Please review pull request #534: Feature/master/3324 yumrepo ssl options opened by (cprice-puppet)
Description:
From dieterdemeyer:
The yumrepo resource doesn't support attributes for SSL authentication.
This patch adds the following ssl attributes to the yumrepo resource:
sslcacert, sslverify, sslclientcert and sslclientkey.
There was no RSpec test present for the yumrepo resource.
So I have added a new test case, containing tests for the current attributes and also for the new ssl options.
Also ported over the existing unit tests for yumrepo into his new spec test.
- Opened: Tue Feb 28 19:46:59 UTC 2012
- Based on: puppetlabs:master (e692c7ae5036f5703a46f4a3df6a47c34b5d761b)
- Requested merge: cprice-puppet:feature/master/3324-yumrepo-ssl-options (bd1f679b023a5a0e144ede64cba5e2cbd4dd56f1)
Diff follows:
diff --git a/lib/puppet/type/yumrepo.rb b/lib/puppet/type/yumrepo.rb
index b6120e4..2b3c034 100644
--- a/lib/puppet/type/yumrepo.rb
+++ b/lib/puppet/type/yumrepo.rb
@@ -357,5 +357,33 @@ def flush
newvalue(:absent) { self.should = :absent }
newvalue(/.*/) { }
end
+
+ newproperty(:sslcacert, :parent => Puppet::IniProperty) do
+ desc "Path to the directory containing the databases of the
+ certificate authorities yum should use to verify SSL certificates.\n#{ABSENT_DOC}"
+ newvalue(:absent) { self.should = :absent }
+ newvalue(/.*/) { }
+ end
+
+ newproperty(:sslverify, :parent => Puppet::IniProperty) do
+ desc "Should yum verify SSL certificates/hosts at all.
+ Possible values are 'True' or 'False'.\n#{ABSENT_DOC}"
+ newvalue(:absent) { self.should = :absent }
+ newvalue(%r(True|False)) { }
+ end
+
+ newproperty(:sslclientcert, :parent => Puppet::IniProperty) do
+ desc "Path to the SSL client certificate yum should use to connect
+ to repos/remote sites.\n#{ABSENT_DOC}"
+ newvalue(:absent) { self.should = :absent }
+ newvalue(/.*/) { }
+ end
+
+ newproperty(:sslclientkey, :parent => Puppet::IniProperty) do
+ desc "Path to the SSL client key yum should use to connect
+ to repos/remote sites.\n#{ABSENT_DOC}"
+ newvalue(:absent) { self.should = :absent }
+ newvalue(/.*/) { }
+ end
end
end
diff --git a/spec/unit/type/yumrepo_spec.rb b/spec/unit/type/yumrepo_spec.rb
new file mode 100644
index 0000000..3e2a7b0
--- /dev/null
+++ b/spec/unit/type/yumrepo_spec.rb
@@ -0,0 +1,247 @@
+#!/usr/bin/env rspec
+
+require 'spec_helper'
+
+
+describe Puppet::Type.type(:yumrepo) do
+
+ describe "When validating attributes" do
+
+ it "should have a 'name' parameter'" do
+ Puppet::Type.type(:yumrepo).new(:name => "puppetlabs")[:name].should == "puppetlabs"
+ end
+
+ [:baseurl, :cost, :descr, :enabled, :enablegroups, :exclude, :failovermethod, :gpgcheck, :gpgkey, :http_caching,
+ :include, :includepkgs, :keepalive, :metadata_expire, :mirrorlist, :priority, :protect, :proxy, :proxy_username, :proxy_password, :timeout,
+ :sslcacert, :sslverify, :sslclientcert, :sslclientkey].each do |param|
+ it "should have a '#{param}' parameter" do
+ Puppet::Type.type(:yumrepo).attrtype(param).should == :property
+ end
+ end
+
+ end
+
+ describe "When validating attribute values" do
+
+ [:cost, :enabled, :enablegroups, :failovermethod, :gpgcheck, :http_caching, :keepalive, :metadata_expire, :priority, :protect, :timeout].each do |param|
+ it "should support :absent as a value to '#{param}' parameter" do
+ Puppet::Type.type(:yumrepo).new(:name => "puppetlabs.repo", param => :absent)
+ end
+ end
+
+ [:cost, :enabled, :enablegroups, :gpgcheck, :keepalive, :metadata_expire, :priority, :protect, :timeout].each do |param|
+ it "should fail if '#{param}' is not a number" do
+ lambda { Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", param => "notanumber") }.should raise_error
+ end
+ end
+
+ [:enabled, :enabledgroups, :gpgcheck, :keepalive, :protect].each do |param|
