^# HEADER:.*} + lines.delete_if do |entry| + entry.match?(header_regex) + end + end + + # Adds a header to a parsed postgresql.conf configuration file, after all other changes are made + # + # @param [Array] lines of the parsed postgresql configuration file + def add_header(lines) + timestamp = Time.now.strftime('%F %T %z') + header = ["# HEADER: This file was autogenerated at #{timestamp}\n", + "# HEADER: by puppet. While it can still be managed manually, it\n", + "# HEADER: is definitely not recommended.\n"] + header + lines + end + + # This function writes the config file, it removes the old header, adds a new one and writes the file + # + # @param [File] the file object of the postgresql configuration file + # @param [Array] lines of the parsed postgresql configuration file + def write_config(file, lines) + lines = delete_header(lines) + lines = add_header(lines) + File.write(file, lines.join) + end + + # check, if resource exists in postgresql.conf file + def exists? + select = parse_config.select { |hash| hash[:key] == resource[:key] } + raise ParserError, "found multiple config items of #{resource[:key]} found, please fix this" if select.length > 1 + return false if select.empty? + + @result = select.first + Puppet.debug("DEBUG: exists? @result: #{@result}") + true + end + + # remove resource if exists and is set to absent + def destroy + entry_regex = %r{#{resource[:key]}.*=.*#{resource[:value]}} + file = File.open(resource[:target]) + lines = File.readlines(file) + + lines.delete_if do |entry| + entry.match?(entry_regex) + end + write_config(file, lines) + end + + # create resource if it does not exists + def create + file = File.open(resource[:target]) + lines = File.readlines(file) + new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) + + lines.push(new_line) + write_config(file, lines) + end + + # getter - get value of a resource + def value + @result[:value] + end + + # getter - get comment of a resource + def comment + @result[:comment] + end + + # setter - set value of a resource + def value=(_value) + file = File.open(resource[:target]) + lines = File.readlines(file) + active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} + new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) + + lines.each_with_index do |line, index| + matches = line.to_s.match(active_values_regex) + lines[index] = new_line if matches && (matches[:key] == resource[:key] && matches[:value] != resource[:value]) + end + write_config(file, lines) + end + + # setter - set comment of a resource + def comment=(_comment) + file = File.open(resource[:target]) + lines = File.readlines(file) + active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} + new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) + + lines.each_with_index do |line, index| + matches = line.to_s.match(active_values_regex) + lines[index] = new_line if matches && (matches[:key] == resource[:key] && matches[:comment] != resource[:comment]) + end + write_config(file, lines) + end + + private + + # Takes elements for a postgresql.conf configuration line and formats them properly + # + # @param [String] key postgresql.conf configuration option + # @param [String] value the value for the configuration option + # @param [String] comment optional comment that will be added at the end of the line + # @return [String] line the whole line for the config file, with \n + def line(key: '', value: '', comment: nil) + value = value.to_s if value.is_a?(Numeric) + dontneedquote = value.match(%r{^(\d+.?\d+|\w+)$}) + dontneedequal = key.match(%r{^(include|include_if_exists)$}i) + line = key.downcase # normalize case + line += dontneedequal ? ' ' : ' = ' + line += "'" unless dontneedquote && !dontneedequal + line += value + line += "'" unless dontneedquote && !dontneedequal + line += " # #{comment}" unless comment.nil? || comment == :absent + line += "\n" + line + end +end diff --git a/lib/puppet/type/postgresql_conf.rb b/lib/puppet/type/postgresql_conf.rb index c014ac0fe8..432f5aa877 100644 --- a/lib/puppet/type/postgresql_conf.rb +++ b/lib/puppet/type/postgresql_conf.rb @@ -2,28 +2,40 @@ Puppet::Type.newtype(:postgresql_conf) do @doc = 'This type allows puppet to manage postgresql.conf parameters.' - ensurable newparam(:name) do - desc 'The postgresql parameter name to manage.' - isnamevar + desc 'A unique title for the resource.' + newvalues(%r{^[\w.]+$}) + end + newparam(:key) do + desc 'The Postgresql parameter to manage.' newvalues(%r{^[\w.]+$}) end newproperty(:value) do desc 'The value to set for this parameter.' - end + newvalues(%r{^\S(.*\S)?$}) - newproperty(:target) do - desc 'The path to postgresql.conf' - defaultto do - if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile) - @resource.class.defaultprovider.default_target + munge do |value| + if value.to_i.to_s == value + value.to_i + elsif value.to_f.to_s == value + value.to_f else - nil + value end end end + + newproperty(:comment) do + desc 'The comment to set for this parameter.' + newvalues(%r{^[\w\W]+$}) + end + + newparam(:target) do + desc 'The path to the postgresql config file' + newvalues(%r{^/\S+[a-z0-9(/)-]*\w+.conf$}) + end end diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 65cd68315c..d17b844a18 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -4,12 +4,14 @@ # @param key Defines the key/name for the setting. Defaults to $name # @param value Defines the value for the setting. # @param path Path for postgresql.conf +# @param comment Defines the comment for the setting. The # is added by default. # define postgresql::server::config_entry ( - Enum['present', 'absent'] $ensure = 'present', - String[1] $key = $name, - Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, - Stdlib::Absolutepath $path = $postgresql::server::postgresql_conf_path + Enum['present', 'absent'] $ensure = 'present', + String[1] $key = $name, + Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, + Stdlib::Absolutepath $path = $postgresql::server::postgresql_conf_path, + Optional[String[1]] $comment = undef, ) { # Those are the variables that are marked as "(change requires restart)" # on postgresql.conf. Items are ordered as on postgresql.conf. @@ -85,8 +87,9 @@ postgresql_conf { $name: ensure => $ensure, target => $path, - name => $key, + key => $key, value => $value, + comment => $comment, require => Class['postgresql::server::initdb'], } } diff --git a/spec/unit/provider/postgresql_conf/parsed_spec.rb b/spec/unit/provider/postgresql_conf/parsed_spec.rb deleted file mode 100644 index 7f6fdaef05..0000000000 --- a/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ /dev/null @@ -1,151 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' -require 'tempfile' - -provider_class = Puppet::Type.type(:postgresql_conf).provider(:parsed) - -describe provider_class do - let(:title) { 'postgresql_conf' } - let(:provider) do - conf_class = Puppet::Type.type(:postgresql_conf) - provider = conf_class.provider(:parsed) - conffile = tmpfilename('postgresql.conf') - allow_any_instance_of(provider).to receive(:target).and_return conffile # rubocop:disable RSpec/AnyInstance - provider - end - - after :each do - provider.initvars - end - - describe 'simple configuration that should be allowed' do - it 'parses a simple ini line' do - expect(provider.parse_line("listen_addreses = '*'")).to eq( - name: 'listen_addreses', value: '*', comment: nil, record_type: :parsed, - ) - end - - it 'parses a simple ini line (2)' do - expect(provider.parse_line(" listen_addreses = '*'")).to eq( - name: 'listen_addreses', value: '*', comment: nil, record_type: :parsed, - ) - end - - it 'parses a simple ini line (3)' do - expect(provider.parse_line("listen_addreses = '*' # dont mind me")).to eq( - name: 'listen_addreses', value: '*', comment: 'dont mind me', record_type: :parsed, - ) - end - - it 'parses a comment' do - expect(provider.parse_line('# dont mind me')).to eq( - line: '# dont mind me', record_type: :comment, - ) - end - - it 'parses a comment (2)' do - expect(provider.parse_line(" \t# dont mind me")).to eq( - line: " \t# dont mind me", record_type: :comment, - ) - end - - it 'allows includes' do - expect(provider.parse_line('include puppetextra')).to eq( - name: 'include', value: 'puppetextra', comment: nil, record_type: :parsed, - ) - end - - it 'allows numbers through without quotes' do - expect(provider.parse_line('wal_keep_segments = 32')).to eq( - name: 'wal_keep_segments', value: '32', comment: nil, record_type: :parsed, - ) - end - - it 'allows blanks through' do - expect(provider.parse_line('')).to eq( - line: '', record_type: :blank, - ) - end - - it 'parses keys with dots' do - expect(provider.parse_line('auto_explain.log_min_duration = 1ms')).to eq( - name: 'auto_explain.log_min_duration', value: '1ms', comment: nil, record_type: :parsed, - ) - end - end - - describe 'configuration that should be set' do - it 'sets comment lines' do - expect(provider.to_line(line: '# dont mind me', record_type: :comment)).to eq( - '# dont mind me', - ) - end - - it 'sets blank lines' do - expect(provider.to_line(line: '', record_type: :blank)).to eq( - '', - ) - end - - it 'sets simple configuration' do - expect(provider.to_line(name: 'listen_addresses', value: '*', comment: nil, record_type: :parsed)).to eq( - "listen_addresses = '*'", - ) - end - - it 'sets simple configuration with period in name' do - expect(provider.to_line(name: 'auto_explain.log_min_duration', value: '100ms', comment: nil, record_type: :parsed)).to eq( - 'auto_explain.log_min_duration = 100ms', - ) - end - - it 'sets simple configuration even with comments' do - expect(provider.to_line(name: 'listen_addresses', value: '*', comment: 'dont mind me', record_type: :parsed)).to eq( - "listen_addresses = '*' # dont mind me", - ) - end - - it 'quotes includes' do - expect(provider.to_line(name: 'include', value: 'puppetextra', comment: nil, record_type: :parsed)).to eq( - "include 'puppetextra'", - ) - end - - it 'quotes multiple words' do - expect(provider.to_line(name: 'archive_command', value: 'rsync up', comment: nil, record_type: :parsed)).to eq( - "archive_command = 'rsync up'", - ) - end - - it 'does not quote numbers' do - expect(provider.to_line(name: 'wal_segments', value: '32', comment: nil, record_type: :parsed)).to eq( - 'wal_segments = 32', - ) - end - - it 'allows numbers' do - expect(provider.to_line(name: 'integer', value: 42, comment: nil, record_type: :parsed)).to eq( - 'integer = 42', - ) - end - - it 'allows floats' do - expect(provider.to_line(name: 'float', value: 2.71828182845, comment: nil, record_type: :parsed)).to eq( - 'float = 2.71828182845', - ) - end - - it 'quotes single string address' do - expect(provider.to_line(name: 'listen_addresses', value: '0.0.0.0', comment: nil, record_type: :parsed)).to eq( - "listen_addresses = '0.0.0.0'", - ) - end - - it 'quotes an array of addresses' do - expect(provider.to_line(name: 'listen_addresses', value: ['0.0.0.0', '127.0.0.1'], comment: nil, record_type: :parsed)).to eq( - "listen_addresses = '0.0.0.0, 127.0.0.1'", - ) - end - end -end diff --git a/spec/unit/provider/postgresql_conf/ruby_spec.rb b/spec/unit/provider/postgresql_conf/ruby_spec.rb new file mode 100644 index 0000000000..11800b0fc7 --- /dev/null +++ b/spec/unit/provider/postgresql_conf/ruby_spec.rb @@ -0,0 +1,60 @@ +# frozen_string_literal: true + +require 'spec_helper' +provider_class = Puppet::Type.type(:postgresql_conf).provider(:ruby) + +describe provider_class do + let(:resource) { Puppet::Type.type(:postgresql_conf).new(name: 'foo', value: 'bar') } + let(:provider) { resource.provider } + + before(:each) do + allow(provider).to receive(:file_path).and_return('/tmp/foo') + allow(provider).to receive(:read_file).and_return('foo = bar') + allow(provider).to receive(:write_file).and_return(true) + end + # rubocop:enable RSpec/ReceiveMessages + + it 'has a method parse_config' do + expect(provider).to respond_to(:parse_config) + end + + it 'has a method delete_header' do + expect(provider).to respond_to(:delete_header) + end + + it 'has a method add_header' do + expect(provider).to respond_to(:add_header) + end + + it 'has a method exists?' do + expect(provider).to respond_to(:exists?) + end + + it 'has a method create' do + expect(provider).to respond_to(:create) + end + + it 'has a method destroy' do + expect(provider).to respond_to(:destroy) + end + + it 'has a method value' do + expect(provider).to respond_to(:value) + end + + it 'has a method value=' do + expect(provider).to respond_to(:value=) + end + + it 'has a method comment' do + expect(provider).to respond_to(:comment) + end + + it 'has a method comment=' do + expect(provider).to respond_to(:comment=) + end + + it 'is an instance of the Provider Ruby' do + expect(provider).to be_an_instance_of Puppet::Type::Postgresql_conf::ProviderRuby + end +end diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 179c369740..9ce4269bfa 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -24,13 +24,13 @@ end describe 'when validating attributes' do - [:name, :provider].each do |param| + [:name, :provider, :target].each do |param| it "has a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) end end - [:value, :target].each do |property| + [:value, :comment].each do |property| it "has a #{property} property" do expect(described_class.attrtype(property)).to eq(:property) end From 1dcead6bf9fe25ef23bd8c94943fb64231fea926 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 14 Aug 2023 15:48:13 +0200 Subject: [PATCH 0915/1000] postgresql::server: default username parameter to $user --- REFERENCE.md | 2 +- manifests/server.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index a9609ff4a5..4ba242e7f5 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1403,7 +1403,7 @@ Data type: `Optional[String[1]]` username of user running the postgres instance -Default value: `undef` +Default value: `$user` ### `postgresql::server::contrib` diff --git a/manifests/server.pp b/manifests/server.pp index 89d45fb7d5..2516e43611 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -167,7 +167,7 @@ Optional[String[1]] $locale = $postgresql::params::locale, Optional[String[1]] $lc_messages = undef, Optional[Boolean] $data_checksums = $postgresql::params::data_checksums, - Optional[String[1]] $username = undef, + Optional[String[1]] $username = $user, Optional[String[1]] $timezone = $postgresql::params::timezone, Boolean $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, From 3152372f08a49b9bf1a332de58b16358f30cfe77 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 14 Aug 2023 16:22:58 +0200 Subject: [PATCH 0916/1000] patch postgres_psql calls,add instance parameter * add other missing parameters * add missing documentation --- REFERENCE.md | 90 ++++++++++++++++++++++++ manifests/server/database.pp | 3 + manifests/server/db.pp | 2 + manifests/server/default_privileges.pp | 3 + manifests/server/extension.pp | 5 ++ manifests/server/grant.pp | 3 + manifests/server/grant_role.pp | 3 + manifests/server/instance/late_initdb.pp | 1 + manifests/server/reassign_owned_by.pp | 3 + manifests/server/role.pp | 17 +++-- manifests/server/schema.pp | 15 ++-- manifests/server/tablespace.pp | 3 + 12 files changed, 135 insertions(+), 13 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 4ba242e7f5..207f4ab99a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1585,6 +1585,7 @@ The following parameters are available in the `postgresql::server::database` def * [`encoding`](#-postgresql--server--database--encoding) * [`locale`](#-postgresql--server--database--locale) * [`istemplate`](#-postgresql--server--database--istemplate) +* [`instance`](#-postgresql--server--database--instance) * [`connect_settings`](#-postgresql--server--database--connect_settings) * [`psql_path`](#-postgresql--server--database--psql_path) * [`default_db`](#-postgresql--server--database--default_db) @@ -1656,6 +1657,14 @@ Defines the database as a template if set to true. Default value: `false` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ##### `connect_settings` Data type: `Hash` @@ -1810,6 +1819,7 @@ The following parameters are available in the `postgresql::server::db` defined t * [`port`](#-postgresql--server--db--port) * [`psql_user`](#-postgresql--server--db--psql_user) * [`psql_group`](#-postgresql--server--db--psql_group) +* [`instance`](#-postgresql--server--db--instance) ##### `user` @@ -1921,6 +1931,14 @@ Overrides the default PostgreSQL user group to be used for related files in the Default value: `$postgresql::server::group` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::default_privileges` Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above. @@ -1941,6 +1959,7 @@ The following parameters are available in the `postgresql::server::default_privi * [`psql_path`](#-postgresql--server--default_privileges--psql_path) * [`port`](#-postgresql--server--default_privileges--port) * [`connect_settings`](#-postgresql--server--default_privileges--connect_settings) +* [`instance`](#-postgresql--server--default_privileges--instance) * [`group`](#-postgresql--server--default_privileges--group) ##### `target_role` @@ -2042,6 +2061,14 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ##### `group` Data type: `String` @@ -2068,6 +2095,7 @@ The following parameters are available in the `postgresql::server::extension` de * [`port`](#-postgresql--server--extension--port) * [`connect_settings`](#-postgresql--server--extension--connect_settings) * [`database_resource_name`](#-postgresql--server--extension--database_resource_name) +* [`instance`](#-postgresql--server--extension--instance) * [`psql_path`](#-postgresql--server--extension--psql_path) * [`user`](#-postgresql--server--extension--user) * [`group`](#-postgresql--server--extension--group) @@ -2158,6 +2186,14 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $ Default value: `$database` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ##### `psql_path` Data type: `Stdlib::Absolutepath` @@ -2204,6 +2240,7 @@ The following parameters are available in the `postgresql::server::grant` define * [`ensure`](#-postgresql--server--grant--ensure) * [`group`](#-postgresql--server--grant--group) * [`psql_path`](#-postgresql--server--grant--psql_path) +* [`instance`](#-postgresql--server--grant--instance) ##### `role` @@ -2333,6 +2370,14 @@ Sets the path to psql command Default value: `$postgresql::server::psql_path` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::grant_role` Define for granting membership to a role. @@ -2348,6 +2393,7 @@ The following parameters are available in the `postgresql::server::grant_role` d * [`psql_user`](#-postgresql--server--grant_role--psql_user) * [`port`](#-postgresql--server--grant_role--port) * [`connect_settings`](#-postgresql--server--grant_role--connect_settings) +* [`instance`](#-postgresql--server--grant_role--instance) ##### `group` @@ -2403,6 +2449,14 @@ Specifies a hash of environment variables used when connecting to a remote serve Default value: `$postgresql::server::default_connect_settings` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::instance::config` Manages the config for a postgresql::server instance @@ -3340,6 +3394,7 @@ The following parameters are available in the `postgresql::server::reassign_owne * [`connect_settings`](#-postgresql--server--reassign_owned_by--connect_settings) * [`group`](#-postgresql--server--reassign_owned_by--group) * [`psql_path`](#-postgresql--server--reassign_owned_by--psql_path) +* [`instance`](#-postgresql--server--reassign_owned_by--instance) ##### `old_role` @@ -3399,6 +3454,14 @@ Sets the path to psql command Default value: `$postgresql::server::psql_path` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::recovery` This resource manages the parameters that applies to the recovery.conf template. @@ -3588,6 +3651,7 @@ The following parameters are available in the `postgresql::server::role` defined * [`module_workdir`](#-postgresql--server--role--module_workdir) * [`hash`](#-postgresql--server--role--hash) * [`salt`](#-postgresql--server--role--salt) +* [`instance`](#-postgresql--server--role--instance) ##### `update_password` @@ -3750,6 +3814,14 @@ Specify the salt use for the scram-sha-256 encoding password (default username) Default value: `undef` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::schema` Create a new schema. @@ -3779,6 +3851,7 @@ The following parameters are available in the `postgresql::server::schema` defin * [`group`](#-postgresql--server--schema--group) * [`psql_path`](#-postgresql--server--schema--psql_path) * [`module_workdir`](#-postgresql--server--schema--module_workdir) +* [`instance`](#-postgresql--server--schema--instance) ##### `db` @@ -3853,6 +3926,14 @@ May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::table_grant` This resource wraps the grant resource to manage table grants specifically. @@ -3968,6 +4049,7 @@ The following parameters are available in the `postgresql::server::tablespace` d * [`group`](#-postgresql--server--tablespace--group) * [`psql_path`](#-postgresql--server--tablespace--psql_path) * [`module_workdir`](#-postgresql--server--tablespace--module_workdir) +* [`instance`](#-postgresql--server--tablespace--instance) ##### `location` @@ -4048,6 +4130,14 @@ May need to specify if '/tmp' is on volume mounted with noexec option. Default value: `$postgresql::server::module_workdir` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server_instance` define to install and manage additional postgresql instances diff --git a/manifests/server/database.pp b/manifests/server/database.pp index c48e01f805..7d95e76056 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -8,6 +8,7 @@ # @param encoding Overrides the character set during creation of the database. # @param locale Overrides the locale during creation of the database. # @param istemplate Defines the database as a template if set to true. +# @param instance The name of the Postgresql database instance. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param psql_path Specifies the path to the psql command. # @param default_db Specifies the name of the default database to connect with. On most systems this is 'postgres'. @@ -23,6 +24,7 @@ Optional[String[1]] $encoding = $postgresql::server::encoding, Optional[String[1]] $locale = $postgresql::server::locale, Boolean $istemplate = false, + String[1] $instance = 'main', Hash $connect_settings = $postgresql::server::default_connect_settings, String[1] $user = $postgresql::server::user, String[1] $group = $postgresql::server::group, @@ -41,6 +43,7 @@ psql_path => $psql_path, port => $port_override, connect_settings => $connect_settings, + instance => $instance, } # Optionally set the locale switch. Older versions of createdb may not accept diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 01cc61b665..513e548ed7 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -14,6 +14,7 @@ # @param port Specifies the port where the PostgreSQL server is listening on. # @param psql_user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param psql_group Overrides the default PostgreSQL user group to be used for related files in the file system. +# @param instance The name of the Postgresql database instance. define postgresql::server::db ( String[1] $user, Optional[Variant[String, Sensitive[String]]] $password = undef, @@ -29,6 +30,7 @@ Optional[Stdlib::Port] $port = undef, String[1] $psql_user = $postgresql::server::user, String[1] $psql_group = $postgresql::server::group, + String[1] $instance = 'main', ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: diff --git a/manifests/server/default_privileges.pp b/manifests/server/default_privileges.pp index 771c86cd58..815abaebbd 100644 --- a/manifests/server/default_privileges.pp +++ b/manifests/server/default_privileges.pp @@ -12,6 +12,7 @@ # @param psql_path Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'. # @param port Specifies the port to access the server. Default value: The default user for the module, usually '5432'. