As mentioned in the ticket it is not obvious that aliases do not belong
in the resourcename but have to be specified with the property
"host_aliases". On the puppet-user list I saw someone using this as a
resource
@@sshkey {"$fqdn,$hostname,$ipaddress":
type => rsa,
key => $sshrsakey,
}
Puppet will now write a correct entry to the know_hosts file, but when
it rereads the file, the field $fqdn,$hostname,$ipaddress is split into
name ($fqdn) and host_aliases ([$hostname,$ipaddress]). Since we dont
find the resource the user specified, puppet will put the same key in
the file over and over again. This patch adds a simple validation on
resourcename.
Signed-off-by: Stefan Schulte <[email protected]>
---
lib/puppet/type/sshkey.rb | 7 +++-
spec/unit/type/sshkey_spec.rb | 71 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 77 insertions(+), 1 deletions(-)
create mode 100644 spec/unit/type/sshkey_spec.rb
diff --git a/lib/puppet/type/sshkey.rb b/lib/puppet/type/sshkey.rb
index b7a1b8a..59a1a12 100755
--- a/lib/puppet/type/sshkey.rb
+++ b/lib/puppet/type/sshkey.rb
@@ -41,7 +41,7 @@ module Puppet
raise Puppet::Error, "Aliases cannot include whitespace"
end
if value =~ /,/
- raise Puppet::Error, "Aliases cannot include whitespace"
+ raise Puppet::Error, "Aliases must be provided as an array, not a
comma-separated list"
end
end
end
@@ -50,6 +50,11 @@ module Puppet
desc "The host name that the key is associated with."
isnamevar
+
+ validate do |value|
+ raise Puppet::Error, "Resourcename cannot include whitespaces" if
value =~ /\s/
+ raise Puppet::Error, "No comma in resourcename allowed. If you want to
specify aliases use the host_aliases property" if value.include?(',')
+ end
end
newproperty(:target) do
diff --git a/spec/unit/type/sshkey_spec.rb b/spec/unit/type/sshkey_spec.rb
new file mode 100644
index 0000000..966ca70
--- /dev/null
+++ b/spec/unit/type/sshkey_spec.rb
@@ -0,0 +1,71 @@
+#!/usr/bin/env ruby
+
+require File.dirname(__FILE__) + '/../../spec_helper'
+
+sshkey = Puppet::Type.type(:sshkey)
+
+describe sshkey do
+ before do
+ @class = sshkey
+ end
+
+ it "should have :name its namevar" do
+ @class.key_attributes.should == [:name]
+ end
+
+ describe "when validating attributes" do
+ [:name, :provider].each do |param|
+ it "should have a #{param} parameter" do
+ @class.attrtype(param).should == :param
+ end
+ end
+
+ [:host_aliases, :ensure, :key, :type].each do |property|
+ it "should have a #{property} property" do
+ @class.attrtype(property).should == :property
+ end
+ end
+ end
+
+ describe "when validating values" do
+
+ it "should support ssh-dss as a type value" do
+ proc { @class.new(:name => "foo", :type => "ssh-dss") }.should_not
raise_error
+ end
+
+ it "should support ssh-rsa as a type value" do
+ proc { @class.new(:name => "whev", :type => "ssh-rsa") }.should_not
raise_error
+ end
+
+ it "should alias :dsa to ssh-dss as a value for type" do
+ key = @class.new(:name => "whev", :type => :dsa)
+ key.should(:type).should == :'ssh-dss'
+ end
+
+ it "should alias :rsa to ssh-rsa as a value for type" do
+ key = @class.new(:name => "whev", :type => :rsa)
+ key.should(:type).should == :'ssh-rsa'
+ end
+
+ it "should not support values other than ssh-dss, ssh-rsa, dsa, rsa for
type" do
+ proc { @class.new(:name => "whev", :type => :'ssh-dsa') }.should
raise_error(Puppet::Error)
+ end
+
+ it "should accept one host_alias" do
+ proc { @class.new(:name => "foo", :host_aliases => 'foo.bar.tld')
}.should_not raise_error
+ end
+
+ it "should accept multiple host_aliases as an array" do
+ proc { @class.new(:name => "foo", :host_aliases =>
['foo.bar.tld','10.0.9.9']) }.should_not raise_error
+ end
+
+ it "should not accept spaces in any host_alias" do
+ proc { @class.new(:name => "foo", :host_aliases => ['foo.bar.tld','foo
bar']) }.should raise_error(Puppet::Error)
+ end
+
+ it "should not accept aliases in the resourcename" do
+ proc { @class.new(:name => 'host,host.domain,ip') }.should
raise_error(Puppet::Error)
+ end
+
+ end
+end
--
1.7.3.2
--
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en.