+ it "should fail if '#{param}' does not have one of the following values (0|1)" do
+ lambda { Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", param => "2") }.should raise_error
+ end
+ end
+
+ it "should fail if 'failovermethod' does not have one of the following values (roundrobin|priority)" do
+ lambda { Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", :failovermethod => "notavalidvalue") }.should raise_error
+ end
+
+ it "should fail if 'http_caching' does not have one of the following values (packages|all|none)" do
+ lambda { Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", :http_caching => "notavalidvalue") }.should raise_error
+ end
+
+ it "should fail if 'sslverify' does not have one of the following values (True|False)" do
+ lambda { Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", :sslverify => "notavalidvalue") }.should raise_error
+ end
+
+ it "should succeed if 'sslverify' has one of the following values (True|False)" do
+ Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", :sslverify => "True")[:sslverify].should == "True"
+ Puppet::Type.type(:yumrepo).new(:name => "puppetlabs", :sslverify => "False")[:sslverify].should == "False"
+ end
+
+ end
+
+ # these tests were ported from the old spec/unit/type/yumrepo_spec.rb, pretty much verbatim
+ describe "When manipulating config file" do
+
+
+ def make_repo(name, hash={})
+ hash[:name] = name
+ Puppet::Type.type(:yumrepo).new(hash)
+ end
+
+ def all_sections(inifile)
+ sections = []
+ inifile.each_section { |section| sections << section.name }
+ sections.sort
+ end
+
+ def create_data_files()
+ File.open(File.join(@yumdir, "fedora.repo"), "w") do |f|
+ f.print(FEDORA_REPO_FILE)
+ end
+
+ File.open(File.join(@yumdir, "fedora-devel.repo"), "w") do |f|
+ f.print(FEDORA_DEVEL_REPO_FILE)
+ end
+ end
+
+
+
+ before(:each) do
+ @yumdir = Dir.mktmpdir("yumrepo_spec_tmpdir")
+ @yumconf = File.join(@yumdir, "yum.conf")
+ File.open(@yumconf, "w") do |f|
+ f.print "[main]\nreposdir=#{@yumdir} /no/such/dir\n"
+ end
+ Puppet::Type.type(:yumrepo).yumconf = @yumconf
+
+ # It needs to be reset each time, otherwise the cache is used.
+ Puppet::Type.type(:yumrepo).inifile = nil
+ end
+
+ after(:each) do
+ FileUtils.rm_rf(@yumdir)
+ end
+
+
+
+ it "should be able to create a valid config file" do
+ values = {
+ :descr => "Fedora Core $releasever - $basearch - Base",
+ :baseurl => "http://example.com/yum/$releasever/$basearch/os/",
+ :enabled => "1",
+ :gpgcheck => "1",
+ :includepkgs => "absent",
+ :gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora",
+ :proxy => "http://proxy.example.com:80/",
+ :proxy_username => "username",
+ :proxy_password => "password"
+ }
+ repo = make_repo("base", values)
+
+
+ catalog = Puppet::Resource::Catalog.new
+ # Stop Puppet from doing a bunch of magic; might want to think about a util for specs that handles this
+ catalog.host_config = false
+ catalog.add_resource(repo)
+ catalog.apply
+
+ inifile = Puppet::Type.type(:yumrepo).read
+ sections = all_sections(inifile)
+ sections.should == ['base', 'main']
+ text = inifile["base"].format
+ text.should == EXPECTED_CONTENTS_FOR_CREATED_FILE
+ end
+
+
+ # Modify one existing section
+ it "should be able to modify an existing config file" do
+
+ create_data_files
+
+ devel = make_repo("development", { :descr => "New description" })
+ current_values = devel.retrieve
+
+ devel[:name].should == "development"
+ current_values[devel.property(:descr)].should == 'Fedora Core $releasever - Development Tree'
+ devel.property(:descr).should == 'New description'
+
+ catalog = Puppet::Resource::Catalog.new
+ # Stop Puppet from doing a bunch of magic; might want to think about a util for specs that handles this
+ catalog.host_config = false