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param instance The name of the Postgresql database instance. # @param group Specifies the user group to which the privileges will be granted. define postgresql::server::default_privileges ( String $role, @@ -34,6 +35,7 @@ String $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Optional[String] $target_role = undef, + String[1] $instance = 'main', ) { $version = pick($connect_settings['DBVERSION'],postgresql::default('version')) $port_override = pick($connect_settings['PGPORT'], $port) @@ -160,6 +162,7 @@ psql_path => $psql_path, unless => $unless_cmd, environment => 'PGOPTIONS=--client-min-messages=error', + instance => $instance, } if defined(Postgresql::Server::Role[$role]) { diff --git a/manifests/server/extension.pp b/manifests/server/extension.pp index 79dfd3b126..196c077c0b 100644 --- a/manifests/server/extension.pp +++ b/manifests/server/extension.pp @@ -21,6 +21,7 @@ # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param database_resource_name Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank. +# @param instance The name of the Postgresql database instance. # @param psql_path Specifies the path to the psql command. # @param user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system. # @param group Overrides the default postgres user group to be used for related files in the file system. @@ -35,6 +36,7 @@ Stdlib::Port $port = postgresql::default('port'), Hash $connect_settings = postgresql::default('default_connect_settings'), String[1] $database_resource_name = $database, + String[1] $instance = 'main', String[1] $user = postgresql::default('user'), String[1] $group = postgresql::default('group'), Stdlib::Absolutepath $psql_path = postgresql::default('psql_path'), @@ -86,6 +88,7 @@ db => $database, port => $port_override, command => $command, + instance => $instance, unless => "SELECT 1 WHERE ${unless_mod}EXISTS (SELECT 1 FROM pg_extension WHERE extname = '${extension}')", require => $psql_cmd_require, before => $psql_cmd_before, @@ -113,6 +116,7 @@ connect_settings => $connect_settings, db => $database, port => $port_override, + instance => $instance, require => Postgresql_psql["${database}: ${command}"], } @@ -146,6 +150,7 @@ psql_path => $psql_path, connect_settings => $connect_settings, command => $alter_extension_sql, + instance => $instance, unless => $update_unless, } } diff --git a/manifests/server/grant.pp b/manifests/server/grant.pp index 68591851bb..e9c0894003 100644 --- a/manifests/server/grant.pp +++ b/manifests/server/grant.pp @@ -18,6 +18,7 @@ # @param ensure Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'. # @param group Sets the OS group to run psql # @param psql_path Sets the path to psql command +# @param instance The name of the Postgresql database instance. define postgresql::server::grant ( String $role, String $db, @@ -47,6 +48,7 @@ Enum['present', 'absent'] $ensure = 'present', String $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + String[1] $instance = 'main', ) { case $ensure { default: { @@ -470,6 +472,7 @@ psql_user => $psql_user, psql_group => $group, psql_path => $psql_path, + instance => $instance, unless => $_unless, onlyif => $_onlyif, } diff --git a/manifests/server/grant_role.pp b/manifests/server/grant_role.pp index 4edf59ea0d..11ef6a70de 100644 --- a/manifests/server/grant_role.pp +++ b/manifests/server/grant_role.pp @@ -7,10 +7,12 @@ # @param psql_user Sets the OS user to run psql. # @param port Port to use when connecting. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. +# @param instance The name of the Postgresql database instance. define postgresql::server::grant_role ( String[1] $group, String[1] $role = $name, Enum['present', 'absent'] $ensure = 'present', + String[1] $instance = 'main', String[1] $psql_db = $postgresql::server::default_database, String[1] $psql_user = $postgresql::server::user, Stdlib::Port $port = $postgresql::server::port, @@ -36,6 +38,7 @@ db => $psql_db, psql_user => $psql_user, port => $port, + instance => $instance, connect_settings => $connect_settings, } diff --git a/manifests/server/instance/late_initdb.pp b/manifests/server/instance/late_initdb.pp index 05a93f81a6..bc011b9a01 100644 --- a/manifests/server/instance/late_initdb.pp +++ b/manifests/server/instance/late_initdb.pp @@ -25,6 +25,7 @@ psql_group => $group, psql_path => $psql_path, port => $port, + instance => $name, cwd => $module_workdir, } diff --git a/manifests/server/reassign_owned_by.pp b/manifests/server/reassign_owned_by.pp index 30d8729318..ce98f2601b 100644 --- a/manifests/server/reassign_owned_by.pp +++ b/manifests/server/reassign_owned_by.pp @@ -10,6 +10,7 @@ # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param group Sets the OS group to run psql # @param psql_path Sets the path to psql command +# @param instance The name of the Postgresql database instance. define postgresql::server::reassign_owned_by ( String $old_role, String $new_role, @@ -19,6 +20,7 @@ Hash $connect_settings = $postgresql::server::default_connect_settings, String[1] $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, + String[1] $instance = 'main', ) { $sql_command = "REASSIGN OWNED BY \"${old_role}\" TO \"${new_role}\"" @@ -43,6 +45,7 @@ psql_user => $psql_user, psql_group => $group, psql_path => $psql_path, + instance => $instance, onlyif => $onlyif, } diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 91d07e7798..1b37ce282c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -23,6 +23,7 @@ # May need to specify if '/tmp' is on volume mounted with noexec option. # @param hash Specify the hash method for pg password # @param salt Specify the salt use for the scram-sha-256 encoding password (default username) +# @param instance The name of the Postgresql database instance. define postgresql::server::role ( Boolean $update_password = true, Variant[Boolean, String, Sensitive[String]] $password_hash = false, @@ -44,6 +45,7 @@ Enum['present', 'absent'] $ensure = 'present', Optional[Enum['md5', 'scram-sha-256']] $hash = undef, Optional[Variant[String[1], Integer]] $salt = undef, + String[1] $instance = 'main', ) { $password_hash_unsensitive = if $password_hash =~ Sensitive[String] { $password_hash.unwrap @@ -54,14 +56,15 @@ $version = pick($connect_settings['DBVERSION'], postgresql::default('version')) Postgresql_psql { - db => $db, - port => $port_override, - psql_user => $psql_user, - psql_group => $psql_group, - psql_path => $psql_path, + db => $db, + port => $port_override, + psql_user => $psql_user, + psql_group => $psql_group, + psql_path => $psql_path, connect_settings => $connect_settings, - cwd => $module_workdir, - require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], + instance => $instance, + cwd => $module_workdir, + require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], } if $ensure == 'present' { diff --git a/manifests/server/schema.pp b/manifests/server/schema.pp index 369f638c35..e8405792f7 100644 --- a/manifests/server/schema.pp +++ b/manifests/server/schema.pp @@ -15,6 +15,7 @@ # @param module_workdir # Specifies working directory under which the psql command should be executed. # May need to specify if '/tmp' is on volume mounted with noexec option. +# @param instance The name of the Postgresql database instance. # @example # postgresql::server::schema {'private': # db => 'template1', @@ -29,6 +30,7 @@ String[1] $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, Stdlib::Absolutepath $module_workdir = $postgresql::server::module_workdir, + String[1] $instance = 'main', ) { Postgresql::Server::Db <| dbname == $db |> -> Postgresql::Server::Schema[$name] @@ -36,13 +38,14 @@ $port_override = pick($connect_settings['PGPORT'], $port) Postgresql_psql { - db => $db, - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port_override, - cwd => $module_workdir, + db => $db, + psql_user => $user, + psql_group => $group, + psql_path => $psql_path, + port => $port_override, + cwd => $module_workdir, connect_settings => $connect_settings, + instance => $instance, } postgresql_psql { "${db}: CREATE SCHEMA \"${schema}\"": diff --git a/manifests/server/tablespace.pp b/manifests/server/tablespace.pp index 9f166cc7d2..2774732780 100644 --- a/manifests/server/tablespace.pp +++ b/manifests/server/tablespace.pp @@ -12,6 +12,7 @@ # @param module_workdir # Specifies working directory under which the psql command should be executed. # May need to specify if '/tmp' is on volume mounted with noexec option. +# @param instance The name of the Postgresql database instance. define postgresql::server::tablespace ( String[1] $location, Boolean $manage_location = true, @@ -23,6 +24,7 @@ String[1] $group = $postgresql::server::group, Stdlib::Absolutepath $psql_path = $postgresql::server::psql_path, String[1] $module_workdir = $postgresql::server::module_workdir, + String[1] $instance = 'main', ) { # If the connection settings do not contain a port, then use the local server port $port_override = pick($connect_settings['PGPORT'], $port) @@ -34,6 +36,7 @@ port => $port_override, connect_settings => $connect_settings, cwd => $module_workdir, + instance => $instance, } if($manage_location) { From 5b829f4423ffb6e6fc250227c20f263f3ac47a15 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Mon, 21 Aug 2023 13:31:30 +0200 Subject: [PATCH 0917/1000] extend systemd define to handle instance systemd files --- manifests/server/instance/config.pp | 13 ++++----- manifests/server/instance/systemd.pp | 42 +++++++++++++++++----------- 2 files changed, 32 insertions(+), 23 deletions(-) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index f41277e3fb..d596d0846b 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -252,12 +252,11 @@ notify => Class['postgresql::server::reload'], } } - # RHEL based systems and Gentoo need variables set for $PGPORT, $DATA_DIR or $PGDATA via a drop-in file - if $facts['os']['family'] == 'RedHat' or ($facts['os']['family'] == 'Gentoo' and $facts['service_provider'] == 'systemd') { - postgresql::server::instance::systemd { $service_name: - port => $port, - datadir => $datadir, - extra_systemd_config => $extra_systemd_config, - } + + postgresql::server::instance::systemd { $name: + port => $port, + datadir => $datadir, + extra_systemd_config => $extra_systemd_config, + service_name => $service_name, } } diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp index d3f217e09e..b9a46a2336 100644 --- a/manifests/server/instance/systemd.pp +++ b/manifests/server/instance/systemd.pp @@ -5,26 +5,36 @@ define postgresql::server::instance::systemd ( Stdlib::Port $port, Stdlib::Absolutepath $datadir, + String[1] $instance_name = $name, Optional[String[1]] $extra_systemd_config = undef, String[1] $service_name = $name, Enum[present, absent] $drop_in_ensure = 'present', ) { - # Template uses: - # - $port - # - $datadir - # - $extra_systemd_config - systemd::dropin_file { "${service_name}.conf": - ensure => $drop_in_ensure, - unit => "${service_name}.service", - owner => 'root', - group => 'root', - content => epp('postgresql/systemd-override.conf.epp', { - port => $port, - datadir => $datadir, - extra_systemd_config => $extra_systemd_config, + if $facts['service_provider'] == 'systemd' { + if $facts['os']['family'] in ['RedHat', 'Gentoo'] { + # RHEL 7 and 8 both support drop-in files for systemd units. + # Gentoo also supports drop-in files. + # RHEL based Systems need Variables set for $PGPORT, $DATA_DIR or $PGDATA, thats what the drop-in file is for. + # For additional instances (!= 'main') we need a new systemd service anyhow and use one systemd-file. no dropin needed. + # + # Template uses: + # - $port + # - $datadir + # - $extra_systemd_config + systemd::dropin_file { "${service_name}.conf": + ensure => $drop_in_ensure, + unit => "${service_name}.service", + owner => 'root', + group => 'root', + content => epp('postgresql/systemd-override.conf.epp', { + port => $port, + datadir => $datadir, + extra_systemd_config => $extra_systemd_config, + } + ), + notify => Class['postgresql::server::service'], + before => Class['postgresql::server::reload'], } - ), - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], + } } } From a5185d95ca5da097e21f169bc16f3cdc7afab1f5 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Thu, 7 Sep 2023 15:17:19 +0200 Subject: [PATCH 0918/1000] Add spec test for instance test1 update spec tests --- spec/defines/server_instance_spec.rb | 223 +++++++++++++++++++++++++++ 1 file changed, 223 insertions(+) create mode 100644 spec/defines/server_instance_spec.rb diff --git a/spec/defines/server_instance_spec.rb b/spec/defines/server_instance_spec.rb new file mode 100644 index 0000000000..89eadb06c8 --- /dev/null +++ b/spec/defines/server_instance_spec.rb @@ -0,0 +1,223 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::server_instance' do + include_examples 'RedHat 8' + + let :pre_condition do + "class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', + manage_package_repo => false, + manage_dnf_module => true, + needs_initdb => true, + version => '13', + } + # stop default main instance + class { 'postgresql::server': + service_ensure => 'stopped', + service_enable => false, + }" + end + let(:title) { 'test1' } + let(:params) do + { + 'instance_user': 'ins_test1', + 'instance_group': 'ins_test1', + 'instance_directories': { '/opt/pgsql': { 'ensure' => 'directory' }, + '/opt/pgsql/backup': { 'ensure' => 'directory' }, + '/opt/pgsql/data': { 'ensure' => 'directory' }, + '/opt/pgsql/data/13': { 'ensure' => 'directory' }, + '/opt/pgsql/data/home': { 'ensure' => 'directory' }, + '/opt/pgsql/wal': { 'ensure' => 'directory' }, + '/opt/pgsql/log': { 'ensure' => 'directory' }, + '/opt/pgsql/log/13': { 'ensure' => 'directory' }, + '/opt/pgsql/log/13/test1': { 'ensure' => 'directory' }, }, + 'config_settings': { 'pg_hba_conf_path' => '/opt/pgsql/data/13/test1/pg_hba.conf', + 'postgresql_conf_path' => '/opt/pgsql/data/13/test1/postgresql.conf', + 'pg_ident_conf_path' => '/opt/pgsql/data/13/test1/pg_ident.conf', + 'datadir' => '/opt/pgsql/data/13/test1', + 'service_name' => 'postgresql@13-test1', + 'port' => 5433, + 'pg_hba_conf_defaults' => false }, + 'service_settings': { 'service_name' => 'postgresql@13-test1', + 'service_status' => 'systemctl status postgresql@13-test1.service', + 'service_ensure' => 'running', + 'service_enable' => true }, + 'initdb_settings': { 'auth_local' => 'peer', + 'auth_host' => 'md5', + 'needs_initdb' => true, + 'datadir' => '/opt/pgsql/data/13/test1', + 'encoding' => 'UTF-8', + 'lc_messages' => 'en_US.UTF8', + 'locale' => 'en_US.UTF8', + 'data_checksums' => false, + 'group' => 'postgres', + 'user' => 'postgres', + 'username' => 'ins_test1' }, + 'config_entries': { 'authentication_timeout': { 'value' => '1min', + 'comment' => 'a test' }, + 'log_statement_stats': { 'value' => 'off' }, + 'autovacuum_vacuum_scale_factor': { 'value' => 0.3 }, }, + 'databases': { 'testdb1': { 'encoding' => 'UTF8', + 'locale' => 'en_US.UTF8', + 'owner' => 'dba_test1' }, + 'testdb2': { 'encoding' => 'UTF8', + 'locale' => 'en_US.UTF8', + 'owner' => 'dba_test1' }, }, + 'roles': { 'ins_test1': { 'superuser' => true, + 'login' => true, }, + 'dba_test1': { 'createdb' => true, + 'login' => true, }, + 'app_test1': { 'login' => true }, + 'rep_test1': { 'replication' => true, + 'login' => true }, + 'rou_test1': { 'login' => true }, }, + 'pg_hba_rules': { 'local all INSTANCE user': { 'type' => 'local', + 'database' => 'all', + 'user' => 'ins_test1', + 'auth_method' => 'peer', + 'order' => 1 }, + 'local all DB user': { 'type' => 'local', + 'database' => 'all', + 'user' => 'dba_test1', + 'auth_method' => 'peer', + 'order' => 2 }, + 'local all APP user': { 'type' => 'local', + 'database' => 'all', + 'user' => 'app_test1', + 'auth_method' => 'peer', + 'order' => 3 }, + 'local all READONLY user': { 'type' => 'local', + 'database' => 'all', + 'user' => 'rou_test1', + 'auth_method' => 'peer', + 'order' => 4 }, + 'remote all INSTANCE user PGADMIN server': { 'type' => 'host', + 'database' => 'all', + 'user' => 'ins_test1', + 'address' => '192.168.22.131/32', + 'auth_method' => 'md5', + 'order' => 5 }, + 'local replication INSTANCE user': { 'type' => 'local', + 'database' => 'replication', + 'user' => 'ins_test1', + 'auth_method' => 'peer', + 'order' => 6 }, + 'local replication REPLICATION user': { 'type' => 'local', + 'database' => 'replication', + 'user' => 'rep_test1', + 'auth_method' => 'peer', + 'order' => 7 }, }, + } + end + + context 'with postgresql instance test1' do + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_postgresql__server_instance('test1') } + it { is_expected.to contain_user('ins_test1') } + it { is_expected.to contain_group('ins_test1') } + it { is_expected.to contain_service('postgresqld_instance_test1').with_name('postgresql@13-test1').with_status('systemctl status postgresql@13-test1.service') } + it { is_expected.to contain_systemd__dropin_file('postgresql@13-test1.conf') } + it { is_expected.to contain_postgresql_conn_validator('validate_service_is_running_instance_test1') } + it { is_expected.to contain_postgresql_conf('port_for_instance_test1') } + it { is_expected.to contain_postgresql_conf('log_statement_stats_test1') } + it { is_expected.to contain_postgresql_conf('data_directory_for_instance_test1') } + it { is_expected.to contain_postgresql_conf('autovacuum_vacuum_scale_factor_test1') } + it { is_expected.to contain_postgresql_conf('authentication_timeout_test1') } + it { is_expected.to contain_postgresql__server__role('app_test1') } + it { is_expected.to contain_postgresql__server__role('dba_test1') } + it { is_expected.to contain_postgresql__server__role('ins_test1') } + it { is_expected.to contain_postgresql__server__role('rep_test1') } + it { is_expected.to contain_postgresql__server__role('rou_test1') } + it { is_expected.to contain_anchor('postgresql::server::service::begin::test1') } + it { is_expected.to contain_anchor('postgresql::server::service::end::test1') } + it { is_expected.to contain_class('Postgresql::Dnfmodule') } + it { is_expected.to contain_class('Postgresql::Server::Install') } + it { is_expected.to contain_class('Postgresql::Server::Reload') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local all APP user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local all DB user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local all INSTANCE user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local all READONLY user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local replication INSTANCE user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_local replication REPLICATION user for instance test1') } + it { is_expected.to contain_concat__fragment('pg_hba_rule_remote all INSTANCE user PGADMIN server for instance test1') } + it { is_expected.to contain_concat('/opt/pgsql/data/13/test1/pg_hba.conf') } + it { is_expected.to contain_concat('/opt/pgsql/data/13/test1/pg_ident.conf') } + it { is_expected.to contain_exec('postgresql_initdb_instance_test1') } + it { is_expected.to contain_file('/opt/pgsql/backup') } + it { is_expected.to contain_file('/opt/pgsql/data/13/test1/postgresql.conf') } + it { is_expected.to contain_file('/opt/pgsql/data/13/test1') } + it { is_expected.to contain_file('/opt/pgsql/data/13') } + it { is_expected.to contain_file('/opt/pgsql/data/home') } + it { is_expected.to contain_file('/opt/pgsql/data') } + it { is_expected.to contain_file('/opt/pgsql/log/13/test1') } + it { is_expected.to contain_file('/opt/pgsql/log/13') } + it { is_expected.to contain_file('/opt/pgsql/log') } + it { is_expected.to contain_file('/opt/pgsql/wal') } + it { is_expected.to contain_file('/opt/pgsql') } + it { is_expected.to contain_postgresql__server__config_entry('authentication_timeout_test1') } + it { is_expected.to contain_postgresql__server__config_entry('autovacuum_vacuum_scale_factor_test1') } + it { is_expected.to contain_postgresql__server__config_entry('data_directory_for_instance_test1') } + it { is_expected.to contain_postgresql__server__config_entry('log_statement_stats_test1') } + it { is_expected.to contain_postgresql__server__config_entry('password_encryption_for_instance_test1') } + it { is_expected.to contain_postgresql__server__config_entry('port_for_instance_test1') } + it { is_expected.to contain_postgresql__server__database('testdb1') } + it { is_expected.to contain_postgresql__server__database('testdb2') } + it { is_expected.to contain_postgresql__server__instance__config('test1') } + it { is_expected.to contain_postgresql__server__instance__initdb('test1') } + it { is_expected.to contain_postgresql__server__instance__passwd('test1') } + it { is_expected.to contain_postgresql__server__instance__service('test1') } + it { is_expected.to contain_postgresql__server__instance__systemd('test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local all APP user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local all DB user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local all INSTANCE user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local all READONLY user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local replication INSTANCE user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('local replication REPLICATION user for instance test1') } + it { is_expected.to contain_postgresql__server__pg_hba_rule('remote all INSTANCE user PGADMIN server for instance test1') } + it { is_expected.to contain_postgresql_psql('ALTER DATABASE "testdb1" OWNER TO "dba_test1"') } + it { is_expected.to contain_postgresql_psql('ALTER DATABASE "testdb2" OWNER TO "dba_test1"') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" NOCREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" NOREPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "app_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" CREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" NOREPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "dba_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" NOCREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" NOREPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "ins_test1" SUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" NOCREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rep_test1" REPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOCREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOREPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE app_test1 ENCRYPTED PASSWORD ****') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE dba_test1 ENCRYPTED PASSWORD ****') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE ins_test1 ENCRYPTED PASSWORD ****') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE rep_test1 ENCRYPTED PASSWORD ****') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE rou_test1 ENCRYPTED PASSWORD ****') } + end +end From ae5c6379dcdbf98d8ed45bd089d586c0adb5afeb Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Fri, 22 Sep 2023 12:08:06 +0200 Subject: [PATCH 0919/1000] add acceptence test for instance test1 --- spec/acceptance/server_instance_spec.rb | 161 ++++++++++++++++++++++++ 1 file changed, 161 insertions(+) create mode 100644 spec/acceptance/server_instance_spec.rb diff --git a/spec/acceptance/server_instance_spec.rb b/spec/acceptance/server_instance_spec.rb new file mode 100644 index 0000000000..93192bafb3 --- /dev/null +++ b/spec/acceptance/server_instance_spec.rb @@ -0,0 +1,161 @@ +# frozen_string_literal: true + +# run a test task +require 'spec_helper_acceptance' + +describe 'postgresql instance test1', if: os[:family] == 'redhat' && os[:release].start_with?