388
|
1 require 'spec_helper'
|
|
2
|
|
3 clientversion = `facter puppetversion`
|
|
4
|
|
5 describe 'common::mkuser' do
|
|
6 let(:title) { 'alice' }
|
|
7 let(:facts) do
|
|
8 { :osfamily => 'RedHat',
|
|
9 :puppetversion => clientversion,
|
|
10 }
|
|
11 end
|
|
12
|
|
13 context 'user alice with default values' do
|
|
14 let(:params) { { :uid => 1000 } }
|
|
15
|
|
16 it do
|
|
17 should contain_user('alice').with({
|
|
18 'uid' => '1000',
|
|
19 'gid' => '1000',
|
|
20 'shell' => '/bin/bash',
|
|
21 'home' => '/home/alice',
|
|
22 'ensure' => 'present',
|
|
23 'groups' => 'alice',
|
|
24 'password' => '!!',
|
|
25 'managehome' => 'true',
|
|
26 'comment' => 'created via puppet',
|
|
27 })
|
|
28 end
|
|
29
|
|
30 it do
|
|
31 should contain_file('/home/alice').with({
|
|
32 'owner' => 'alice',
|
|
33 'group' => 'alice',
|
|
34 'mode' => '0700',
|
|
35 'require' => 'Common::Mkdir_p[/home/alice]',
|
|
36 })
|
|
37 end
|
|
38
|
|
39 it do
|
|
40 should contain_file('/home/alice/.ssh').with({
|
|
41 'ensure' => 'directory',
|
|
42 'mode' => '0700',
|
|
43 'owner' => 'alice',
|
|
44 'group' => 'alice',
|
|
45 'require' => 'User[alice]',
|
|
46 })
|
|
47 end
|
|
48
|
|
49 it { should contain_common__mkdir_p('/home/alice') }
|
|
50
|
|
51 it do
|
|
52 should contain_group('alice').with({
|
|
53 'ensure' => 'present',
|
|
54 'gid' => 1000,
|
|
55 'name' => 'alice',
|
|
56 })
|
|
57 end
|
|
58
|
|
59 it { should_not contain_ssh_authorized_key('alice') }
|
|
60 end
|
|
61
|
|
62 context 'user alice with custom values' do
|
|
63 let(:params) do
|
|
64 {
|
|
65 'uid' => 2000,
|
|
66 'group' => 'superusers',
|
|
67 'gid' => 2000,
|
|
68 'shell' => '/bin/zsh',
|
|
69 'home' => '/home/superu',
|
|
70 'groups' => %w(superusers development admins),
|
|
71 'password' => 'puppet',
|
|
72 'mode' => '0701',
|
|
73 'comment' => 'a puppet master',
|
|
74 }
|
|
75 end
|
|
76
|
|
77 it do
|
|
78 should contain_user('alice').with({
|
|
79 'uid' => '2000',
|
|
80 'gid' => '2000',
|
|
81 'shell' => '/bin/zsh',
|
|
82 'home' => '/home/superu',
|
|
83 'groups' => %w(superusers development admins),
|
|
84 'password' => 'puppet',
|
|
85 'comment' => 'a puppet master',
|
|
86 })
|
|
87 end
|
|
88
|
|
89 it do
|
|
90 should contain_file('/home/superu').with({
|
|
91 'owner' => 'alice',
|
|
92 'group' => 'superusers',
|
|
93 'mode' => '0701',
|
|
94 'require' => 'Common::Mkdir_p[/home/superu]',
|
|
95 })
|
|
96 end
|
|
97
|
|
98 it do
|
|
99 should contain_file('/home/superu/.ssh').with({
|
|
100 'ensure' => 'directory',
|
|
101 'mode' => '0700',
|
|
102 'owner' => 'alice',
|
|
103 'group' => 'alice',
|
|
104 'require' => 'User[alice]',
|
|
105 })
|
|
106 end
|
|
107
|
|
108 it { should contain_common__mkdir_p('/home/superu') }
|
|
109
|
|
110 it { should_not contain_ssh_authorized_key('myuser') }
|
|
111 end
|
|
112
|
|
113 context 'do not manage home' do
|
|
114 let(:params) do
|
|
115 {
|
|
116 'uid' => 1000,
|
|
117 'managehome' => false
|
|
118 }
|
|
119 end
|
|
120
|
|
121 it { should_not contain_file('/home/alice') }
|
|
122
|
|
123 it { should_not contain_common__mkdir_p('/home/alice') }
|
|
124
|
|
125 it { should contain_user('alice').with_managehome(false) }
|
|
126 end
|
|
127
|
|
128 context 'do not manage dotssh' do
|
|
129 let(:params) do
|
|
130 {
|
|
131 'uid' => 1000,
|
|
132 'manage_dotssh' => false
|
|
133 }
|
|
134 end
|
|
135
|
|
136 it { should_not contain_file('/home/alice/.ssh') }
|
|
137
|
|
138 it { should_not contain_ssh_authorized_key('alice') }
|
|
139 end
|
|
140
|
|
141 describe 'with ssh_auth_key parameter specified' do
|
|
142 context 'with defaults for ssh_auth_key_type parameter' do
|
|
143 let(:params) do
|
|
144 {
|
|
145 'uid' => 1000,
|
|
146 'ssh_auth_key' => 'AAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ==',
|
|
147 }
|
|
148 end
|
|
149
|
|
150 it do
|
|
151 should contain_ssh_authorized_key('alice').with({
|
|
152 'ensure' => 'present',
|
|
153 'user' => 'alice',
|
|