+ catalog.add_resource(devel)
+ catalog.apply
+
+ inifile = Puppet::Type.type(:yumrepo).read
+ inifile['development']['name'].should == 'New description'
+ inifile['base']['name'].should == 'Fedora Core $releasever - $basearch - Base'
+ inifile['base']['exclude'].should == "foo\n bar\n baz"
+ all_sections(inifile).should == ['base', 'development', 'main']
+ end
+
+
+ # Delete mirrorlist by setting it to :absent and enable baseurl
+ it "should support 'absent' value" do
+ create_data_files
+
+ baseurl = 'http://example.com/'
+
+ devel = make_repo(
+ "development",
+ { :mirrorlist => 'absent',
+
+ :baseurl => baseurl })
+ devel.retrieve
+
+ catalog = Puppet::Resource::Catalog.new
+ # Stop Puppet from doing a bunch of magic; might want to think about a util for specs that handles this
+ catalog.host_config = false
+ catalog.add_resource(devel)
+ catalog.apply
+
+ inifile = Puppet::Type.type(:yumrepo).read
+ sec = inifile["development"]
+ sec["mirrorlist"].should == nil
+ sec["baseurl"].should == baseurl
+ end
+
+
+ end
+
+
+end
+
+
+EXPECTED_CONTENTS_FOR_CREATED_FILE = <<'EOF'
+[base]
+name=Fedora Core $releasever - $basearch - Base
+baseurl=http://example.com/yum/$releasever/$basearch/os/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
+proxy=http://proxy.example.com:80/
+proxy_username=username
+proxy_password=password
+EOF
+
+
+FEDORA_REPO_FILE = <<END
+[base]
+name=Fedora Core $releasever - $basearch - Base
+mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-$releasever
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
+exclude=foo
+ bar
+ baz
+END
+
+FEDORA_DEVEL_REPO_FILE = <<END
+[development]
+# These packages are untested and still under development. This
+# repository is used for updates to test releases, and for
+# development of new releases.
+#
+# This repository can see significant daily turn over and can see major
+# functionality changes which cause unexpected problems with other
+# development packages. Please use these packages if you want to work
+# with the Fedora developers by testing these new development packages.
+#
+# [email protected] is available as a discussion forum for
+# testing and troubleshooting for development packages in conjunction
+# with new test releases.
+#
+# [email protected] is available as a discussion forum for
+# testing and troubleshooting for development packages in conjunction
+# with developing new releases.
+#
+# Reportable issues should be filed at bugzilla.redhat.com
+# Product: Fedora Core
+# Version: devel
+name=Fedora Core $releasever - Development Tree
+#baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/development/$basearch/
+mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-rawhide
+enabled=0
+gpgcheck=0
+END
\ No newline at end of file
diff --git a/test/data/types/yumrepos/fedora-devel.repo b/test/data/types/yumrepos/fedora-devel.repo
deleted file mode 100644
index ebb150b..0000000
--- a/test/data/types/yumrepos/fedora-devel.repo
+++ /dev/null
@@ -1,26 +0,0 @@
-[development]
-# These packages are untested and still under development. This
-# repository is used for updates to test releases, and for
-# development of new releases.
-#
-# This repository can see significant daily turn over and can see major
-# functionality changes which cause unexpected problems with other
-# development packages. Please use these packages if you want to work
-# with the Fedora developers by testing these new development packages.
-#
-# [email protected] is available as a discussion forum for
-# testing and troubleshooting for development packages in conjunction
-# with new test releases.
-#
-# [email protected] is available as a discussion forum for
-# testing and troubleshooting for development packages in conjunction
-# with developing new releases.