('8') do + pp = <<-MANIFEST + # set global defaults + class { 'postgresql::globals': + encoding => 'UTF-8', + locale => 'en_US.UTF-8', + manage_package_repo => false, + manage_dnf_module => true, + needs_initdb => true, + version => '13', + } + # stop default main instance + class { 'postgresql::server': + service_ensure => 'stopped', + service_enable => false, + } + # define instance test1 + postgresql::server_instance { 'test1': + instance_user => 'ins_test1', + instance_group => 'ins_test1', + instance_directories => { + '/opt/pgsql' => { 'ensure' => 'directory' }, + '/opt/pgsql/backup' => { 'ensure' => 'directory' }, + '/opt/pgsql/data' => { 'ensure' => 'directory' }, + '/opt/pgsql/data/13' => { 'ensure' => 'directory' }, + '/opt/pgsql/data/home' => { 'ensure' => 'directory' }, + '/opt/pgsql/wal' => { 'ensure' => 'directory' }, + '/opt/pgsql/log' => { 'ensure' => 'directory' }, + '/opt/pgsql/log/13' => { 'ensure' => 'directory' }, + '/opt/pgsql/log/13/test1' => { 'ensure' => 'directory' }, + }, + config_settings => { + 'pg_hba_conf_path' => '/opt/pgsql/data/13/test1/pg_hba.conf', + 'postgresql_conf_path' => '/opt/pgsql/data/13/test1/postgresql.conf', + 'pg_ident_conf_path' => '/opt/pgsql/data/13/test1/pg_ident.conf', + 'datadir' => '/opt/pgsql/data/13/test1', + 'service_name' => 'postgresql@13-test1', + 'port' => 5433, + 'pg_hba_conf_defaults' => false, + 'manage_selinux' => true, + }, + service_settings => { + 'service_name' => 'postgresql@13-test1', + 'service_status' => 'systemctl status postgresql@13-test1.service', + 'service_ensure' => 'running', + 'service_enable' => true, + }, + initdb_settings => { + 'auth_local' => 'peer', + 'auth_host' => 'md5', + 'needs_initdb' => true, + 'datadir' => '/opt/pgsql/data/13/test1', + 'encoding' => 'UTF-8', + 'lc_messages' => 'en_US.UTF8', + 'locale' => 'en_US.UTF8', + 'data_checksums' => false, + 'group' => 'postgres', + 'user' => 'postgres', + 'username' => 'ins_test1', + }, + config_entries => { + 'authentication_timeout' => { + 'value' => '1min', + 'comment' => 'a test', + }, + 'log_statement_stats' => { 'value' => 'off' }, + 'autovacuum_vacuum_scale_factor' => { 'value' => 0.3 }, + }, + databases => { + 'testdb1' => { + 'encoding' => 'UTF8', + 'locale' => 'en_US.UTF8', + 'owner' => 'dba_test1', + }, + 'testdb2' => { + 'encoding' => 'UTF8', + 'locale' => 'en_US.UTF8', + 'owner' => 'dba_test1', + }, + }, + roles => { + 'ins_test1' => { + 'superuser' => true, + 'login' => true, + }, + 'dba_test1' => { + 'createdb' => true, + 'login' => true, + }, + 'app_test1' => { 'login' => true }, + 'rep_test1' => { + 'replication' => true, + 'login' => true, + }, + 'rou_test1' => { 'login' => true }, + }, + pg_hba_rules => { + 'local all INSTANCE user' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'ins_test1', + 'auth_method' => 'peer', + 'order' => 1, + }, + 'local all DB user' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'dba_test1', + 'auth_method' => 'peer', + 'order' => 2, + }, + 'local all APP user' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'app_test1', + 'auth_method' => 'peer', + 'order' => 3, + }, + 'local all READONLY user' => { + 'type' => 'local', + 'database' => 'all', + 'user' => 'rou_test1', + 'auth_method' => 'peer', + 'order' => 4, + }, + 'remote all INSTANCE user PGADMIN server' => { + 'type' => 'host', + 'database' => 'all', + 'user' => 'ins_test1', + 'address' => '192.168.22.131/32', + 'auth_method' => 'md5', + 'order' => 5, + }, + 'local replication INSTANCE user' => { + 'type' => 'local', + 'database' => 'replication', + 'user' => 'ins_test1', + 'auth_method' => 'peer', + 'order' => 6, + }, + 'local replication REPLICATION user' => { + 'type' => 'local', + 'database' => 'replication', + 'user' => 'rep_test1', + 'auth_method' => 'peer', + 'order' => 7, + }, + }, + } + MANIFEST + + it 'installs postgres instance test1' do + export_locales('en_US.UTF-8 ') + apply_manifest(pp, catch_failures: true) + end +end From 7469332ef80dec45371d13ada132130092d818ed Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 7 Sep 2023 14:25:40 +0200 Subject: [PATCH 0920/1000] Drop code for Debian without systemd --- manifests/params.pp | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index b870c191b1..50f916a7b4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -164,13 +164,8 @@ $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") $confdir = pick($confdir, "/etc/postgresql/${version}/main") - if pick($service_provider, $facts['service_provider']) == 'systemd' { - $service_reload = "systemctl reload ${service_name}" - $service_status = pick($service_status, "systemctl status ${service_name}") - } else { - $service_reload = "service ${service_name} reload" - $service_status = pick($service_status, "service ${service_name} status") - } + $service_reload = "systemctl reload ${service_name}" + $service_status = pick($service_status, "systemctl status ${service_name}") $psql_path = pick($psql_path, '/usr/bin/psql') $postgresql_conf_mode = pick($postgresql_conf_mode, '0644') } From c875095819476d2ca546d5430b551714568bcee1 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Wed, 11 Oct 2023 11:52:56 +0000 Subject: [PATCH 0921/1000] Release prep v10.0.0 --- CHANGELOG.md | 78 +++++++++++++++++++++++++++++++++++++++------------ metadata.json | 2 +- 2 files changed, 61 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8ebe04b397..c23bb7e24b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,48 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.0) - 2023-10-11 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.2.0...v10.0.0) + +### Changed +- postgis: Drop EL5 leftovers and fix package name for Fedora [#1521](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1521) ([bastelfreak](https://github.com/bastelfreak)) +- Drop EoL SLES 11.4 code [#1520](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1520) ([bastelfreak](https://github.com/bastelfreak)) +- Drop code for Debian without systemd [#1514](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1514) ([bastelfreak](https://github.com/bastelfreak)) +- puppet/systemd: Allow 6.x [#1505](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1505) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- set datatype for directories to Stdlib::Absolutepath [#1499](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1499) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Drop postgresql 8.4/RHEL6 specific code [#1489](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1489) ([bastelfreak](https://github.com/bastelfreak)) +- Drop postgresql 8.1/RHEL5 specific code [#1486](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1486) ([bastelfreak](https://github.com/bastelfreak)) +- Delete deprecated validate_db_connection() defined resource [#1484](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1484) ([bastelfreak](https://github.com/bastelfreak)) +- postgresql::server: Remove deprecated createdb_path parameter [#1483](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1483) ([bastelfreak](https://github.com/bastelfreak)) +- postgresql::server: Remove deprecated version parameter [#1482](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1482) ([bastelfreak](https://github.com/bastelfreak)) +- puppetlabs/stdlib: Require 9.x [#1481](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1481) ([bastelfreak](https://github.com/bastelfreak)) +- port: Enforce Stdlib::Port datatype [#1473](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1473) ([bastelfreak](https://github.com/bastelfreak)) +- Add Server Instance Feature [#1450](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1450) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) + +### Added + +- Drop EoL FreeBSD 9.4/9.5 specific code [#1519](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1519) ([bastelfreak](https://github.com/bastelfreak)) +- Drop code compatibility for non-systemd Red Hat [#1518](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1518) ([ekohl](https://github.com/ekohl)) +- add $manage_selinux as a parameter, keep default, simpler condition [#1516](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1516) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- add port and psql_path parameter to initdb define [#1510](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1510) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- PDK update 2.7.0->3.0.0 [#1508](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1508) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- variables to parameters for tablespace/schema/reassign_owned_by [#1507](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1507) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- server::schema: Drop unused $version variable [#1506](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1506) ([bastelfreak](https://github.com/bastelfreak)) +- Prefer $connect_settings over explicit parameters [#1498](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1498) ([bastelfreak](https://github.com/bastelfreak)) +- server::extension: make user/group/psql_path configureable [#1497](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1497) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- server::db: Make port/user/group configureable [#1494](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1494) ([bastelfreak](https://github.com/bastelfreak)) +- server::database_grant: Always set default user/group and expose port as parameter [#1493](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1493) ([bastelfreak](https://github.com/bastelfreak)) +- server::database: make user/group/psql_path/default_db configureable [#1492](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1492) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- Provide a default for config_entry's path and enforce absolute path [#1490](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1490) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) + +### Fixed + +- Fix password_encryption for DBVERSION in server::role [#1515](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1515) ([cruelsmith](https://github.com/cruelsmith)) +- Flexible password encryption in pg hba conf [#1512](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1512) ([cruelsmith](https://github.com/cruelsmith)) +- service name should be unique to allow instances [#1504](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1504) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) +- server::grant: make port optional/restore connect_settings feature [#1496](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1496) ([bastelfreak](https://github.com/bastelfreak)) + ## [v9.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v9.2.0) - 2023-08-30 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.1.0...v9.2.0) @@ -146,6 +188,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) +### Changed +- Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) + ### Added - add default version for Fedora 35 [#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) @@ -159,9 +204,6 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a - Default privileges support schemas [#1300](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1300) ([fish-face](https://github.com/fish-face)) - Support target_role in default_privileges [#1297](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1297) ([fish-face](https://github.com/fish-face)) -### Changed -- Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) - ### Fixed - pdksync - (IAC-1787) Remove Support for CentOS 6 [#1324](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1324) ([david22swan](https://github.com/david22swan)) @@ -256,15 +298,15 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) -### Added - -- Add DNF module management [#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) - ### Changed - pdksync - (MAINT) Remove SLES 11 support [#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) - pdksync - (MAINT) Remove RHEL 5 family support [#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) - pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) +### Added + +- Add DNF module management [#1239](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1239) ([ekohl](https://github.com/ekohl)) + ## [v6.10.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v6.10.2) - 2021-02-22 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.1...v6.10.2) @@ -422,15 +464,15 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) +### Changed +- pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) +- (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) + ### Added - Add Fedora 30 compatibility [#1067](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1067) ([blackknight36](https://github.com/blackknight36)) - Include EL8 version for config checks [#1060](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1060) ([ehelms](https://github.com/ehelms)) -### Changed -- pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) -- (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) - ### Fixed - Support current version of puppetlabs/apt. [#1073](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1073) ([pillarsdotnet](https://github.com/pillarsdotnet)) @@ -520,15 +562,15 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) +### Changed +- Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) + ### Added - Add compatibility for Fedora 28 [#994](https://github.com/puppetlabs/puppetlabs-postgresql/pull/994) ([jflorian](https://github.com/jflorian)) - (MODULES-5994) Add debian 9 [#992](https://github.com/puppetlabs/puppetlabs-postgresql/pull/992) ([hunner](https://github.com/hunner)) - Adding default Postgresql version for Ubuntu 18.04 [#981](https://github.com/puppetlabs/puppetlabs-postgresql/pull/981) ([lutaylor](https://github.com/lutaylor)) -### Changed -- Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) - ### Fixed - Fix quoting on schema owners [#979](https://github.com/puppetlabs/puppetlabs-postgresql/pull/979) ([hasegeli](https://github.com/hasegeli)) @@ -605,6 +647,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.9.0...5.0.0) +### Changed +- Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) +- Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) + ### Added - (MODULES-1394) replace validate_db_connection type with custom type [#879](https://github.com/puppetlabs/puppetlabs-postgresql/pull/879) ([eputnam](https://github.com/eputnam)) @@ -612,10 +658,6 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a - (FM-6116) - Adding POT file for metadata.json [#857](https://github.com/puppetlabs/puppetlabs-postgresql/pull/857) ([pmcmaw](https://github.com/pmcmaw)) - Allowo to disable managing passwords for users [#846](https://github.com/puppetlabs/puppetlabs-postgresql/pull/846) ([bjoernhaeuser](https://github.com/bjoernhaeuser)) -### Changed -- Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) -- Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) - ### Fixed - (maint) fix for connection validator [#882](https://github.com/puppetlabs/puppetlabs-postgresql/pull/882) ([eputnam](https://github.com/eputnam)) diff --git a/metadata.json b/metadata.json index 5499e3ad1e..15ad784028 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "9.2.0", + "version": "10.0.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 608d8d79e9cff72239fc31301b233b418f324eaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 11 Oct 2023 08:21:22 -1000 Subject: [PATCH 0922/1000] Fix the postgresql::postgresql_password() function The changes in #1512 introduced a regression when a hash value is not explicitly passed: ``` Puppet Server Error: Evaluation Error: Error while evaluating a Function Call, failed to coerce org.jruby.RubySymbol to java.lang.String ``` Fixes #1528 --- lib/puppet/functions/postgresql/postgresql_password.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index ef899254da..a444d5cd01 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -30,7 +30,7 @@ end def default_impl(username, password, sensitive = false, hash = nil, salt = nil) - hash = call_function(:'postgresql::default', 'password_encryption') if hash.nil? + hash = call_function('postgresql::default', 'password_encryption') if hash.nil? password = password.unwrap if password.respond_to?(:unwrap) if password.is_a?(String) && password.match?(%r{^(md5[0-9a-f]{32}$|SCRAM-SHA-256\$)}) return Puppet::Pops::Types::PSensitiveType::Sensitive.new(password) if sensitive From 6cb50cb61ffb1cd1b74319640db4eb6fe9876621 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 11 Oct 2023 09:01:38 -1000 Subject: [PATCH 0923/1000] Fix `postgresql::default()` return value for unknown parameters When calling `postgresql::default()` with a name that has no corresponding parameter, the function returns the string "postgresql::globals::" which is probably not intended given the comment above the code. The usage of pick seems to indicate that an exception should be raised when a parameter is not found in `params` nor `globals.pp`, so adjust the code accordingly. --- functions/default.pp | 3 +- spec/functions/postgresql_default_spec.rb | 34 +++++++++++++++++++++++ 2 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 spec/functions/postgresql_default_spec.rb diff --git a/functions/default.pp b/functions/default.pp index 7852530791..e7b11f3b34 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -10,6 +10,5 @@ function postgresql::default( #search for the variable name in params first #then fall back to globals if not found - pick( getvar("postgresql::params::${parameter_name}"), - "postgresql::globals::${parameter_name}") + pick(getvar("postgresql::params::${parameter_name}"), getvar("postgresql::globals::${parameter_name}")) } diff --git a/spec/functions/postgresql_default_spec.rb b/spec/functions/postgresql_default_spec.rb new file mode 100644 index 0000000000..12ecde207e --- /dev/null +++ b/spec/functions/postgresql_default_spec.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'postgresql::default' do + let(:facts) do + { + 'os' => { + 'family' => 'Debian', + 'name' => 'Debian', + 'release' => { + 'full' => '11.7', + 'major' => '11', + 'minor' => '7', + } + } + } + end + + let(:pre_condition) do + <<~PP + class { 'postgresql::server': + } + PP + end + + # parameter in params.pp only + it { is_expected.to run.with_params('port').and_return(5432) } + + # parameter in globals.pp only + it { is_expected.to run.with_params('default_connect_settings').and_return({}) } + + it { is_expected.to run.with_params('a_parameter_that_does_not_exist').and_raise_error(Puppet::ParseError, %r{pick\(\): must receive at least one non empty value}) } +end From 4e15857d64bea9027d6f3b789771fb90057a2ba5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 11 Oct 2023 09:13:53 -1000 Subject: [PATCH 0924/1000] Simplify `postgresql::default()` `postgresql::params` inherits from `postgresql::globals` so any variable defined in `postgresql::globals` can be accessed by reading it from `postgresql::params`, making it redundant to check both. diff --git a/functions/default.pp b/functions/default.pp index e36610b..41b5006 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -8,8 +8,7 @@ function postgresql::default( ) { include postgresql::params - #search for the variable name in params first - #then fall back to globals if not found - pick(getvar("postgresql::params::${parameter_name}"), - getvar("postgresql::globals::${parameter_name}")) + # Search for the variable name in params. + # params inherits from globals, so it will also catch these variables. + pick(getvar("postgresql::params::${parameter_name}")) } --- functions/default.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/functions/default.pp b/functions/default.pp index e7b11f3b34..41b500642b 100644 --- a/functions/default.pp +++ b/functions/default.pp @@ -8,7 +8,7 @@ function postgresql::default( ) { include postgresql::params - #search for the variable name in params first - #then fall back to globals if not found - pick(getvar("postgresql::params::${parameter_name}"), getvar("postgresql::globals::${parameter_name}")) + # Search for the variable name in params. + # params inherits from globals, so it will also catch these variables. + pick(getvar("postgresql::params::${parameter_name}")) } From 4bdd51102599862ab31d43ea3979a025c7285e01 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Thu, 12 Oct 2023 15:05:39 +0000 Subject: [PATCH 0925/1000] Release prep v10.0.1 --- CHANGELOG.md | 9 +++++++++ metadata.json | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c23bb7e24b..c4ba757846 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.1) - 2023-10-12 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.0...v10.0.1) + +### Fixed + +- Fix `postgresql::default()` return value for unknown parameters [#1530](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1530) ([smortex](https://github.com/smortex)) +- Fix the `postgresql::postgresql_password()` function [#1529](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1529) ([smortex](https://github.com/smortex)) + ## [v10.0.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.0) - 2023-10-11 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.2.0...v10.0.0) diff --git a/metadata.json b/metadata.json index 15ad784028..62ae9b9280 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.0.0", + "version": "10.0.1", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From cd4c5c9194a811078df01e8c8a2f691a38be2eaf Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 19 Oct 2023 11:28:23 +0200 Subject: [PATCH 0926/1000] dnfmodule: update documentation about affected OSes --- REFERENCE.md | 3 +-- manifests/dnfmodule.pp | 2 +- manifests/globals.pp | 3 +-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 207f4ab99a..7d7b672790 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -654,8 +654,7 @@ Default value: `undef` Data type: `Boolean` Manage the DNF module. This only makes sense on distributions that use DNF -package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or -Puppet 6.15.0+ since they ship the dnfmodule provider. +package manager, such as EL8, EL9 or Fedora. Default value: `false` diff --git a/manifests/dnfmodule.pp b/manifests/dnfmodule.pp index a320ba0d42..ef9316c4d5 100644 --- a/manifests/dnfmodule.pp +++ b/manifests/dnfmodule.pp @@ -1,6 +1,6 @@ # @summary Manage the DNF module # -# On EL8 and Fedora DNF can manage modules. This is a method of providing +# On EL8 and newer and Fedora DNF can manage modules. This is a method of providing # multiple versions on the same OS. Only one DNF module can be active at the # same time. # diff --git a/manifests/globals.pp b/manifests/globals.pp index ddd9353a73..381da29b26 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -96,8 +96,7 @@ # @param manage_package_repo Sets up official PostgreSQL repositories on your host if set to true. # @param manage_dnf_module # Manage the DNF module. This only makes sense on distributions that use DNF -# package manager, such as EL8 or Fedora. It also requires Puppet 5.5.20+ or -# Puppet 6.15.0+ since they ship the dnfmodule provider. +# package manager, such as EL8, EL9 or Fedora. # @param module_workdir # Specifies working directory under which the psql command should be executed. # May need to specify if '/tmp' is on volume mounted with noexec option. From dfca7cddb229a45817b0eab00b6ba7870ccec2b0 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 25 Oct 2023 13:56:24 +0200 Subject: [PATCH 0927/1000] postgresql_conf: add spec tests for value param --- spec/unit/type/postgresql_conf_spec.rb | 63 ++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index 9ce4269bfa..a2d54006be 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -51,5 +51,68 @@ expect { described_class.new(name: 'foo', ensure: :foo) }.to raise_error(Puppet::Error, %r{Invalid value}) end end + # boolean https://www.postgresql.org/docs/current/datatype-boolean.html + describe 'validate boolean values with newvalues function' do + it 'validates log_checkpoints with value on' do + expect { described_class.new(name: 'log_checkpoints', value: 'on') }.not_to raise_error + end + it 'validates log_checkpoints with value off' do + expect { described_class.new(name: 'log_checkpoints', value: 'off') }.not_to raise_error + end + it 'validates log_checkpoints with value true' do + expect { described_class.new(name: 'log_checkpoints', value: 'true') }.not_to raise_error + end + it 'validates log_checkpoints with value false' do + expect { described_class.new(name: 'log_checkpoints', value: 'false') }.not_to raise_error + end + it 'validates log_checkpoints with value yes' do + expect { described_class.new(name: 'log_checkpoints', value: 'yes') }.not_to raise_error + end + it 'validates log_checkpoints with value no' do + expect { described_class.new(name: 'log_checkpoints', value: 'no') }.not_to raise_error + end + it 'validates log_checkpoints with value 1' do + expect { described_class.new(name: 'log_checkpoints', value: '1') }.not_to raise_error + end + it 'validates log_checkpoints with value 0' do + expect { described_class.new(name: 'log_checkpoints', value: '0') }.not_to raise_error + end + end + # enums https://www.postgresql.org/docs/current/datatype-enum.html + describe 'validate enum values with newvalues function' do + it 'validates ssl_min_protocol_version with value TLSv1.3' do + expect { described_class.new(name: 'ssl_min_protocol_version', value: 'TLSv1.3') }.not_to raise_error + end + it 'validates ssl_min_protocol_version with value TLSv1.1' do + expect { described_class.new(name: 'ssl_min_protocol_version', value: 'TLSv1.1') }.not_to raise_error + end + end + # integer https://www.postgresql.org/docs/current/datatype-numeric.html#DATATYPE-INT + describe 'validate integer values with newvalues function' do + it 'validates max_connections with value 1000' do + expect { described_class.new(name: 'max_connections', value: '1000') }.not_to raise_error + end + end + # real https://www.postgresql.org/docs/current/datatype-numeric.html#DATATYPE-FLOAT + describe 'validate real values with newvalues function' do + it 'validates parallel_tuple_cost with value 0.3' do + expect { described_class.new(name: 'parallel_tuple_cost', value: '0.3') }.not_to raise_error + end + end + # string https://www.postgresql.org/docs/current/datatype-character.html + describe 'validate complex string values with newvalues function' do + it 'validates log_filename with value psql_01-%Y-%m-%d.log' do + expect { described_class.new(name: 'log_filename', value: 'psql_01-%Y-%m-%d.log') }.not_to raise_error + end + end + # string https://www.postgresql.org/docs/current/datatype-character.html + describe 'validate string values with newvalues function' do + it 'validates log_timezone with value UTC' do + expect { described_class.new(name: 'log_timezone', value: 'UTC') }.not_to raise_error + end + it 'validates ssl_ciphers with value HIGH:MEDIUM:+3DES:!aNULL' do + expect { described_class.new(name: 'ssl_ciphers', value: 'HIGH:MEDIUM:+3DES:!aNULL') }.not_to raise_error + end + end end end From 9facc5d3277043b2b923fc86b0a1567d55f5b58a Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 25 Oct 2023 11:50:50 +0200 Subject: [PATCH 0928/1000] update values regex --- lib/puppet/type/postgresql_conf.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/type/postgresql_conf.rb b/lib/puppet/type/postgresql_conf.rb index 432f5aa877..5cd753e20f 100644 --- a/lib/puppet/type/postgresql_conf.rb +++ b/lib/puppet/type/postgresql_conf.rb @@ -16,7 +16,7 @@ newproperty(:value) do desc 'The value to set for this parameter.' - newvalues(%r{^\S(.*\S)?$}) + newvalues(%r{^(\S.*)?$}) munge do |value| if value.to_i.to_s == value From e3dabd1ded2179b3e533243cce36d0e2c9b3c912 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 25 Oct 2023 13:56:24 +0200 Subject: [PATCH 0929/1000] add spec tests for regex validation --- spec/unit/type/postgresql_conf_spec.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/spec/unit/type/postgresql_conf_spec.rb b/spec/unit/type/postgresql_conf_spec.rb index a2d54006be..f6e972f620 100644 --- a/spec/unit/type/postgresql_conf_spec.rb +++ b/spec/unit/type/postgresql_conf_spec.rb @@ -101,6 +101,12 @@ end # string https://www.postgresql.org/docs/current/datatype-character.html describe 'validate complex string values with newvalues function' do + it 'validates log_line_prefix with value [%p] %q:%u:%d:%' do + expect { described_class.new(name: 'log_line_prefix', value: '[%p] %q:%u:%d:%x ') }.not_to raise_error + end + it 'validates log_line_prefix with value %t %q%u@%d %p %i' do + expect { described_class.new(name: 'log_line_prefix', value: '%t %q%u@%d %p %i ') }.not_to raise_error + end it 'validates log_filename with value psql_01-%Y-%m-%d.log' do expect { described_class.new(name: 'log_filename', value: 'psql_01-%Y-%m-%d.log') }.not_to raise_error end From 86b6bc633e373d603c92aea0c12c67bf9a463bd7 Mon Sep 17 00:00:00 2001 From: rajat-puppet Date: Mon, 6 Nov 2023 18:07:12 +0530 Subject: [PATCH 0930/1000] Adding github directory to pdkignore --- .pdkignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.pdkignore b/.pdkignore index 584438f9a0..862847a72c 100644 --- a/.pdkignore +++ b/.pdkignore @@ -29,6 +29,7 @@ /.fixtures.yml /Gemfile /.gitattributes +/.github/ /.gitignore /.pdkignore /.puppet-lint.rc From 50367d83e4e04440a5e305e2021aa1ad57af529d Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Wed, 8 Nov 2023 16:14:23 +0000 Subject: [PATCH 0931/1000] Release prep v10.0.2 --- CHANGELOG.md | 8 ++++++++ REFERENCE.md | 2 +- metadata.json | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c4ba757846..09a8743765 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.2) - 2023-11-08 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.1...v10.0.2) + +### Fixed + +- postgresql_conf: Fix regex for value param and add tests [#1544](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1544) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) + ## [v10.0.1](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.1) - 2023-10-12 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.0...v10.0.1) diff --git a/REFERENCE.md b/REFERENCE.md index 7d7b672790..45c57daaa2 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -4325,7 +4325,7 @@ Default value: `present` ##### `value` -Valid values: `%r{^\S(.