154 'key' => 'AAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ==',
|
|
155 'type' => 'ssh-dss',
|
|
156 'require' => 'File[/home/alice/.ssh]',
|
|
157 })
|
|
158 end
|
|
159 end
|
|
160
|
|
161 context 'with ssh_auth_key_type parameter specified' do
|
|
162 let(:params) do
|
|
163 {
|
|
164 'uid' => 1000,
|
|
165 'ssh_auth_key' => 'AAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ==',
|
|
166 'ssh_auth_key_type' => 'ssh-rsa',
|
|
167 }
|
|
168 end
|
|
169
|
|
170 it do
|
|
171 should contain_ssh_authorized_key('alice').with({
|
|
172 'ensure' => 'present',
|
|
173 'user' => 'alice',
|
|
174 'key' => 'AAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ==',
|
|
175 'type' => 'ssh-rsa',
|
|
176 'require' => 'File[/home/alice/.ssh]',
|
|
177 })
|
|
178 end
|
|
179 end
|
|
180 end
|
|
181
|
|
182 # purge_ssh_keys was introduced with Puppet 3.6.0
|
|
183 # we need to know which version of Puppet is running this test
|
|
184 # to decide which results we need to expect
|
|
185 # dirty trick to get the running version of Puppet:
|
|
186 clientversion = `facter puppetversion`
|
|
187 # test environments contains no facts, we need to set it as fact
|
|
188
|
|
189 describe "with purge_ssh_keys running on Puppet version #{clientversion}" do
|
|
190 let(:facts) do
|
|
191 {
|
|
192 :osfamily => 'RedHat',
|
|
193 :puppetversion => clientversion,
|
|
194 }
|
|
195 end
|
|
196
|
|
197 context 'set to undef/nil' do
|
|
198 let(:params) { { :uid => 1000 } }
|
|
199
|
|
200 if clientversion.to_f >= 3.6
|
|
201 it { should contain_user('alice').with_purge_ssh_keys(false) }
|
|
202 else
|
|
203 it { should contain_user('alice').without_purge_ssh_keys }
|
|
204 end
|
|
205 end
|
|
206
|
|
207 context 'set to true' do
|
|
208 let(:params) do
|
|
209 {
|
|
210 'uid' => 1000,
|
|
211 'purge_ssh_keys' => true,
|
|
212 }
|
|
213 end
|
|
214
|
|
215 if clientversion.to_f >= 3.6
|
|
216 it { should contain_user('alice').with_purge_ssh_keys(true) }
|
|
217 else
|
|
218 it { should contain_user('alice').without_purge_ssh_keys }
|
|
219 end
|
|
220 end
|
|
221
|
|
222 context 'set to false' do
|
|
223 let(:params) do
|
|
224 {
|
|
225 'uid' => 1000,
|
|
226 'purge_ssh_keys' => false,
|
|
227 }
|
|
228 end
|
|
229
|
|
230 if clientversion.to_f >= 3.6
|
|
231 it { should contain_user('alice').with_purge_ssh_keys(false) }
|
|
232 else
|
|
233 it { should contain_user('alice').without_purge_ssh_keys }
|
|
234 end
|
|
235 end
|
|
236 end
|
|
237
|
|
238 describe 'variable type and content validations' do
|
|
239 # set needed custom facts and variables
|
|
240 let(:facts) do
|
|
241 {
|
|
242 :osfamily => 'RedHat',
|
|
243 :puppetversion => clientversion,
|
|
244 }
|
|
245 end
|
|
246 let(:validation_params) do
|
|
247 {
|
|
248 :uid => 1000,
|
|
249 }
|
|
250 end
|
|
251
|
|
252 validations = {
|
|
253 'bool_stringified' => {
|
|
254 :name => %w(managehome manage_dotssh purge_ssh_keys),
|
|
255 :valid => [true, false, 'true', 'false'],
|
|
256 :invalid => ['invalid', %w(array), { 'ha' => 'sh' }, 3, 2.42, nil],
|
|
257 :message => '(str2bool|must be boolean or string)',
|
|
258 },
|
|
259 }
|
|
260
|
|
261 validations.sort.each do |type, var|
|
|
262 var[:name].each do |var_name|
|
|
263 var[:valid].each do |valid|
|
|
264 context "with #{var_name} (#{type}) set to valid #{valid} (as #{valid.class})" do
|
|
265 let(:params) { validation_params.merge({ :"#{var_name}" => valid, }) }
|
|
266 it { should compile }
|
|
267 end
|
|
268 end
|
|
269
|
|
270 var[:invalid].each do |invalid|
|
|
271 context "with #{var_name} (#{type}) set to invalid #{invalid} (as #{invalid.class})" do
|
|
272 let(:params) { validation_params.merge({ :"#{var_name}" => invalid, }) }
|
|
273 it 'should fail' do
|
|
274 expect do
|
|
275 should contain_class(subject)
|
|
276 end.to raise_error(Puppet::Error, /#{var[:message]}/)
|
|
277 end
|
|
278 end
|
|
279 end
|
|
280 end # var[:name].each
|
|
281 end # validations.sort.each
|
|
282 end # describe 'variable type and content validations'
|
|
283 end
|