-#
-# Reportable issues should be filed at bugzilla.redhat.com
-# Product: Fedora Core
-# Version: devel
-name=Fedora Core $releasever - Development Tree
-#baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/development/$basearch/
-mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-rawhide
-enabled=0
-gpgcheck=0
diff --git a/test/data/types/yumrepos/fedora.repo b/test/data/types/yumrepos/fedora.repo
deleted file mode 100644
index 995fa68..0000000
--- a/test/data/types/yumrepos/fedora.repo
+++ /dev/null
@@ -1,9 +0,0 @@
-[base]
-name=Fedora Core $releasever - $basearch - Base
-mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-$releasever
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
-exclude=foo
- bar
- baz
diff --git a/test/ral/type/yumrepo.rb b/test/ral/type/yumrepo.rb
deleted file mode 100755
index 0866150..0000000
--- a/test/ral/type/yumrepo.rb
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/bin/env ruby
-
-require File.expand_path(File.dirname(__FILE__) + '/../../lib/puppettest')
-
-require 'puppettest'
-require 'fileutils'
-
-class TestYumRepo < Test::Unit::TestCase
- include PuppetTest
-
- def setup
- super
- @yumdir = tempfile
- Dir.mkdir(@yumdir)
- @yumconf = File.join(@yumdir, "yum.conf")
- File.open(@yumconf, "w") do |f|
- f.print "[main]\nreposdir=#{@yumdir} /no/such/dir\n"
- end
- Puppet::Type.type(:yumrepo).yumconf = @yumconf
-
- # It needs to be reset each time, otherwise the cache is used.
- Puppet::Type.type(:yumrepo).inifile = nil
- end
-
- # Modify one existing section
- def test_modify
- copy_datafiles
- devel = make_repo("development", { :descr => "New description" })
- current_values = devel.retrieve
-
- assert_equal("development", devel[:name])
- assert_equal('Fedora Core $releasever - Development Tree', current_values[devel.property(:descr)])
- assert_equal('New description', devel.property(:descr).should)
- assert_apply(devel)
-
- inifile = Puppet::Type.type(:yumrepo).read
- assert_equal('New description', inifile['development']['name'])
- assert_equal('Fedora Core $releasever - $basearch - Base', inifile['base']['name'])
- assert_equal("foo\n bar\n baz", inifile['base']['exclude'])
- assert_equal(['base', 'development', 'main'], all_sections(inifile))
- end
-
- # Create a new section
- def test_create
- values = {
- :descr => "Fedora Core $releasever - $basearch - Base",
- :baseurl => "http://example.com/yum/$releasever/$basearch/os/",
- :enabled => "1",
- :gpgcheck => "1",
- :includepkgs => "absent",
- :gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora",
- :proxy => "http://proxy.example.com:80/",
- :proxy_username => "username",
- :proxy_password => "password"
- }
- repo = make_repo("base", values)
-
- assert_apply(repo)
- inifile = Puppet::Type.type(:yumrepo).read
- sections = all_sections(inifile)
- assert_equal(['base', 'main'], sections)
- text = inifile["base"].format
- assert_equal(CREATE_EXP, text)
- end
-
- # Delete mirrorlist by setting it to :absent and enable baseurl
- def test_absent
- copy_datafiles
- baseurl = 'http://example.com/'
-
- devel = make_repo(
- "development",
- { :mirrorlist => 'absent',
-
- :baseurl => baseurl })
- devel.retrieve
- assert_apply(devel)
- inifile = Puppet::Type.type(:yumrepo).read
- sec = inifile["development"]
- assert_nil(sec["mirrorlist"])
- assert_equal(baseurl, sec["baseurl"])
- end
-
- def make_repo(name, hash={})
- hash[:name] = name
- Puppet::Type.type(:yumrepo).new(hash)
- end
-
- def all_sections(inifile)
- sections = []
- inifile.each_section { |section| sections << section.name }
- sections.sort
- end
-
- def copy_datafiles
- fakedata("data/types/yumrepos").select { |file|
- file =~ /\.repo$/
- }.each { |src|
- dst = File::join(@yumdir, File::basename(src))
- FileUtils::copy(src, dst)
- }
- end
-
- CREATE_EXP = <<'EOF'
-[base]
-name=Fedora Core $releasever - $basearch - Base
-baseurl=http://example.com/yum/$releasever/$basearch/os/
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
-proxy=http://proxy.example.com:80/
-proxy_username=username
-proxy_password=password
-EOF
-
-end
-- You received this message because you are subscribed to the Google Groups "Puppet Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to [email protected].
For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