*\S)?$}` +Valid values: `%r{^(\S.*)?$}` The value to set for this parameter. diff --git a/metadata.json b/metadata.json index 62ae9b9280..11c710b417 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.0.1", + "version": "10.0.2", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From cad6e4bedaabeafacec7ba839d096105c8509d33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Sat, 11 Nov 2023 11:53:41 -1000 Subject: [PATCH 0932/1000] Unconfine postgresql_conf Ruby should be available on all platforms (bundled with AIO, and in any case required to run Puppet), so the provider should be functional everywhere. Fixes #1550 --- lib/puppet/provider/postgresql_conf/ruby.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index 63b87478d1..ab89864d10 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -9,7 +9,6 @@ Puppet::Type.type(:postgresql_conf).provide(:ruby) do desc 'Set keys, values and comments in a postgresql config file.' - confine kernel: 'Linux' # The function pareses the postgresql.conf and figures out which active settings exist in a config file and returns an array of hashes # From bd804b5836bfc2c0f9614539d68fad7bf9afcf82 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Mon, 20 Nov 2023 11:32:13 +0530 Subject: [PATCH 0933/1000] "CAT-945 - Update README.md LICENSE" --- README.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2785010a37..81930172ed 100644 --- a/README.md +++ b/README.md @@ -19,10 +19,11 @@ * [Backups](#backups) 4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) +6. [License](#license) +7. [Development - Guide for contributing to the module](#development) * [Contributors - List of module contributors](#contributors) -7. [Tests](#tests) -8. [Contributors - List of module contributors](#contributors) +8. [Tests](#tests) +9. [Contributors - List of module contributors](#contributors) ## Module description @@ -559,6 +560,10 @@ If you have SELinux enabled and you are *not* using the selinux module to manage semanage port -a -t postgresql_port_t -p tcp $customport ``` +## License + +This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of [AGPL](https://www.gnu.org/licenses/agpl-3.0.en.html), [BSD-2](https://opensource.org/license/bsd-2-claus), [BSD-3](https://opensource.org/license/bsd-3-claus), [GPL2.0](https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html), [LGPL](https://opensource.org/license/lgpl-3-0/), [MIT](https://opensource.org/license/mit/) and [MPL](https://opensource.org/license/mpl-2-0/) Licensing. + ## Development Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://puppet.com/docs/puppet/latest/contributing.html). From f54ab9c4a32934b066eeacbb23ba1ae0e6fe2291 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Thu, 23 Nov 2023 10:51:33 +0530 Subject: [PATCH 0934/1000] Addressing review comments --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 81930172ed..c7189eb025 100644 --- a/README.md +++ b/README.md @@ -562,7 +562,7 @@ semanage port -a -t postgresql_port_t -p tcp $customport ## License -This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of [AGPL](https://www.gnu.org/licenses/agpl-3.0.en.html), [BSD-2](https://opensource.org/license/bsd-2-claus), [BSD-3](https://opensource.org/license/bsd-3-claus), [GPL2.0](https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html), [LGPL](https://opensource.org/license/lgpl-3-0/), [MIT](https://opensource.org/license/mit/) and [MPL](https://opensource.org/license/mpl-2-0/) Licensing. +This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of [AGPL](https://opensource.org/license/agpl-v3/), [BSD-2](https://opensource.org/license/bsd-2-clause/), [BSD-3](https://opensource.org/license/bsd-3-clause/), [GPL2.0](https://opensource.org/license/gpl-2-0/), [LGPL](https://opensource.org/license/lgpl-3-0/), [MIT](https://opensource.org/license/mit/) and [MPL](https://opensource.org/license/mpl-2-0/) Licensing. ## Development From 9d4fc30bf4a8d0eb9d1b2d3f4401fd8170eb26bd Mon Sep 17 00:00:00 2001 From: Andreas Ntaflos Date: Thu, 23 Nov 2023 18:08:47 +0100 Subject: [PATCH 0935/1000] (#1556) Fix Python package name for Ubuntu >= 22.04 and Debian 12 For Ubuntu 22.04 and Debian 12 and later the Python PostgreSQL package is called "python3-psycopg2" so make that distinction in params.pp. --- manifests/params.pp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index 50f916a7b4..c777b0793c 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -159,7 +159,15 @@ $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") $plpython_package_name = pick($plpython_package_name, "postgresql-plpython-${version}") - $python_package_name = pick($python_package_name, 'python-psycopg2') + + $_ubuntu_2204 = ($facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '22.04') >= 0) + $_debian_12 = ($facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['full'], '12') >= 0) + + if $_ubuntu_2204 or $_debian_12 { + $python_package_name = pick($python_package_name, 'python3-psycopg2') + } else { + $python_package_name = pick($python_package_name, 'python-psycopg2') + } $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") From ae4a22b88a0909462b4a44cf6dc984a1eb27b337 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Wed, 29 Nov 2023 11:00:07 +0530 Subject: [PATCH 0936/1000] (CAT-1608) - PDK update --- .rubocop.yml | 6 +++--- .rubocop_todo.yml | 2 +- .sync.yml | 10 +++++----- Gemfile | 6 ++++-- Rakefile | 3 ++- metadata.json | 2 +- 6 files changed, 16 insertions(+), 13 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 33d66a7ca1..7a66e08331 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,12 +1,11 @@ --- -inherit_from: .rubocop_todo.yml - require: - rubocop-performance - rubocop-rspec AllCops: + NewCops: enable DisplayCopNames: true - TargetRubyVersion: '2.6' + TargetRubyVersion: '2.7' Include: - "**/*.rb" Exclude: @@ -20,6 +19,7 @@ AllCops: - "**/Puppetfile" - "**/Vagrantfile" - "**/Guardfile" +inherit_from: ".rubocop_todo.yml" Layout/LineLength: Description: People have wide screens, use them. Max: 200 diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 40bf4779ee..732977e113 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,6 +1,6 @@ # This configuration was generated by # `rubocop --auto-gen-config` -# on 2023-09-06 12:10:39 UTC using RuboCop version 1.48.1. +# on 2023-11-29 05:29:46 UTC using RuboCop version 1.48.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new diff --git a/.sync.yml b/.sync.yml index 467ee6175a..2721daf03f 100644 --- a/.sync.yml +++ b/.sync.yml @@ -6,7 +6,8 @@ - 140chars-check appveyor.yml: delete: true - +.rubocop.yml: + include_todos: true Gemfile: optional: ":development": @@ -15,6 +16,9 @@ Gemfile: Rakefile: changelog_user: puppetlabs changelog_max_issues: 500 + extra_disabled_lint_checks: + - anchor_resource + - params_empty_string_assignment spec/spec_helper.rb: mock_with: ":rspec" coverage_report: true @@ -45,7 +49,3 @@ spec/spec_helper.rb: unmanaged: false .travis.yml: delete: true -Rakefile: - extra_disabled_lint_checks: - - anchor_resource - - params_empty_string_assignment diff --git a/Gemfile b/Gemfile index 5ffa566b9f..86e337adbc 100644 --- a/Gemfile +++ b/Gemfile @@ -23,7 +23,6 @@ group :development do gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false gem "facterdb", '~> 1.18', require: false gem "metadata-json-lint", '~> 3.0', require: false - gem "puppetlabs_spec_helper", '~> 6.0', require: false gem "rspec-puppet-facts", '~> 2.0', require: false gem "codecov", '~> 0.2', require: false gem "dependency_checker", '~> 1.0.0', require: false @@ -34,7 +33,6 @@ group :development do gem "rubocop", '= 1.48.1', require: false gem "rubocop-performance", '= 1.16.0', require: false gem "rubocop-rspec", '= 2.19.0', require: false - gem "puppet-strings", '~> 4.0', require: false gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", '= 1.15.2', require: false end @@ -42,6 +40,10 @@ group :system_tests do gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] gem "serverspec", '~> 2.41', require: false end +group :release_prep do + gem "puppet-strings", '~> 4.0', require: false + gem "puppetlabs_spec_helper", '~> 7.0', require: false +end puppet_version = ENV['PUPPET_GEM_VERSION'] facter_version = ENV['FACTER_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index c87729c986..a40e488df7 100644 --- a/Rakefile +++ b/Rakefile @@ -9,7 +9,7 @@ require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['author'] + returnVal = "puppetlabs" || JSON.load(File.read('metadata.json'))['author'] raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator user:#{returnVal}" returnVal @@ -50,6 +50,7 @@ if Gem.loaded_specs.key? 'github_changelog_generator' raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" config.project = "#{changelog_project}" + config.max_issues = 500 config.future_release = "#{changelog_future_release}" config.exclude_labels = ['maintenance'] config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." diff --git a/metadata.json b/metadata.json index 11c710b417..8f8e381b9d 100644 --- a/metadata.json +++ b/metadata.json @@ -96,5 +96,5 @@ ], "pdk-version": "3.0.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g017b84e" + "template-ref": "heads/main-0-g01c6a19" } From 29ef7ffaca506975865f8e0812da48a16a1a5046 Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Tue, 19 Dec 2023 11:53:04 -0600 Subject: [PATCH 0937/1000] support for a custom apt source release Useful in cases where postgresql has archived support for the platform. --- data/os/Ubuntu/18.04.yaml | 3 +++ manifests/globals.pp | 3 +++ manifests/repo.pp | 1 + manifests/repo/apt_postgresql_org.pp | 6 ++++-- spec/classes/repo_spec.rb | 23 +++++++++++++++++++++++ 5 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 data/os/Ubuntu/18.04.yaml diff --git a/data/os/Ubuntu/18.04.yaml b/data/os/Ubuntu/18.04.yaml new file mode 100644 index 0000000000..7d66bfac7e --- /dev/null +++ b/data/os/Ubuntu/18.04.yaml @@ -0,0 +1,3 @@ +--- +postgresql::repo::baseurl: https://apt-archive.postgresql.org/pub/repos/apt/ +postgresql::repo::release: "%{facts.os.distro.codename}-pgdg-archive" diff --git a/manifests/globals.pp b/manifests/globals.pp index 381da29b26..a193a962c8 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -60,6 +60,7 @@ # # @param repo_baseurl Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository. # @param yum_repo_commonurl Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository. +# @param apt_source_release Overrides the default release for the apt source. # # @param needs_initdb # Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started. @@ -150,6 +151,7 @@ Optional[String[1]] $repo_proxy = undef, Optional[String[1]] $repo_baseurl = undef, Optional[String[1]] $yum_repo_commonurl = undef, + Optional[String[1]] $apt_source_release = undef, Optional[Boolean] $needs_initdb = undef, @@ -271,6 +273,7 @@ proxy => $repo_proxy, baseurl => $repo_baseurl, commonurl => $yum_repo_commonurl, + release => $apt_source_release, } } diff --git a/manifests/repo.pp b/manifests/repo.pp index 88c27b5e6f..b33b699e76 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -1,6 +1,7 @@ # @api private class postgresql::repo ( Optional[String[1]] $version = undef, + Optional[String[1]] $release = undef, Optional[String[1]] $proxy = undef, Optional[String[1]] $baseurl = undef, Optional[String[1]] $commonurl = undef, diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index 31b591a0f0..de72f92458 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -7,16 +7,18 @@ # http://www.postgresql.org/download/linux/debian/ # $default_baseurl = 'https://apt.postgresql.org/pub/repos/apt/' - $_baseurl = pick($postgresql::repo::baseurl, $default_baseurl) + $default_release = "${facts['os']['distro']['codename']}-pgdg" + $_release = pick($postgresql::repo::release, $default_release) + apt::pin { 'apt_postgresql_org': originator => 'apt.postgresql.org', priority => 500, } -> apt::source { 'apt.postgresql.org': location => $_baseurl, - release => "${facts['os']['distro']['codename']}-pgdg", + release => $_release, repos => 'main', architecture => $facts['os']['architecture'], key => { diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb index 3399203f3a..0414501a72 100644 --- a/spec/classes/repo_spec.rb +++ b/spec/classes/repo_spec.rb @@ -9,5 +9,28 @@ it 'instantiates apt_postgresql_org class' do expect(subject).to contain_class('postgresql::repo::apt_postgresql_org') end + + it { + is_expected.to contain_apt__source('apt.postgresql.org') + .with_location('https://apt.postgresql.org/pub/repos/apt/') + .with_release("#{facts[:os]['distro']['codename']}-pgdg") + } + + it { is_expected.to contain_apt__pin('apt_postgresql_org') } + end + + describe 'with custom baseurl and release' do + let(:params) do + { + baseurl: 'https://apt-archive.postgresql.org/pub/repos/apt/', + release: 'bionic-pgdg-archive', + } + end + + it { + is_expected.to contain_apt__source('apt.postgresql.org') + .with_location(params[:baseurl]) + .with_release(params[:release]) + } end end From c206bea5c51a8f32373a29e2887e74a4566dd1f0 Mon Sep 17 00:00:00 2001 From: VAOL Date: Thu, 4 Jan 2024 10:18:57 +0100 Subject: [PATCH 0938/1000] update GPG key --- files/RPM-GPG-KEY-PGDG | 67 ++++++++++++++++------------ files/RPM-GPG-KEY-PGDG-common | 41 +++++++++++++++++ manifests/repo/yum_postgresql_org.pp | 17 +++++-- 3 files changed, 93 insertions(+), 32 deletions(-) create mode 100644 files/RPM-GPG-KEY-PGDG-common diff --git a/files/RPM-GPG-KEY-PGDG b/files/RPM-GPG-KEY-PGDG index 065274e0d9..a6f86f350a 100644 --- a/files/RPM-GPG-KEY-PGDG +++ b/files/RPM-GPG-KEY-PGDG @@ -1,30 +1,41 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.7 (GNU/Linux) -mQGiBEeD8koRBACC1VBRsUwGr9gxFFRho9kZpdRUjBJoPhkeOTvp9LzkdAQMFngr -BFi6N0ov1kCX7LLwBmDG+JPR7N+XcH9YR1coSHpLVg+JNy2kFDd4zAyWxJafjZ3a -9zFg9Yx+0va1BJ2t4zVcmKS4aOfbgQ5KwIOWUujalQW5Y+Fw39Gn86qjbwCg5dIo -tkM0l19h2sx50D027pV5aPsD/2c9pfcFTbMhB0CcKS836GH1qY+NCAdUwPs646ee -Ex/k9Uy4qMwhl3HuCGGGa+N6Plyon7V0TzZuRGp/1742dE8IO+I/KLy2L1d1Fxrn -XOTBZd8qe6nBwh12OMcKrsPBVBxn+iSkaG3ULsgOtx+HHLfa1/p22L5+GzGdxizr -peBuA/90cCp+lYcEwdYaRoFVR501yDOTmmzBc1DrsyWP79QMEGzMqa393G0VnqXt -L4pGmunq66Agw2EhPcIt3pDYiCmEt/obdVtSJH6BtmSDB/zYhbE8u3vLP3jfFDa9 -KXxgtYj0NvuUVoRmxSKm8jtfmj1L7zoKNz3jl+Ba3L0WxIv4+bRBUG9zdGdyZVNR -TCBSUE0gQnVpbGRpbmcgUHJvamVjdCA8cGdzcWxycG1zLWhhY2tlcnNAcGdmb3Vu -ZHJ5Lm9yZz6IYAQTEQIAIAUCR4PySgIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheA -AAoJEB8W0uFELfD4jnkAoMqd6ZwwsgYHZ3hP9vt+DJt1uDW7AKDbRwP8ESKFhwdJ -8m91RPBeJW/tMLkCDQRHg/JKEAgA64+ZXgcERPYfZYo4p+yMTJAAa9aqnE3U4Ni6 -ZMB57GPuEy8NfbNya+HiftO8hoozmJdcI6XFyRBCDUVCdZ8SE+PJdOx2FFqZVIu6 -dKnr8ykhgLpNNEFDG3boK9UfLj/5lYQ3Y550Iym1QKOgyrJYeAp6sZ+Nx2PavsP3 -nMFCSD67BqAbcLCVQN7a2dAUXfEbfXJjPHXTbo1/kxtzE+KCRTLdXEbSEe3nHO04 -K/EgTBjeBUOxnciH5RylJ2oGy/v4xr9ed7R1jJtshsDKMdWApwoLlCBJ63jg/4T/ -z/OtXmu4AvmWaJxaTl7fPf2GqSqqb6jLCrQAH7AIhXr9V0zPZwADBQgAlpptNQHl -u7euIdIujFwwcxyQGfee6BG+3zaNSEHMVQMuc6bxuvYmgM9r7aki/b0YMfjJBk8v -OJ3Eh1vDH/woJi2iJ13vQ21ot+1JP3fMd6NPR8/qEeDnmVXu7QAtlkmSKI9Rdnjz -FFSUJrQPHnKsH4V4uvAM+njwYD+VFiwlBPTKNeL8cdBb4tPN2cdVJzoAp57wkZAN -VA2tKxNsTJKBi8wukaLWX8+yPHiWCNWItvyB4WCEp/rZKG4A868NM5sZQMAabpLd -l4fTiGu68OYgK9qUPZvhEAL2C1jPDVHPkLm+ZsD+90Pe66w9vB00cxXuHLzm8Pad -GaCXCY8h3xi6VIhJBBgRAgAJBQJHg/JKAhsMAAoJEB8W0uFELfD4K4cAoJ4yug8y -1U0cZEiF5W25HDzMTtaDAKCaM1m3Cbd+AZ0NGWNg/VvIX9MsPA== -=au6K ------END PGP PUBLIC KEY BLOCK----- +mQGNBGWBr8EBDAC+atC3Hl2yKkFg0F4tDg4ABCTvvhgMn7g7oZ0vJqpaUAwUgijU ++jLXH8qVSkyhk2eruSXlbj4dIMHhsbRQ1wUnd+tb8pZPdRaBFR9MzFMjvDzobAlZ +RH6cUbgm2EdAHrrZFVQJuIb6SRzQzkk4QEWTkWP6CHzvxnlVpkI7T1yjsJnmLefN +TT/J+r0gxC1DRXOKwSMmWUCzYcRXiv/RZcp+IwM04e5BXOj6xoLIpAwhSGZ0LR6b +dwliBpMSFuVyXFIu+7AS2M8tEO1cGK+ywDhg7TriMc/rgjZjeu11WusXFwbvEUeM +FIYM9oXQlAlWDIob85YcGtNXV4EVGovQ2nFd4Ivl9OYq+HixAhWBLulkEAUREKq8 +uXV8HDjxOfYa8VhczphvkCLr5UEMzXmC2eDc6nCH2hveAqSVLnFNkhtExvVOPRBB +gRsviaGWvdOA3eNeEofHX9YWtSzM43tWABKUzI/oTMcdFJlkJ465bvh4p7KyHDth +5I46iBUZmfP4RckAEQEAAbQ+UG9zdGdyZVNRTCBSUE0gUmVwb3NpdG9yeSA8cGdz +cWwtcGtnLXl1bUBsaXN0cy5wb3N0Z3Jlc3FsLm9yZz6JAdIEEwEIADwWIQTUvwiu +Z6C0x6HbzNJAvKK0CLQNIAUCZYGvwQIbAwULCQgHAgMiAgEGFQoJCAsCBBYCAwEC +HgcCF4AACgkQQLyitAi0DSBwkwwAvE1vGNMiP8Qvqvpk5otuJOvz5meELUwmhT60 +IOWNr9RMroKfb27mnc5RHlOmMk/0SPyboFX9qtOdwFUq3cYbjsP+bqI9vuQuQ4Gz +siLIvSZPtQrdtUP8wdndndeKNpDIvRdYwvaPfIrBxxCSslB8iuCtjbyCl2rzlika +sCOWi7oTwuNB4eKHCRt9oh7NHFas92bF2JiaR7hvmXlCU058/lnR+jXCp/NWiGfE +QV37xAu/ssRH5MykGweEzQ3mX2EKppdKmmoOaJsTfS7UNujeZQqo1uqZg9yRHgwf +PaquIwgdXBY6JkMUM4Zhn7QkP5ssD6g+GzWe2UAMN+K8Xe3QwEMfp9AF7sEEM/Zp ++p5m7D1GlOho/m9juxcRa5r7VfvCFL05uyXdDoefOCFal/pDmwvZofK+pqtDZfKt ++AnF/Y6Z3ewvJ0ZRNBX/0Iw30uJusDIgkXaHwxEeDOnlKi8jVyBCMr1In2QKrb1+ +N9PR5P5ZKKq40WNvbiPfoUeKwKKSuQGNBGWBr8EBDAD1nXgbf+Qki5Z0H2k0xLbI +GYhxnousjVlrWcxOTYqVilSvBig7RKuVFGt0D3yuBWrAS7+MCUvpuCshHcc+w97G +iWmRskIHqZoD26kkU8PhgYayyArqepZp50ALIdOhedOp9b/NUkSPEL4BJow9H8Lp +a28WEXpHZcam43RDMzLMUvJBWem474APx5674EZYX+994lT2cNSAFrnJK956lKmc +ZdzzKuMTcIVGyRF6+KXCmScLAyQks8lHuTJb+AA4eseZnbOsnwnA1xuVfYIfMF/F +bLlR7vl5Autmgnz1SdCaUqIp4MO54GZOgh4MjVadsxIWj8H0cN3uTfukuW4A0+dP +d0YrOKb52Mnejh7x39qWIsMtT8DgcufGcVsuVhC/5LCiHB3pB73J9SMxBafcyGyK +XfLFL5FoDkKTU5KkBfqMQ4k//27mLbJ4kWxHHtNsvnn/6a5m7rRYxFD4dxBWn1CU +BpMjf3m9B3xLc7lKlQZiLLNC7p15gHS51yMvCGxCaHcAEQEAAYkBtgQYAQgAIBYh +BNS/CK5noLTHodvM0kC8orQItA0gBQJlga/BAhsMAAoJEEC8orQItA0guy0L/1ze +AHxV8pxPawOIlgDWoALLb/tqvmG+yz8SN5IWDfvMkMW5kbVoY8zi9SnJtOHVULBC +sdiYN4Dn/Ox1eLlW50F4Z76RI2r/O9rBlHzUk/jAQOcDDCRWjj4a+pYX9I4atU6e ++qOOzxMBsFD0vK84NYJ6caC0LHR64xWnyvXStkDEPSzgHhAlhdn9oTqbIoXuDhSx +zBVSXyowi+cBL8tNsAH4Zlj0li1Gii6bM4DFseQGhKIiTFbx1HD47DT6Pu0X2PSA +pIuZ47n8rP2uTLCYjtnfpXbMwmVOXWxIojhUqIceF+KRr4vRsspSbMxMKg0yeGka +RfQX29x8baM4mdKVBmU9KQxRgno6lcks14STnawqf6o9nHxKp80VQrcNTsYHlq2B +PGAanK8G4WeYojQWCQHBi73qCoTERMpBG73gpTIr836TBinGZaSZ8I1deUS89Hnw +A62QO1TS57zxMTrstzaawLoCIHTqyJ2VeZrVC1INV4ENnyVsud3NaZtfWuIk7Q== +=Elfg +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/files/RPM-GPG-KEY-PGDG-common b/files/RPM-GPG-KEY-PGDG-common new file mode 100644 index 0000000000..fae9ac829e --- /dev/null +++ b/files/RPM-GPG-KEY-PGDG-common @@ -0,0 +1,41 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.22 (GNU/Linux) + +mQGNBGWBsHEBDACzg9nBu9GXrquREAEVTObf6k3YIWagkv1qlX61dqQpyx8XT36A ++wx9qc7vk1mJoyzjq0gBH/C0ebaJntoCG/rv3j8DP4tQO+CApWN5XqrZJI+vYjRt +bJhrkxUt4fm8dozRykR9GdB05x35XVkzLsPVMqP6EqmBu9i2WgE30LlkPShzHyuf +P4W42zY4JVpKRK4CqLnWX3+PXY2tENYqkARK37j8r4klxIVku9UpE3W7XXIud9Nh +dVOtj0P8/t3mAHLgRjLqaGLVGz4k2b3phzDcG7sDvfwVXMPKDAVY5IymK4yTjeZU +6x3E63pNpQV4KfccHAKFJ++wOQmhfF5H+ViWTytIgyRMKn9eR+715nEZG8suRPSG +GnulJj9sUw6dONmPxCd6gCFQ0BAm/h7Bn8cODdPzJn6h/yMNs7SeH9yv8zlZvJdf +Sb5rTQLaFBaNP5yQ3rHb+gpDno7dwLxcx10qghPSz6TY96nCJNtrlj04P699UR4a +KIK2X6miJMwENE0AEQEAAbQ+UG9zdGdyZVNRTCBSUE0gUmVwb3NpdG9yeSA8cGdz +cWwtcGtnLXl1bUBsaXN0cy5wb3N0Z3Jlc3FsLm9yZz6JAbkEEwECACMFAmWBsHEC +GwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRBk+s4Rc+O5B3MPC/4r2mTL +Oy7kuT48faVqDMovPsezJm//G/ur2dXMGYdr2QyzX1V6YXprtrY90bLt+mt/b/9C +pY0r5vDgI1uDkp5mX0tcCJJlAV8sDMC/r1a1rlh6KFxqRIOq5/hkPSkxHL4XVtdi +GvxgFcOj5vGWuBpmKaL+CeglBFzWFyPQV6+e+eJ4RG7MOOPHUUAODy58uDztSoyP +C8WLZR2vShTA5OZoyWdzwRkHeFMXWdcTw6wwff+sl942cwzkw5XotmkxS3Mpg4PI +IkGWeDvh2AoqjSIiLyAAB6vRhRjGwT+JLzQp0Yn9kfUQwMeCEOESO0mdnxd37WXq ++HvMY1I40J+OCl7XKE0kleWfsuv5/Hk+pHW4KxCHVtMKMpTzOT1Koq0dkx9H51p+ +pubZZa5umPnhm9+0SkqotXaaBnxs+MBnQpu98TrJ0eOkpVRWqpkybXbrZKgx+oJN +xNctGxbgFRq3K7QMLGjor8vF5Mg6qTzxM5RwZ7QaT/Msjh8VyUZ6ch7kNcu5AY0E +ZYGwcQEMANOcY0IKEf4sMl3s2FHoZrxnjrX4cDdcS9NNYcYvDG1Y2BXiqEh6A5i1 +ZpZQpUZitqXbFsU2GSEjC9IBKMklp0xTNt9lBC/WmlOFrwDgm0ufxMqiE77QlIyr +yVj+6XOMN8EotXF2a8ZxmqbYaG5L7eAqGsDda2ZYCqgwKQUkdXJ7QNq9ikQ31Toj +Qd0zzh1czDwDyj9bZCoPjZiCDZVmK5We87ZYWekDTIq9Wdh0teXzZrLb6UsFCMLO +zZDKlH4+5+zlYHyFvEjTxrrQs2YOkLLMcouRQKe/pR4DwKJvA9mLmofQWAHCH0uv +9SY08RXm+bqoNWwrCmCjdN775wUU9IsDaKXbdtybl6PprAQhwLceXysbr3HmorjV +nvJYujuwQMN6JUavKKLC3zJSDOnBlZBGfoR00QWG5mHSgRxXLNVtaAWAqxrNcofc +wOu0Rr9O89AAePHzvZKXCu6aeWeBfhgKAz+wIjh9VjNFjAFLLVP3nWOIPbjN+Blv +Wy/OXDWFXwARAQABiQGfBBgBAgAJBQJlgbBxAhsMAAoJEGT6zhFz47kHJHcL/A0m +Jme0ERyl2d9z9wfmH4/mJ3lEsSmYRk1y8cQLJ3yXSdD0iYFRDaiLdhuV6CZQQHee +ong6TpGTe1REmmKBSOD6zdCfCcAMsk+SKQHADJD9es0ZleQOpdcVRgnLKGcze2qx +JzS4+0OoNkPg0Wf5pdDlKi0nJIr/t1qLU7TVOWTcUaYhjnrHy8iCWVNvrmm9tPLJ +4dS3OCxdzuTApUQAC26Lo6T0SOIc7COyshuhZe90IK/cRMuDuvf+8TqWBOE2sMJ0 +2WNS8In5xWItAfoepmFLSOeWbCHo/yzuVFFI7Oo4DJ5cvKJ+Vo3iAWl8RPsN6iKE +Ocmphnc2clno8y4lSc4NckEbL+teZZyww12kHph5NUDReITO4H/4XGEpq4PATT6P +9aMDQQVK4GpmIZ6pLn+yYOV/ZLkHIcJUBVPjLtds5FOsVEpX4JaMowzk4jT6lp/F +7inS2V/87DcrYMl+NcBm09BZ6M4X1OYEumq7qXKtScmHAfp2yG2A1lJ5RtXrSQ== +=fPP0 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index be7e26820b..b2d5e5853b 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -1,8 +1,9 @@ # @api private class postgresql::repo::yum_postgresql_org inherits postgresql::repo { - $version_parts = split($postgresql::repo::version, '[.]') - $package_version = "${version_parts[0]}${version_parts[1]}" - $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" + $version_parts = split($postgresql::repo::version, '[.]') + $package_version = "${version_parts[0]}${version_parts[1]}" + $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" + $gpg_key_path_common = '/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common' file { $gpg_key_path: content => file('postgresql/RPM-GPG-KEY-PGDG'), @@ -12,6 +13,14 @@ before => Yumrepo['yum.postgresql.org'], } + file { $gpg_key_path_common: + content => file('postgresql/RPM-GPG-KEY-PGDG-common'), + owner => 'root', + group => 'root', + mode => '0644', + before => Yumrepo['pgdg-common'], + } + if($facts['os']['name'] == 'Fedora') { $label1 = 'fedora' $label2 = $label1 @@ -39,7 +48,7 @@ baseurl => $_commonurl, enabled => 1, gpgcheck => 1, - gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", + gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common', proxy => $postgresql::repo::proxy, } From 44b74f3a469d8aa960abded99cbde140131f9708 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 3 Jan 2024 14:39:23 -1000 Subject: [PATCH 0939/1000] Remove non-portable source commands `source(1)` is a bashism and is equivalent to the portable `.(1)`, but as each command is run in a new shell, spawning a shell to source a file and exit is at best noop. Some SUT used by acceptance tests do not use bash(1) as the default shell (e.g. Ubuntu 22.04 ARM), which cause CI failures because `source` is not found (127 exit code): ``` 1) postgresql task sql task sets up a postgres db On host `104.154.182.99' Failure/Error: LitmusHelper.instance.run_shell('source /etc/profile.d/my-custom.lang.sh') RuntimeError: shell failed `source /etc/profile.d/my-custom.lang.sh` ====== [{"target"=>"104.154.182.99", "action"=>"command", "object"=>"source /etc/profile.d/my-custom.lang.sh", "status"=>"failure", "value"=>{"stdout"=>"", "stderr"=>"sh: 1: source: not found\n", "merged_output"=>"sh: 1: source: not found\n", "exit_code"=>127, "_error"=>{"kind"=>"puppetlabs.tasks/command-error", "issue_code"=>"COMMAND_ERROR", "msg"=>"The command failed with exit code 127", "details"=>{"exit_code"=>127}}}}] # ./vendor/bundle/ruby/2.7.0/gems/puppet_litmus-1.3.0/lib/puppet_litmus/puppet_helpers.rb:206:in `run_shell' # ./spec/spec_helper_acceptance_local.rb:30:in `export_locales' # ./spec/acceptance/sql_task_spec.rb:17:in `block (3 levels) in ' 2) postgresql task sql task execute some sql On host `104.154.182.99' Failure/Error: result = run_bolt_task('postgresql::sql', 'sql' => 'SELECT count(table_name) FROM information_schema.tables;', 'host' => 'localhost', 'user' => 'root1', 'password' => 'password', 'database' => 'spec1') RuntimeError: task failed `postgresql::sql` ====== [{"target"=>"104.154.182.99", "action"=>"task", "object"=>"postgresql::sql", "status"=>"failure", "value"=>{"status"=>"failure", "error"=>"psql: error: connection to server at \"localhost\" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user \"root1\"\nconnection to server at \"localhost\" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user \"root1\"\n", "_error"=>{"kind"=>"puppetlabs.tasks/task-error", "issue_code"=>"TASK_ERROR", "msg"=>"The task failed with exit code 1", "details"=>{"exit_code"=>1}}}}] # ./vendor/bundle/ruby/2.7.0/gems/puppet_litmus-1.3.0/lib/puppet_litmus/puppet_helpers.rb:299:in `run_bolt_task' # ./spec/acceptance/sql_task_spec.rb:23:in `block (3 levels) in ' Finished in 17 minutes 2 seconds (files took 3.36 seconds to load) 59 examples, 2 failures, 10 pending Failed examples: rspec ./spec/acceptance/sql_task_spec.rb:16 # postgresql task sql task sets up a postgres db rspec ./spec/acceptance/sql_task_spec.rb:21 # postgresql task sql task execute some sql ``` Because we set variables in profile files, assume they are sourced during shell startup and will be available to next spawned shells. --- spec/spec_helper_acceptance_local.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 4af007d09c..ebe3da6556 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -27,9 +27,7 @@ def export_locales(locale) LitmusHelper.instance.run_shell("echo export LANGUAGE=#{locale} >> /etc/profile.d/my-custom.lang.sh") LitmusHelper.instance.run_shell('echo export LC_COLLATE=C >> /etc/profile.d/my-custom.lang.sh') LitmusHelper.instance.run_shell("echo export LC_CTYPE=#{locale} >> /etc/profile.d/my-custom.lang.sh") - LitmusHelper.instance.run_shell('source /etc/profile.d/my-custom.lang.sh') LitmusHelper.instance.run_shell('echo export LC_ALL="C" >> ~/.bashrc') - LitmusHelper.instance.run_shell('source ~/.bashrc') end def pre_run From 4a00a01a711bc49f3047b782593bb1c6a25fbaf3 Mon Sep 17 00:00:00 2001 From: VAOL Date: Fri, 5 Jan 2024 08:41:23 +0100 Subject: [PATCH 0940/1000] specific GPG key for RH7 --- ...GPG-KEY-PGDG-common => RPM-GPG-KEY-PGDG-7} | 0 manifests/repo/yum_postgresql_org.pp | 26 ++++++++----------- 2 files changed, 11 insertions(+), 15 deletions(-) rename files/{RPM-GPG-KEY-PGDG-common => RPM-GPG-KEY-PGDG-7} (100%) diff --git a/files/RPM-GPG-KEY-PGDG-common b/files/RPM-GPG-KEY-PGDG-7 similarity index 100% rename from files/RPM-GPG-KEY-PGDG-common rename to files/RPM-GPG-KEY-PGDG-7 diff --git a/manifests/repo/yum_postgresql_org.pp b/manifests/repo/yum_postgresql_org.pp index b2d5e5853b..faf9c2ace5 100644 --- a/manifests/repo/yum_postgresql_org.pp +++ b/manifests/repo/yum_postgresql_org.pp @@ -1,24 +1,20 @@ # @api private class postgresql::repo::yum_postgresql_org inherits postgresql::repo { - $version_parts = split($postgresql::repo::version, '[.]') - $package_version = "${version_parts[0]}${version_parts[1]}" - $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" - $gpg_key_path_common = '/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common' + $version_parts = split($postgresql::repo::version, '[.]') + $package_version = "${version_parts[0]}${version_parts[1]}" + $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" - file { $gpg_key_path: - content => file('postgresql/RPM-GPG-KEY-PGDG'), - owner => 'root', - group => 'root', - mode => '0644', - before => Yumrepo['yum.postgresql.org'], + $gpg_key_file = $facts['os']['release']['major'] ? { + '7' => 'postgresql/RPM-GPG-KEY-PGDG-7', + default => 'postgresql/RPM-GPG-KEY-PGDG', } - file { $gpg_key_path_common: - content => file('postgresql/RPM-GPG-KEY-PGDG-common'), + file { $gpg_key_path: + content => file($gpg_key_file), owner => 'root', group => 'root', mode => '0644', - before => Yumrepo['pgdg-common'], + before => Yumrepo['yum.postgresql.org'], } if($facts['os']['name'] == 'Fedora') { @@ -39,7 +35,7 @@ baseurl => $_baseurl, enabled => 1, gpgcheck => 1, - gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", + gpgkey => "file://${gpg_key_path}", proxy => $postgresql::repo::proxy, } @@ -48,7 +44,7 @@ baseurl => $_commonurl, enabled => 1, gpgcheck => 1, - gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common', + gpgkey => "file://${gpg_key_path}", proxy => $postgresql::repo::proxy, } From 83a9a018db36761380682d3dd949d3b4d31d8096 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 9 Jan 2024 04:32:10 +0000 Subject: [PATCH 0941/1000] Release prep v10.0.3 --- CHANGELOG.md | 10 ++++++++++ REFERENCE.md | 9 +++++++++ metadata.json | 2 +- 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 09a8743765..d259b3adc9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.3) - 2024-01-09 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.2...v10.0.3) + +### Fixed + +- support for a custom apt source release [#1561](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1561) ([h0tw1r3](https://github.com/h0tw1r3)) +- (#1556) Fix Python package name for Ubuntu >= 22.04 [#1557](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1557) ([antaflos](https://github.com/antaflos)) +- Unconfine postgresql_conf [#1551](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1551) ([smortex](https://github.com/smortex)) + ## [v10.0.2](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.2) - 2023-11-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.1...v10.0.2) diff --git a/REFERENCE.md b/REFERENCE.md index 45c57daaa2..4a2b80dd15 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -202,6 +202,7 @@ The following parameters are available in the `postgresql::globals` class: * [`repo_proxy`](#-postgresql--globals--repo_proxy) * [`repo_baseurl`](#-postgresql--globals--repo_baseurl) * [`yum_repo_commonurl`](#-postgresql--globals--yum_repo_commonurl) +* [`apt_source_release`](#-postgresql--globals--apt_source_release) * [`needs_initdb`](#-postgresql--globals--needs_initdb) * [`encoding`](#-postgresql--globals--encoding) * [`locale`](#-postgresql--globals--locale) @@ -529,6 +530,14 @@ Sets the url for the PostgreSQL common Yum repository. Useful if you host your o Default value: `undef` +##### `apt_source_release` + +Data type: `Optional[String[1]]` + +Overrides the default release for the apt source. + +Default value: `undef` + ##### `needs_initdb` Data type: `Optional[Boolean]` diff --git a/metadata.json b/metadata.json index 8f8e381b9d..74453a0310 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.0.2", + "version": "10.0.3", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From d69144a87bb1548571a551a7abacb043301102f8 Mon Sep 17 00:00:00 2001 From: Ramesh Sencha Date: Wed, 13 Mar 2024 20:20:42 +0530 Subject: [PATCH 0942/1000] (MAINT) - PDK Update --- .github/workflows/release.yml | 2 +- .rubocop.yml | 6 +++ .vscode/extensions.json | 2 +- Gemfile | 16 ++++--- Rakefile | 80 ----------------------------------- metadata.json | 2 +- 6 files changed, 18 insertions(+), 90 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0b7b8a05dd..4b3b80fc80 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,7 +2,7 @@ name: "Publish module" on: workflow_dispatch: - + jobs: release: uses: "puppetlabs/cat-github-actions/.github/workflows/module_release.yml@main" diff --git a/.rubocop.yml b/.rubocop.yml index 7a66e08331..e6bd5af841 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -529,6 +529,8 @@ Lint/DuplicateBranch: Enabled: false Lint/DuplicateMagicComment: Enabled: false +Lint/DuplicateMatchPattern: + Enabled: false Lint/DuplicateRegexpCharacterClassElement: Enabled: false Lint/EmptyBlock: @@ -645,6 +647,8 @@ Style/ComparableClamp: Enabled: false Style/ConcatArrayLiterals: Enabled: false +Style/DataInheritance: + Enabled: false Style/DirEmpty: Enabled: false Style/DocumentDynamicEvalDefinition: @@ -713,6 +717,8 @@ Style/RedundantHeredocDelimiterQuotes: Enabled: false Style/RedundantInitialize: Enabled: false +Style/RedundantLineContinuation: + Enabled: false Style/RedundantSelfAssignmentBranch: Enabled: false Style/RedundantStringEscape: diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 2f1e4f73a5..6da8d472f8 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,6 +1,6 @@ { "recommendations": [ "puppet.puppet-vscode", - "rebornix.Ruby" + "Shopify.ruby-lsp" ] } diff --git a/Gemfile b/Gemfile index 86e337adbc..151435e2c1 100644 --- a/Gemfile +++ b/Gemfile @@ -22,27 +22,29 @@ group :development do gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false gem "facterdb", '~> 1.18', require: false - gem "metadata-json-lint", '~> 3.0', require: false + gem "metadata-json-lint", '~> 4.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false gem "rspec-puppet-facts", '~> 2.0', require: false - gem "codecov", '~> 0.2', require: false gem "dependency_checker", '~> 1.0.0', require: false gem "parallel_tests", '= 3.12.1', require: false gem "pry", '~> 0.10', require: false - gem "simplecov-console", '~> 0.5', require: false + gem "simplecov-console", '~> 0.9', require: false gem "puppet-debugger", '~> 1.0', require: false - gem "rubocop", '= 1.48.1', require: false + gem "rubocop", '~> 1.50.0', require: false gem "rubocop-performance", '= 1.16.0', require: false gem "rubocop-rspec", '= 2.19.0', require: false + gem "puppet-strings", '~> 4.0', require: false gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", '= 1.15.2', require: false end group :system_tests do - gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] - gem "serverspec", '~> 2.41', require: false + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end group :release_prep do gem "puppet-strings", '~> 4.0', require: false - gem "puppetlabs_spec_helper", '~> 7.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index a40e488df7..32f4fa9e14 100644 --- a/Rakefile +++ b/Rakefile @@ -4,88 +4,8 @@ require 'bundler' require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' -def changelog_user - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "puppetlabs" || JSON.load(File.read('metadata.json'))['author'] - raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator user:#{returnVal}" - returnVal -end - -def changelog_project - return unless Rake.application.top_level_tasks.include? "changelog" - - returnVal = nil - returnVal ||= begin - metadata_source = JSON.load(File.read('metadata.json'))['source'] - metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) - - metadata_source_match && metadata_source_match[1] - end - - raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? - - puts "GitHubChangelogGenerator project:#{returnVal}" - returnVal -end - -def changelog_future_release - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] - raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator future_release:#{returnVal}" - returnVal -end - PuppetLint.configuration.send('disable_relative') PuppetLint.configuration.send('disable_anchor_resource') PuppetLint.configuration.send('disable_params_empty_string_assignment') - - -if Gem.loaded_specs.key? 'github_changelog_generator' - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? - config.user = "#{changelog_user}" - config.project = "#{changelog_project}" - config.max_issues = 500 - config.future_release = "#{changelog_future_release}" - config.exclude_labels = ['maintenance'] - config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." - config.add_pr_wo_labels = true - config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" - config.configure_sections = { - "Changed" => { - "prefix" => "### Changed", - "labels" => ["backwards-incompatible"], - }, - "Added" => { - "prefix" => "### Added", - "labels" => ["enhancement", "feature"], - }, - "Fixed" => { - "prefix" => "### Fixed", - "labels" => ["bug", "documentation", "bugfix"], - }, - } - end -else - desc 'Generate a Changelog from GitHub' - task :changelog do - raise < 1.15' - condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" -EOM - end -end - diff --git a/metadata.json b/metadata.json index 74453a0310..ba09de478d 100644 --- a/metadata.json +++ b/metadata.json @@ -96,5 +96,5 @@ ], "pdk-version": "3.0.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g01c6a19" + "template-ref": "heads/main-0-g4fb29e7" } From a6482468020a9d58d4d2295ae4218f97481d48ad Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 14 Mar 2024 10:20:45 +0100 Subject: [PATCH 0943/1000] Fix typo in postgresql_conf provider docs --- lib/puppet/provider/postgresql_conf/ruby.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index ab89864d10..984b42706b 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -10,7 +10,7 @@ Puppet::Type.type(:postgresql_conf).provide(:ruby) do desc 'Set keys, values and comments in a postgresql config file.' - # The function pareses the postgresql.conf and figures out which active settings exist in a config file and returns an array of hashes + # The function parses the postgresql.conf and figures out which active settings exist in a config file and returns an array of hashes # def parse_config # open the config file From 2a34104b27fc2854b1ad44c1c62297d533bad0e7 Mon Sep 17 00:00:00 2001 From: Bernhard Miklautz Date: Mon, 25 Mar 2024 07:56:20 +0100 Subject: [PATCH 0944/1000] Add support for Ubuntu 24.04 ("Noble Numbat") --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index a193a962c8..ea025e4f9b 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -211,6 +211,7 @@ /^(20.04)$/ => '12', /^(21.04|21.10)$/ => '13', /^(22.04)$/ => '14', + /^(24.04)$/ => '16', default => undef, }, default => undef, From 265724b3fcefcfc05eaa8338818fecc00498de2b Mon Sep 17 00:00:00 2001 From: Bernhard Miklautz Date: Mon, 25 Mar 2024 07:58:24 +0100 Subject: [PATCH 0945/1000] postgis: support for postgres 16 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index ea025e4f9b..b9adfb4820 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -260,6 +260,7 @@ '10' => '2.4', '11' => '3.0', '12' => '3.0', + '16' => '3.4', default => undef, } $globals_postgis_version = $postgis_version ? { From 56dc1d56a00e19f7ab008f745ea72534fe9d8115 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 25 Mar 2024 13:39:13 +0100 Subject: [PATCH 0946/1000] Use RequiresMountsFor on datadir It is quite common for the data directory to be on its own mount. Systemd can ensure a directory is mounted before a service starts using RequiresMountsFor[1]: > Takes a space-separated list of absolute paths. Automatically adds > dependencies of type Requires= and After= for all mount units required > to access the specified path. [1]: https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#RequiresMountsFor= --- templates/systemd-override.conf.epp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/templates/systemd-override.conf.epp b/templates/systemd-override.conf.epp index 48b02c72f4..e451ce8c88 100644 --- a/templates/systemd-override.conf.epp +++ b/templates/systemd-override.conf.epp @@ -3,6 +3,9 @@ Stdlib::Absolutepath $datadir, Optional[String[1]] $extra_systemd_config, | -%> +[Unit] +RequiresMountsFor=<%= $datadir %> + [Service] Environment=PGPORT=<%= $port %> <%- if $facts['os']['family'] == 'Gentoo' { -%> From 43c21aff1a1e07d8bdc2da211e3503a973ae4034 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 26 Mar 2024 15:29:25 +0100 Subject: [PATCH 0947/1000] Add a global password_encryption parameter The function postgresql::password() looks at the default for encryption. If you want to use SCRAM on PostgreSQL < 14 then the default must be overridden, or specified for every use. This parameter allows it to be globally overridden. --- manifests/globals.pp | 5 +++++ manifests/params.pp | 2 +- spec/functions/postgresql_default_spec.rb | 14 ++++++++++++++ 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index b9adfb4820..6cc149fc3f 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -81,6 +81,10 @@ # @param timezone # Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information. # +# @param password_encryption +# Specify the type of encryption set for the password. +# Defaults to scram-sha-256 for PostgreSQL >= 14, otherwise md5. +# # @param manage_pg_hba_conf Allow Puppet to manage the pg_hba.conf file. # @param manage_pg_ident_conf Allow Puppet to manage the pg_ident.conf file. # @param manage_recovery_conf Allow Puppet to manage the recovery.conf file. @@ -159,6 +163,7 @@ Optional[String[1]] $locale = undef, Optional[Boolean] $data_checksums = undef, Optional[String[1]] $timezone = undef, + Optional[Postgresql::Pg_password_encryption] $password_encryption = undef, Optional[Boolean] $manage_pg_hba_conf = undef, Optional[Boolean] $manage_pg_ident_conf = undef, diff --git a/manifests/params.pp b/manifests/params.pp index c777b0793c..8441aa829c 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -25,7 +25,7 @@ $manage_selinux = pick($manage_selinux, false) $package_ensure = 'present' $module_workdir = pick($module_workdir,'/tmp') - $password_encryption = versioncmp($version, '14') ? { -1 => 'md5', default => 'scram-sha-256' } + $password_encryption = pick($password_encryption, versioncmp($version, '14') ? { -1 => 'md5', default => 'scram-sha-256' }) $extra_systemd_config = undef $manage_datadir = true $manage_logdir = true diff --git a/spec/functions/postgresql_default_spec.rb b/spec/functions/postgresql_default_spec.rb index 12ecde207e..a1d0cd6d57 100644 --- a/spec/functions/postgresql_default_spec.rb +++ b/spec/functions/postgresql_default_spec.rb @@ -30,5 +30,19 @@ class { 'postgresql::server': # parameter in globals.pp only it { is_expected.to run.with_params('default_connect_settings').and_return({}) } + it { is_expected.to run.with_params('password_encryption').and_return('md5') } + it { is_expected.to run.with_params('a_parameter_that_does_not_exist').and_raise_error(Puppet::ParseError, %r{pick\(\): must receive at least one non empty value}) } + + context 'with overridden values' do + let(:pre_condition) do + <<~PUPPET + class { 'postgresql::globals': + password_encryption => 'scram-sha-256', + } + PUPPET + end + + it { is_expected.to run.with_params('password_encryption').and_return('scram-sha-256') } + end end From 8caa079a5a8cf378aa48c6bc80fcbfa56b8b378f Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Mon, 18 Mar 2024 18:01:45 +0100 Subject: [PATCH 0948/1000] Added Fedora 39 support --- manifests/globals.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 6cc149fc3f..99dce13966 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -180,7 +180,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { - /^(38)$/ => '15', + /^(38|39)$/ => '15', /^(36|37)$/ => '14', /^(34|35)$/ => '13', /^(32|33)$/ => '12', From c773e918c1cc5ad338f0faa6dfae8a88cca60246 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 26 Mar 2024 18:07:58 +0000 Subject: [PATCH 0949/1000] Release prep v10.1.0 --- CHANGELOG.md | 15 +++++++++++++++ REFERENCE.md | 10 ++++++++++ metadata.json | 2 +- 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d259b3adc9..089acdb208 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.1.0) - 2024-03-26 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.3...v10.1.0) + +### Added + +- Add a global password_encryption parameter [#1584](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1584) ([ekohl](https://github.com/ekohl)) +- Use RequiresMountsFor on datadir [#1582](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1582) ([ekohl](https://github.com/ekohl)) +- Support Ubuntu 24.04 and postgis for postgresql 16 [#1581](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1581) ([bmiklautz](https://github.com/bmiklautz)) +- Add Fedora 39 support [#1580](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1580) ([lweller](https://github.com/lweller)) + +### Other + +- Fix typo in postgresql_conf provider docs [#1579](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1579) ([bastelfreak](https://github.com/bastelfreak)) + ## [v10.0.3](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.0.3) - 2024-01-09 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.2...v10.0.3) diff --git a/REFERENCE.md b/REFERENCE.md index 4a2b80dd15..64fd7e14b9 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -208,6 +208,7 @@ The following parameters are available in the `postgresql::globals` class: * [`locale`](#-postgresql--globals--locale) * [`data_checksums`](#-postgresql--globals--data_checksums) * [`timezone`](#-postgresql--globals--timezone) +* [`password_encryption`](#-postgresql--globals--password_encryption) * [`manage_pg_hba_conf`](#-postgresql--globals--manage_pg_hba_conf) * [`manage_pg_ident_conf`](#-postgresql--globals--manage_pg_ident_conf) * [`manage_recovery_conf`](#-postgresql--globals--manage_recovery_conf) @@ -584,6 +585,15 @@ Sets the default timezone of the postgresql server. The postgresql built-in defa Default value: `undef` +##### `password_encryption` + +Data type: `Optional[Postgresql::Pg_password_encryption]` + +Specify the type of encryption set for the password. +Defaults to scram-sha-256 for PostgreSQL >= 14, otherwise md5. + +Default value: `undef` + ##### `manage_pg_hba_conf` Data type: `Optional[Boolean]` diff --git a/metadata.json b/metadata.json index ba09de478d..eeed477da8 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.0.3", + "version": "10.1.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 7185fd28f5a0cae67e95fc44124cf2393ddd47b1 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Tue, 2 Apr 2024 21:09:39 +0530 Subject: [PATCH 0950/1000] Fix mend to run on cron --- .github/workflows/mend.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml index b4100a5af0..8b5b401847 100644 --- a/.github/workflows/mend.yml +++ b/.github/workflows/mend.yml @@ -1,9 +1,10 @@ name: "mend" on: - pull_request: - branches: - - "main" + pull_request_target: + types: + - opened + - synchronize schedule: - cron: "0 0 * * *" workflow_dispatch: From 3c32db8e7d4ace263ead75e99ae59aa8cdcb7416 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 3 Apr 2024 11:05:01 +0200 Subject: [PATCH 0951/1000] client.pp: Purge trailing whitespace --- manifests/client.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index 0b15f91fb5..7aa952fddf 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,5 +1,5 @@ # @summary Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install. -# +# # @note # Make sure to add any necessary yum or apt repositories if specifying a custom version. # @@ -9,7 +9,7 @@ # Optional. Absolute path for the postgresql connection validation script. # @param package_name # Sets the name of the PostgreSQL client package. -# @param package_ensure +# @param package_ensure # Ensure the client package is installed class postgresql::client ( Enum['file', 'absent'] $file_ensure = 'file', From 8aadd09228bf06ba6efa7b8bdf0da4fdf6567bf7 Mon Sep 17 00:00:00 2001 From: Kenyon Ralph Date: Tue, 2 Jan 2024 22:15:07 -0800 Subject: [PATCH 0952/1000] repo/apt_postgresql_org: use modern APT keyrings This makes use of https://github.com/puppetlabs/puppetlabs-apt/pull/1128 to store the public key in /etc/apt/keyrings and add a signed-by option to the sources.list.d entry. --- files/ACCC4CF8.asc | 77 ++++++++++++++++++++++++++++ manifests/repo/apt_postgresql_org.pp | 5 +- metadata.json | 2 +- 3 files changed, 81 insertions(+), 3 deletions(-) create mode 100644 files/ACCC4CF8.asc diff --git a/files/ACCC4CF8.asc b/files/ACCC4CF8.asc new file mode 100644 index 0000000000..8480576ece --- /dev/null +++ b/files/ACCC4CF8.asc @@ -0,0 +1,77 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBE6XR8IBEACVdDKT2HEH1IyHzXkb4nIWAY7echjRxo7MTcj4vbXAyBKOfjja +UrBEJWHN6fjKJXOYWXHLIYg0hOGeW9qcSiaa1/rYIbOzjfGfhE4x0Y+NJHS1db0V +G6GUj3qXaeyqIJGS2z7m0Thy4Lgr/LpZlZ78Nf1fliSzBlMo1sV7PpP/7zUO+aA4 +bKa8Rio3weMXQOZgclzgeSdqtwKnyKTQdXY5MkH1QXyFIk1nTfWwyqpJjHlgtwMi +c2cxjqG5nnV9rIYlTTjYG6RBglq0SmzF/raBnF4Lwjxq4qRqvRllBXdFu5+2pMfC +IZ10HPRdqDCTN60DUix+BTzBUT30NzaLhZbOMT5RvQtvTVgWpeIn20i2NrPWNCUh +hj490dKDLpK/v+A5/i8zPvN4c6MkDHi1FZfaoz3863dylUBR3Ip26oM0hHXf4/2U +A/oA4pCl2W0hc4aNtozjKHkVjRx5Q8/hVYu+39csFWxo6YSB/KgIEw+0W8DiTII3 +RQj/OlD68ZDmGLyQPiJvaEtY9fDrcSpI0Esm0i4sjkNbuuh0Cvwwwqo5EF1zfkVj +Tqz2REYQGMJGc5LUbIpk5sMHo1HWV038TWxlDRwtOdzw08zQA6BeWe9FOokRPeR2 +AqhyaJJwOZJodKZ76S+LDwFkTLzEKnYPCzkoRwLrEdNt1M7wQBThnC5z6wARAQAB +tBxQb3N0Z3JlU1FMIERlYmlhbiBSZXBvc2l0b3J5iQJOBBMBCAA4AhsDBQsJCAcD +BRUKCQgLBRYCAwEAAh4BAheAFiEEuXsK/KoaR/BE8kSgf8x9RqzMTPgFAlhtCD8A +CgkQf8x9RqzMTPgECxAAk8uL+dwveTv6eH21tIHcltt8U3Ofajdo+D/ayO53LiYO +xi27kdHD0zvFMUWXLGxQtWyeqqDRvDagfWglHucIcaLxoxNwL8+e+9hVFIEskQAY +kVToBCKMXTQDLarz8/J030Pmcv3ihbwB+jhnykMuyyNmht4kq0CNgnlcMCdVz0d3 +z/09puryIHJrD+A8y3TD4RM74snQuwc9u5bsckvRtRJKbP3GX5JaFZAqUyZNRJRJ +Tn2OQRBhCpxhlZ2afkAPFIq2aVnEt/Ie6tmeRCzsW3lOxEH2K7MQSfSu/kRz7ELf +Cz3NJHj7rMzC+76Rhsas60t9CjmvMuGONEpctijDWONLCuch3Pdj6XpC+MVxpgBy +2VUdkunb48YhXNW0jgFGM/BFRj+dMQOUbY8PjJjsmVV0joDruWATQG/M4C7O8iU0 +B7o6yVv4m8LDEN9CiR6r7H17m4xZseT3f+0QpMe7iQjz6XxTUFRQxXqzmNnloA1T +7VjwPqIIzkj/u0V8nICG/ktLzp1OsCFatWXh7LbU+hwYl6gsFH/mFDqVxJ3+DKQi +vyf1NatzEwl62foVjGUSpvh3ymtmtUQ4JUkNDsXiRBWczaiGSuzD9Qi0ONdkAX3b +ewqmN4TfE+XIpCPxxHXwGq9Rv1IFjOdCX0iG436GHyTLC1tTUIKF5xV4Y0+cXIOI +RgQQEQgABgUCTpdI7gAKCRDFr3dKWFELWqaPAKD1TtT5c3sZz92Fj97KYmqbNQZP ++ACfSC6+hfvlj4GxmUjp1aepoVTo3weJAhwEEAEIAAYFAk6XSQsACgkQTFprqxLS +p64F8Q//cCcutwrH50UoRFejg0EIZav6LUKejC6kpLeubbEtuaIH3r2zMblPGc4i ++eMQKo/PqyQrceRXeNNlqO6/exHozYi2meudxa6IudhwJIOn1MQykJbNMSC2sGUp +1W5M1N5EYgt4hy+qhlfnD66LR4G+9t5FscTJSy84SdiOuqgCOpQmPkVRm1HX5X1+ +dmnzMOCk5LHHQuiacV0qeGO7JcBCVEIDr+uhU1H2u5GPFNHm5u15n25tOxVivb94 +xg6NDjouECBH7cCVuW79YcExH/0X3/9G45rjdHlKPH1OIUJiiX47OTxdG3dAbB4Q +fnViRJhjehFscFvYWSqXo3pgWqUsEvv9qJac2ZEMSz9x2mj0ekWxuM6/hGWxJdB+ ++985rIelPmc7VRAXOjIxWknrXnPCZAMlPlDLu6+vZ5BhFX0Be3y38f7GNCxFkJzl +hWZ4Cj3WojMj+0DaC1eKTj3rJ7OJlt9S9xnO7OOPEUTGyzgNIDAyCiu8F4huLPaT +ape6RupxOMHZeoCVlqx3ouWctelB2oNXcxxiQ/8y+21aHfD4n/CiIFwDvIQjl7dg +mT3u5Lr6yxuosR3QJx1P6rP5ZrDTP9khT30t+HZCbvs5Pq+v/9m6XDmi+NlU7Zuh +Ehy97tL3uBDgoL4b/5BpFL5U9nruPlQzGq1P9jj40dxAaDAX/WKJAj0EEwEIACcC +GwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AFAlB5KywFCQPDFt8ACgkQf8x9RqzM +TPhuCQ//QAjRSAOCQ02qmUAikT+mTB6baOAakkYq6uHbEO7qPZkv4E/M+HPIJ4wd +nBNeSQjfvdNcZBA/x0hr5EMcBneKKPDj4hJ0panOIRQmNSTThQw9OU351gm3YQct +AMPRUu1fTJAL/AuZUQf9ESmhyVtWNlH/56HBfYjE4iVeaRkkNLJyX3vkWdJSMwC/ +LO3Lw/0M3R8itDsm74F8w4xOdSQ52nSRFRh7PunFtREl+QzQ3EA/WB4AIj3VohIG +kWDfPFCzV3cyZQiEnjAe9gG5pHsXHUWQsDFZ12t784JgkGyO5wT26pzTiuApWM3k +/9V+o3HJSgH5hn7wuTi3TelEFwP1fNzI5iUUtZdtxbFOfWMnZAypEhaLmXNkg4zD +kH44r0ss9fR0DAgUav1a25UnbOn4PgIEQy2fgHKHwRpCy20d6oCSlmgyWsR40EPP +YvtGq49A2aK6ibXmdvvFT+Ts8Z+q2SkFpoYFX20mR2nsF0fbt1lfH65P64dukxeR +GteWIeNakDD40bAAOH8+OaoTGVBJ2ACJfLVNM53PEoftavAwUYMrR910qvwYfd/4 +6rh46g1Frr9SFMKYE9uvIJIgDsQB3QBp71houU4H55M5GD8XURYs+bfiQpJG1p7e +B8e5jZx1SagNWc4XwL2FzQ9svrkbg1Y+359buUiP7T6QXX2zY++JAj0EEwEIACcC +GwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AFAlEqbZUFCQg2wEEACgkQf8x9RqzM +TPhFMQ//WxAfKMdpSIA9oIC/yPD/dJpY/+DyouOljpE6MucMy/ArBECjFTBwi/j9 +NYM4ynAk34IkhuNexc1i9/05f5RM6+riLCLgAOsADDbHD4miZzoSxiVr6GQ3YXMb +OGld9kV9Sy6mGNjcUov7iFcf5Hy5w3AjPfKuR9zXswyfzIU1YXObiiZT38l55pp/ +BSgvGVQsvbNjsff5CbEKXS7q3xW+WzN0QWF6YsfNVhFjRGj8hKtHvwKcA02wwjLe +LXVTm6915ZUKhZXUFc0vM4Pj4EgNswH8Ojw9AJaKWJIZmLyW+aP+wpu6YwVCicxB +Y59CzBO2pPJDfKFQzUtrErk9irXeuCCLesDyirxJhv8o0JAvmnMAKOLhNFUrSQ2m ++3EnF7zhfz70gHW+EG8X8mL/EN3/dUM09j6TVrjtw43RLxBzwMDeariFF9yC+5bL +tnGgxjsB9Ik6GV5v34/NEEGf1qBiAzFmDVFRZlrNDkq6gmpvGnA5hUWNr+y0i01L +jGyaLSWHYjgw2UEQOqcUtTFK9MNzbZze4mVaHMEz9/aMfX25R6qbiNqCChveIm8m +Yr5Ds2zdZx+G5bAKdzX7nx2IUAxFQJEE94VLSp3npAaTWv3sHr7dR8tSyUJ9poDw +gw4W9BIcnAM7zvFYbLF5FNggg/26njHCCN70sHt8zGxKQINMc6SJAj0EEwEIACcC +GwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AFAlLpFRkFCQ6EJy0ACgkQf8x9RqzM +TPjOZA//Zp0e25pcvle7cLc0YuFr9pBv2JIkLzPm83nkcwKmxaWayUIG4Sv6pH6h +m8+S/CHQij/yFCX+o3ngMw2J9HBUvafZ4bnbI0RGJ70GsAwraQ0VlkIfg7GUw3Tz +voGYO42rZTru9S0K/6nFP6D1HUu+U+AsJONLeb6oypQgInfXQExPZyliUnHdipei +4WR1YFW6sjSkZT/5C3J1wkAvPl5lvOVthI9Zs6bZlJLZwusKxU0UM4Btgu1Sf3nn +JcHmzisixwS9PMHE+AgPWIGSec/N27a0KmTTvImV6K6nEjXJey0K2+EYJuIBsYUN +orOGBwDFIhfRk9qGlpgt0KRyguV+AP5qvgry95IrYtrOuE7307SidEbSnvO5ezNe +mE7gT9Z1tM7IMPfmoKph4BfpNoH7aXiQh1Wo+ChdP92hZUtQrY2Nm13cmkxYjQ4Z +gMWfYMC+DA/GooSgZM5i6hYqyyfAuUD9kwRN6BqTbuAUAp+hCWYeN4D88sLYpFh3 +paDYNKJ+Gf7Yyi6gThcV956RUFDH3ys5Dk0vDL9NiWwdebWfRFbzoRM3dyGP889a +OyLzS3mh6nHzZrNGhW73kslSQek8tjKrB+56hXOnb4HaElTZGDvD5wmrrhN94kby +Gtz3cydIohvNO9d90+29h0eGEDYti7j7maHkBKUAwlcPvMg5m3Y= +=DA1T +-----END PGP PUBLIC KEY BLOCK----- diff --git a/manifests/repo/apt_postgresql_org.pp b/manifests/repo/apt_postgresql_org.pp index de72f92458..8acd3d3941 100644 --- a/manifests/repo/apt_postgresql_org.pp +++ b/manifests/repo/apt_postgresql_org.pp @@ -22,8 +22,9 @@ repos => 'main', architecture => $facts['os']['architecture'], key => { - id => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', - source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', + name => 'apt.postgresql.org.asc', + # https://www.postgresql.org/media/keys/ACCC4CF8.asc + content => file("${module_name}/ACCC4CF8.asc"), }, include => { src => false, diff --git a/metadata.json b/metadata.json index eeed477da8..1c741d8086 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 2.0.0 < 10.0.0" + "version_requirement": ">= 9.2.0 < 10.0.0" }, { "name": "puppet/systemd", From a72c332ad2c9cdafabd4abc95d340ca75c118c2a Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 10 Apr 2024 11:07:57 +0200 Subject: [PATCH 0953/1000] acceptance tests: ensure code is idempotent --- spec/acceptance/server_instance_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/server_instance_spec.rb b/spec/acceptance/server_instance_spec.rb index 93192bafb3..d00ce95f83 100644 --- a/spec/acceptance/server_instance_spec.rb +++ b/spec/acceptance/server_instance_spec.rb @@ -156,6 +156,6 @@ class { 'postgresql::server': it 'installs postgres instance test1' do export_locales('en_US.UTF-8 ') - apply_manifest(pp, catch_failures: true) + idempotent_apply(pp) end end From 93bb7d4ff636359ae61a95bfc665bf32447ee8f8 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 10 Apr 2024 16:58:50 +0200 Subject: [PATCH 0954/1000] .fixtures.yml: unpin puppet_agent dependency --- .fixtures.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 9846440fef..fbee13667e 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,3 +1,4 @@ +--- fixtures: repositories: apt: "https://github.com/puppetlabs/puppetlabs-apt.git" @@ -7,9 +8,7 @@ fixtures: facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' firewall: "https://github.com/puppetlabs/puppetlabs-firewall.git" provision: "https://github.com/puppetlabs/provision.git" - puppet_agent: - repo: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' - ref: v4.13.0 + puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" yumrepo_core: "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git" systemd: "https://github.com/voxpupuli/puppet-systemd.git" From 5b0fb8ca454c2d1e33af74cca6247215a968e9bf Mon Sep 17 00:00:00 2001 From: Tomas Barton Date: Thu, 31 Aug 2023 10:22:47 +0200 Subject: [PATCH 0955/1000] List Debian 12 as supported system --- metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 1c741d8086..9dfec547ad 100644 --- a/metadata.json +++ b/metadata.json @@ -57,7 +57,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "10", - "11" + "11", + "12" ] }, { From b797bbd00bbefdcf84a6eef95f8df02bf0a2572a Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 19 Oct 2023 19:28:00 +0200 Subject: [PATCH 0956/1000] (#1532) Replace ParserError with Puppet::Error I'm not sure how we ended up with ParserError in the provider. This exception doesn't exist in Ruby. Puppet ships ther own exception, Puppet::Error. It probably makes sense to raise that instead. Fixes 179472ba261a7d0847fdb93fdcb1d43741c4cdde Alternative implementation for https://github.com/puppetlabs/puppetlabs-postgresql/pull/1538 --- lib/puppet/provider/postgresql_conf/ruby.rb | 2 +- .../provider/postgresql_conf/ruby_spec.rb | 26 ++++++++++++++++--- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index 984b42706b..7e5db35232 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -74,7 +74,7 @@ def write_config(file, lines) # check, if resource exists in postgresql.conf file def exists? select = parse_config.select { |hash| hash[:key] == resource[:key] } - raise ParserError, "found multiple config items of #{resource[:key]} found, please fix this" if select.length > 1 + raise Puppet::Error, "found multiple config items of #{resource[:key]}, please fix this" if select.length > 1 return false if select.empty? @result = select.first diff --git a/spec/unit/provider/postgresql_conf/ruby_spec.rb b/spec/unit/provider/postgresql_conf/ruby_spec.rb index 11800b0fc7..1a5c3e806a 100644 --- a/spec/unit/provider/postgresql_conf/ruby_spec.rb +++ b/spec/unit/provider/postgresql_conf/ruby_spec.rb @@ -4,13 +4,14 @@ provider_class = Puppet::Type.type(:postgresql_conf).provider(:ruby) describe provider_class do - let(:resource) { Puppet::Type.type(:postgresql_conf).new(name: 'foo', value: 'bar') } + let(:resource) { Puppet::Type.type(:postgresql_conf).new(name: 'foo', key: 'foo', value: 'bar') } let(:provider) { resource.provider } before(:each) do allow(provider).to receive(:file_path).and_return('/tmp/foo') allow(provider).to receive(:read_file).and_return('foo = bar') allow(provider).to receive(:write_file).and_return(true) + allow(provider).to receive(:resource).and_return(key: 'your_key', line_number: 1, value: 'foo') end # rubocop:enable RSpec/ReceiveMessages @@ -26,8 +27,27 @@ expect(provider).to respond_to(:add_header) end - it 'has a method exists?' do - expect(provider).to respond_to(:exists?) + describe '#exists?' do + it 'returns true when a matching config item is found' do + config_data = [{ key: 'your_key', value: 'your_value' }] + expect(provider).to receive(:parse_config).and_return(config_data) + + expect(provider.exists?).to be true + end + + it 'returns false when no matching config item is found' do + config_data = [{ key: 'other_key', value: 'other_value' }] + expect(provider).to receive(:parse_config).and_return(config_data) + + expect(provider.exists?).to be false + end + + it 'raises an error when multiple matching config items are found' do + config_data = [{ key: 'your_key', value: 'value1' }, { key: 'your_key', value: 'value2' }] + expect(provider).to receive(:parse_config).and_return(config_data) + + expect { provider.exists? }.to raise_error(Puppet::Error, 'found multiple config items of your_key, please fix this') + end end it 'has a method create' do From 26a3e8ebf4eb566cbf7f0dd89dd072629568c2dd Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Thu, 11 Apr 2024 07:40:50 +0000 Subject: [PATCH 0957/1000] Release prep v10.2.0 --- CHANGELOG.md | 13 +++++++++++++ metadata.json | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 089acdb208..df8d39278e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,19 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.2.0) - 2024-04-11 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.1.0...v10.2.0) + +### Added + +- Use modern APT keyrings on Debian family; require puppetlabs/apt 9.2 [#1563](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1563) ([kenyon](https://github.com/kenyon)) +- List Debian 12 as supported system [#1488](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1488) ([deric](https://github.com/deric)) + +### Fixed + +- acceptance tests: ensure code is idempotent [#1589](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1589) ([bastelfreak](https://github.com/bastelfreak)) + ## [v10.1.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.1.0) - 2024-03-26 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.0.3...v10.1.0) diff --git a/metadata.json b/metadata.json index 9dfec547ad..348ca30e5e 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.1.0", + "version": "10.2.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From d383a21524178f2ee997cf355a7287610c7c7fa9 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 3 Apr 2024 15:44:09 +0200 Subject: [PATCH 0958/1000] fix service reload for correctinstance in server::instance::config define --- manifests/server/instance/config.pp | 4 ++-- manifests/server_instance.pp | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/manifests/server/instance/config.pp b/manifests/server/instance/config.pp index d596d0846b..342d8fdba3 100644 --- a/manifests/server/instance/config.pp +++ b/manifests/server/instance/config.pp @@ -88,7 +88,7 @@ group => $group, mode => '0640', warn => true, - notify => Class['postgresql::server::reload'], + notify => Postgresql::Server::Instance::Reload[$name], } if $pg_hba_conf_defaults { @@ -249,7 +249,7 @@ group => $group, mode => '0640', warn => true, - notify => Class['postgresql::server::reload'], + notify => Postgresql::Server::Instance::Reload[$name], } } diff --git a/manifests/server_instance.pp b/manifests/server_instance.pp index 49d2bbb8f7..9f45b419f2 100644 --- a/manifests/server_instance.pp +++ b/manifests/server_instance.pp @@ -66,6 +66,10 @@ port => $config_settings['port'], user => $instance_user, } + postgresql::server::instance::reload { $instance_name: + service_status => $service_settings['service_status'], + service_reload => "systemctl reload ${service_settings['service_name']}.service", + } postgresql::server::instance::passwd { $instance_name: * => $passwd_settings, } From 4cff9edb82d88075ea7fa8b6740ca7522440bbec Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 3 Apr 2024 15:49:56 +0200 Subject: [PATCH 0959/1000] fix service reload/restart for correct nstance in server::instance::reload/systemd define --- manifests/server/instance/reload.pp | 2 +- manifests/server/instance/systemd.pp | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server/instance/reload.pp b/manifests/server/instance/reload.pp index 53eb5fad99..fd0c750ab2 100644 --- a/manifests/server/instance/reload.pp +++ b/manifests/server/instance/reload.pp @@ -11,6 +11,6 @@ command => $service_reload, onlyif => $service_status, refreshonly => true, - require => Class['postgresql::server::service'], + require => Postgresql::Server::Instance::Service[$name], } } diff --git a/manifests/server/instance/systemd.pp b/manifests/server/instance/systemd.pp index b9a46a2336..9214f2a22a 100644 --- a/manifests/server/instance/systemd.pp +++ b/manifests/server/instance/systemd.pp @@ -32,8 +32,8 @@ extra_systemd_config => $extra_systemd_config, } ), - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], + notify => Postgresql::Server::Instance::Service[$name], + before => Postgresql::Server::Instance::Reload[$name], } } } From 711b3a1d67c67244c64df2b5fe73efc0dc715741 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 3 Apr 2024 18:10:55 +0200 Subject: [PATCH 0960/1000] fix service reload/restart for correct instance in server_instance/server::config_entry define --- manifests/server/config_entry.pp | 9 +++++---- manifests/server_instance.pp | 11 ++++++----- spec/classes/server_spec.rb | 2 +- spec/defines/server/config_entry_spec.rb | 2 +- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index d17b844a18..9485b71bcb 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -12,6 +12,7 @@ Optional[Variant[String[1], Numeric, Array[String[1]]]] $value = undef, Stdlib::Absolutepath $path = $postgresql::server::postgresql_conf_path, Optional[String[1]] $comment = undef, + String[1] $instance_name = 'main', ) { # Those are the variables that are marked as "(change requires restart)" # on postgresql.conf. Items are ordered as on postgresql.conf. @@ -72,15 +73,15 @@ versioncmp($postgresql::server::_version, $requires_restart_until[$key]) < 0 )) { Postgresql_conf { - notify => Class['postgresql::server::reload'], + notify => Postgresql::Server::Instance::Reload[$instance_name], } } elsif $postgresql::server::service_restart_on_change { Postgresql_conf { - notify => Class['postgresql::server::service'], + notify => Postgresql::Server::Instance::Service[$instance_name], } } else { Postgresql_conf { - before => Class['postgresql::server::service'], + before => Postgresql::Server::Instance::Service[$instance_name], } } @@ -90,6 +91,6 @@ key => $key, value => $value, comment => $comment, - require => Class['postgresql::server::initdb'], + require => Postgresql::Server::Instance::Initdb[$instance_name], } } diff --git a/manifests/server_instance.pp b/manifests/server_instance.pp index 9f45b419f2..97814b1908 100644 --- a/manifests/server_instance.pp +++ b/manifests/server_instance.pp @@ -88,11 +88,12 @@ $value = $settings['value'] $comment = $settings['comment'] postgresql::server::config_entry { "${entry}_${$instance_name}": - ensure => bool2str($value =~ Undef, 'absent', 'present'), - key => $entry, - value => $value, - comment => $comment, - path => $config_settings['postgresql_conf_path'], + ensure => bool2str($value =~ Undef, 'absent', 'present'), + key => $entry, + value => $value, + comment => $comment, + path => $config_settings['postgresql_conf_path'], + instance_name => $instance_name, } } $pg_hba_rules.each |String[1] $rule_name, Postgresql::Pg_hba_rule $rule| { diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index caf592d611..513c3d1760 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -129,7 +129,7 @@ class { 'postgresql::globals': it { is_expected.to contain_class('postgresql::server') } it { - expect(subject).to contain_Postgresql_conf('data_directory_for_instance_main').that_notifies('Class[postgresql::server::service]') + expect(subject).to contain_Postgresql_conf('data_directory_for_instance_main').that_notifies('Postgresql::Server::Instance::Service[main]') } it { is_expected.to contain_postgresql__server__config_entry('data_directory_for_instance_main') } diff --git a/spec/defines/server/config_entry_spec.rb b/spec/defines/server/config_entry_spec.rb index 8b13e020bd..243e2ea5e9 100644 --- a/spec/defines/server/config_entry_spec.rb +++ b/spec/defines/server/config_entry_spec.rb @@ -76,7 +76,7 @@ expect(subject).to contain_postgresql_conf('unix_socket_directories') .with(name: 'unix_socket_directories', value: '/var/pgsql, /opt/postgresql, /root/') - .that_notifies('Class[postgresql::server::service]') + .that_notifies('Postgresql::Server::Instance::Service[main]') end end end From 25d42a32bfc139f5007cb0fb6462ab31dffe3a98 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 3 Apr 2024 19:58:52 +0200 Subject: [PATCH 0961/1000] add parameter documentation --- manifests/server/config_entry.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/server/config_entry.pp b/manifests/server/config_entry.pp index 9485b71bcb..e6460659a2 100644 --- a/manifests/server/config_entry.pp +++ b/manifests/server/config_entry.pp @@ -5,6 +5,7 @@ # @param value Defines the value for the setting. # @param path Path for postgresql.conf # @param comment Defines the comment for the setting. The # is added by default. +# @param instance_name The name of the instance. # define postgresql::server::config_entry ( Enum['present', 'absent'] $ensure = 'present', From 79d8430f648e0dea6b9c2fe0dfec9847b78374a3 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 17 Apr 2024 14:14:57 +0200 Subject: [PATCH 0962/1000] changing database.pp service dependency --- manifests/server/database.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 7d95e76056..48cd44103b 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -72,7 +72,7 @@ postgresql_psql { "CREATE DATABASE \"${dbname}\"": command => "CREATE DATABASE \"${dbname}\" WITH ${template_option} ${encoding_option} ${locale_option} ${tablespace_option}", unless => "SELECT 1 FROM pg_database WHERE datname = '${dbname}'", - require => Class['postgresql::server::service'], + require => Postgresql::Server::Instance::Service[$instance], } # This will prevent users from connecting to the database unless they've been From e51f3d97fe2a195f9d5e2d52c191d3867bd0b0f1 Mon Sep 17 00:00:00 2001 From: Simon Hoenscheid Date: Wed, 24 Apr 2024 15:41:12 +0200 Subject: [PATCH 0963/1000] fix service dependency issue --- manifests/server/database_grant.pp | 3 +++ manifests/server/db.pp | 3 +++ manifests/server/table_grant.pp | 3 +++ manifests/server_instance.pp | 11 +++++++---- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/manifests/server/database_grant.pp b/manifests/server/database_grant.pp index 3becf35975..c4a7c67ca1 100644 --- a/manifests/server/database_grant.pp +++ b/manifests/server/database_grant.pp @@ -9,6 +9,7 @@ # @param psql_group Overrides the default postgres user group to be used for related files in the file system. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param port Port to use when connecting. +# @param instance The name of the Postgresql database instance. define postgresql::server::database_grant ( Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp'] $privilege, String[1] $db, @@ -19,6 +20,7 @@ Hash $connect_settings = $postgresql::server::default_connect_settings, String[1] $psql_group = $postgresql::server::group, Stdlib::Port $port = $postgresql::server::port, + String[1] $instance = 'main', ) { postgresql::server::grant { "database:${name}": ensure => $ensure, @@ -32,5 +34,6 @@ group => $psql_group, port => $port, connect_settings => $connect_settings, + instance => $instance, } } diff --git a/manifests/server/db.pp b/manifests/server/db.pp index 513e548ed7..9542dcc618 100644 --- a/manifests/server/db.pp +++ b/manifests/server/db.pp @@ -44,6 +44,7 @@ port => $port, user => $psql_user, group => $psql_group, + instance => $instance, } } @@ -54,6 +55,7 @@ psql_user => $psql_user, psql_group => $psql_group, before => Postgresql::Server::Database[$dbname], + instance => $instance, } } @@ -65,6 +67,7 @@ port => $port, psql_user => $psql_user, psql_group => $psql_group, + instance => $instance, } -> Postgresql_conn_validator<| db_name == $dbname |> } diff --git a/manifests/server/table_grant.pp b/manifests/server/table_grant.pp index 9168dd9ce0..719460fd22 100644 --- a/manifests/server/table_grant.pp +++ b/manifests/server/table_grant.pp @@ -12,6 +12,7 @@ # @param psql_user Specifies the OS user for running psql. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. # @param onlyif_exists Create grant only if it doesn't exist. +# @param instance The name of the Postgresql database instance. define postgresql::server::table_grant ( Enum['ALL', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'all', 'select', 'insert', 'update', 'delete', 'truncate', 'references', 'trigger'] $privilege, @@ -24,6 +25,7 @@ Optional[String[1]] $psql_user = undef, Optional[Hash] $connect_settings = undef, Boolean $onlyif_exists = false, + String[1] $instance = 'main', ) { postgresql::server::grant { "table:${name}": ensure => $ensure, @@ -37,5 +39,6 @@ psql_user => $psql_user, onlyif_exists => $onlyif_exists, connect_settings => $connect_settings, + instance => $instance, } } diff --git a/manifests/server_instance.pp b/manifests/server_instance.pp index 97814b1908..5ef8dec527 100644 --- a/manifests/server_instance.pp +++ b/manifests/server_instance.pp @@ -113,10 +113,11 @@ } $databases.each |$database, $database_details| { postgresql::server::database { $database: - * => $database_details, - user => $instance_user, - group => $instance_group, - port => $config_settings['port'], + * => $database_details, + user => $instance_user, + group => $instance_group, + port => $config_settings['port'], + instance => $instance_name, } } $database_grants.each |$db_grant_title, $dbgrants| { @@ -125,6 +126,7 @@ psql_user => $instance_user, psql_group => $instance_group, port => $config_settings['port'], + instance => $instance_name, } } $table_grants.each |$table_grant_title, $tgrants| { @@ -132,6 +134,7 @@ * => $tgrants, psql_user => $instance_user, port => $config_settings['port'], + instance => $instance_name, } } } From dc7011bf90ec55a82f3ee711a474c96f6c5e23dd Mon Sep 17 00:00:00 2001 From: Christoph Maser Date: Sun, 5 May 2024 17:26:12 +0200 Subject: [PATCH 0964/1000] allow puppet-systemd version 7 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 348ca30e5e..689ab45afc 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 7.0.0" + "version_requirement": ">= 4.0.1 < 8.0.0" }, { "name": "puppetlabs/concat", From 822d4f9db587f6ae320441116e2663e558fe9c9e Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Wed, 8 May 2024 02:28:22 +0000 Subject: [PATCH 0965/1000] Release prep v10.3.0 --- CHANGELOG.md | 21 ++++++++++++++++++++- REFERENCE.md | 27 +++++++++++++++++++++++++++ metadata.json | 2 +- 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df8d39278e..c0f2ff5598 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.3.0) - 2024-05-08 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.2.0...v10.3.0) + +### Added + +- allow puppet-systemd version 7 [#1595](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1595) ([TheMeier](https://github.com/TheMeier)) + +### Fixed + +- Fix instance reload [#1588](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1588) ([SimonHoenscheid](https://github.com/SimonHoenscheid)) + ## [v10.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.2.0) - 2024-04-11 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.1.0...v10.2.0) @@ -65,6 +77,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v9.2.0...v10.0.0) ### Changed + - postgis: Drop EL5 leftovers and fix package name for Fedora [#1521](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1521) ([bastelfreak](https://github.com/bastelfreak)) - Drop EoL SLES 11.4 code [#1520](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1520) ([bastelfreak](https://github.com/bastelfreak)) - Drop code for Debian without systemd [#1514](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1514) ([bastelfreak](https://github.com/bastelfreak)) @@ -165,6 +178,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v8.3.0...v9.0.0) ### Changed + - (CONT-792) - Add Puppet 8/Drop Puppet 6 [#1414](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1414) ([jordanbreen28](https://github.com/jordanbreen28)) ## [v8.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v8.3.0) - 2023-04-21 @@ -244,6 +258,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v7.5.0...v8.0.0) ### Changed + - Support setting default_privileges on all schemas [#1298](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1298) ([fish-face](https://github.com/fish-face)) ### Added @@ -251,7 +266,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a - add default version for Fedora 35 [#1317](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1317) ([jflorian](https://github.com/jflorian)) - add scram-sha-256 support [#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) - add support for Ubuntu Hirsute and Impish [#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) -- Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kim-sondrup](https://github.com/kim-sondrup)) +- Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kimsondrup](https://github.com/kimsondrup)) - Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) - pdksync - (IAC-1753) - Add Support for AlmaLinux 8 [#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) - MODULES-11201: add service_name for Ubuntu 18.04 and later [#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) @@ -354,6 +369,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v6.10.2...v7.0.0) ### Changed + - pdksync - (MAINT) Remove SLES 11 support [#1247](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1247) ([sanfrancrisko](https://github.com/sanfrancrisko)) - pdksync - (MAINT) Remove RHEL 5 family support [#1246](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1246) ([sanfrancrisko](https://github.com/sanfrancrisko)) - pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [#1238](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1238) ([carabasdaniel](https://github.com/carabasdaniel)) @@ -520,6 +536,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.12.1...v6.0.0) ### Changed + - pdksync - (MODULES-8444) - Raise lower Puppet bound [#1070](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1070) ([david22swan](https://github.com/david22swan)) - (maint) remove inconsistent extra variable [#1044](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1044) ([binford2k](https://github.com/binford2k)) @@ -618,6 +635,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/5.4.0...5.5.0) ### Changed + - Fix creation of recovery.conf file when recovery configuration is not specified [#995](https://github.com/puppetlabs/puppetlabs-postgresql/pull/995) ([cdloh](https://github.com/cdloh)) ### Added @@ -703,6 +721,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/4.9.0...5.0.0) ### Changed + - Unset default log_line_prefix [#870](https://github.com/puppetlabs/puppetlabs-postgresql/pull/870) ([hasegeli](https://github.com/hasegeli)) - Let listen_addresses be defined independently [#865](https://github.com/puppetlabs/puppetlabs-postgresql/pull/865) ([hasegeli](https://github.com/hasegeli)) diff --git a/REFERENCE.md b/REFERENCE.md index 64fd7e14b9..247b58c952 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1546,6 +1546,7 @@ The following parameters are available in the `postgresql::server::config_entry` * [`value`](#-postgresql--server--config_entry--value) * [`path`](#-postgresql--server--config_entry--path) * [`comment`](#-postgresql--server--config_entry--comment) +* [`instance_name`](#-postgresql--server--config_entry--instance_name) ##### `ensure` @@ -1587,6 +1588,14 @@ Defines the comment for the setting. The # is added by default. Default value: `undef` +##### `instance_name` + +Data type: `String[1]` + +The name of the instance. + +Default value: `'main'` + ### `postgresql::server::database` Define for creating a database. @@ -1748,6 +1757,7 @@ The following parameters are available in the `postgresql::server::database_gran * [`psql_group`](#-postgresql--server--database_grant--psql_group) * [`connect_settings`](#-postgresql--server--database_grant--connect_settings) * [`port`](#-postgresql--server--database_grant--port) +* [`instance`](#-postgresql--server--database_grant--instance) ##### `privilege` @@ -1815,6 +1825,14 @@ Port to use when connecting. Default value: `$postgresql::server::port` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::db` Define for conveniently creating a role, database and assigning the correct permissions. @@ -3970,6 +3988,7 @@ The following parameters are available in the `postgresql::server::table_grant` * [`psql_user`](#-postgresql--server--table_grant--psql_user) * [`connect_settings`](#-postgresql--server--table_grant--connect_settings) * [`onlyif_exists`](#-postgresql--server--table_grant--onlyif_exists) +* [`instance`](#-postgresql--server--table_grant--instance) ##### `privilege` @@ -4049,6 +4068,14 @@ Create grant only if it doesn't exist. Default value: `false` +##### `instance` + +Data type: `String[1]` + +The name of the Postgresql database instance. + +Default value: `'main'` + ### `postgresql::server::tablespace` This module creates tablespace. diff --git a/metadata.json b/metadata.json index 689ab45afc..c5b9d1cb21 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.2.0", + "version": "10.3.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From de9e9d744ab0a7d7a235691a27e127510f1ed073 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Tue, 21 May 2024 21:19:17 +0530 Subject: [PATCH 0966/1000] ITHELP-87329 : replace pull_request_target with pull_request --- .github/workflows/mend.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml index 8b5b401847..b4100a5af0 100644 --- a/.github/workflows/mend.yml +++ b/.github/workflows/mend.yml @@ -1,10 +1,9 @@ name: "mend" on: - pull_request_target: - types: - - opened - - synchronize + pull_request: + branches: + - "main" schedule: - cron: "0 0 * * *" workflow_dispatch: From 6cbbd29d99e26c417c761e0d246d161e438da093 Mon Sep 17 00:00:00 2001 From: Malik Parvez <84777619+malikparvez@users.noreply.github.com> Date: Tue, 4 Jun 2024 13:56:05 +0530 Subject: [PATCH 0967/1000] ITHELP-87329 : replace pull_request_target with pull_request --- .github/workflows/labeller.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml index ee149bf525..0d4870d70b 100644 --- a/.github/workflows/labeller.yml +++ b/.github/workflows/labeller.yml @@ -6,7 +6,7 @@ on: - opened - labeled - unlabeled - pull_request_target: + pull_request: types: - opened - labeled From 1a5ad40561664cfeb7bb61140b5aee9197fe0d87 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 30 May 2024 17:34:03 +0200 Subject: [PATCH 0968/1000] Fix spelling of PostgreSQL in a debug statement --- lib/puppet/provider/postgresql_conf/ruby.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index 7e5db35232..d3474a8bff 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -36,7 +36,7 @@ def parse_config active_settings.push(attributes_hash) end end - Puppet.debug("DEBUG: parse_config Active Settings found in Postgreql config file: #{active_settings}") + Puppet.debug("DEBUG: parse_config Active Settings found in PostgreSQL config file: #{active_settings}") active_settings end From 9c5e5cec05a6a11396dda816580d86e8bc940636 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 30 May 2024 17:41:31 +0200 Subject: [PATCH 0969/1000] Avoid opening the file in postgresql_conf Using File.open without closing it can leak file descriptors. It's actually not needed at all because File.foreach, File.readlines and File.write all accept a filename. This simplifies the code in the process. --- lib/puppet/provider/postgresql_conf/ruby.rb | 29 ++++++++------------- 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index d3474a8bff..3719eb635e 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -13,15 +13,13 @@ # The function parses the postgresql.conf and figures out which active settings exist in a config file and returns an array of hashes # def parse_config - # open the config file - file = File.open(resource[:target]) # regex to match active keys, values and comments active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} # empty array to be filled with hashes active_settings = [] # iterate the file and construct a hash for every matching/active setting # the hash is pushed to the array and the array is returned - File.foreach(file).with_index do |line, index| + File.foreach(resource[:target]).with_index do |line, index| line_number = index + 1 matches = line.match(active_values_regex) if matches @@ -63,12 +61,11 @@ def add_header(lines) # This function writes the config file, it removes the old header, adds a new one and writes the file # - # @param [File] the file object of the postgresql configuration file # @param [Array] lines of the parsed postgresql configuration file - def write_config(file, lines) + def write_config(lines) lines = delete_header(lines) lines = add_header(lines) - File.write(file, lines.join) + File.write(resource[:target], lines.join) end # check, if resource exists in postgresql.conf file @@ -85,23 +82,21 @@ def exists? # remove resource if exists and is set to absent def destroy entry_regex = %r{#{resource[:key]}.*=.*#{resource[:value]}} - file = File.open(resource[:target]) - lines = File.readlines(file) + lines = File.readlines(resource[:target]) lines.delete_if do |entry| entry.match?(entry_regex) end - write_config(file, lines) + write_config(lines) end # create resource if it does not exists def create - file = File.open(resource[:target]) - lines = File.readlines(file) + lines = File.readlines(resource[:target]) new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) lines.push(new_line) - write_config(file, lines) + write_config(lines) end # getter - get value of a resource @@ -116,8 +111,7 @@ def comment # setter - set value of a resource def value=(_value) - file = File.open(resource[:target]) - lines = File.readlines(file) + lines = File.readlines(resource[:target]) active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) @@ -125,13 +119,12 @@ def value=(_value) matches = line.to_s.match(active_values_regex) lines[index] = new_line if matches && (matches[:key] == resource[:key] && matches[:value] != resource[:value]) end - write_config(file, lines) + write_config(lines) end # setter - set comment of a resource def comment=(_comment) - file = File.open(resource[:target]) - lines = File.readlines(file) + lines = File.readlines(resource[:target]) active_values_regex = %r{^\s*(?[\w.]+)\s*=?\s*(?.*?)(?:\s*#\s*(?.*))?\s*$} new_line = line(key: resource[:key], value: resource[:value], comment: resource[:comment]) @@ -139,7 +132,7 @@ def comment=(_comment) matches = line.to_s.match(active_values_regex) lines[index] = new_line if matches && (matches[:key] == resource[:key] && matches[:comment] != resource[:comment]) end - write_config(file, lines) + write_config(lines) end private From f2b193dd6ff7a0e0375a3ffaa610cd0727620219 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 30 May 2024 17:43:15 +0200 Subject: [PATCH 0970/1000] Pass an offset to with_index to calculate line numbers Rather than starting from 0 and always adding 1, this tells with_index to start at 1. --- lib/puppet/provider/postgresql_conf/ruby.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/puppet/provider/postgresql_conf/ruby.rb b/lib/puppet/provider/postgresql_conf/ruby.rb index 3719eb635e..f21caf2b5c 100644 --- a/lib/puppet/provider/postgresql_conf/ruby.rb +++ b/lib/puppet/provider/postgresql_conf/ruby.rb @@ -19,8 +19,7 @@ def parse_config active_settings = [] # iterate the file and construct a hash for every matching/active setting # the hash is pushed to the array and the array is returned - File.foreach(resource[:target]).with_index do |line, index| - line_number = index + 1 + File.foreach(resource[:target]).with_index(1) do |line, line_number| matches = line.match(active_values_regex) if matches value = if matches[:value].to_i.to_s == matches[:value] From 35283af25e0571a69380b42f4f23daffd2abcca2 Mon Sep 17 00:00:00 2001 From: rajat-puppet Date: Mon, 22 Jul 2024 17:31:20 +0530 Subject: [PATCH 0971/1000] Remove labeller.yml --- .github/workflows/labeller.yml | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100644 .github/workflows/labeller.yml diff --git a/.github/workflows/labeller.yml b/.github/workflows/labeller.yml deleted file mode 100644 index 0d4870d70b..0000000000 --- a/.github/workflows/labeller.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Labeller - -on: - issues: - types: - - opened - - labeled - - unlabeled - pull_request: - types: - - opened - - labeled - - unlabeled - -jobs: - label: - runs-on: ubuntu-latest - steps: - - - uses: puppetlabs/community-labeller@v1.0.1 - name: Label issues or pull requests - with: - label_name: community - label_color: '5319e7' - org_membership: puppetlabs - fail_if_member: 'true' - token: ${{ secrets.IAC_COMMUNITY_LABELER }} From 2fab228c87336e7915802c9b27cfd31f486d4c69 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 10 Apr 2024 13:50:30 +0200 Subject: [PATCH 0972/1000] Add EL9 support --- metadata.json | 12 ++++++++---- spec/acceptance/server_instance_spec.rb | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/metadata.json b/metadata.json index c5b9d1cb21..25d4509af6 100644 --- a/metadata.json +++ b/metadata.json @@ -38,13 +38,15 @@ "operatingsystem": "CentOS", "operatingsystemrelease": [ "7", - "8" + "8", + "9" ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ - "7" + "7", + "9" ] }, { @@ -79,13 +81,15 @@ { "operatingsystem": "Rocky", "operatingsystemrelease": [ - "8" + "8", + "9" ] }, { "operatingsystem": "AlmaLinux", "operatingsystemrelease": [ - "8" + "8", + "9" ] } ], diff --git a/spec/acceptance/server_instance_spec.rb b/spec/acceptance/server_instance_spec.rb index d00ce95f83..4b8d6a4bb8 100644 --- a/spec/acceptance/server_instance_spec.rb +++ b/spec/acceptance/server_instance_spec.rb @@ -3,7 +3,7 @@ # run a test task require 'spec_helper_acceptance' -describe 'postgresql instance test1', if: os[:family] == 'redhat' && os[:release].start_with?('8') do +describe 'postgresql instance test1', if: os[:family] == 'redhat' && !os[:release].start_with?('7') do pp = <<-MANIFEST # set global defaults class { 'postgresql::globals': @@ -12,7 +12,7 @@ class { 'postgresql::globals': manage_package_repo => false, manage_dnf_module => true, needs_initdb => true, - version => '13', + version => '16', } # stop default main instance class { 'postgresql::server': From 7cc99852c19d12d8108997b5e599c8e35b32aa4d Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 31 Jul 2024 14:39:26 +0200 Subject: [PATCH 0973/1000] Fix typo in README: instaces -> instances --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c7189eb025..1ed5f1e1f0 100644 --- a/README.md +++ b/README.md @@ -95,7 +95,7 @@ creating a new instance has the following advantages: * main instance can be disabled -Here is a profile which can be used to create instaces +Here is a profile which can be used to create instances ```puppet class profiles::postgres ( From 79f9a85e05a4a7bd13c9ac140e24424667464fbb Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 28 Aug 2024 15:52:27 +0200 Subject: [PATCH 0974/1000] Fix typos and casing in README --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1ed5f1e1f0..5963b85bf6 100644 --- a/README.md +++ b/README.md @@ -78,10 +78,10 @@ For more details about server configuration parameters, consult the [PostgreSQL This module supports managing multiple instances (the default instance is referred to as 'main' and managed via including the server.pp class) -**NOTE:** This feature is currently tested on Centos 8 Streams/RHEL8 with DNF Modules enabled. Different Linux plattforms and/or the Postgresql.org -packages distribute different Systemd service files or use wrapper scripts with Systemd to start Postgres. Additional adjustmentments are needed to get this working on these plattforms. +**NOTE:** This feature is currently tested on CentOS 8 Streams/RHEL8 with DNF Modules enabled. Different Linux platforms and/or the postgresql.org +packages distribute different systemd service files or use wrapper scripts with systemd to start PostgreSQL. Additional adjustmentments are needed to get this working on these platforms. -#### Working Plattforms +#### Working Platforms * Centos 8 Streams * RHEL 8 From 231e00815c15939768b70da8425e7f81d13d6ba9 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 28 Aug 2024 15:53:09 +0200 Subject: [PATCH 0975/1000] Document how to select a version as its own chapter This documents the various ways to set up repositories as well. --- README.md | 48 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 36 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 5963b85bf6..8f7141dbb3 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,42 @@ If you get an error message from these commands, your permission settings restri For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html). +#### Selecting a version + +The version is intended to be supplied via `postgresql::globals`. +By default the module tries to derive the version based on the OS facts, but can be overridden. +This is typically used with the official postgresql.org packages: + +```puppet +class { 'postgresql::globals': + manage_package_repo => true, + version => '16', +} + +include postgresql::server +``` + +On EL 8 & 9 you can also use DNF modules: + +```puppet +class { 'postgresql::globals': + manage_dnf_module => true, + version => '16', +} + +include postgresql::server +``` + +If you manage the repositories yourself, overriding the version is sufficient. + +```puppet +class { 'postgresql::globals': + version => '16', +} + +include postgresql::server +``` + ### Configure an instance This module supports managing multiple instances (the default instance is referred to as 'main' and managed via including the server.pp class) @@ -341,18 +377,6 @@ class { 'postgresql::server': } ``` -To use a specific version of the PostgreSQL package: - -```puppet -class { 'postgresql::globals': - manage_package_repo => true, - version => '9.2', -} - -class { 'postgresql::server': -} -``` - ### Manage remote users, roles, and permissions Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a `$connect_settings` hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands. From 831070812bcd7ba46e699d3dadb82440ab11ac9d Mon Sep 17 00:00:00 2001 From: Shubham Shinde Date: Fri, 4 Oct 2024 10:41:31 +0530 Subject: [PATCH 0976/1000] (CAT-2052) Bump SLES-15 package/product versions - sles-legacy 15.5 version is no longer available in the default repos. Use the os.distro.release.full fact so that we don't have to bump the manually in the future. - Bump postgresql-server version from 14 to 16 since 14 is no longer available in the default repos. --- manifests/globals.pp | 2 +- spec/spec_helper_acceptance_local.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/globals.pp b/manifests/globals.pp index 99dce13966..b4a7bc290f 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -236,7 +236,7 @@ /12\.0/ => '93', /12\.[1-3]/ => '94', /12\.[4-5]/ => '12', - /15\.[0-9]/ => '14', + /15\.[0-9]/ => '16', default => '96', }, 'OpenSuSE' => $facts['os']['release']['full'] ? { diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index ebe3da6556..669741c6c1 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -46,8 +46,8 @@ def install_dependencies if $facts['os']['family'] in ['SLES', 'SUSE'] { exec { 'Enable legacy repos': path => '/bin:/usr/bin/:/sbin:/usr/sbin', - command => 'SUSEConnect --product sle-module-legacy/15.5/x86_64', - unless => 'SUSEConnect --status-text | grep sle-module-legacy/15.5/x86_64', + command => "SUSEConnect --product sle-module-legacy/${$facts['os']['distro']['release']['full']}/x86_64", + unless => "SUSEConnect --status-text | grep sle-module-legacy/${$facts['os']['distro']['release']['full']}/x86_64", } package { 'net-tools-deprecated': From 0fb0f3073c1cbb91eb5a6b372a9ecaba019603f8 Mon Sep 17 00:00:00 2001 From: skyamgarp <130442619+skyamgarp@users.noreply.github.com> Date: Wed, 6 Nov 2024 12:37:49 +0530 Subject: [PATCH 0977/1000] (CAT-2124) Add support for Ubuntu 24 --- metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 25d4509af6..df225a9c04 100644 --- a/metadata.json +++ b/metadata.json @@ -75,7 +75,8 @@ "operatingsystemrelease": [ "18.04", "20.04", - "22.04" + "22.04", + "24.04" ] }, { From f4bcc9627a533384a43b0459aa739b60b3be7451 Mon Sep 17 00:00:00 2001 From: Amit Karsale Date: Wed, 6 Nov 2024 18:59:26 +0530 Subject: [PATCH 0978/1000] pdksync - (PF-3525) - pdk update for module --- .gitignore | 7 +++++++ .pdkignore | 7 +++++++ .rubocop.yml | 2 +- Gemfile | 13 ++++++------- metadata.json | 4 ++-- spec/spec_helper.rb | 5 +++-- 6 files changed, 26 insertions(+), 12 deletions(-) diff --git a/.gitignore b/.gitignore index 3f1551212b..2803e566b5 100644 --- a/.gitignore +++ b/.gitignore @@ -19,6 +19,7 @@ /spec/fixtures/modules/* /tmp/ /vendor/ +/.vendor/ /convert_report.txt /update_report.txt .DS_Store @@ -26,3 +27,9 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml +.resource_types +.modules +.task_cache.json +.plan_cache.json +.rerun.json +bolt-debug.log diff --git a/.pdkignore b/.pdkignore index 862847a72c..84684be63f 100644 --- a/.pdkignore +++ b/.pdkignore @@ -19,6 +19,7 @@ /spec/fixtures/modules/* /tmp/ /vendor/ +/.vendor/ /convert_report.txt /update_report.txt .DS_Store @@ -26,6 +27,12 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml +.resource_types +.modules +.task_cache.json +.plan_cache.json +.rerun.json +bolt-debug.log /.fixtures.yml /Gemfile /.gitattributes diff --git a/.rubocop.yml b/.rubocop.yml index e6bd5af841..439ea84ee8 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -5,7 +5,7 @@ require: AllCops: NewCops: enable DisplayCopNames: true - TargetRubyVersion: '2.7' + TargetRubyVersion: '2.6' Include: - "**/*.rb" Exclude: diff --git a/Gemfile b/Gemfile index 151435e2c1..7a1566ddb4 100644 --- a/Gemfile +++ b/Gemfile @@ -20,10 +20,10 @@ group :development do gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "deep_merge", '~> 1.2.2', require: false gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false - gem "facterdb", '~> 1.18', require: false + gem "facterdb", '~> 1.18', require: false gem "metadata-json-lint", '~> 4.0', require: false - gem "puppetlabs_spec_helper", '~> 6.0', require: false gem "rspec-puppet-facts", '~> 2.0', require: false gem "dependency_checker", '~> 1.0.0', require: false gem "parallel_tests", '= 3.12.1', require: false @@ -33,19 +33,18 @@ group :development do gem "rubocop", '~> 1.50.0', require: false gem "rubocop-performance", '= 1.16.0', require: false gem "rubocop-rspec", '= 2.19.0', require: false - gem "puppet-strings", '~> 4.0', require: false gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", '= 1.15.2', require: false end +group :development, :release_prep do + gem "puppet-strings", '~> 4.0', require: false + gem "puppetlabs_spec_helper", '~> 7.0', require: false +end group :system_tests do gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "serverspec", '~> 2.41', require: false end -group :release_prep do - gem "puppet-strings", '~> 4.0', require: false - gem "puppetlabs_spec_helper", '~> 6.0', require: false -end puppet_version = ENV['PUPPET_GEM_VERSION'] facter_version = ENV['FACTER_GEM_VERSION'] diff --git a/metadata.json b/metadata.json index df225a9c04..d4acf80391 100644 --- a/metadata.json +++ b/metadata.json @@ -100,7 +100,7 @@ "version_requirement": ">= 7.0.0 < 9.0.0" } ], - "pdk-version": "3.0.0", + "pdk-version": "3.2.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g4fb29e7" + "template-ref": "tags/3.2.0.4-0-g5d17ec1" } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 6820cebee7..ae7c1f6818 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,7 +25,8 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + require 'deep_merge' + default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end @@ -33,7 +34,7 @@ # read default_facts and merge them over what is provided by facterdb default_facts.each do |fact, value| - add_custom_fact fact, value + add_custom_fact fact, value, merge_facts: true end RSpec.configure do |c| From 076d76cb55650433c2cafc99d15d033b5750c951 Mon Sep 17 00:00:00 2001 From: Lucien Weller Date: Mon, 25 Nov 2024 07:34:16 +0100 Subject: [PATCH 0979/1000] added default version for fedora 40 and 41 --- manifests/globals.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/globals.pp b/manifests/globals.pp index b4a7bc290f..64a4815fcc 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -180,6 +180,7 @@ $default_version = $facts['os']['family'] ? { /^(RedHat|Linux)/ => $facts['os']['name'] ? { 'Fedora' => $facts['os']['release']['major'] ? { + /^(40|41)$/ => '16', /^(38|39)$/ => '15', /^(36|37)$/ => '14', /^(34|35)$/ => '13', From 553fc733ac4da65d391a02348aa90bce614377b6 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Mon, 25 Nov 2024 17:07:36 +0000 Subject: [PATCH 0980/1000] Release prep v10.4.0 --- CHANGELOG.md | 21 ++++++++++++++++++++- metadata.json | 2 +- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c0f2ff5598..bb14a1289c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.4.0) - 2024-11-25 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.3.0...v10.4.0) + +### Added + +- added default version for fedora 40 and 41 [#1621](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1621) ([lweller](https://github.com/lweller)) +- (CAT-2124) Add support for Ubuntu 24 [#1619](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1619) ([skyamgarp](https://github.com/skyamgarp)) +- Add EL9 support [#1591](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1591) ([bastelfreak](https://github.com/bastelfreak)) + +### Fixed + +- Avoid opening the file in postgresql_conf [#1599](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1599) ([ekohl](https://github.com/ekohl)) + +### Other + +- Document how to select a version as its own chapter [#1610](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1610) ([ekohl](https://github.com/ekohl)) +- Fix typo in README: instaces -> instances [#1607](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1607) ([ekohl](https://github.com/ekohl)) + ## [v10.3.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.3.0) - 2024-05-08 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.2.0...v10.3.0) @@ -267,7 +286,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a - add scram-sha-256 support [#1313](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1313) ([fe80](https://github.com/fe80)) - add support for Ubuntu Hirsute and Impish [#1312](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1312) ([nicholascioli](https://github.com/nicholascioli)) - Allow systemd to mask postgresql service file [#1310](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1310) ([kimsondrup](https://github.com/kimsondrup)) -- Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([carlosduelo](https://github.com/carlosduelo)) +- Make ::contrib a noop on OSes without a contrib package [#1309](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1309) ([cduelo](https://github.com/cduelo)) - pdksync - (IAC-1753) - Add Support for AlmaLinux 8 [#1308](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1308) ([david22swan](https://github.com/david22swan)) - MODULES-11201: add service_name for Ubuntu 18.04 and later [#1306](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1306) ([moritz-makandra](https://github.com/moritz-makandra)) - pdksync - (IAC-1751) - Add Support for Rocky 8 [#1305](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1305) ([david22swan](https://github.com/david22swan)) diff --git a/metadata.json b/metadata.json index d4acf80391..82f3c97482 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.3.0", + "version": "10.4.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From ed8e752a0aee28285ee4273e0173be8025a8af2b Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 3 Jan 2024 12:05:14 -1000 Subject: [PATCH 0981/1000] [PATCH] reenable acceptance test for server encoding --- spec/acceptance/utf8_encoding_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/utf8_encoding_spec.rb index b816842138..a7c9b52497 100644 --- a/spec/acceptance/utf8_encoding_spec.rb +++ b/spec/acceptance/utf8_encoding_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper_acceptance' -describe 'postgresql::server', skip: 'IAC-1286' do +describe 'postgresql::server' do let(:pp) do <<-MANIFEST class { 'postgresql::globals': From 9f589ffd175ad416a314917136002bf81796bb8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 3 Jan 2024 12:06:16 -1000 Subject: [PATCH 0982/1000] Fix anchoring in `postgresql::server::plperl` When using anchors, resources should be sandwiched those. An ordering relation was missing for the "end" anchor. --- manifests/server/plperl.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server/plperl.pp b/manifests/server/plperl.pp index 1db5d4aa8f..08c5298fc3 100644 --- a/manifests/server/plperl.pp +++ b/manifests/server/plperl.pp @@ -16,5 +16,5 @@ -> Class['postgresql::server::install'] -> Package['postgresql-plperl'] -> Class['postgresql::server::service'] - anchor { 'postgresql::server::plperl::end': } + -> anchor { 'postgresql::server::plperl::end': } } From f562902defda5afe8c121280c1b3fdd232ba3fa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 3 Jan 2024 12:10:08 -1000 Subject: [PATCH 0983/1000] Fix anchoring in `postgresql::server::instance::service` Some resources where not properly ordered between the "begin" and "end" anchors. Make sure they are properly bound to them. --- manifests/server/instance/service.pp | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/manifests/server/instance/service.pp b/manifests/server/instance/service.pp index f778518dc0..47e7ecda25 100644 --- a/manifests/server/instance/service.pp +++ b/manifests/server/instance/service.pp @@ -42,6 +42,10 @@ status => $service_status, } + Anchor["postgresql::server::service::begin::${name}"] + -> Service["postgresqld_instance_${name}"] + -> Anchor["postgresql::server::service::end::${name}"] + if $service_ensure in ['running', true] { # This blocks the class before continuing if chained correctly, making # sure the service really is 'up' before continuing. @@ -56,10 +60,13 @@ sleep => 1, tries => 60, psql_path => $psql_path, - require => Service["postgresqld_instance_${name}"], - before => Anchor["postgresql::server::service::end::${name}"], } - Postgresql::Server::Database <| title == $default_database |> -> Postgresql_conn_validator["validate_service_is_running_instance_${name}"] + + Anchor["postgresql::server::service::begin::${name}"] + -> Service["postgresqld_instance_${name}"] + -> Postgresql::Server::Database <| title == $default_database |> + -> Postgresql_conn_validator["validate_service_is_running_instance_${name}"] + -> Anchor["postgresql::server::service::end::${name}"] } } From 62c5fc5b0cf07bf3aecd0e62e9ce479d7201c173 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 3 Jan 2024 12:19:55 -1000 Subject: [PATCH 0984/1000] Fix `postgresql_psql` autorequire It does not really make sense to require the "begin" anchor, the `postgresql_psql` type communicating with the server, it makes more sense to require the "end" anchor which mean that the server is running and reachable. --- lib/puppet/type/postgresql_psql.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 021753e7ab..3b4a1c8353 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -135,7 +135,7 @@ def matches(value) end autorequire(:anchor) do - ["postgresql::server::service::begin::#{self[:instance]}"] + ["postgresql::server::service::end::#{self[:instance]}"] end autorequire(:service) do From cd67d139337851af33a817d3b724f98691f0cbb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 3 Jan 2024 13:05:46 -1000 Subject: [PATCH 0985/1000] Remove redundant autorequire We already have a relationship in `manifests/server/instance/service.pp` that ensure `Service["postgresqld_instance_${name}"]` is realized before `Anchor["postgresql::server::service::end::${name}"]`. Fun fact, removing this duplaciate fix the circular dependency reported by puppet. --- lib/puppet/type/postgresql_psql.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/puppet/type/postgresql_psql.rb b/lib/puppet/type/postgresql_psql.rb index 3b4a1c8353..d0101857c0 100644 --- a/lib/puppet/type/postgresql_psql.rb +++ b/lib/puppet/type/postgresql_psql.rb @@ -138,10 +138,6 @@ def matches(value) ["postgresql::server::service::end::#{self[:instance]}"] end - autorequire(:service) do - ["postgresqld_instance_#{self[:instance]}"] - end - def should_run_sql(refreshing = false) onlyif_param = @parameters[:onlyif] unless_param = @parameters[:unless] From 256971d469eb34e04e868ff4c09669de7638a0d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Wed, 17 Apr 2024 15:37:15 -1000 Subject: [PATCH 0986/1000] DELETE ME ss(8) report the same for a working and non-working port as far as serverspec is concerned. Maybe ordering has an impact? We know these tests fail when running at the end of the test suite, so attempt to run them earlier. --- spec/acceptance/{utf8_encoding_spec.rb => aaa_spec.rb} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename spec/acceptance/{utf8_encoding_spec.rb => aaa_spec.rb} (100%) diff --git a/spec/acceptance/utf8_encoding_spec.rb b/spec/acceptance/aaa_spec.rb similarity index 100% rename from spec/acceptance/utf8_encoding_spec.rb rename to spec/acceptance/aaa_spec.rb From d44c0d648ccaf681e9475b26e086cc6b42c1ad68 Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Tue, 7 Jan 2025 09:55:48 +0100 Subject: [PATCH 0987/1000] puppetlabs/apt: allow 10.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 82f3c97482..9c0589b726 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 9.2.0 < 10.0.0" + "version_requirement": ">= 9.2.0 < 11.0.0" }, { "name": "puppet/systemd", From 0ce9c517b2a92bd9824945e800cc204721ba6ef1 Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Tue, 7 Jan 2025 09:56:48 +0100 Subject: [PATCH 0988/1000] puppet/systemd: allow 8.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 82f3c97482..05578913c0 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 8.0.0" + "version_requirement": ">= 4.0.1 < 9.0.0" }, { "name": "puppetlabs/concat", From 8e17d7525d13e44d0fe7d305b4f7486102add97c Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Tue, 7 Jan 2025 09:55:48 +0100 Subject: [PATCH 0989/1000] puppetlabs/apt: allow 10.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 05578913c0..106e4677a9 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 9.2.0 < 10.0.0" + "version_requirement": ">= 9.2.0 < 11.0.0" }, { "name": "puppet/systemd", From 3f301f3d3e11f10fc3c2bb9bcd034e22a6d1a160 Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Tue, 7 Jan 2025 09:56:48 +0100 Subject: [PATCH 0990/1000] puppet/systemd: allow 8.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 9c0589b726..106e4677a9 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 8.0.0" + "version_requirement": ">= 4.0.1 < 9.0.0" }, { "name": "puppetlabs/concat", From 5c9c61f913643cd479d05ff239a7e83d480c899c Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 7 Jan 2025 10:25:32 +0000 Subject: [PATCH 0991/1000] Release prep v10.5.0 --- CHANGELOG.md | 11 ++++++++++- metadata.json | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bb14a1289c..e28d5a2f94 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,16 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). -## [v10.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.4.0) - 2024-11-25 +## [v10.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.5.0) - 2025-01-07 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.4.0...v10.5.0) + +### Added + +- puppet/systemd: allow 8.x [#1627](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1627) ([evgeni](https://github.com/evgeni)) +- puppetlabs/apt: allow 10.x [#1626](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1626) ([evgeni](https://github.com/evgeni)) + +## [v10.4.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.4.0) - 2024-12-16 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.3.0...v10.4.0) diff --git a/metadata.json b/metadata.json index 106e4677a9..6ad73624ec 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.4.0", + "version": "10.5.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From 95922a8d7a28da009e13373ec51af31bdb7671ea Mon Sep 17 00:00:00 2001 From: Andrew Moore Date: Wed, 18 Dec 2024 15:53:22 +0000 Subject: [PATCH 0992/1000] Role Valid Until Date This allows for the valid until attribute to be set on roles. --- manifests/server/role.pp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 1b37ce282c..6103c19ac2 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -35,6 +35,7 @@ Boolean $inherit = true, Boolean $superuser = false, Boolean $replication = false, + Optional[String[1]] $valid_until = undef, String[1] $connection_limit = '-1', String[1] $username = $title, Hash $connect_settings = $postgresql::server::default_connect_settings, @@ -126,6 +127,12 @@ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}", } + if $valid_until { + postgresql_psql { "ALTER ROLE \"${username}\" VALID UNTIL '${valid_until}'": + unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolvaliduntil = '${valid_until}'", + } + } + if(versioncmp($version, '9.1') >= 0) { if $replication_sql == '' { postgresql_psql { "ALTER ROLE \"${username}\" NOREPLICATION": From c16d85059fea735fce8769ee4f1059a5785c7f29 Mon Sep 17 00:00:00 2001 From: Andrew Moore Date: Tue, 7 Jan 2025 09:45:18 +0000 Subject: [PATCH 0993/1000] Role valid_until documentation and tests --- manifests/server/role.pp | 1 + spec/defines/server_instance_spec.rb | 13 ++++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/manifests/server/role.pp b/manifests/server/role.pp index 6103c19ac2..f71ecf599c 100644 --- a/manifests/server/role.pp +++ b/manifests/server/role.pp @@ -11,6 +11,7 @@ # @param inherit Specifies whether to grant inherit capability for the new role. # @param superuser Specifies whether to grant super user capability for the new role. # @param replication Provides provides replication capabilities for this role if set to true. +# @param valid_until Specifies whether to set a valid until date for the role. # @param connection_limit Specifies how many concurrent connections the role can make. Default value: '-1', meaning no limit. # @param username Defines the username of the role to create. # @param connect_settings Specifies a hash of environment variables used when connecting to a remote server. diff --git a/spec/defines/server_instance_spec.rb b/spec/defines/server_instance_spec.rb index 89eadb06c8..ea63146fe4 100644 --- a/spec/defines/server_instance_spec.rb +++ b/spec/defines/server_instance_spec.rb @@ -73,7 +73,9 @@ class { 'postgresql::server': 'app_test1': { 'login' => true }, 'rep_test1': { 'replication' => true, 'login' => true }, - 'rou_test1': { 'login' => true }, }, + 'rou_test1': { 'login' => true }, + 'val_test1': { 'login' => true, + 'valid_until' => '2030-01-01 00:00:00+00' }, }, 'pg_hba_rules': { 'local all INSTANCE user': { 'type' => 'local', 'database' => 'all', 'user' => 'ins_test1', @@ -214,10 +216,19 @@ class { 'postgresql::server': it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOCREATEROLE') } it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOREPLICATION') } it { is_expected.to contain_postgresql_psql('ALTER ROLE "rou_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" CONNECTION LIMIT -1') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" INHERIT') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" LOGIN') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" NOCREATEDB') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" NOCREATEROLE') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" NOREPLICATION') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" NOSUPERUSER') } + it { is_expected.to contain_postgresql_psql('ALTER ROLE "val_test1" VALID UNTIL \'2030-01-01 00:00:00+00\'') } it { is_expected.to contain_postgresql_psql('CREATE ROLE app_test1 ENCRYPTED PASSWORD ****') } it { is_expected.to contain_postgresql_psql('CREATE ROLE dba_test1 ENCRYPTED PASSWORD ****') } it { is_expected.to contain_postgresql_psql('CREATE ROLE ins_test1 ENCRYPTED PASSWORD ****') } it { is_expected.to contain_postgresql_psql('CREATE ROLE rep_test1 ENCRYPTED PASSWORD ****') } it { is_expected.to contain_postgresql_psql('CREATE ROLE rou_test1 ENCRYPTED PASSWORD ****') } + it { is_expected.to contain_postgresql_psql('CREATE ROLE val_test1 ENCRYPTED PASSWORD ****') } end end From 6346da7be1986afcc5cebe79012bf664c80258c2 Mon Sep 17 00:00:00 2001 From: Shubham Shinde Date: Tue, 22 Apr 2025 12:37:56 +0530 Subject: [PATCH 0994/1000] (CAT-2296) Update github runner image to ubuntu-24.04 ubuntu-20.04 is not supported anymore: https://github.com/actions/runner-images/issues/11101 --- .github/workflows/ci.yml | 4 ++-- .github/workflows/nightly.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e6dd8d7bc0..93cd3406b7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,12 +10,12 @@ jobs: Spec: uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" with: - runs_on: "ubuntu-20.04" + runs_on: "ubuntu-24.04" secrets: "inherit" Acceptance: needs: Spec uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" with: - runs_on: "ubuntu-20.04" + runs_on: "ubuntu-24.04" secrets: "inherit" diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index b8786059ec..c6539f7e37 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -9,12 +9,12 @@ jobs: Spec: uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" with: - runs_on: "ubuntu-20.04" + runs_on: "ubuntu-24.04" secrets: "inherit" Acceptance: needs: Spec uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" with: - runs_on: "ubuntu-20.04" + runs_on: "ubuntu-24.04" secrets: "inherit" From 651c2b4ec0a3d9a76770369625b0a91bcba444ff Mon Sep 17 00:00:00 2001 From: Benedikt Trefzer Date: Wed, 25 Oct 2023 18:22:34 +0200 Subject: [PATCH 0995/1000] add globals defaults for trixie debian version --- data/os/Debian/11.yaml | 4 ++++ manifests/globals.pp | 1 + metadata.json | 3 ++- 3 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 data/os/Debian/11.yaml diff --git a/data/os/Debian/11.yaml b/data/os/Debian/11.yaml new file mode 100644 index 0000000000..227e596eb2 --- /dev/null +++ b/data/os/Debian/11.yaml @@ -0,0 +1,4 @@ +--- +# Defaults for Debian Bullseye (11) + +postgresql::globals::python_package_name: 'python3-psycopg2' diff --git a/manifests/globals.pp b/manifests/globals.pp index 64a4815fcc..f0eb07a9e8 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -210,6 +210,7 @@ '10' => '11', '11' => '13', '12' => '15', + '13' => '17', default => undef, }, 'Ubuntu' => $facts['os']['release']['major'] ? { diff --git a/metadata.json b/metadata.json index 6ad73624ec..a991913a27 100644 --- a/metadata.json +++ b/metadata.json @@ -60,7 +60,8 @@ "operatingsystemrelease": [ "10", "11", - "12" + "12", + "13" ] }, { From 79c7c0ac6285a4bdbedaa208672d279b76d9d482 Mon Sep 17 00:00:00 2001 From: Kenyon Ralph Date: Thu, 11 Sep 2025 23:58:54 -0700 Subject: [PATCH 0996/1000] Allow puppetlabs/apt 11.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index a991913a27..e5f8cd35a3 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 9.2.0 < 11.0.0" + "version_requirement": ">= 9.2.0 < 12.0.0" }, { "name": "puppet/systemd", From 9189e813aaeebc8b8ddcd654255dd1b0e5e80791 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 30 Sep 2025 11:16:16 +0200 Subject: [PATCH 0997/1000] puppet/systemd: Allow 9.x --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index e5f8cd35a3..552a48b38b 100644 --- a/metadata.json +++ b/metadata.json @@ -18,7 +18,7 @@ }, { "name": "puppet/systemd", - "version_requirement": ">= 4.0.1 < 9.0.0" + "version_requirement": ">= 4.0.1 < 10.0.0" }, { "name": "puppetlabs/concat", From 45d8a9d4a17c13890070e305c9a2fa08468aa24f Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 30 Sep 2025 11:57:59 +0200 Subject: [PATCH 0998/1000] Debian 11: Use correct package name for python bindings Since Debian 11 was added to this module, the package name was wrong. It was set to python-psycopg2, but the correct name is python3-psycopg2. There's a longer analysis about this bug in https://github.com/puppetlabs/puppetlabs-postgresql/pull/1638/files#r2390588710 tl;dr: * Debian 10 used python-psycopg2 and that was set by the module * Debian 11 was added without proper acceptance testing * Later on unit tests were added for Debian 11, but still with the wrong package name * 651c2b4ec0a3d9a76770369625b0a91bcba444ff fixed the package name, but in the wrong place and didn't adjust the tests * That resulted in a broken pipeline, that's how I found all of this This patch: * Cleans up the hiera data * sets the package name at the correct location * adjusts the debian 11 unit test for the new package name * Adds tests for Debian 12 and 13 (won't be executed right now because Perforce ships a too old version of FacterDB) Edit: Had to remove Debian 13 because the pipeline fails if it cannot find a factset. --- data/os/Debian/11.yaml | 4 ---- manifests/params.pp | 4 ++-- spec/classes/lib/python_spec.rb | 13 ++++++++++++- spec/spec_helper_local.rb | 4 ++++ 4 files changed, 18 insertions(+), 7 deletions(-) delete mode 100644 data/os/Debian/11.yaml diff --git a/data/os/Debian/11.yaml b/data/os/Debian/11.yaml deleted file mode 100644 index 227e596eb2..0000000000 --- a/data/os/Debian/11.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# Defaults for Debian Bullseye (11) - -postgresql::globals::python_package_name: 'python3-psycopg2' diff --git a/manifests/params.pp b/manifests/params.pp index 8441aa829c..55dcd24c0f 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -161,9 +161,9 @@ $plpython_package_name = pick($plpython_package_name, "postgresql-plpython-${version}") $_ubuntu_2204 = ($facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '22.04') >= 0) - $_debian_12 = ($facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['full'], '12') >= 0) + $_debian_11 = ($facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['full'], '11') >= 0) - if $_ubuntu_2204 or $_debian_12 { + if $_ubuntu_2204 or $_debian_11 { $python_package_name = pick($python_package_name, 'python3-psycopg2') } else { $python_package_name = pick($python_package_name, 'python-psycopg2') diff --git a/spec/classes/lib/python_spec.rb b/spec/classes/lib/python_spec.rb index 86093bc7e0..64e426ca39 100644 --- a/spec/classes/lib/python_spec.rb +++ b/spec/classes/lib/python_spec.rb @@ -30,7 +30,18 @@ it { expect(subject).to contain_package('python-psycopg2').with( - name: 'python-psycopg2', + name: 'python3-psycopg2', + ensure: 'present', + ) + } + end + + describe 'on debian 12' do + include_examples 'Debian 12' + + it { + expect(subject).to contain_package('python-psycopg2').with( + name: 'python3-psycopg2', ensure: 'present', ) } diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index c9603be72a..930b943217 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -184,6 +184,10 @@ def param(type, title, param) let(:facts) { on_supported_os['debian-11-x86_64'] } end +shared_context 'Debian 12' do + let(:facts) { on_supported_os['debian-12-x86_64'] } +end + shared_context 'Ubuntu 18.04' do let(:facts) { on_supported_os['ubuntu-18.04-x86_64'] } end From fe40cd36e35577af085d126a660b81d11c531fc5 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Mon, 13 Oct 2025 08:06:35 +0000 Subject: [PATCH 0999/1000] Release prep v10.6.0 --- CHANGELOG.md | 21 ++++++++++++++++++++- REFERENCE.md | 9 +++++++++ metadata.json | 2 +- 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e28d5a2f94..487ea482a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v10.6.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.6.0) - 2025-10-13 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.5.0...v10.6.0) + +### Added + +- Allow puppetlabs/apt 11.x & puppet/systemd 9.x [#1645](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1645) ([kenyon](https://github.com/kenyon)) +- Add support for Debian 13 (trixie) [#1638](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1638) ([trefzer](https://github.com/trefzer)) +- Role: Add support for valid_until [#1624](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1624) ([mooreandrew](https://github.com/mooreandrew)) + +### Fixed + +- Debian 11: Use correct package name for python bindings [#1647](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1647) ([bastelfreak](https://github.com/bastelfreak)) +- Unbreak Debian support with custom encoding [#1564](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1564) ([smortex](https://github.com/smortex)) + +### Other + +- (CAT-2296) Update github runner image to ubuntu-24.04 [#1636](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1636) ([shubhamshinde360](https://github.com/shubhamshinde360)) + ## [v10.5.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v10.5.0) - 2025-01-07 [Full Changelog](https://github.com/puppetlabs/puppetlabs-postgresql/compare/v10.4.0...v10.5.0) @@ -352,7 +371,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a ### Fixed -- Do not add version component to repo definition [#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([weastur](https://github.com/weastur)) +- Do not add version component to repo definition [#1282](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1282) ([psapezhka](https://github.com/psapezhka)) - (MODULES-8700) Autorequire the service in postgresql_psql [#1276](https://github.com/puppetlabs/puppetlabs-postgresql/pull/1276) ([ekohl](https://github.com/ekohl)) ## [v7.2.0](https://github.com/puppetlabs/puppetlabs-postgresql/tree/v7.2.0) - 2021-05-24 diff --git a/REFERENCE.md b/REFERENCE.md index 247b58c952..bf3ffc306f 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -3677,6 +3677,7 @@ The following parameters are available in the `postgresql::server::role` defined * [`inherit`](#-postgresql--server--role--inherit) * [`superuser`](#-postgresql--server--role--superuser) * [`replication`](#-postgresql--server--role--replication) +* [`valid_until`](#-postgresql--server--role--valid_until) * [`connection_limit`](#-postgresql--server--role--connection_limit) * [`username`](#-postgresql--server--role--username) * [`connect_settings`](#-postgresql--server--role--connect_settings) @@ -3769,6 +3770,14 @@ Provides provides replication capabilities for this role if set to true. Default value: `false` +##### `valid_until` + +Data type: `Optional[String[1]]` + +Specifies whether to set a valid until date for the role. + +Default value: `undef` + ##### `connection_limit` Data type: `String[1]` diff --git a/metadata.json b/metadata.json index 552a48b38b..82cb5fa869 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-postgresql", - "version": "10.5.0", + "version": "10.6.0", "author": "puppetlabs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", From e57da89d3476f2dc9d1db4b2a5e88cc955d0db9d Mon Sep 17 00:00:00 2001 From: Ben Morrice Date: Fri, 30 Aug 2024 11:31:48 +0200 Subject: [PATCH 1000/1000] Don't use type alias in `postgresql_password` Type aliases from modules aren't available on the agent. See https://puppet.atlassian.net/browse/PUP-7197 This means that calls to `postgresql::postgresql_password` can't be deferred if the `hash` parameter uses the type `Postgresql::Pg_password_encryption`. Instead we have to use the raw `Enum`, (which unfortunately causes code duplication, but this is unavoidable). Using this function with `Deferred` is not just a theoretical use-case. The module itself tries to here. https://github.com/puppetlabs/puppetlabs-postgresql/blob/20704ffae24dcf970784697b1798c09d026fb7f8/manifests/server/role.pp#L162 --- .../postgresql/postgresql_password.rb | 3 +- spec/acceptance/db_deferred_spec.rb | 30 +++++++++++++++++++ types/pg_password_encryption.pp | 2 ++ 3 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 spec/acceptance/db_deferred_spec.rb diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index a444d5cd01..9ca4d81dbb 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -24,7 +24,8 @@ required_param 'Variant[String[1], Integer]', :username required_param 'Variant[String[1], Sensitive[String[1]], Integer]', :password optional_param 'Boolean', :sensitive - optional_param 'Optional[Postgresql::Pg_password_encryption]', :hash + # The following Enum is also defined in `types/pg_password_encryption.pp` but type alias can't be used in Deferred functions. + optional_param 'Optional[Enum["md5", "scram-sha-256"]]', :hash optional_param 'Optional[Variant[String[1], Integer]]', :salt return_type 'Variant[String, Sensitive[String]]' end diff --git a/spec/acceptance/db_deferred_spec.rb b/spec/acceptance/db_deferred_spec.rb new file mode 100644 index 0000000000..731e0742b8 --- /dev/null +++ b/spec/acceptance/db_deferred_spec.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +require 'spec_helper_acceptance' + +describe 'postgresql::server::db:' do + let(:user) { 'user_test' } + let(:password) { 'deferred_password_test' } + let(:database) { 'test_database' } + + let(:pp_one) do + <<~MANIFEST + $user = '#{user}' + $password = '#{password}' + $database = '#{database}' + + include postgresql::server + postgresql::server::db { $database: + user => $user, + password => Deferred('unwrap', [$password]), + } + MANIFEST + end + + it 'creates a database with with the password in the deferred function' do + apply_manifest(pp_one) + psql_cmd = "PGPASSWORD=#{password} PGUSER=#{user} PGDATABASE=#{database} psql -h 127.0.0.1 -d postgres -c '\\q'" + run_shell("cd /tmp; su #{shellescape('postgres')} -c #{shellescape(psql_cmd)}", + acceptable_exit_codes: [0]) + end +end diff --git a/types/pg_password_encryption.pp b/types/pg_password_encryption.pp index b2b5be66e5..7512174a89 100644 --- a/types/pg_password_encryption.pp +++ b/types/pg_password_encryption.pp @@ -1,2 +1,4 @@ # @summary the supported password_encryption +# Note that this Enum is also defined in: +# lib/puppet/functions/postgresql/postgresql_password.rb type Postgresql::Pg_password_encryption = Enum['md5', 'scram-sha-256']